1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive Bing.Zugo.com virus sends me to *** sites, keeps resetng my home

Discussion in 'Malware and Virus Removal Archive' started by J Randall, 2010/06/21.

Thread Status:
Not open for further replies.
  1. 2010/06/21
    J Randall

    J Randall Inactive Thread Starter

    Joined:
    2010/06/20
    Messages:
    1
    Likes Received:
    0
    [Inactive] Bing.Zugo.com virus sends me to *** sites, keeps resetng my home

    I need help cleaning this computer of a virus. It keeps sending me to **** sites and resetting my browser home page to bing.zugo.com and the like.

    Disables McAfee update and control panel. Replaces deleted unwanted programs
    Name: Generic PU.x!ee
    Location c:\system volume information\_restore ... \a0109018.exe


    Windows XP Professional and Internet Explorer
    J. R. for M. C.
    -
    DDS log from her PC 2010 0620

    DDS (Ver_10-03-17.01) - NTFSx86
    Run by Melinda Clingerman at 21:51:50.87 on Sun 06/20/2010
    Internet Explorer: 8.0.6001.18702
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.254.99 [GMT -5:00]

    AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
    FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\Program Files\McAfee\MSK\MskSrver.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    C:\WINDOWS\Explorer.EXE
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\system32\V0230Mon.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Documents and Settings\Melinda Clingerman\Desktop\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://microsoft.com/
    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uInternet Settings,ProxyOverride = 127.0.0.1
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
    mSearchAssistant = hxxp://www.google.com/ie
    uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    uURLSearchHooks: ToolbarURLSearchHook Class: {ca3eb689-8f09-4026-aa10-b9534c691ce0} - c:\program files\search toolbar\tbhelper.dll
    mURLSearchHooks: H - No File
    mWinlogon: Userinit=c:\windows\system32\Userinit.exe
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
    BHO: ShoppingReport: {100eb1fd-d03e-47fd-81f3-ee91287f9465} - c:\program files\shoppingreport\bin\2.0.24\ShoppingReport.dll
    BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
    BHO: TTB000000 Class: {62960d20-6d0d-1ab4-4bf1-95b0b5b8783a} - c:\windows\COUPON~1.DLL
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\2.0.301.7164\swg.dll
    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\4.0.0360.0\npwinext.dll
    BHO: flvpremier: {f607bb75-a625-21d5-ca49-37ab52375461} - c:\windows\system32\lYL7I7-PCZ-.dll
    BHO: TBSB05974 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\search toolbar\tbcore3.dll
    TB: H&otbar: {74cc49f7-eb32-4a08-b204-948962a6e3db} -
    TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
    TB: {07AA283A-43D7-4CBE-A064-32A21112D94D} - No File
    TB: CouponBar: {5bed3930-2e9e-76d8-bacc-80df2188d455} - c:\windows\CouponBarIE.dll
    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    TB: Search Toolbar: {0c8413c1-fad1-446c-8584-be50576f863e} - c:\program files\search toolbar\tbcore3.dll
    TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\4.0.0360.0\npwinext.dll
    EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
    EB: {7E66936C-FEA0-4984-AD26-7B6661AC5B2E} - No File
    EB: {93B0FA7B-50F6-41B4-AC7E-612A72CE8C3C} - No File
    EB: ShopperReports: {a7cddcdc-beeb-4685-a062-978f5e07ceee} - c:\program files\shoppingreport\bin\2.0.24\ShoppingReport.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [V0230Mon.exe] c:\windows\system32\V0230Mon.exe
    mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [MSN Toolbar] "c:\program files\msn toolbar\platform\4.0.0360.0\mswinext.exe "
    mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
    mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
    mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
    IE: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZRxdm429MUUS
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBC}
    IE: {C5428486-50A0-4a02-9D20-520B59A9F9B2} - {C9CCBB35-D123-4a31-AFFC-9B2933132116} - c:\program files\shoppingreport\bin\2.0.24\ShoppingReport.dll
    IE: {C5428486-50A0-4a02-9D20-520B59A9F9B3} - {A16AD1E9-F69A-45af-9462-B1C286708842} - c:\program files\shoppingreport\bin\2.0.24\ShoppingReport.dll
    IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB
    DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1277001956812
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_03-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_03-windows-i586.cab
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
    Notify: igfxcui - igfxdev.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    ============= SERVICES / DRIVERS ===============

    R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-8-21 214664]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-8-21 93320]
    R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2009-8-21 359952]
    R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2009-8-21 144704]
    R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2009-8-21 606736]
    R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-8-21 79816]
    R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-8-21 35272]
    R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-8-21 40552]
    S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-8-21 34248]
    S3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);c:\windows\system32\drivers\swnc8ua3.sys [2009-3-31 190080]
    S3 SWUMXA3;Sierra Wireless USB MUX Driver (UMTSA3);c:\windows\system32\drivers\swumxa3.sys [2009-5-4 148096]
    S3 V0230Vfx;V0230Vfx;c:\windows\system32\drivers\V0230Vfx.sys [2007-11-14 6272]
    S3 V0230VID;Live! Cam Video IM Pro;c:\windows\system32\drivers\V0230VID.sys [2007-11-14 498464]

