1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive Bug may be disabling Facebook.com

Discussion in 'Malware and Virus Removal Archive' started by pastorjoe777, 2010/10/21.

Thread Status:
Not open for further replies.
  1. 2010/10/21
    pastorjoe777

    pastorjoe777 Inactive Thread Starter

    Joined:
    2010/10/16
    Messages:
    29
    Likes Received:
    0
    [Inactive] Bug may be disabling Facebook.com

    Told to post this by Arie. :)

    ATTACH:

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-10-21.02)

    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 5/21/2009 12:14:47 AM
    System Uptime: 10/21/2010 6:17:27 AM (12 hours ago)

    Motherboard: Dell Computer Corporation | | OptiPlex GX240
    Processor: Intel(R) Pentium(R) 4 CPU 1.80GHz | Microprocessor | 1794/100mhz

    ==== Disk Partitions =========================

    A: is Removable
    C: is FIXED (NTFS) - 75 GiB total, 58.107 GiB free.
    D: is CDROM ()

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP422: 7/24/2010 2:35:49 AM - System Checkpoint
    RP423: 7/25/2010 3:05:30 AM - System Checkpoint
    RP424: 7/26/2010 11:18:41 AM - System Checkpoint
    RP425: 7/27/2010 12:13:34 PM - System Checkpoint
    RP426: 7/28/2010 12:55:25 PM - System Checkpoint
    RP427: 7/29/2010 1:16:32 PM - System Checkpoint
    RP428: 7/30/2010 5:48:20 PM - System Checkpoint
    RP429: 8/1/2010 5:38:13 PM - System Checkpoint
    RP430: 8/2/2010 5:40:23 PM - System Checkpoint
    RP431: 8/3/2010 3:00:19 AM - Software Distribution Service 3.0
    RP432: 8/3/2010 7:08:45 PM - Restore Operation
    RP433: 8/3/2010 7:10:06 PM - Restore Operation
    RP434: 8/4/2010 3:00:17 AM - Software Distribution Service 3.0
    RP435: 8/5/2010 11:16:43 AM - System Checkpoint
    RP436: 8/6/2010 6:48:53 PM - System Checkpoint
    RP437: 8/7/2010 7:35:02 PM - System Checkpoint
    RP438: 8/8/2010 8:35:03 PM - System Checkpoint
    RP439: 8/9/2010 10:08:56 PM - System Checkpoint
    RP440: 8/10/2010 10:58:18 PM - System Checkpoint
    RP441: 8/12/2010 5:29:01 PM - System Checkpoint
    RP442: 8/13/2010 3:00:29 AM - Software Distribution Service 3.0
    RP443: 8/14/2010 3:01:07 AM - System Checkpoint
    RP444: 8/15/2010 4:01:09 AM - System Checkpoint
    RP445: 8/16/2010 12:07:40 PM - System Checkpoint
    RP446: 8/16/2010 5:41:20 PM - Restore Operation
    RP447: 8/17/2010 6:12:48 PM - System Checkpoint
    RP448: 8/17/2010 7:00:14 PM - Installed Java(TM) 6 Update 21
    RP449: 8/18/2010 7:02:57 PM - System Checkpoint
    RP450: 8/19/2010 9:21:55 PM - System Checkpoint
    RP451: 8/20/2010 10:00:21 PM - System Checkpoint
    RP452: 8/21/2010 10:48:40 PM - System Checkpoint
    RP453: 8/22/2010 7:45:50 AM - Restore Operation
    RP454: 8/22/2010 7:55:13 AM - Restore Operation
    RP455: 8/22/2010 8:06:05 AM - Restore Operation
    RP456: 8/22/2010 2:33:03 PM - Restore Operation
    RP457: 8/23/2010 2:43:01 PM - System Checkpoint
    RP458: 8/24/2010 2:52:49 PM - System Checkpoint
    RP459: 8/25/2010 3:33:01 PM - System Checkpoint
    RP460: 8/26/2010 4:18:51 PM - System Checkpoint
    RP461: 8/28/2010 7:22:49 PM - System Checkpoint
    RP462: 8/29/2010 9:06:42 PM - System Checkpoint
    RP463: 8/31/2010 12:05:27 PM - System Checkpoint
    RP464: 9/1/2010 1:08:31 PM - System Checkpoint
    RP465: 9/2/2010 4:58:15 PM - System Checkpoint
    RP466: 9/3/2010 9:03:12 PM - System Checkpoint
    RP467: 9/4/2010 9:23:52 PM - System Checkpoint
    RP468: 9/5/2010 10:23:52 PM - System Checkpoint
    RP469: 9/6/2010 11:23:52 PM - System Checkpoint
    RP470: 9/9/2010 6:04:45 PM - Avg8 Update
    RP471: 9/9/2010 6:11:04 PM - Avg8 Update
    RP472: 9/10/2010 6:47:09 PM - System Checkpoint
    RP473: 9/11/2010 10:26:59 PM - System Checkpoint
    RP474: 9/12/2010 11:14:10 PM - System Checkpoint
    RP475: 9/13/2010 9:47:58 PM - Software Distribution Service 3.0
    RP476: 9/14/2010 10:00:43 PM - System Checkpoint
    RP477: 9/16/2010 3:00:29 AM - Software Distribution Service 3.0
    RP478: 9/17/2010 5:15:37 PM - System Checkpoint
    RP479: 9/18/2010 6:27:25 PM - System Checkpoint
    RP480: 9/20/2010 4:22:24 PM - System Checkpoint
    RP481: 9/22/2010 2:41:14 AM - System Checkpoint
    RP482: 9/24/2010 6:55:53 PM - System Checkpoint
    RP483: 9/25/2010 7:26:46 PM - System Checkpoint
    RP484: 9/26/2010 10:43:19 PM - System Checkpoint
    RP485: 9/27/2010 6:39:27 PM - Installed WinZip 14.5
    RP486: 9/28/2010 5:31:09 PM - Software Distribution Service 3.0
    RP487: 9/29/2010 6:01:14 PM - System Checkpoint
    RP488: 9/30/2010 7:12:24 PM - System Checkpoint
    RP489: 10/2/2010 11:09:39 AM - System Checkpoint
    RP490: 10/3/2010 3:56:22 PM - System Checkpoint
    RP491: 10/4/2010 6:56:58 PM - System Checkpoint
    RP492: 10/5/2010 7:29:21 PM - System Checkpoint
    RP493: 10/6/2010 6:38:48 PM - Avg8 Update
    RP494: 10/7/2010 6:59:58 PM - System Checkpoint
    RP495: 10/7/2010 11:53:50 PM - Software Distribution Service 3.0
    RP496: 10/9/2010 8:39:11 AM - System Checkpoint
    RP497: 10/10/2010 8:57:08 AM - System Checkpoint
    RP498: 10/11/2010 9:53:13 AM - System Checkpoint
    RP499: 10/12/2010 7:04:13 PM - System Checkpoint
    RP500: 10/13/2010 3:00:35 AM - Software Distribution Service 3.0
    RP501: 10/14/2010 3:32:33 AM - System Checkpoint
    RP502: 10/15/2010 7:23:18 PM - System Checkpoint
    RP503: 10/16/2010 9:27:49 AM - Installed %1 %2.
    RP504: 10/16/2010 2:46:15 PM - Restore Operation
    RP505: 10/17/2010 6:35:14 PM - System Checkpoint
    RP506: 10/18/2010 6:57:32 PM - System Checkpoint
    RP507: 10/19/2010 8:23:59 PM - System Checkpoint
    RP508: 10/21/2010 6:48:06 AM - System Checkpoint

