Inactive Browser Hijack / Hidden iexplore.exe processes

Status
Not open for further replies.
Hello there. I've been having various issues and I was hoping someone could help me out.

Here's the logs:


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7678

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

9/9/2011 1:23:13 PM
mbam-log-2011-09-09 (13-23-12).txt

Scan type: Quick scan
Objects scanned: 211825
Time elapsed: 58 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-09-09 13:35:52
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdePort0 WDC_WD800BB-53CAA0 rev.16.06V16
Running: m2v4sj8x.exe; Driver: C:\DOCUME~1\Terri\LOCALS~1\Temp\pxtdrpob.sys


---- System - GMER 1.0.15 ----

SSDT spfc.sys ZwEnumerateKey [0xF843CDA4]
SSDT spfc.sys ZwEnumerateValueKey [0xF843D132]

---- Devices - GMER 1.0.15 ----

Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP1T1L0-17 82051AF1
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 [F8378B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort0 82051AF1
Device \Driver\atapi \Device\Ide\IdePort0 [F8378B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort1 82051AF1
Device \Driver\atapi \Device\Ide\IdePort1 [F8378B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP1T0L0-f 82051AF1
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f [F8378B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\avbxel4f \Device\Scsi\avbxel4f1 82103500
Device \Driver\avbxel4f \Device\Scsi\avbxel4f1Port2Path0Target1Lun0 82103500
Device \Driver\avbxel4f \Device\Scsi\avbxel4f1Port2Path0Target0Lun0 82103500
Device \FileSystem\Ntfs \Ntfs 8236F1F8

AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )

Device \FileSystem\Fastfat \Fat FF5BA1F8

AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskWDC_WD800BB-53CAA0______________________16.06V16#4457572d414d4538343237343138_036_0_0_0_0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found