    =============== Created Last 30 ================

    2010-06-20 01:49:46 0 d-----w- c:\windows\system32\wbem\Repository
    2010-06-19 18:30:48 0 d-----w- c:\documents and settings\melinda clingerman\IECompatCache
    2010-06-19 14:27:13 0 d-----w- C:\Data
    2010-06-12 00:27:40 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll

    ==================== Find3M ====================

    2010-05-15 23:10:18 1682 --sha-w- c:\windows\system32\KGyGaAvL.sys
    2010-05-05 13:30:57 173056 ------w- c:\windows\system32\dllcache\ie4uinit.exe
    2010-05-04 20:28:33 111750 ----a-w- c:\windows\system32\ez0-J-jP9-.exe
    2010-05-02 05:22:50 1851264 ----a-w- c:\windows\system32\win32k.sys
    2010-05-02 05:22:50 1851264 ------w- c:\windows\system32\dllcache\win32k.sys
    2010-04-30 23:47:02 1556480 ----a-w- c:\windows\system32\lYL7I7-PCZ-.dll
    2010-04-20 05:30:08 285696 ----a-w- c:\windows\system32\atmfd.dll
    2010-04-20 05:30:08 285696 ------w- c:\windows\system32\dllcache\atmfd.dll
    2010-04-06 09:52:46 2462720 ----a-w- c:\windows\system32\dllcache\WMVCore.dll
    2009-11-20 22:02:06 32768 -csha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009112020091121\index.dat

    ============= FINISH: 21:54:59.62 ===============

    Attach from her PC


    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-03-17.01)

    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume2
    Install Date: 10/9/2007 12:25:49 PM
    System Uptime: 6/20/2010 9:25:17 PM (0 hours ago)

    Motherboard: Dell Computer Corp. | | 0WF887
    Processor: Intel(R) Celeron(R) CPU 2.53GHz | Microprocessor | 2527/533mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 53 GiB total, 38.03 GiB free.
    D: is FIXED (NTFS) - 19 GiB total, 18.526 GiB free.
    E: is CDROM ()
    F: is Removable