    ==== Installed Programs ======================

    123PPT Play and Share
    123PPT Presentations Player
    7-Zip 4.65
    ACA Capture Pro 5.60
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 8.1.3
    Adobe Shockwave Player 11.5
    Advanced Registry Optimizer
    AIM 6
    Amazon MP3 Downloader 1.0.5
    Apple Application Support
    Apple Software Update
    Audacity 1.3.7 (Unicode)
    AVG Free 8.5
    CastRipper 2.9.6.000 2007.06.09
    CCleaner
    Cheetah DVD Burner
    ColorPic
    Compatibility Pack for the 2007 Office system
    Corel VideoStudio 12
    Critical Update for Windows Media Player 11 (KB959772)
    Dealio Toolbar v4.0.2
    Download Updater (AOL LLC)
    DVD Flick 1.3.0.7
    Facebook Plug-In
    getPlus(R) Download Manager for Corel
    GoodSearch Toolbar
    Google Chrome
    Google Earth Plug-in
    Google Update Helper
    HostsMan 3.2.73
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    Java Auto Updater
    Java(TM) 6 Update 21
    Junk Mail filter update
    LAME v3.98.2 for Audacity
    Malwarebytes' Anti-Malware
    MediaShout 4
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
    Microsoft Office Live Add-in 1.3
    Microsoft Office PowerPoint Viewer 2003
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office XP Professional with FrontPage
    Microsoft Silverlight
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft VC9 runtime libraries
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Mini-stream Ripper 3.1.0.8 2009.11.08
    Move Media Player
    Movie Player 1.0.2
    Mozilla Firefox (3.0.19)
    MSN
    MSVCRT
    Music Oasis
    Nero OEM
    NetJet 2.0
    Norton Security Scan
    QTVRControlX 3.7
    QuickTime
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Windows Internet Explorer 8 (KB2183461)
    Security Update for Windows Internet Explorer 8 (KB2360131)
    Security Update for Windows Internet Explorer 8 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB972260)
    Security Update for Windows Internet Explorer 8 (KB974455)
    Security Update for Windows Internet Explorer 8 (KB976325)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB963027)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Segoe UI
    Shutterfly Express Uploader
    Snagit 9.1.3
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB969497)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB976749)
    Update for Windows Internet Explorer 8 (KB980182)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    VideoStudio
    Viewpoint Media Player
    VLC media player 1.0.5
    WebFldrs XP
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 8
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live Mail
    Windows Live Sign-in Assistant
    Windows Live Upload Tool
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows PowerShell(TM) 1.0
    WinZip 14.5
    Wondershare PPT2DVD 6.0.3.11
    Yahoo! BrowserPlus 2.9.2
    Yahoo! Install Manager
    Yahoo! Toolbar
    YouTube Downloader 2.5.3

