also @ TechSpot: Windows 8 Release Preview leaked, Microsoft may raise OEM prices

TechSpot

[Inactive] [A] I can't go to any antivirus websites

Discussion in 'Virus and Malware Removal' started by axxxa, Jan 15, 2012.

Thread Status:
Not open for further replies.

  1. axxxa Newcomer, in training

    I use mozilla firefox. My internet works fine. I can go to any website except for antivirus websites. Can't go there. NOD32, Norton, BitDefender,... I get the message SERVER NOT FOUND. I'm posting logs for any suggestions.
    Please help!

    Malwarebytes Anti-Malware log
    GMER log
    DDS logs: both DDS.txt and Attach.txt

    Malwarebytes Anti-Malware (Trial) 1.60.0.1800
    www.malwarebytes.org

    Database version: v2012.01.14.05

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    Sobe :: NATURA [administrator]

    Protection: Enabled

    15.1.2012 1:06:05
    mbam-log-2012-01-15 (01-06-05).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 194155
    Time elapsed: 4 minute(s), 3 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL|CheckedValue (PUM.Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)




    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit quick scan 2012-01-15 06:57:17
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 FUJITSU_MJA2320BH_G2 rev.0084001C
    Running: bwxdrg33.exe; Driver: C:\DOCUME~1\Sobe\LOCALS~1\Temp\kwtdqpog.sys


    ---- System - GMER 1.0.15 ----

    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xA4BD27A2]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xA4BD25CC]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xA4BD2700]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

    ---- Devices - GMER 1.0.15 ----

    Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

    AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)

    Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software)

    AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
    AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
    AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

    ---- Services - GMER 1.0.15 ----

    Service C:\WINDOWS\system32\svchost.exe (*** hidden *** ) [AUTO] ujpimhbse <-- ROOTKIT !!!

    ---- EOF - GMER 1.0.15 ----






    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702
    Run by Sobe at 7:03:59 on 2012-01-15
    Microsoft Windows XP Home Edition 5.1.2600.3.1250.386.1033.18.3033.2241 [GMT 1:00]
    .
    AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
    C:\WINDOWS\system32\svchost.exe -k HPService
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lenovo\Energy Management\utility.exe
    C:\Program Files\Lenovo\Energy Management\Energy Management.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\WINDOWS\System32\igfxtray.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\WINDOWS\System32\igfxpers.exe
    C:\Program Files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\WINDOWS\System32\igfxsrvc.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
    C:\Program Files\Apoint2K\ApMsgFwd.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.si/
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
    EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
    uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
    uRun: [MSMSGS] Disable_By_"c:\program files\messenger\MSMSGS.EXE" /background
    uRun: [Gadwin PrintScreen] c:\program files\gadwin systems\printscreen\PrintScreen.exe /nosplash
    mRun: [EnergyUtility] c:\program files\lenovo\energy management\utility.exe
    mRun: [Energy Management] c:\program files\lenovo\energy management\Energy Management.exe
    mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [SmartAudio] c:\program files\conexant\smartaudio\SMAUDIO.EXE /c
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [Easy-PrintToolBox] c:\program files\canon\easy-printtoolbox\BJPSMAIN.EXE /logon
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
    mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
    mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
    dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
    StartupFolder: c:\docume~1\sobe\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Resource.dll/RC_AddToList.html
    IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Resource.dll/RC_HSPrint.html
    IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Resource.dll/RC_Preview.html
    IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Resource.dll/RC_Print.html
    IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
    IE: Send To Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Notify: igfxcui - igfxdev.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\sobe\application data\mozilla\firefox\profiles\ql9faeje.default\
    FF - plugin: c:\documents and settings\sobe\application data\mozilla\firefox\profiles\ql9faeje.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
    FF - plugin: c:\documents and settings\sobe\local settings\application data\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
    FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-1-15 314456]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-1-15 20568]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-1-15 44768]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-1-15 652872]
    R2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files\postgresql\8.3\bin\pg_ctl.exe [2009-9-4 77824]
    R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [2010-6-16 9472]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-1-15 20464]
    R3 RkHit;RkHit;\??\c:\windows\system32\drivers\rkhit.sys --> c:\windows\system32\drivers\RKHit.sys [?]
    S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-1-15 435032]
    S2 ujpimhbse;Center Support;c:\windows\system32\svchost.exe -k netsvcs [2003-3-31 14336]
    S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\rts5121.sys --> c:\windows\system32\drivers\RTS5121.sys [?]
    S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\drivers\rts516xir.sys --> c:\windows\system32\drivers\Rts516xIR.sys [?]
    .
    =============== Created Last 30 ================
    .
    2012-01-15 00:04:47 -------- d-----w- c:\documents and settings\sobe\application data\Malwarebytes
    2012-01-15 00:04:39 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
    2012-01-15 00:04:38 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-01-15 00:04:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-01-14 23:49:59 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2012-01-14 23:49:44 41184 ----a-w- c:\windows\avastSS.scr
    2012-01-14 23:49:33 -------- d-----w- c:\program files\AVAST Software
    2012-01-14 23:49:33 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software
    2012-01-14 22:24:51 -------- d-----w- c:\documents and settings\sobe\application data\QuickScan
    2012-01-14 22:01:22 -------- d-----w- c:\windows\pss
    2012-01-11 07:11:36 -------- d-----w- c:\program files\IrfanView
    2012-01-10 19:50:16 737280 ----a-w- c:\windows\iun6002.exe
    2012-01-10 19:48:57 -------- d-----w- c:\program files\WYSIWYG Web Builder 7
    2012-01-10 16:32:45 282928 ----a-w- c:\windows\system32\HMIPCore.dll
    2012-01-10 16:27:19 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    .
    ==================== Find3M ====================
    .
    2011-11-10 04:54:13 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-11-10 02:27:10 73728 ----a-w- c:\windows\system32\javacpl.cpl
    .
    ============= FINISH: 7:04:13,42 ===============