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP853: 3/25/2010 12:02:27 PM - System Checkpoint
    RP854: 3/26/2010 12:42:44 PM - System Checkpoint
    RP855: 3/27/2010 1:42:45 PM - System Checkpoint
    RP856: 3/28/2010 2:42:44 PM - System Checkpoint
    RP857: 3/29/2010 3:42:43 PM - System Checkpoint
    RP858: 3/30/2010 4:42:45 PM - System Checkpoint
    RP859: 3/31/2010 5:42:47 PM - System Checkpoint
    RP860: 4/1/2010 3:00:23 AM - Software Distribution Service 3.0
    RP861: 4/2/2010 3:23:35 AM - System Checkpoint
    RP862: 4/3/2010 4:23:27 AM - System Checkpoint
    RP863: 4/4/2010 5:23:28 AM - System Checkpoint
    RP864: 4/5/2010 6:23:29 AM - System Checkpoint
    RP865: 4/6/2010 7:23:29 AM - System Checkpoint
    RP866: 4/7/2010 8:23:28 AM - System Checkpoint
    RP867: 4/8/2010 9:23:27 AM - System Checkpoint
    RP868: 4/9/2010 9:23:46 AM - System Checkpoint
    RP869: 4/10/2010 10:08:04 AM - System Checkpoint
    RP870: 4/11/2010 11:08:04 AM - System Checkpoint
    RP871: 4/12/2010 12:08:02 PM - System Checkpoint
    RP872: 4/13/2010 1:21:12 PM - System Checkpoint
    RP873: 4/14/2010 3:00:25 AM - Software Distribution Service 3.0
    RP874: 4/15/2010 3:27:34 AM - System Checkpoint
    RP875: 4/16/2010 9:19:53 AM - System Checkpoint
    RP876: 4/17/2010 10:05:27 AM - System Checkpoint
    RP877: 4/18/2010 11:05:33 AM - System Checkpoint
    RP878: 4/19/2010 12:05:30 PM - System Checkpoint
    RP879: 4/20/2010 1:05:29 PM - System Checkpoint
    RP880: 4/21/2010 2:18:57 PM - System Checkpoint
    RP881: 4/22/2010 3:05:27 PM - System Checkpoint
    RP882: 4/23/2010 4:05:30 PM - System Checkpoint
    RP883: 4/24/2010 4:05:45 PM - System Checkpoint
    RP884: 4/25/2010 5:30:57 PM - System Checkpoint
    RP885: 4/26/2010 6:05:48 PM - System Checkpoint
    RP886: 4/27/2010 7:05:48 PM - System Checkpoint
    RP887: 4/28/2010 8:33:18 PM - System Checkpoint
    RP888: 4/29/2010 9:05:18 PM - System Checkpoint
    RP889: 4/30/2010 10:05:20 PM - System Checkpoint
    RP890: 5/1/2010 11:05:20 PM - System Checkpoint
    RP891: 5/2/2010 11:10:52 PM - System Checkpoint
    RP892: 5/4/2010 12:05:20 AM - System Checkpoint
    RP893: 5/5/2010 1:05:20 AM - System Checkpoint
    RP894: 5/6/2010 2:05:20 AM - System Checkpoint
    RP895: 5/7/2010 3:05:21 AM - System Checkpoint
    RP896: 5/8/2010 3:05:37 AM - System Checkpoint
    RP897: 5/9/2010 4:05:43 AM - System Checkpoint
    RP898: 5/10/2010 5:05:41 AM - System Checkpoint
    RP899: 5/11/2010 6:05:41 AM - System Checkpoint
    RP900: 5/12/2010 3:00:31 AM - Software Distribution Service 3.0
    RP901: 5/13/2010 3:05:42 AM - System Checkpoint
    RP902: 5/14/2010 4:05:43 AM - System Checkpoint
    RP903: 5/15/2010 7:14:02 PM - System Checkpoint
    RP904: 5/16/2010 7:15:54 PM - System Checkpoint
    RP905: 5/17/2010 8:42:24 PM - System Checkpoint
    RP906: 5/18/2010 9:15:54 PM - System Checkpoint
    RP907: 5/19/2010 10:15:55 PM - System Checkpoint
    RP908: 5/20/2010 11:15:54 PM - System Checkpoint
    RP909: 5/22/2010 12:16:04 AM - System Checkpoint
    RP910: 5/23/2010 1:16:04 AM - System Checkpoint
    RP911: 5/24/2010 2:16:04 AM - System Checkpoint
    RP912: 5/25/2010 3:16:05 AM - System Checkpoint
    RP913: 5/25/2010 11:27:09 PM - Software Distribution Service 3.0
    RP914: 5/27/2010 12:17:55 AM - System Checkpoint
    RP915: 5/31/2010 10:56:57 PM - System Checkpoint
    RP916: 6/1/2010 11:03:41 PM - System Checkpoint
    RP917: 6/3/2010 12:03:45 AM - System Checkpoint
    RP918: 6/4/2010 12:26:30 AM - System Checkpoint
    RP919: 6/5/2010 1:03:43 AM - System Checkpoint
    RP920: 6/6/2010 2:03:42 AM - System Checkpoint
    RP921: 6/7/2010 3:03:44 AM - System Checkpoint
    RP922: 6/8/2010 3:04:09 AM - System Checkpoint
    RP923: 6/9/2010 4:04:11 AM - System Checkpoint
    RP924: 6/10/2010 5:04:12 AM - System Checkpoint
    RP925: 6/11/2010 7:35:12 PM - Software Distribution Service 3.0
    RP926: 6/12/2010 8:26:24 AM - Software Distribution Service 3.0
    RP927: 6/13/2010 9:06:54 AM - System Checkpoint
    RP928: 6/14/2010 9:19:23 AM - System Checkpoint
    RP929: 6/15/2010 2:28:29 PM - System Checkpoint
    RP930: 6/16/2010 7:03:33 PM - System Checkpoint
    RP931: 6/19/2010 8:32:26 AM - System Checkpoint
    RP932: 6/19/2010 8:47:42 PM - Restore Operation