---- EOF - GMER 1.0.15 ----

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_25
Run by Terri at 13:38:27 on 2011-09-09
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.258 [GMT -4:00]
.
AV: AVG Internet Security Business Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\AVG\AVG2012\avgfws.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\BELKIN USB Wireless Monitor\WLService.exe
C:\Program Files\Belkin\F5D7050v5011\Belkinwcui.exe
C:\Program Files\BELKIN USB Wireless Monitor\WLanCfgG.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Tunngle\TnglCtrl.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Program Files\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\MSSWCHX.EXE
C:\Program Files\AVG\AVG2012\avgui.exe
C:\WINDOWS\system32\wscntfy.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.msn.com
uInternet Settings,ProxyServer = 192.168.1.1:80
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
uRun: [Steam] "c:\program files\steam\steam.exe" -silent
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10e.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\belkin~1.lnk - c:\program files\belkin\f5d7050v5011\Belkinwcui.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\pokerstars.net\PokerStarsUpdate.exe
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522}
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\terri\application data\mozilla\firefox\profiles\ieffrqxf.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.reddit.com/
FF - plugin: c:\documents and settings\all users\application data\id software\quakelive\npquakezero.dll
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\documents and settings\terri\local settings\application data\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\documents and settings\terri\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\byond\bin\npbyond.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbyond.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-7-11 32464]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-7-11 229840]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2012\avgfws.exe [2011-8-19 2399560]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-8-16 5264736]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R2 Belkin 54Mbps Wireless USB;Belkin 54Mbps Wireless USB Network Service;c:\program files\belkin usb wireless monitor\WLService.exe [2011-8-7 49152]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2011-8-29 38144]
R2 RPCQT;Remote Procedure Call (CQTPM);c:\windows\system32\svchost.exe -k netsvcs [2008-4-14 14336]
R2 TunngleService;TunngleService;c:\program files\tunngle\TnglCtrl.exe [2011-6-18 737016]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-7-11 16720]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-6-8 22712]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-8-11 136176]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-6-8 366640]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944]
S3 BELKIN;Belkin Wireless G USB Network Adapter;c:\windows\system32\drivers\BLKWGU.sys [2011-8-29 273280]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-8-11 136176]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\drivers\MijXfilt.sys [2011-8-9 81168]
S3 nenum13E;nenum13E;\??\c:\docume~1\terri\locals~1\temp\nenum13e.sys --> c:\docume~1\terri\locals~1\temp\nenum13E.sys [?]
S3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [2009-7-31 341504]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [2010-1-6 594048]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [2011-6-18 27136]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-09-09 06:32:16 -------- d--h--w- C:\$AVG
2011-09-09 06:17:20 -------- d-----w- c:\documents and settings\terri\application data\AVG2012
2011-09-09 06:12:57 -------- d--h--w- c:\documents and settings\all users\application data\Common Files
2011-09-09 06:01:48 -------- d-----w- c:\windows\system32\drivers\AVG
2011-09-09 06:01:47 -------- d-----w- c:\documents and settings\all users\application data\AVG2012
2011-09-09 05:59:06 -------- d-----w- c:\program files\AVG
2011-09-09 05:56:37 -------- d-----w- c:\documents and settings\all users\application data\MFAData
2011-09-09 05:26:52 667136 ----a-w- c:\windows\system32\OGACheckControl.dll.bak
2011-09-09 05:26:52 667136 ----a-w- c:\windows\system32\OGACheckControl.dll
2011-09-09 05:26:52 3072 ----a-w- c:\windows\system32\OGAVerify.exe.bak
2011-09-09 05:26:52 3072 ----a-w- c:\windows\system32\OGAVerify.exe
2011-09-09 05:26:52 3072 ----a-w- c:\windows\system32\OGAExec.exe.bak
2011-09-09 05:26:52 3072 ----a-w- c:\windows\system32\OGAExec.exe
2011-09-09 05:26:52 3072 ----a-w- c:\windows\system32\OGAAddin.dll.bak
2011-09-09 05:26:52 3072 ----a-w- c:\windows\system32\OGAAddin.dll
2011-09-09 04:24:34 388096 ----a-r- c:\documents and settings\terri\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-09-09 04:24:26 -------- d-----w- c:\program files\hjt