    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume1
    Install Date: 4.6.2010 14:21:42
    System Uptime: 15.1.2012 3:47:12 (4 hours ago)
    .
    Motherboard: LENOVO | | NITU1
    Processor: Intel Pentium III Xeon processor | U2E1 | 2194/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 298 GiB total, 287,803 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
    Description: Lenovo EasyCamera
    Device ID: USB\VID_090C&PID_3714\5&30124DE0&0&3
    Manufacturer:
    Name: Lenovo EasyCamera
    PNP Device ID: USB\VID_090C&PID_3714\5&30124DE0&0&3
    Service:
    .
    Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
    Description: Officejet Pro 8500 A909g
    Device ID: ROOT\MULTIFUNCTION\0000
    Manufacturer: HP
    Name: Officejet Pro 8500 A909g
    PNP Device ID: ROOT\MULTIFUNCTION\0000
    Service:
    .
    Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
    Description: Officejet Pro 8500 A910
    Device ID: ROOT\MULTIFUNCTION\0001
    Manufacturer: HP
    Name: Officejet Pro 8500 A910
    PNP Device ID: ROOT\MULTIFUNCTION\0001
    Service:
    .
    ==== System Restore Points ===================
    .
    RP105: 21.10.2011 9:03:24 - System Checkpoint
    RP106: 28.10.2011 10:10:06 - System Checkpoint
    RP107: 1.11.2011 9:51:30 - System Checkpoint
    RP108: 3.11.2011 10:24:30 - System Checkpoint
    RP109: 6.11.2011 10:26:47 - System Checkpoint
    RP110: 13.11.2011 9:40:10 - System Checkpoint
    RP111: 20.11.2011 10:02:18 - System Checkpoint
    RP112: 26.11.2011 8:45:23 - System Checkpoint
    RP113: 27.11.2011 10:54:57 - System Checkpoint
    RP114: 3.12.2011 11:38:02 - System Checkpoint
    RP115: 5.12.2011 10:28:41 - System Checkpoint
    RP116: 9.12.2011 11:02:39 - System Checkpoint
    RP117: 11.12.2011 9:28:21 - System Checkpoint
    RP118: 13.12.2011 9:25:02 - System Checkpoint
    RP119: 15.12.2011 10:54:09 - System Checkpoint
    RP120: 26.12.2011 9:44:29 - System Checkpoint
    RP121: 28.12.2011 8:40:08 - System Checkpoint
    RP122: 29.12.2011 8:54:20 - System Checkpoint
    RP123: 30.12.2011 11:32:08 - System Checkpoint
    RP124: 1.1.2012 10:27:20 - System Checkpoint
    RP125: 3.1.2012 12:09:54 - System Checkpoint
    RP126: 6.1.2012 11:20:58 - System Checkpoint
    RP127: 7.1.2012 11:09:26 - Installed Java(TM) 6 Update 30
    RP128: 12.1.2012 9:13:22 - System Checkpoint
    RP129: 14.1.2012 9:29:48 - System Checkpoint
    RP130: 15.1.2012 0:49:33 - avast! Free Antivirus Setup
    .
    ==== Installed Programs ======================
    .
    32 Bit HP CIO Components Installer
    8500A909_eDocs
    8500A909_Help
    8500A909g
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader 9.4.7
    ALPS Touch Pad Driver
    avast! Free Antivirus
    BPD_DSWizards
    bpd_scan
    BPDSoftware
    BPDSoftware_Ini
    Broadcom Gigabit Integrated Controller
    Broadcom WLAN
    BufferChm
    Canon iP5200
    Canon Setup Utility 2.0
    Canon Utilities Easy-PhotoPrint
    Canon Utilities Easy-PrintToolBox
    CD-LabelPrint
    Conexant HD Audio
    Destination Component
    DeviceDiscovery
    DocMgr
    DocProc
    Easy-WebPrint
    Energy Management
    Fax
    FileZilla Client 3.5.3
    Gadwin PrintScreen
    Gostilna za Windows verzija 10.6.14 Forma Brežice d.o.o.
    GPBaseService2
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB976002-v5)
    Hotfix for Windows XP (KB981793)
    HP Customer Participation Program 12.0
    HP Document Manager 2.0
    HP Imaging Device Functions 12.0
    HP Officejet Pro 8500 A910 Basic Device Software
    HP Officejet Pro 8500 A910 Help
    HP Smart Web Printing
    HP Solution Center 12.0
    HP Update
    HPProductAssistant
    HPSSupply
