TechSpot

Malware problem

By jwalls
Nov 13, 2013
  1. I have a malware infection on an Asus Netbook that is affecting the keyboard function as well as other function. Performed a scan with Malwarebytes and removed infection then ran DDS but the keyboard is still affected. Any other ideas? Do I need to wipe and re-install O/S?
    The DDS results follow, appreciate any comments, thanks Jeff
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume1
    Install Date: 5/25/2009 9:48:33 AM
    System Uptime: 11/12/2013 2:25:51 PM (1 hours ago)
    .
    Motherboard: ASUSTeK Computer INC. | | 1000HE
    Processor: Intel(R) Atom(TM) CPU N280 @ 1.66GHz | PBGA 437 | 1662/167mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 72 GiB total, 45.937 GiB free.
    D: is FIXED (NTFS) - 72 GiB total, 71.791 GiB free.
    E: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID:
    Description: Audio Device on High Definition Audio Bus
    Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0269&SUBSYS_1043834A&REV_1000\4&1DBAF794&0&0001
    Manufacturer:
    Name: Audio Device on High Definition Audio Bus
    PNP Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0269&SUBSYS_1043834A&REV_1000\4&1DBAF794&0&0001
    Service:
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: 802.11n Wireless LAN Card
    Device ID: PCI\VEN_1814&DEV_0781&SUBSYS_27901814&REV_00\4&37028E5F&0&00E3
    Manufacturer: Ralink Technology, Corp.
    Name: 802.11n Wireless LAN Card
    PNP Device ID: PCI\VEN_1814&DEV_0781&SUBSYS_27901814&REV_00\4&37028E5F&0&00E3
    Service: RT80x86
    .
    ==== System Restore Points ===================
    .
    RP308: 11/8/2010 1:13:18 PM - System Checkpoint
    RP309: 11/9/2010 2:42:58 PM - System Checkpoint
    RP310: 11/11/2010 1:57:02 PM - System Checkpoint
    RP311: 11/13/2010 11:00:05 AM - System Checkpoint
    RP312: 11/15/2010 10:35:38 AM - Software Distribution Service 3.0
    RP313: 11/16/2010 11:23:56 AM - System Checkpoint
    RP314: 11/18/2010 4:20:02 PM - System Checkpoint
    RP315: 11/20/2010 11:45:32 AM - System Checkpoint
    RP316: 11/22/2010 12:52:09 PM - System Checkpoint
    RP317: 11/23/2010 1:33:14 PM - System Checkpoint
    RP318: 11/25/2010 1:22:45 PM - System Checkpoint
    RP319: 11/26/2010 1:27:49 PM - System Checkpoint
    RP320: 11/30/2010 11:51:29 AM - System Checkpoint
    RP321: 12/1/2010 11:54:36 AM - System Checkpoint
    RP322: 12/2/2010 12:49:01 PM - System Checkpoint
    RP323: 12/3/2010 1:52:07 PM - System Checkpoint
    RP324: 12/6/2010 1:43:28 PM - System Checkpoint
    RP325: 12/7/2010 2:20:23 PM - System Checkpoint
    RP326: 12/7/2010 3:50:30 PM - Installed Simply Accounting by Sage 2010
    RP327: 12/7/2010 3:50:34 PM - Installed Simply Accounting by Sage 2010
    RP328: 12/8/2010 4:45:28 PM - System Checkpoint
    RP329: 12/10/2010 1:33:32 PM - System Checkpoint
    RP330: 12/13/2010 2:45:09 PM - System Checkpoint
    RP331: 12/15/2010 2:27:35 PM - System Checkpoint
    RP332: 12/16/2010 2:45:26 PM - System Checkpoint
    RP333: 12/17/2010 2:57:53 PM - System Checkpoint
    RP334: 12/20/2010 1:32:59 PM - System Checkpoint
    RP335: 12/22/2010 12:07:04 PM - System Checkpoint
    RP336: 12/23/2010 2:11:31 PM - System Checkpoint
    RP337: 12/27/2010 3:31:12 PM - System Checkpoint
    RP338: 12/28/2010 3:58:01 PM - System Checkpoint
    RP339: 1/2/2011 9:07:33 PM - System Checkpoint
    RP340: 1/4/2011 3:29:03 PM - System Checkpoint
    RP341: 1/5/2011 5:21:30 PM - System Checkpoint
    RP342: 1/7/2011 12:16:01 PM - System Checkpoint
    RP343: 1/9/2011 1:51:25 PM - Installed Visual Link Spanish(tm) - Level I Complete
    RP344: 1/10/2011 3:08:12 PM - System Checkpoint
    RP345: 1/11/2011 4:25:00 PM - System Checkpoint
    RP346: 1/13/2011 8:24:50 AM - System Checkpoint
    RP347: 1/14/2011 11:27:31 AM - System Checkpoint
    RP348: 1/15/2011 11:31:39 AM - System Checkpoint
    RP349: 1/19/2011 5:18:11 PM - System Checkpoint
    RP350: 1/21/2011 2:09:53 PM - System Checkpoint
    RP351: 1/24/2011 4:14:19 PM - System Checkpoint
    RP352: 1/25/2011 5:16:24 PM - System Checkpoint
    RP353: 1/27/2011 1:46:42 PM - System Checkpoint
    RP354: 1/29/2011 10:06:07 AM - System Checkpoint
    RP355: 1/31/2011 3:09:36 PM - System Checkpoint
    RP356: 2/1/2011 3:31:45 PM - System Checkpoint
    RP357: 2/2/2011 3:32:49 PM - System Checkpoint
    RP358: 2/3/2011 3:37:52 PM - System Checkpoint
    RP359: 2/4/2011 3:50:30 PM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    Ad-Aware Antivirus
    AdAwareInstaller
    AdAwareUpdater
    Adobe Flash Player 11 ActiveX
    Adobe Reader 9.5.0
    AntimalwareEngine
    Apple Mobile Device Support
    Asus ACPI Driver
    ASUSUpdate for Eee PC
    Atheros Client Installation Program
    Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
    Azurewave Wireless LAN
    BlackBerry Desktop Software 7.1
    BlackBerry Device Software Updater