2011-09-09 02:14:07 1446264 ----a-w- c:\program files\mozilla firefox\plugins\npLegitCheckPlugin.dll
2011-09-09 02:03:25 -------- d-----w- c:\program files\CCleaner
2011-08-29 17:37:21 38144 ----a-w- c:\windows\system32\drivers\EAPPkt.sys
2011-08-29 17:37:11 21035 ----a-w- c:\windows\system32\drivers\AegisP.sys
2011-08-29 17:37:01 273280 ----a-w- c:\windows\system32\drivers\BLKWGU.sys
2011-08-29 17:37:01 273280 ----a-w- c:\windows\system\BLKWGU.sys
2011-08-29 17:37:01 -------- d-----w- c:\windows\OPTIONS
2011-08-29 17:35:51 -------- d-----w- c:\windows\system32\Belkin Wireless G USB Adapter Software
2011-08-29 17:35:51 -------- d-----w- c:\program files\Belkin
2011-08-24 03:57:59 -------- d-----w- c:\documents and settings\terri\application data\dekovir
2011-08-24 03:50:58 -------- d-----w- c:\program files\Trade Mania
2011-08-24 03:14:00 -------- d-----w- C:\Blocks That Matter
2011-08-19 21:32:13 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-08-19 06:59:09 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-17 22:37:12 -------- d-----w- c:\documents and settings\terri\local settings\application data\Ubisoft
2011-08-16 06:47:12 -------- d-----w- c:\documents and settings\terri\application data\Meridian93
2011-08-16 06:44:15 -------- d-----w- c:\program files\Magic Life
2011-08-12 15:40:35 -------- d-----w- c:\program files\JoWooD
2011-08-12 02:43:02 40960 ----a-r- c:\documents and settings\terri\application data\microsoft\installer\{9559f7ca-5e34-4237-a2d9-d856464ad727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
2011-08-12 02:43:02 40960 ----a-r- c:\documents and settings\terri\application data\microsoft\installer\{9559f7ca-5e34-4237-a2d9-d856464ad727}\ARPPRODUCTICON.exe
2011-08-11 22:54:35 -------- d-----w- c:\program files\Piranha-Bytes
2011-08-11 18:51:14 -------- d-----w- c:\program files\Triumph Studios
2011-08-11 17:34:58 -------- d-----w- c:\program files\Age of Wonders Shadow Magic
2011-08-11 17:29:09 -------- d-----w- c:\program files\Age of Wonders II
.
==================== Find3M ====================
.
2011-09-03 10:17:37 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-08-24 03:15:01 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-08-24 03:15:01 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-08-07 16:06:59 2272 ----a-w- c:\windows\system32\w95inf16.dll
2011-08-07 16:06:58 4608 ----a-w- c:\windows\system32\w95inf32.dll
2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-11 05:14:38 295248 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2011-07-11 05:14:30 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys
2011-07-11 05:14:28 24272 ----a-w- c:\windows\system32\drivers\AVGIDSFilter.sys
2011-07-11 05:14:28 23120 ----a-w- c:\windows\system32\drivers\AVGIDSEH.sys
2011-07-11 05:14:26 134608 ----a-w- c:\windows\system32\drivers\AVGIDSDriver.sys
2011-07-11 05:13:46 229840 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2011-07-11 05:13:42 32464 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2011-07-10 18:09:45 94208 ----a-w- c:\windows\DIIUnin.exe
2011-07-10 18:09:45 2829 ----a-w- c:\windows\DIIUnin.pif
2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-06 23:52:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 23:52:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-26 06:45:56 256000 ----a-w- c:\windows\PEV.exe
2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36:30 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:36:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:36:30 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05:13 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-16 01:37:12 249856 ------w- c:\windows\Setup1.exe
2011-06-16 01:37:09 73216 ----a-w- c:\windows\ST6UNST.EXE
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD800BB-53CAA0 rev.16.06V16 -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-3
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x82051ECC]<<
_asm { PUSH EBP; MOV EBP, ESP; SUB ESP, 0x1c; PUSH EBX; PUSH ESI; MOV DWORD [EBP-0x4], 0xf8d04879; SUB DWORD [EBP-0x4], 0xf8d04135; PUSH EDI; CALL 0xffffffffffffdf2c; }
1 nt!IofCallDriver[0x804E37D5] -> \Device\Harddisk0\DR0[0x822ECAB8]
3 CLASSPNP[0xF8577FD7] -> nt!IofCallDriver[0x804E37D5] -> \Device\00000071[0x823E2530]
5 ACPI[0xF83E3620] -> nt!IofCallDriver[0x804E37D5] -> [0x82345940]
[0x81F13030] -> IRP_MJ_CREATE -> 0x82051ECC
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
detected disk devices:
\Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskWDC_WD800BB-53CAA0______________________16.06V16#4457572d414d4538343237343138_036_0_0_0_0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x82051AF1
user & kernel MBR OK
sectors 156301486 (+255): user != kernel
Warning: possible TDL3 rootkit infection !
.
============= FINISH: 13:40:59.35 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/31/2010 1:35:43 PM
