TechSpot

General Internet blocking virus - not sure if global

Inactive
By devonshire
Oct 28, 2012
  1. Hi
    I'm having a weird issue - I just got my computer fixed by a tech. I'm not sure how techie he really is though because firefox, my main browser, won't let me connect to websites after about an hour of use. I'm now using IE and it seems to be fine. Just got myself some new memory and the tech told me he found some virus that was not letting him install any program or connect to the internet, but that he got rid of it. I think there's still something there. Here are my logs...
    Thanks so much for your help
    D

    Malwarebytes Anti-Malware 1.65.1.1000
    www.malwarebytes.org
    Database version: v2012.10.26.06
    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 7.0.5730.13
    user :: USER-AAA760148D [administrator]
    10/26/2012 3:26:19 PM
    mbam-log-2012-10-26 (15-26-19).txt
    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 241701
    Time elapsed: 12 minute(s), 4 second(s)
    Memory Processes Detected: 0
    (No malicious items detected)
    Memory Modules Detected: 0
    (No malicious items detected)
    Registry Keys Detected: 0
    (No malicious items detected)
    Registry Values Detected: 0
    (No malicious items detected)
    Registry Data Items Detected: 0
    (No malicious items detected)
    Folders Detected: 0
    (No malicious items detected)
    Files Detected: 0
    (No malicious items detected)
    (end)
    -----------------------------------------------------------------
    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2012-10-28 04:47:28
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-6 WDC_WD2500AAJS-22B4A0 rev.01.03A01
    Running: 73uxurud.exe; Driver: C:\DOCUME~1\user\LOCALS~1\Temp\pfadafob.sys