    ==== Installed Programs ======================

    ActiveSpeed
    Adobe Flash Player 10 ActiveX
    Adobe Reader 7.1.0
    Advanced Video FX Engine
    American Greetings Crafts!
    Bejeweled 2 Deluxe
    Coupon Printer for Windows
    CouponBar
    Creative Live! Cam Center
    Creative Live! Cam Doodling
    Creative Live! Cam FX Creator
    Creative Live! Cam Manager
    Creative Live! Cam Video IM Pro Driver (1.00.07.0725)
    Creative Live! Cam Video IM Pro User's Guide (English)
    Creative Photo Calendar
    Creative Photo Manager
    Creative Software AutoUpdate
    Creative System Information
    Critical Update for Windows Media Player 11 (KB959772)
    Dell CinePlayer
    Dell Driver Reset Tool
    Dell Support Center
    Dell System Restore
    Digital Content Portal
    FLV Direct Player
    Google Toolbar for Internet Explorer
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    HP Memories Disc
    HP Photo and Imaging 2.0 - Photosmart Cameras
    Intel(R) Extreme Graphics 2 Driver
    Intel(R) PRO Network Adapters and Drivers
    Intel(R) PROSet for Wired Connections
    Java 2 Runtime Environment, SE v1.4.2_03
    LoudMo Contextual Ad Assistant
    Map of North and Central America
    McAfee SecurityCenter
    MCU
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Default Manager
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Plus! Digital Media Edition Installer
    Microsoft Plus! Photo Story 2 LE
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Web Publishing Wizard 1.52
    MSN Toolbar
    MSN Toolbar Platform
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Musicnotes Player V1.23.2 and Viewer
    muvee autoProducer 4.1
    QuickTime
    RealPlayer Basic
    Recovery Toolbox for Address Book 1.0
    Search Toolbar
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB939653)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB972260)
    Security Update for Windows Internet Explorer 8 (KB974455)
    Security Update for Windows Internet Explorer 8 (KB976325)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165-v2)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    SightSpeed
    Sonic Activation Module
    Update for Windows Internet Explorer 8 (KB972636)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB976749)
    Update for Windows Internet Explorer 8 (KB980182)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Viewpoint Media Player
    Weather Services
    WebEx
    WebFldrs XP
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Internet Explorer 8
    Windows Live ID Sign-in Assistant
    Windows Media Format 11 runtime
    Windows Media Player 10
    Windows Media Player 11
    Windows XP Service Pack 3
    Windstream Broadband Check-up Center
    WordPerfect Office 12
    WordPerfect OfficeReady

    ==== Event Viewer Messages From Past Week ========

    6/20/2010 11:29:25 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee SystemGuards service to connect.
    6/20/2010 11:29:25 AM, error: Service Control Manager [7000] - The McAfee SystemGuards service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    6/19/2010 9:57:25 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the mcmscsvc service.
    6/19/2010 9:42:25 PM, error: Service Control Manager [7034] - The McAfee Scanner service terminated unexpectedly. It has done this 1 time(s).
    6/19/2010 9:09:38 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the McShield service.
    6/19/2010 8:19:18 AM, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 001676514E83 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
    6/19/2010 6:17:08 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer RANDALL that believes that it is the master browser for the domain on transport NetBT_Tcpip_{FDC00E70-9EB1-418E-8. The master browser is stopping or an election is being forced.
    6/19/2010 11:04:08 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service SeaPort with arguments "-Service" in order to run the server: {D6381B4A-D254-46EB-9018-A62E0F4BA6BA}
    6/19/2010 10:19:40 PM, error: DCOM [10009] - DCOM was unable to communicate with the computer 1 using any of the configured protocols.
    6/19/2010 1:16:30 PM, error: Dhcp [1002] - The IP address lease 192.168.2.3 for the Network Card with network address 001676514E83 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
    6/18/2010 3:43:15 PM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
    6/18/2010 3:43:15 PM, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
    6/17/2010 12:31:22 PM, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\system32\SHELL32.dll. Reference error message: The operation completed successfully. .
    6/17/2010 12:31:22 PM, error: SideBySide [58] - Syntax error in manifest or policy file "C:\WINDOWS\system32\SHELL32.dll" on line 0.
    6/16/2010 10:38:12 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
    6/16/2010 10:38:12 AM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    6/14/2010 5:48:34 PM, error: Service Control Manager [7034] - The McAfee Real-time Scanner service terminated unexpectedly. It has done this 3 time(s).
    6/14/2010 5:40:46 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee Real-time Scanner service, but this action failed with the following error: An instance of the service is already running.
    6/14/2010 5:39:36 PM, error: Service Control Manager [7031] - The McAfee Real-time Scanner service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    6/14/2010 5:32:01 PM, error: Service Control Manager [7031] - The McAfee Real-time Scanner service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    ==== End Of File ===========================
     
    J Randall,
    #1
  2. 2010/06/21
    crunchie

    crunchie Inactive

    Joined:
    2010/01/12
    Messages:
    982
    Likes Received:
    5
    Download Malwarebytes' Anti-Malware (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html) to your desktop.

    * Double-click mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure to checkmark the Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    * If an update is found, it will download and install the latest version.
    * Download the update from here if you have problems.
    * Once the program has loaded, select Perform full scan, then click Scan.
    * When the scan is complete, click OK, then Show Results to view the results.
    * Be sure that everything is checked, and click Remove Selected.
    * When completed, a log will open in Notepad.
    * Post the log back here.

    The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
    Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

    Make sure that you restart the computer.

    =================

    Download OTL to your Desktop.

    * Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    * Under the Custom Scan box paste this in:


    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\System32\config\*.sav
    CREATERESTOREPOINT


    * Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
     
    crunchie,
    #2


  3. to hide this advert.

Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...