    ==== Event Viewer Messages From Past Week ========

    10/16/2010 12:51:23 PM, error: Service Control Manager [7031] - The cnetfilter service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service.
    10/16/2010 12:50:36 PM, error: Service Control Manager [7031] - The cnetfilter service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service.
    10/16/2010 12:46:39 PM, error: Service Control Manager [7031] - The cnetfilter service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service.
    10/16/2010 12:45:16 PM, error: Service Control Manager [7031] - The cnetfilter service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service.
    10/16/2010 12:11:00 PM, error: Service Control Manager [7031] - The AVG Free8 WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
    10/16/2010 12:08:10 PM, error: Service Control Manager [7034] - The AVG Free8 E-mail Scanner service terminated unexpectedly. It has done this 2 time(s).
    10/16/2010 12:07:18 PM, error: Service Control Manager [7034] - The AVG Free8 E-mail Scanner service terminated unexpectedly. It has done this 1 time(s).

    ==== End Of File ===========================

    DDS:


    DDS (Ver_10-10-21.02) - NTFSx86
    Run by Owner at 18:22:27.07 on Thu 10/21/2010
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.156 [GMT -4:00]

    AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    svchost.exe
    C:\Program Files\Application Updater\ApplicationUpdater.exe
    C:\WINDOWS\system32\ASTSRV.EXE
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\WINDOWS\system32\cnetfilter.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nlssrv32.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Common Files\Java\Java Update\jucheck.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Owner\My Documents\Downloads\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com/
    mStart Page = hxxp://www.kralyeri.com
    uInternet Settings,ProxyOverride = <local>
    uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 9\SnagitBHO.dll
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: GoodShopToolbar: {0b4d6b1c-d1a6-4b21-9412-cc846ebfa818} - c:\program files\goodsearch.com\goodsearch toolbar\adxloader.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
    TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 9\SnagitIEAddin.dll
    TB: GoodSearchBar: {10834e9a-d475-4a24-ad01-f3f24f71b28e} - c:\program files\goodsearch.com\goodsearch toolbar\adxloader.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    uRun: [Google Update] "c:\documents and settings\owner\local settings\application data\google\update\GoogleUpdate.exe" /c
    uRun: [AROReminder] c:\program files\advanced registry optimizer\ARO.exe -rem
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1150600.exe -Update -1150600 - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; FunWebProducts; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" - "http://www.stayglad.com/PlasticContest/index.html "
    uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\NPSWF32_FlashUtil.exe -p
    mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
    DPF: {445F47D7-E043-4BD6-82EB-7A1BD0EBA773} - hxxp://www.psapoll.com/CopyGuardIE.cab
    DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1242906219296
    DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
    DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
    Notify: avgrsstarter - avgrsstx.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\wnbvguwv.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
    FF - prefs.js: browser.search.selectedEngine - Yahoo
    FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
    FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=966134&p=
    FF - plugin: c:\documents and settings\owner\application data\facebook\npfbplugin_1_0_3.dll
    FF - plugin: c:\documents and settings\owner\application data\move networks\plugins\npqmp071504000001.dll
    FF - plugin: c:\documents and settings\owner\local settings\application data\google\update\1.2.183.29\npGoogleOneClick8.dll
    FF - plugin: c:\documents and settings\owner\local settings\application data\yahoo!\browserplus\2.9.2\plugins\npybrowserplus_2.9.2.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\microsoft\office live\npOLW.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\np_IEGetPlugin.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
    FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