    Intel(R) Graphics Media Accelerator Driver
    IrfanView (remove only)
    Java Auto Updater
    Java(TM) 6 Update 30
    Malwarebytes Anti-Malware version 1.60.0.1800
    MarketResearch
    Microsoft .NET Framework 2.0
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Mozilla Firefox 9.0.1 (x86 en-US)
    MPM
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Network
    NVIDIA Drivers
    OCR Software by I.R.I.S. 12.0
    Officejet Pro 8500 A909 Series
    OpenOffice.org 3.2
    PostgreSQL 8.3
    ProductContext
    Scan
    Security Update for Windows Internet Explorer 8 (KB2183461)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player (KB979402)
    Security Update for Windows Media Player 8 (KB917734)
    Security Update for Windows Media Player 9 (KB911565)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981349)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982381)
    Security Update for Windows XP (KB982665)
    Shop for HP Supplies
    SmartWebPrinting
    SolutionCenter
    Status
    TeamViewer 5
    Toolbox
    TrayApp
    UnloadSupport
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB982632)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    USB2.0 Card Reader Software
    VLC media player 1.1.8
    WebFldrs XP
    WebReg
    WIDCOMM Bluetooth Software
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 8
    Windows XP Service Pack 3
    WYSIWYG Web Builder 7
    Yahoo! BrowserPlus 2.9.8
    Yahoo! Install Manager
    Yahoo! Software Update
    Yahoo! Toolbar
    .
    ==== Event Viewer Messages From Past Week ========
    .
    15.1.2012 6:24:21, error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
    15.1.2012 6:23:34, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
    14.1.2012 23:27:15, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
    14.1.2012 23:14:21, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm
    14.1.2012 23:13:11, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service HideMyIpSRV with arguments "-Service" in order to run the server: {B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
    14.1.2012 23:13:05, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    14.1.2012 20:22:39, error: DCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {B1A429DB-FB06-4645-B7C0-0CC405EAD3CD} to the user NATURA\postgres SID (S-1-5-21-117609710-412668190-839522115-1005). This security permission can be modified using the Component Services administrative tool.
    14.1.2012 19:54:54, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
    14.1.2012 19:54:44, error: Dhcp [1002] - The IP address lease 192.168.1.9 for the Network Card with network address 00268258C326 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
    14.1.2012 14:41:41, error: Service Control Manager [7034] - The PostgreSQL Database Server 8.3 service terminated unexpectedly. It has done this 1 time(s).
    14.1.2012 14:41:41, error: Service Control Manager [7023] - The Center Support service terminated with the following error: A dynamic link library (DLL) initialization routine failed.
    .
    ==== End Of File ===========================

    Attached Files:

    axxxa, Jan 15, 2012
    #1

  2. Broni Malware Annihilator

    Welcome aboard [IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running tools or applying updates other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ==============================================================

    Download TDSSKiller and save it to your desktop.
    • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on Continue.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
    Broni, Jan 15, 2012
    #2
Thread Status:
Not open for further replies.