Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DDS after Vipre found Trojan.Win.Generic!BT...still infected?


  • This topic is locked This topic is locked
2 replies to this topic

#1 linnietaylor

linnietaylor

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:09 AM

Posted 01 March 2013 - 01:47 AM

Mod Edit: moved to Virus, Trojan, Spyware, and Malware Removal Logs ~~ boopme

 

Hello... am i still infected? thank you in advance :)

.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/12/2009 12:27:42 PM
System Uptime: 28/02/2013 7:11:38 PM (13 hours ago)
.
Motherboard: Quanta |  | 3624
Processor: Intel® Core™2 Duo CPU     P8800  @ 2.66GHz | CPU | 773/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 455 GiB total, 12.271 GiB free.
D: is FIXED (NTFS) - 466 GiB total, 66.653 GiB free.
E: is FIXED (NTFS) - 11 GiB total, 1.855 GiB free.
F: is CDROM (UDF)
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Hotspot Shield Helper Miniport
Device ID: ROOT\MS_HSSDRVMP\0004
Manufacturer: Hotspot Shield
Name: Hotspot Shield Helper Miniport #5
PNP Device ID: ROOT\MS_HSSDRVMP\0004
Service: HssDrv
.
Class GUID:
Description:
Device ID: ACPI\ENE0100\4&1AEA078C&0
Manufacturer:
Name:
PNP Device ID: ACPI\ENE0100\4&1AEA078C&0
Service:
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: SBRE
Device ID: ROOT\LEGACY_SBRE\0000
Manufacturer:
Name: SBRE
PNP Device ID: ROOT\LEGACY_SBRE\0000
Service: SBRE
.
==== System Restore Points ===================
.
RP233: 27/12/2012 9:33:43 AM - Windows Update
RP234: 27/12/2012 2:59:22 PM - Installed QuickTime
RP235: 2/01/2013 2:57:11 AM - HPSF Restore Point
RP236: 2/01/2013 3:14:12 AM - Windows Update
RP237: 9/01/2013 4:49:09 AM - Installed iTunes
RP238: 9/01/2013 8:10:06 AM - Windows Update
RP239: 9/01/2013 11:51:16 AM - Windows Update
RP240: 9/01/2013 2:17:18 PM - Windows Update
RP241: 11/01/2013 6:10:43 AM - Removed Ask Toolbar.
RP242: 22/02/2013 4:27:02 AM - Removed Delta Chrome Toolbar
RP243: 1/03/2013 8:29:15 AM - VIPRE: Prior to cleaning possible threats after a scan
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop Lightroom 3 64-bit
Adobe Reader XI (11.0.02)
Advanced SystemCare 6
Amazon Kindle
Anti-phishing Domain Advisor
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Install Manager
BabylonObjectInstaller
blekko search bar
Bonjour
Canon DIGITAL CAMERA Solution Disk Software Guide
Canon MOV Decoder
Canon MOV Encoder
Canon MovieEdit Task for ZoomBrowser EX
Canon Personal Printing Guide
Canon PowerShot G12 Camera User Guide
Canon Utilities CameraWindow DC 8
Canon Utilities CameraWindow Launcher
Canon Utilities Digital Photo Professional 3.9
Canon Utilities Movie Uploader for YouTube
Canon Utilities MyCamera
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CardRecovery 6.00
Claro LTD toolbar  on IE
D3DX10
DefaultTab
Desktop iCalendar Lite 1.8.8.1
e-tax 2010
e-tax 2011
Edraw Mind Map 6.5
Facebook Messenger 2.1.4651.0
Facebook Video Calling 1.2.0.287
FilesFrog Update Checker
Foofind Download Manager
FormatFactory 2.60
Free YouTube Downloader 3.5.126
Game Booster
Google Chrome
Google Update Helper
HDR Efex Pro
Hotspot Shield 2.52
HP 3D DriveGuard
HP Advisor
HP Customer Experience Enhancements
HP Quick Launch Buttons
HP Support Assistant
HPAsset component for HP Active Support Library
IDT Audio
iFunia DVD Ripper Pro
iLivid
Intel® Matrix Storage Manager
iTunes
Java™ 6 Update 41
JDownloader
JMicron Flash Media Controller Driver
Just Flight Flying Club Duchess 76 for FSX
LightScribe System Software
LightScribe Template Labeler
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Flight Simulator X
Microsoft Flight Simulator X Service Pack 1
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Ultimate 2007
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
MindMaster
Mobile Internet
Mozilla Firefox 17.0.1 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 17.0.2 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MTN F@stLink
MTN Mobile Connection
Photo Notifier and Animation Creator
PhotoMail Maker
Picasa 3
PowerJournal
PrivitizeVPN
QLBCASL
QuickTime
Realtek 8136 8168 8169 Ethernet Driver
Recuva
Search-Results Toolbar
SearchYa!
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Skype Click to Call
Skype™ 6.2
Software Version Updater
Synaptics Pointing Device Driver
TornTV
Ultimate Maths Invaders Home Ed v2
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760573) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
VIPRE Internet Security
VLC media player 1.1.7
VoiceOver Kit
WD SmartWare
Web Assistant 2.0.0.474
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 4.20 (32-bit)
WinUtilities 9.96 Free Edition
WinX Free DVD Ripper 4.5.11
.
==== Event Viewer Messages From Past Week ========
.
28/02/2013 3:54:12 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  SBRE
28/02/2013 3:54:04 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the MTN F@stLink. OUC service to connect.
28/02/2013 3:54:04 AM, Error: Service Control Manager [7000]  - The MTN F@stLink. OUC service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
28/02/2013 3:54:03 AM, Error: Service Control Manager [7000]  - The Hotspot Shield Monitoring Service service failed to start due to the following error:  The system cannot find the file specified.
28/02/2013 3:53:57 AM, Error: atikmdag [52236]  - CPLIB :: General - Invalid Parameter
28/02/2013 3:53:56 AM, Error: volmgr [46]  - Crash dump initialization failed!
28/02/2013 3:46:20 AM, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
28/02/2013 3:40:44 AM, Error: Service Control Manager [7034]  - The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).
22/02/2013 3:54:44 AM, Error: Service Control Manager [7030]  - The DefaultTabSearch service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
1/03/2013 1:50:52 AM, Error: atikmdag [43029]  - Display is not active
.
==== End Of File ===========================
 


Edited by boopme, 01 March 2013 - 08:57 PM.
Moved from Am I Infected to Malware Removal Logs - Hamluis.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,747 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:09 PM

Posted 02 March 2013 - 10:18 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.
 
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===
Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix
 
IMPORTANT !!! Save ComboFix.exe to your Desktop
 
1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Do not install any other programs until this if fixed.
 
How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html
 
Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note: Do not mouse click ComboFix's window while it's running. That may cause it to stall
 
Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html
 
Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
===
 
Third party programs if not up to date can be the cause of infiltration an infection.
 
Please run this security check for my review.
 
Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===
 
Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.
 
Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete tab follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).
===
 
Please run the DDS tool and post the DDS.txt this time.
 
Please post the logs and let me know if the problem persists.


#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,747 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:09 PM

Posted 08 March 2013 - 08:40 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users