Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

I Have Trojan Horse Vundo.FW - No Internet Access

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

I Have Trojan Horse Vundo.FW - No Internet Access

Unread postby srr » April 1st, 2009, 2:23 pm

I am not able to connect to the Internet (however I can still IM so I know it's not my connection). I ran what anti-virus software I have and removed a lot of Vundo, but there seems to be more that can't be removed. Since I have no Internet access except at work, I can't download anything else to fix this problem. Nothing else seems to have been affected except my Internet access. I have pasted my DDS/HJT log below. Please advise at your earliest convenience.


DDS Logs pasted below.

DDS (Ver_09-03-16.01) - NTFSx86
Run by HP_Owner at 20:43:19.90 on Fri 03/27/2009
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.44 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated)
AV: Norton AntiVirus *On-access scanning enabled* (Outdated)
FW: Norton Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv2.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Verizon Online\bin\mpbtn.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\HP_Owner\LOCALS~1\Temp\Rar$EX00.672\HijackThis.exe
C:\Documents and Settings\HP_Owner\Desktop\dds.scr
C:\WINDOWS\system32\NOTEPAD.EXE

============== Pseudo HJT Report ===============

uInternet Connection Wizard,ShellNext = hxxp://www.gmail.com/
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: CNisExtBho Class: {9ecb9560-04f9-4bbc-943d-298ddf1699e1} - c:\program files\common files\symantec shared\adblocking\NISShExt.dll
BHO: {bce3a21d-5466-4503-ba1e-e2243a517842} - c:\windows\system32\punehomi.dll
BHO: CNavExtBho Class: {bdf3e430-b101-42ad-a544-fadc6b084872} - c:\program files\norton antivirus\NavShExt.dll
TB: HP view: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} - c:\program files\hp\digital imaging\bin\HPDTLK02.dll
TB: Norton AntiVirus: {42cdd1bf-3ffb-4238-8ad1-7859df00b1d6} - c:\program files\norton antivirus\NavShExt.dll
TB: AOL Toolbar: {4982d40a-c53b-4615-b15b-b5b5e98d167c} - c:\program files\aol toolbar\toolbar.dll
uRun: [MsnMsgr] "c:\program files\msn messenger\MsnMsgr.Exe" /background
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [HPHUPD06] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
mRun: [KBD] c:\hp\kbd\KBD.EXE
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [Symantec NetDriver Monitor] c:\progra~1\symnet~1\SNDMon.exe /Consumer
mRun: [Motive SmartBridge] c:\progra~1\verizo~1\smartb~1\MotiveSB.exe
mRun: [WUSB54Gv2] c:\program files\linksys wireless-g usb wireless network monitor\InvokeSvc3.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [^T\Q]S`P] C:\jsifskwq.bat
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [kularusefa] Rundll32.exe "c:\windows\system32\tusiheku.dll",s
mRun: [CPMb7cd7021] Rundll32.exe "c:\windows\system32\hujinuya.dll",a
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
mExplorerRun: [81n72QDLus] c:\docume~1\hp_owner\locals~1\temp\wJQs.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\update~1.lnk - c:\program files\updates from hp\309731\program\Updates from HP.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\verizo~1.lnk - c:\program files\verizon online\bin\matcli.exe
IE: &AOL Toolbar search - c:\program files\aol toolbar\toolbar.dll/SEARCH.HTML
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\windows\system32\msjava.dll
IE: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - c:\program files\aol toolbar\toolbar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} - hxxp://housecall60.trendmicro.com/housecall/xscan60.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {41564D57-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/ ... mvadvd.cab
DPF: {4B48D5DF-9021-45F7-A240-60304302A215} - hxxp://download.microsoft.com/download/ ... leaner.cab
DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - hxxp://www.pandasoftware.com/activescan ... asinst.cab
DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} - hxxp://www.linksysfix.com/netcheck/24/i ... downls.cab
DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - hxxp://www.windowsecurity.com/trojanscan/axscan.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/sh ... wflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://advancedmeetings.webex.com/clie ... eatgpc.cab
DPF: {EE8B6D5F-FEF2-11D0-B13F-00A024798EF3} - hxxp://lg.home.microsoft.com/search/lob ... ttings.cab
TCP: NameServer = 208.67.220.220,208.67.222.222
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: igfxcui - igfxsrvc.dll
AppInit_DLLs: avgrsstx.dll c:\windows\system32\fesisone.dll c:\windows\system32\yohefani.dll c:\windows\system32\hujinuya.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\hujinuya.dll
STS: STS: {ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} - c:\windows\system32\hujinuya.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll
LSA: Notification Packages = scecli c:\windows\system32\fesisone.dll c:\windows\system32\yohefani.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\hp_owner\applic~1\mozilla\firefox\profiles\ypy8vd9e.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://start.mozilla.org/firefox?client ... S:official
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJava11.dll
FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJava12.dll
FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJava13.dll
FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJava14.dll
FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJava32.dll
FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJPI142_03.dll
FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPOJI610.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

---- FIREFOX POLICIES ----
FF - user.js: network.proxy.type - 1
FF - user.js: network.proxy.http - 68.87.66.153
user_pref(network.proxy.http_port,553);
FF - user.js: network.proxy.no_proxies_on -