System Uptime: 9/9/2011 10:46:21 AM (3 hours ago)
.
Motherboard: Intel Corporation | | D845GRG
Processor: Intel(R) Pentium(R) 4 CPU 2.40GHz | X1 | 2400/133mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 3.255 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is CDROM ()
G: is CDROM ()
H: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Ethernet Controller
Device ID: PCI\VEN_8086&DEV_1039&SUBSYS_4000107B&REV_81\4&2AF9ED5&0&40F0
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_8086&DEV_1039&SUBSYS_4000107B&REV_81\4&2AF9ED5&0&40F0
Service:
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Multimedia Audio Controller
Device ID: PCI\VEN_8086&DEV_24C5&SUBSYS_4000107B&REV_01\3&267A616A&0&FD
Manufacturer:
Name: Multimedia Audio Controller
PNP Device ID: PCI\VEN_8086&DEV_24C5&SUBSYS_4000107B&REV_01\3&267A616A&0&FD
Service:
.
==== System Restore Points ===================
.
RP376: 7/27/2011 4:44:00 AM - System Checkpoint
RP377: 7/28/2011 8:34:31 AM - System Checkpoint
RP378: 7/29/2011 9:14:25 AM - System Checkpoint
RP379: 7/29/2011 4:12:51 PM - Installed Singles2
RP380: 7/30/2011 5:57:51 PM - System Checkpoint
RP381: 7/31/2011 11:32:43 PM - System Checkpoint
RP382: 8/1/2011 11:43:36 PM - System Checkpoint
RP383: 8/2/2011 7:31:38 AM - Installed Call of Duty - United Offensive
RP384: 8/2/2011 7:35:00 AM - Installed Call of Duty - United Offensive
RP385: 8/2/2011 11:21:49 AM - Installed GTA San Andreas
RP386: 8/3/2011 10:30:47 PM - System Checkpoint
RP387: 8/5/2011 3:30:26 AM - System Checkpoint
RP388: 8/5/2011 8:10:28 AM - Installed Stronghold Crusader
RP389: 8/5/2011 8:19:29 AM - Installed Crusader Kings
RP390: 8/5/2011 8:21:41 AM - Installed Crusader Kings
RP391: 8/6/2011 2:32:21 PM - System Checkpoint
RP392: 8/7/2011 6:38:55 PM - System Checkpoint
RP393: 8/7/2011 11:27:33 PM - Installed Belkin 54Mbps Wireless USB Network Adapter
RP394: 8/8/2011 11:41:26 PM - System Checkpoint
RP395: 8/9/2011 4:14:04 PM - Removed Angry Birds Rio
RP396: 8/9/2011 4:14:29 PM - Installed Angry Birds Rio
RP397: 8/9/2011 7:31:49 PM - Installed Windows XP Wdf01009.
RP398: 8/9/2011 11:55:12 PM - Installed Civilization III: Conquests
RP399: 8/10/2011 3:00:25 AM - Software Distribution Service 3.0
RP400: 8/11/2011 5:07:19 AM - System Checkpoint
RP401: 8/11/2011 10:42:54 PM - Installed Project64 1.6
RP402: 8/13/2011 3:16:48 AM - System Checkpoint
RP403: 8/14/2011 3:58:19 AM - System Checkpoint
RP404: 8/15/2011 6:57:36 AM - System Checkpoint
RP405: 8/16/2011 6:58:33 AM - System Checkpoint
RP406: 8/17/2011 7:58:35 AM - System Checkpoint
RP407: 8/18/2011 8:58:34 AM - System Checkpoint
RP408: 8/19/2011 6:37:30 PM - System Checkpoint
RP409: 8/20/2011 5:38:57 PM - Installed Angry Birds Seasons
RP410: 8/21/2011 8:10:46 PM - System Checkpoint
RP411: 8/22/2011 8:33:45 PM - System Checkpoint
RP412: 8/24/2011 7:21:58 AM - System Checkpoint
RP413: 8/25/2011 3:00:25 AM - Software Distribution Service 3.0
RP414: 8/26/2011 3:05:13 AM - System Checkpoint
RP415: 8/27/2011 4:18:56 AM - System Checkpoint
RP416: 8/28/2011 4:23:45 AM - System Checkpoint
RP417: 8/29/2011 1:35:50 PM - Installed Belkin Wireless G USB Adapter Software
RP418: 8/30/2011 2:21:56 PM - System Checkpoint
RP419: 8/31/2011 3:00:50 PM - System Checkpoint
RP420: 9/1/2011 4:59:06 AM - Restore Operation
RP421: 9/1/2011 5:11:59 AM - Restore Operation
RP422: 9/1/2011 5:15:03 AM - Restore Operation
RP423: 9/2/2011 11:41:11 AM - System Checkpoint
RP424: 9/3/2011 12:14:41 PM - System Checkpoint
RP425: 9/4/2011 5:43:02 PM - System Checkpoint
RP426: 9/5/2011 10:01:13 PM - System Checkpoint
RP427: 9/7/2011 3:00:37 AM - Software Distribution Service 3.0
RP428: 9/8/2011 3:59:36 AM - System Checkpoint
RP429: 9/9/2011 12:21:18 AM - Removed Windows Live ID Sign-in Assistant
RP430: 9/9/2011 12:24:21 AM - Installed HiJackThis
RP431: 9/9/2011 1:59:04 AM - Installed AVG 2012
RP432: 9/9/2011 2:01:13 AM - Installed AVG 2012
.
==== Installed Programs ======================
.
'8th Wonder of the World'
µTorrent
32 Bit HP CIO Components Installer
7-Zip 9.20
Ace of Spades
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3
Adobe Shockwave Player 11.6
African Farm
Age of Wonders
Age of Wonders II
Age of Wonders Shadow Magic
Angry Birds Rio
Angry Birds Seasons
AnswerWorks 5.0 English Runtime
Avadon
AVG 2012
Bejeweled 3
Belkin 54Mbps Wireless USB Network Adapter
Belkin F7D1101 Basic Wireless USB Adapter
Belkin Wireless G USB Adapter Software
Bing Bar Platform
BufferChm
Build Your Own Net Dream (remove only)
Burger Shop 2 1.00
C4400
C4400_Help
Call of Duty
Call of Duty - United Offensive
Car Thief 6 Full
Cards_Calendar_OrderGift_DoMorePlugout
CCleaner
Ceaser 3
Civ3 Conquests v1.22 Full
Civilization III
Civilization III: Conquests
Clonk Rage
CodeBlocks
Comical 0.8
Copy
Counter-Strike
Crooked Money 1 Full
Crusader Kings
CustomerResearchQFolder
DAEMON Tools Toolbar
Destination Component
Deus Ex
DeviceDiscovery