    ---- System - GMER 1.0.15 ----
    SSDT A1B6EB9C ZwClose
    SSDT A1B6EB56 ZwCreateKey
    SSDT A1B6EBA6 ZwCreateSection
    SSDT A1B6EB4C ZwCreateThread
    SSDT A1B6EB5B ZwDeleteKey
    SSDT A1B6EB65 ZwDeleteValueKey
    SSDT A1B6EB97 ZwDuplicateObject
    SSDT A1B6EB6A ZwLoadKey
    SSDT A1B6EB38 ZwOpenProcess
    SSDT A1B6EB3D ZwOpenThread
    SSDT A1B6EBBF ZwQueryValueKey
    SSDT A1B6EB74 ZwReplaceKey
    SSDT A1B6EBB0 ZwRequestWaitReplyPort
    SSDT A1B6EB6F ZwRestoreKey
    SSDT A1B6EBAB ZwSetContextThread
    SSDT A1B6EBB5 ZwSetSecurityObject
    SSDT A1B6EB60 ZwSetValueKey
    SSDT A1B6EBBA ZwSystemDebugControl
    SSDT A1B6EB47 ZwTerminateProcess
    ---- Kernel code sections - GMER 1.0.15 ----
    init C:\WINDOWS\system32\drivers\monfilt.sys entry point in "init" section [0xA8832280]
    ---- User code sections - GMER 1.0.15 ----
    .text C:\Program Files\Internet Explorer\iexplore.exe[2196] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E1DF4C9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2196] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E354846 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2196] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3547C7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2196] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E35480B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2196] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E354753 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2196] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E35478D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2196] USER32.dll!DialogBoxIndirectParamA 7E456D7D 1 Byte [E9]
    .text C:\Program Files\Internet Explorer\iexplore.exe[2196] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E354881 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2196] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E20177A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\iexplore.exe[2196] ole32.dll!OleLoadFromStream 7752983B 5 Bytes JMP 3E354A43 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    ---- Registry - GMER 1.0.15 ----
    Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9BCCEE70-E858-81A7-4D0C-1A757E7CDE9F}
    ---- EOF - GMER 1.0.15 ----
    ----
    DDS (Ver_2012-10-19.01) - NTFS_x86
    Internet Explorer: 7.0.5730.13
    Run by user at 8:15:27 on 2012-10-28
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3574.3030 [GMT 2:00]
    .
    AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    AV: Avira Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
    .
    ============== Running Processes ================
    .
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
    C:\Program Files\Secunia\PSI\sua.exe
    C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe
    C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\svchost.exe -k DcomLaunch
    C:\WINDOWS\system32\svchost.exe -k rpcss
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    .
    ============== Pseudo HJT Report ===============
    .
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [DT HPW] c:\program files\portrait displays\hp my display\DTHtml.exe -startup_folder
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hppsc1~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpohmr08.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
    uPolicies-Explorer: NoDriveAutoRun = dword:67108863
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDriveAutoRun = dword:67108863
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
    mPolicies-Explorer: NoDriveAutoRun = dword:67108863
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
    DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
    DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - hxxp://www.linkedin.com/cab/LinkedInContactFinderControl.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - hxxp://www.fujiprintnet.co.il/Online/ImageUploader/ImageUploader4.cab
    TCP: NameServer = 192.168.2.1
    TCP: Interfaces\{98CA33EB-A124-4D77-BB90-F00DB99BBBEC} : DHCPNameServer = 192.168.2.1
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
    Notify: igfxcui - igfxdev.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\aycbs2dd.hendy 2012-6-4\
    FF - plugin: c:\documents and settings\user\application data\mozilla\firefox\profiles\aycbs2dd.hendy 2012-6-4\extensions\coralietab@mozdev.org\plugins\npCoralIETab.dll
    FF - plugin: c:\documents and settings\user\application data\mozilla\plugins\npgoogletalk.dll
    FF - plugin: c:\documents and settings\user\application data\mozilla\plugins\npgtpo3dautoplugin.dll
    FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
    FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
    FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
    FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
    FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll
    FF - plugin: c:\windows\system32\npDeployJava1.dll
    FF - plugin: c:\windows\system32\npptools.dll
    FF - ExtSQL: 2012-10-02 23:34; jsonview@brh.numbera.com; c:\documents and settings\user\application data\mozilla\firefox\profiles\aycbs2dd.hendy 2012-6-4\extensions\jsonview@brh.numbera.com.xpi
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2002-1-1 36000]
    R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2002-1-1 86224]
    R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2002-1-1 110032]
    R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2002-1-1 83392]
    R2 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\hwinfo32\HWiNFO32.SYS [2009-2-1 15976]
    R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-10-14 399416]
    R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-8-13 3064000]
    R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-1-30 238080]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-5-28 250808]
    S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [2009-2-1 17149]
    S3 ip_hid;ip_hid;c:\windows\system32\drivers\ip_hid.sys [2010-6-29 17920]
    S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-21 115168]
    S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
    S3 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-10-14 994360]
    S3 Wirelecf;Friendly WI-FI Wirelesscfg Util Win2000 XP;c:\windows\system32\drivers\Wirelecf.SYS [2005-9-7 17230]
    .
    =============== File Associations ===============
    .
    FileExt: .ini: Applications\Notepad2.exe="c:\documents and settings\user\desktop\Notepad2.exe" "%1" [UserChoice]
    ShellExec: cmd.exe: Open=cmd /Q /D /C "start http://www.pando.com/link/return_pando_package"
    .
    =============== Created Last 30 ================
    .
    2012-10-26 13:24:23 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-10-26 13:24:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-10-25 15:18:39 147456 ----a-w- c:\windows\system32\igfxCoIn_v4906.dll
    2012-10-25 14:59:02 -------- d-----w- c:\documents and settings\user\application data\CCleanup
    2012-10-25 13:57:24 53248 ----a-w- c:\windows\system32\CSVer.dll
    2012-10-25 11:01:07 98816 ----a-w- c:\windows\sed.exe
    2012-10-25 11:01:07 256000 ----a-w- c:\windows\PEV.exe
    2012-10-25 11:01:07 208896 ----a-w- c:\windows\MBR.exe
    2012-10-25 10:45:50 147456 ----a-w- c:\windows\system32\igfxCoIn_v5009.dll
    2012-10-24 18:28:57 256904 ----a-w- c:\windows\system32\drivers\tmcomm.sys
    2012-10-21 06:44:13 157272 ----a-w- c:\program files\mozilla firefox\webapp-uninstaller.exe
    2012-10-21 06:44:12 96224 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe
    2012-10-21 06:34:00 270816 ----a-w- c:\program files\mozilla firefox\updater.exe
    2012-10-21 06:34:00 19424 ----a-w- c:\program files\mozilla firefox\xpcom.dll
    2012-10-21 06:34:00 14676960 ----a-w- c:\program files\mozilla firefox\xul.dll
    2012-10-16 18:47:01 -------- d-----w- c:\documents and settings\user\local settings\application data\Pando
    2012-10-16 18:45:10 -------- d-----w- c:\documents and settings\user\.swt
    2012-10-02 13:17:24 -------- d-----w- C:\AlbomBom_Submitted
    .
    ==================== Find3M ====================
    .
    2012-10-26 12:28:27 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys
    2012-10-25 14:17:22 170520 ----a-w- c:\windows\system32\igfxzoom.exe
    2012-10-09 18:30:44 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-10-09 18:30:44 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-09-23 12:22:46 4200013 ----a-w- c:\windows\system32\albombom_albombom_uninstaller.exe
    2012-08-27 19:12:39 832512 ----a-w- c:\windows\system32\wininet.dll
    2012-08-27 19:12:36 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
    2012-08-27 19:12:35 78336 ----a-w- c:\windows\system32\ieencode.dll
    2012-08-27 19:12:34 17408 ----a-w- c:\windows\system32\corpol.dll
    2012-08-24 13:53:22 177664 ----a-w- c:\windows\system32\wintrust.dll
    2012-08-21 13:33:26 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-08-21 12:58:09 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2012-04-19 11:46:49 3993600 ----a-w- c:\program files\GUT3B6.tmp
    .
    ============= FINISH: 8:16:17.43 ===============