    ============= SERVICES / DRIVERS ===============

    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-5-21 335240]
    R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-5-21 27784]
    R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-5-21 108552]
    R1 WSHTTPflt;WSHTTPflt;c:\windows\system32\drivers\WSHTTPflt.sys [2009-6-19 31488]
    R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2010-1-8 380928]
    R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-5-21 908056]
    R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-5-21 297752]
    R2 cnetfilter;cnetfilter;c:\windows\system32\cnetfilter.exe [2009-6-19 398573]
    R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-3-17 54752]
    R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [2009-6-7 61440]
    R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-9-17 24652]
    R3 VAD_DEV;Virtual Audio Service;c:\windows\system32\drivers\vad.sys [2010-1-24 16256]
    S0 cerc6;cerc6; [x]
    S0 nielprt;Nielsen Patch Service;c:\windows\system32\drivers\nielprt.sys --> c:\windows\system32\drivers\nielprt.sys [?]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-5-15 136176]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
    S3 NielGfx;Nielsen USB GFX;c:\windows\system32\drivers\nielgfx.sys --> c:\windows\system32\drivers\nielgfx.sys [?]

    =============== Created Last 30 ================

    2010-10-16 16:44:20 -------- d-sha-r- C:\cmdcons
    2010-10-16 16:30:03 77312 ----a-w- c:\windows\MBR.exe
    2010-10-16 16:30:03 256512 ----a-w- c:\windows\PEV.exe
    2010-10-16 16:30:03 161792 ----a-w- c:\windows\SWREG.exe
    2010-10-16 16:30:02 98816 ----a-w- c:\windows\sed.exe
    2010-10-16 13:30:03 -------- d-----w- c:\docume~1\owner\applic~1\ElevatedDiagnostics
    2010-09-27 22:41:23 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\WinZip
    2010-09-27 02:13:36 -------- d-----w- c:\docume~1\owner\applic~1\Sammsoft
    2010-09-27 02:12:57 -------- d-----w- c:\program files\Advanced Registry Optimizer
    2010-09-26 20:00:27 -------- d-----w- c:\docume~1\owner\applic~1\DriverCure
    2010-09-26 20:00:22 -------- d-----w- c:\docume~1\owner\applic~1\ParetoLogic
    2010-09-26 19:59:47 -------- d-----w- c:\docume~1\alluse~1\applic~1\ParetoLogic

    ==================== Find3M ====================

    2010-09-18 16:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
    2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
    2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
    2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
    2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-09-10 05:58:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2010-09-10 05:58:06 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll
    2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys
    2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
    2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
    2010-08-26 12:52:45 5120 ----a-w- c:\windows\system32\xpsp4res.dll
    2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll
    2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
    2010-08-16 08:45:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll

    ============= FINISH: 18:23:48.90 ===============
     
    pastorjoe777,
    #1
  2. 2010/10/21
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Please, state your issues.

    Unless you installed Viewpoint Manager knowledgeably...
    Go Start>Control Panel>Add\Remove (Programs and Features in Vista), and...
    Uninstall any of the following programs associated with Viewpoint:
    * Viewpoint Manager
    * Viewpoint Media Player
    * Viewpoint Toolbar
    This program does not do anything bad such as deliver ads or spy on you, but it is considered foistware ( "drive-by-install ") as it is installed without your consent through programs like AOL, AIM, Compuserve, etc.

    =============================================================

    STEP 1. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/mbam.php to your desktop.
    (Malwarebytes is free to use as a manual scanner. Payment is only required if you wish to have it run and update automatically which is not necessary for our purposes)

    * Double-click mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select Perform Quick Scan, then click Scan.
    * When the scan is complete, click OK, then Show Results to view the results.
    * Be sure that everything is checked, and click Remove Selected.
    * When completed, a log will open in Notepad.
    * Post the log back here.

    The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
    Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt


    STEP 2. Download GMER: http://www.gmer.net/files.php, by clicking on Download EXE button.
    Alternative downloads:
    - http://majorgeeks.com/GMER_d5198.html
    - http://www.softpedia.com/get/Interne...ers/GMER.shtml
    Double click on downloaded .exe file, select Rootkit tab and click the Scan button.
    Do NOT use the computer while GMER is running!
    When scan is completed, click Save button, and save the results as gmer.log
    Warning ! Please, do not select the "Show all" checkbox during the scan.
    Post the log to your next reply.

    IMPORTANT! If for some reason GMER refuses to run, try again.
    If it still fails, try to UN-check "Devices" in right pane.
    If still no joy, try to run it from Safe Mode.


    STEP 3. Download MBRCheck to your desktop

    Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
    It will show a black screen with some data on it.
    A report called MBRcheckxxxx.txt will be on your desktop
    Open this report and post its content in your next reply.



    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
     
    broni,
    #2


  3. to hide this advert.

Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...