    Bonjour
    Choice Guard
    Compatibility Pack for the 2007 Office system
    Critical Update for Windows Media Player 11 (KB959772)
    CyberLink PowerDVD 9
    Eee Instant Key
    Eee Storage
    ETDWare PS/2-x86 7.0.4.3 WHQL
    Freelang Dictionary (wordlist)
    Freelang Dictionary 3.74 beta
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB942288-v3)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB954708)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB981793)
    InstallVC90Support
    Intel(R) Graphics Media Accelerator Driver
    iTunes
    Java(TM) 6 Update 12
    Junk Mail filter update
    K-Lite Codec Pack 7.0.0 (Standard)
    LemurLeap 3.0.0
    Malwarebytes Anti-Malware version 1.75.0.1300
    Manheim Media Player (Internet Explorer)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2416447)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    Microsoft National Language Support Downlevel APIs
    Microsoft Office XP Professional with FrontPage
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Works
    Mobile Broadband Generic Drivers
    Mobile Connect
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MySQL Connector/ODBC 3.51
    neroxml
    QFolder
    QuickTime
    Readiris Pro 10
    RPS CRT
    SAMSUNG Dr.Printer
    Samsung SCX-4x26 Series
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Windows Internet Explorer 7 (KB928090)
    Security Update for Windows Internet Explorer 7 (KB938127-v2)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 8 (KB2360131)
    Security Update for Windows Internet Explorer 8 (KB2416400)
    Security Update for Windows Internet Explorer 8 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950759)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953155)
    Security Update for Windows XP (KB953838)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956390)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958215)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960714)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Segoe UI
    Simply Accounting by Sage 2009
    Simulcast Video Plugin (Internet Explorer)
    Skype™ 3.6
    Super Hybrid Engine
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB971180)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB942763)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951618-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB953356)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    USB 2.0 1.3M UVC WebCam
    VCRedistSetup
    Visual Link Spanish(tm) - Level I Complete
    WebFldrs XP
    WIDCOMM Bluetooth Software
    Windows Genuine Advantage Notifications (KB905474)
    Windows Internet Explorer 7
    Windows Internet Explorer 8
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live Mail
    Windows Live Messenger
    Windows Live Photo Gallery
    Windows Live Sign-in Assistant
    Windows Live Sync
    Windows Live Toolbar
    Windows Live Upload Tool
    Windows Live Writer
    Windows Media Format 11 runtime
    Windows Media Player 11
    .
    ==== Event Viewer Messages From Past Week ========
    .
    11/10/2013 11:58:00 AM, error: Schedule [7901] - The At1.job command failed to start due to the following error: %%2147942403
    11/10/2013 11:56:48 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
    11/10/2013 11:09:08 AM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
    11/10/2013 11:09:08 AM, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified.
    11/10/2013 11:09:08 AM, error: Service Control Manager [7000] - The lxdu_device service failed to start due to the following error: The system cannot find the file specified.
    11/10/2013 11:09:08 AM, error: Service Control Manager [7000] - The DgiVecp service failed to start due to the following error: The specified driver is invalid.
    11/10/2013 11:08:15 AM, error: W32Time [34] - The time service has detected that the system time needs to be changed by +82619 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com (ntp.m|0x1|192.168.1.112:123->64.4.10.33:123) is working properly.
    .
    ==== End Of File ===========================
     
  2. Broni

    Broni Malware Annihilator Posts: 52,911   +344

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ===============================

    [​IMG] I still need DDS.txt and MBAM logs.

    [​IMG] You're not giving me any details about your computer issues (keyboard etc.).
     
  3. jwalls

    jwalls TS Rookie Topic Starter

    Thanks for the reply. Some keys produce the wrong characters making it impossible to input anything. I will obtain the MBAM log , it was saved on the infected machine so it will take some time to transfer it. I should be getting back to you within 36 hrs.
    thanks again
    Jeff
     
  4. Broni

    Broni Malware Annihilator Posts: 52,911   +344

Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...