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-10-19.01)
    .
    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume1
    Install Date: 5/7/2005 6:24:05 PM
    System Uptime: 10/28/2012 7:59:50 AM (1 hours ago)
    .
    Motherboard: ASUSTeK Computer INC. | | P5KPL-CM
    Processor: Intel Pentium III Xeon processor | Socket 775 | 2666/266mhz
    .
    ==== Disk Partitions =========================
    .
    A: is Removable
    C: is FIXED (NTFS) - 233 GiB total, 111.241 GiB free.
    D: is CDROM ()
    F: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}
    Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
    Device ID: ACPI\PNP0303\4&2C575ACB&0
    Manufacturer: (Standard keyboards)
    Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
    PNP Device ID: ACPI\PNP0303\4&2C575ACB&0
    Service: i8042prt
    .
    Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
    Description: Microsoft PS/2 Mouse
    Device ID: ACPI\PNP0F03\4&2C575ACB&0
    Manufacturer: Microsoft
    Name: Microsoft PS/2 Mouse
    PNP Device ID: ACPI\PNP0F03\4&2C575ACB&0
    Service: i8042prt
    .
    ==== System Restore Points ===================
    .
    RP846: 7/30/2012 9:19:48 PM - System Checkpoint
    RP847: 7/31/2012 11:17:51 PM - System Checkpoint
    RP848: 8/6/2012 6:26:15 PM - System Checkpoint
    RP849: 8/7/2012 7:23:45 PM - System Checkpoint
    RP850: 8/8/2012 9:15:10 PM - System Checkpoint
    RP851: 8/12/2012 10:23:39 AM - System Checkpoint
    RP852: 8/14/2012 4:21:03 PM - System Checkpoint
    RP853: 8/16/2012 11:49:56 AM - System Checkpoint
    RP854: 8/19/2012 8:58:13 AM - System Checkpoint
    RP855: 8/19/2012 11:40:03 AM - Software Distribution Service 3.0
    RP856: 8/20/2012 2:50:00 PM - System Checkpoint
    RP857: 8/21/2012 7:53:17 PM - System Checkpoint
    RP858: 8/22/2012 9:26:53 PM - System Checkpoint
    RP859: 8/23/2012 10:03:27 PM - System Checkpoint
    RP860: 8/25/2012 8:55:26 PM - System Checkpoint
    RP861: 8/26/2012 10:29:20 PM - System Checkpoint
    RP862: 8/27/2012 11:51:00 PM - System Checkpoint
    RP863: 8/29/2012 8:47:01 PM - System Checkpoint
    RP864: 8/30/2012 11:38:05 PM - System Checkpoint
    RP865: 9/2/2012 10:00:57 PM - System Checkpoint
    RP866: 9/4/2012 8:36:58 AM - System Checkpoint
    RP867: 9/5/2012 9:07:03 AM - System Checkpoint
    RP868: 9/9/2012 10:35:07 PM - System Checkpoint
    RP869: 9/11/2012 11:42:59 AM - System Checkpoint
    RP870: 9/12/2012 12:13:36 PM - System Checkpoint
    RP871: 9/13/2012 12:13:29 AM - Software Distribution Service 3.0
    RP872: 9/19/2012 9:28:33 AM - System Checkpoint
    RP873: 9/20/2012 1:12:58 PM - System Checkpoint
    RP874: 9/24/2012 12:34:38 PM - Software Distribution Service 3.0
    RP875: 9/28/2012 12:13:29 PM - System Checkpoint
    RP876: 10/2/2012 4:20:41 PM - System Checkpoint
    RP877: 10/10/2012 8:59:06 AM - System Checkpoint
    RP878: 10/11/2012 9:10:56 AM - System Checkpoint
    RP879: 10/12/2012 1:12:08 PM - System Checkpoint
    RP880: 10/15/2012 7:35:21 PM - System Checkpoint
    RP881: 10/16/2012 8:05:23 PM - System Checkpoint
    RP882: 10/18/2012 7:06:44 PM - System Checkpoint
    RP883: 10/19/2012 9:57:54 AM - Software Distribution Service 3.0
    RP884: 10/21/2012 7:16:40 PM - System Checkpoint
    RP885: 10/23/2012 9:00:28 PM - System Checkpoint
    RP886: 10/25/2012 12:57:29 PM - avast! Free Antivirus Setup
    RP887: 10/25/2012 4:19:43 PM - Software Distribution Service 3.0
    RP888: 1/1/2002 10:48:19 AM - System Checkpoint
    RP889: 1/1/2002 6:16:43 PM - Removed Acrobat.com
    RP890: 1/1/2002 6:17:33 PM - Removed Internet Explorer Developer Toolbar
    RP891: 10/26/2012 2:54:42 PM - Software Distribution Service 3.0
    RP892: 10/28/2012 1:17:25 AM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    Adobe Digital Editions
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Photoshop CS
    Albelli Photo books
    albombom
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
    Avira Free Antivirus
    Bonjour
    Camera Window
    Canon Camera Window for ZoomBrowser EX
    Canon RAW Image Task for ZoomBrowser EX
    Canon RemoteCapture Task for ZoomBrowser EX
    Canon Utilities ZoomBrowser EX
    CaptureWizPro 3.60
    CDBurnerXP
    Compatibility Pack for the 2007 Office system
    Creative ZEN X-Fi User's Guide
    DivX Setup
    FileZilla Client 3.5.3
    Foxit Reader
    Google Chrome
    Google Gears
    Google Talk (remove only)
    Google Talk Plugin
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB2756822)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB981793)
    HP Memories Disc
    HP My Display
    HP Photo and Imaging 2.0 - All-in-One
    HP Photo and Imaging 2.0 - All-in-One Drivers
    HP Photo and Imaging 2.0 - hp psc 1200 series
    hp psc 1200 series
    HWiNFO32 Version 2.20
    Inquisit 3 Web Edition
    Intel(R) Graphics Media Accelerator Driver
    iTunes
    Java(TM) 6 Update 30
    Java(TM) 7 Update 4
    K-Lite Mega Codec Pack 4.1.7
    Macromedia Dreamweaver MX
    Macromedia Extension Manager
    MagicDisc 2.7.105
    Malwarebytes Anti-Malware version 1.65.1.1000
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office File Validation Add-In
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Professional Edition 2003
    Microsoft Silverlight
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Works 2003 Setup Launcher
    Mozilla Firefox 16.0.1 (x86 en-US)
    Mozilla Maintenance Service
    orange IL
    Pando
    PDFCreator
    Picasa 3
    Platform
    QuickTime
    RAW Image Task
    RemoteCapture Task 1.0.1