DeviceManagementQFolder
Diablo II
Digital - A Love Story 1.1
DocProc
DocProcQFolder
DROD: Journey to Rooted Hold 2.0.12
DROD: King Dugan's Dungeon 2.0.12
Dungeon Crawl Stone Soup
Dungeon Keeper 2
Empires And Dungeons 2
eSupportQFolder
Europa 1400 - Gold Edition
EVEREST Home Edition v2.20
EverQuest Titanium
Fallout2
GameBiz 2 Uninstall
GameBiz 3.0
Google Chrome
Google Earth
Google Update Helper
Gothic
Gothic II
Governor of Poker 2
GPBaseService
Grand Theft Auto Vice City
GTA San Andreas
GTA2
Hacker Evolution: Untold (2.01.033)(remove only)
HiJackThis
Hitman 2: Silent Assassin
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Photosmart C4400 All-In-One Driver Software 10.0 Rel .3
HP Photosmart Essential 2.5
HP Update
HPPhotoSmartPhotobookWebPack1
HPProductAssistant
HPSSupply
ICCup Launcher
Illarion Client
Java Auto Updater
Java(TM) 6 Update 25
KAG 0.85A TEST
King of Dragon Pass
Knights Of Honor
LIFE QUEST Final
Magic Life 1.004
Majesty - Gold Edition
Malwarebytes' Anti-Malware version 1.51.1.1800
MapleStory
MarketResearch
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Default Manager
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft XNA Framework Redistributable 4.0
Morrowind
MotioninJoy ds3 driver version 0.6.0003
Mozilla Firefox 6.0.2 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NetAssistant
NetAssistant for Firefox
NETGEAR WG111v3 wireless USB 2.0 adapter
Neverwinter Nights
Nexon Game Manager
NVIDIA Drivers
NVIDIA Windows 2000/XP Display Drivers
OpenAL
Pando Media Booster
PanoStandAlone
Pioneer Lands
PokerStars.net
Project64 1.6
PS_AIO_03_C4400_ProductContext
PS_AIO_03_C4400_Software
PS_AIO_03_C4400_Software_Min
PSSWCORE
Quake Live Mozilla Plugin
Quicken 2010
Real Lives 2010
Restaurant Empire 2
Rhye's of Civilization Expanded
RPG World Online Client
Sapiens
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982802)
Shockwave
Shrapnel Games\Weird Worlds
Singles2
SmartWebPrintingOC
SolutionCenter
Sound Blaster Live! Web 2K/XP
Star Wars(R) Knights of the Old Republic(R) II: The Sith Lords(TM)
Star Wars®: Knights of the Old Republic (TM)
Status
Steam
StencylWorks
Stranded II 1.0.0.1
Stronghold Crusader
swMSM
System Shock2
Tasty Planet Back for Seconds
TES Construction Set
The Odyssey Online Classic
The Settlers IV
Thief Gold
Tiled - Tiled Map Editor
Tom Clancy's Splinter Cell
Toolbox
TrayApp
Tunngle beta
—ö‚·‚鉤‘
Unity Web Player
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Internet Explorer 8 (KB980302)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB978207)
Update for Windows XP (KB980182)
Uplink
Vantage Current Build
VideoToolkit01
Virtual Farm 2
VLC media player 1.1.7
VVVVVV (Window v1.0)
WebFldrs XP
WebReg
Windows Internet Explorer 8
WinHTTrack Website Copier 3.44-1
WinRAR archiver
Worms Reloaded
Xenimus
Xvid Video Codec
.
==== Event Viewer Messages From Past Week ========
.
9/9/2011 2:28:44 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
9/9/2011 2:28:44 AM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/9/2011 12:03:32 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PCIIde
9/9/2011 11:03:07 AM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
9/9/2011 1:31:39 PM, error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
9/9/2011 1:30:29 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
9/8/2011 9:21:19 PM, error: Service Control Manager [7034] - The TunngleService service terminated unexpectedly. It has done this 1 time(s).
9/8/2011 5:39:28 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
9/8/2011 5:11:55 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
9/8/2011 11:48:07 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
9/7/2011 12:53:50 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
9/7/2011 11:49:55 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm sptd
9/7/2011 11:49:52 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
9/7/2011 11:48:47 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
9/7/2011 11:48:27 AM, error: sptd [4] - Driver detected an internal error in its data structures for .
9/2/2011 8:42:25 PM, error: Service Control Manager [7023] - The HP CUE DeviceDiscovery Service service terminated with the following error: The specified module could not be found.
9/2/2011 8:42:25 PM, error: Service Control Manager [7000] - The SeaPort service failed to start due to the following error: The system cannot find the path specified.
9/2/2011 8:42:09 PM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
9/2/2011 8:42:09 PM, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
9/2/2011 10:08:07 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
 
Welcome aboard
yahooo.gif


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=============================================================

Download TDSSKiller and save it to your desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
 
Status
Not open for further replies.
Back