    Safari
    SDK
    Secunia PSI (2.0.0.4003)
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Windows Internet Explorer 7 (KB2183461)
    Security Update for Windows Internet Explorer 7 (KB2360131)
    Security Update for Windows Internet Explorer 7 (KB2416400)
    Security Update for Windows Internet Explorer 7 (KB2482017)
    Security Update for Windows Internet Explorer 7 (KB2544521)
    Security Update for Windows Internet Explorer 7 (KB2675157)
    Security Update for Windows Internet Explorer 7 (KB2699988)
    Security Update for Windows Internet Explorer 7 (KB2722913)
    Security Update for Windows Internet Explorer 7 (KB2744842)
    Security Update for Windows Internet Explorer 7 (KB938127-v2)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Internet Explorer 7 (KB974455)
    Security Update for Windows Internet Explorer 7 (KB976325)
    Security Update for Windows Internet Explorer 7 (KB978207)
    Security Update for Windows Internet Explorer 7 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2510581)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2655992)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB2676562)
    Security Update for Windows XP (KB2685939)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2691442)
    Security Update for Windows XP (KB2695962)
    Security Update for Windows XP (KB2698365)
    Security Update for Windows XP (KB2705219)
    Security Update for Windows XP (KB2707511)
    Security Update for Windows XP (KB2709162)
    Security Update for Windows XP (KB2712808)
    Security Update for Windows XP (KB2718523)
    Security Update for Windows XP (KB2719985)
    Security Update for Windows XP (KB2723135)
    Security Update for Windows XP (KB2724197)
    Security Update for Windows XP (KB2731847)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371-v2)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981349)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Skype Click to Call
    Skype™ 5.10
    TextPad 5
    TopStyle Lite (Version 3)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 7 (KB976749)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB2661254-v2)
    Update for Windows XP (KB2718704)
    Update for Windows XP (KB2736233)
    Update for Windows XP (KB2749655)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    VC80CRTRedist - 8.0.50727.6195
    VIA Platform Device Manager
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    VLC media player 2.0.2
    VoipStunt
    WampServer 2.0
    WebFldrs XP
    Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 7
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Media Player Firefox Plugin
    Works Suite OS Pack
    YouSendIt Express
    àøëéåðø WinRAR
    àåøâðéú 3000
    .
    ==== Event Viewer Messages From Past Week ========
    .
    10/25/2012 4:48:22 PM, error: Dhcp [1002] - The IP address lease 192.168.0.100 for the Network Card with network address 001FC6C76393 has been denied by the DHCP server 192.168.2.254 (The DHCP Server sent a DHCPNACK message).
    10/25/2012 4:35:24 PM, error: Dhcp [1002] - The IP address lease 192.168.2.106 for the Network Card with network address 001FC6C76393 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
    10/24/2012 8:19:53 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt
    10/24/2012 8:06:48 PM, error: Service Control Manager [7034] - The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s).
    10/24/2012 8:06:48 PM, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).
    10/24/2012 8:06:48 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
    10/24/2012 8:06:47 PM, error: Service Control Manager [7034] - The Secunia Update Agent service terminated unexpectedly. It has done this 1 time(s).
    10/24/2012 8:06:47 PM, error: Service Control Manager [7034] - The Portrait Displays Display Tune Service service terminated unexpectedly. It has done this 1 time(s).
    10/24/2012 8:06:47 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
    10/24/2012 8:06:47 PM, error: Service Control Manager [7031] - The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
    10/24/2012 8:06:47 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    10/24/2012 8:04:03 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
    10/24/2012 8:04:03 AM, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    10/24/2012 8:03:51 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
    10/22/2012 8:14:12 AM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    10/22/2012 8:14:01 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
    .
    ==== End Of File ===========================
     
  2. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ==============================

    I don't see much there.

    Is Firefox misbehavior the only issue you're having?

    I can see some AVG leftovers.
    Run AVG Remover to get rid of them: http://www.avg.com/us-en/utilities
     
  3. devonshire

    devonshire TS Rookie Topic Starter Posts: 47

    Thanks for your reply. Not sure if I see anything else the matter. At times the computer freezes a bit, like this morning when I was posting to this forum. The whole thing stops responding for a few minutes and then carries on. Firefox is actually working fine today when yesterday it wasn't. Don't know what it is. I hope it wasn't anything. Thanks for the avg remover link - I'll definitely use it.
    D
     
  4. Broni

    Broni Malware Annihilator Posts: 48,033   +271

    Good luck then :)
     


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.