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-7-11 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-7-11 26824]
R1 SAVRT;SAVRT;c:\program files\norton antivirus\savrt.sys [2003-11-7 308416]
R1 SAVRTPEL;SAVRTPEL;c:\program files\norton antivirus\Savrtpel.sys [2003-11-7 37056]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-7-11 875288]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-7-11 231704]
R2 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-7-11 76040]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\CCEVTMGR.EXE [2003-12-9 255648]
R2 ccProxy;Symantec Network Proxy;c:\program files\common files\symantec shared\CCPROXY.EXE [2003-12-9 218736]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\CCSETMGR.EXE [2003-12-9 235168]
R2 navapsvc;Norton AntiVirus Auto Protect Service;c:\program files\norton antivirus\navapsvc.exe [2004-6-4 174208]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-10-28 24652]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20050302.008\NAVENG.Sys [2005-3-5 73728]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20050302.008\NavEx15.Sys [2005-3-5 631040]
S1 gepbnuxi;gepbnuxi;\??\c:\windows\system32\drivers\gepbnuxi.sys --> c:\windows\system32\drivers\gepbnuxi.sys [?]
S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\CCPWDSVC.EXE [2003-12-9 87712]
S3 SAVScan;SAVScan;c:\program files\norton antivirus\SAVScan.exe [2003-11-7 193816]
S3 SNDP106;Dual Mode Camera (8001 CIF);c:\windows\system32\drivers\sndp106.sys [2005-3-13 227072]

=============== Created Last 30 ================

2009-03-27 17:41 121 ---sh--- c:\windows\system32\ojosajub.ini
2009-03-27 17:41 94,208 a--sh--- c:\windows\system32\hujinuya.dll
2009-03-27 17:41 89,600 a--sh--- c:\windows\system32\bujasojo.dll
2009-03-26 17:49 95,232 a--sh--- c:\windows\system32\debeviva.dll
2009-03-09 21:32 60,744 a------- c:\documents and settings\hp_owner\g2mdlhlpx.exe

==================== Find3M ====================

2009-02-09 07:13 1,846,784 a------- c:\windows\system32\win32k.sys
2005-02-06 16:36 336,896 a------- c:\documents and settings\hp_owner\remote.exe
2005-07-01 16:15 0 a--sh--- c:\windows\sminst\HPCD.sys
0000-00-00 00:00 61,440 a--sh--- c:\windows\system32\buwapite.exe
0000-00-00 00:00 89,600 a--sh--- c:\windows\system32\mekawiba.dll
0000-00-00 00:00 58,368 a--sh--- c:\windows\system32\punehomi.dll
0000-00-00 00:00 90,624 a--sh--- c:\windows\system32\repudana.dll
0000-00-00 00:00 58,368 a--sh--- c:\windows\system32\tusiheku.dll
0000-00-00 00:00 58,368 a--sh--- c:\windows\system32\yohefani.dll
0000-00-00 00:00 94,208 a--sh--- c:\windows\system32\yuweveyo.dll
srr
Active Member
 
Posts: 2
Joined: April 1st, 2009, 10:07 am
Advertisement
Register to Remove

Re: I Have Trojan Horse Vundo.FW - No Internet Access

Unread postby chryssi2001 » April 17th, 2009, 3:38 am

Hello srr,

I apologise for the delay, the forum is busy.

I will need you to use a USB stick (Flash drive) to install programs on the infected pc run them and copy here the reports untill we can bring it back online.

So i want you to download and run the 2 programs below, and post back the reports.
----------------------------------------------
Malwarebytes' Anti-Malware

Please download Malwarebytes' Anti-Malware to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Checked (tick) all items except items in the C:\System Volume Information folder, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
  • Post that log back here.
----------------------------------------------
Download and Run HijackThis
Download HJTInstall.exe to your Desktop.

  • Doubleclick HJTInstall.exe to install it.
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed, it will launch Hijackthis.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Copy/Paste the log to your next reply please.

Don't use the Analyse This button, its findings are dangerous if misinterpreted.
Don't have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
----------------------------------------------
Post back:
Malwarebytes' Anti-Malware report.
A HijackThis log.
User avatar
chryssi2001
MRU Teacher Emeritus
 
Posts: 14395
Joined: September 24th, 2006, 2:11 am
Location: far away

Re: I Have Trojan Horse Vundo.FW - No Internet Access

Unread postby srr » April 17th, 2009, 8:36 pm

Hello chryssi. A lot has happened in the past 3 weeks since I originally posted that. I was working with someone on another site who helped me get rid of all my malware and I'm clean right now and have Internet access. Unfortunately, at some point I began crashing at random times and re-booting on a loop. This has happened constantly at times, sometimes for hours at a time. Sometimes I can stay on for a few hours and shut down normally, but I'm never sure when I'm going to crash again. Tonight it's pretty bad again and the only way I could get on to type this is by logging into Safe Mode. From Safe Mode I was able to run HJT and Malwarebytes. I also downloaded Crashed 1.01 which provides a crash analysis, where the problems seemed to have been pinpointed to file path: C:\WINDOWS\system32\drivers\vffilter.sys and file path: C:\WINDOWS\system32\ntoskrnl.exe. I have no idea how to repair my drivers. Any help would be greatly appreciated.

I'm posting all 3 logs below.

HJT

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:26:22 PM, on 4/17/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [WUSB54Gv2] C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InvokeSvc3.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/24/i ... downls.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://advancedmeetings.webex.com/clie ... eatgpc.cab
O16 - DPF: {EE8B6D5F-FEF2-11D0-B13F-00A024798EF3} (Microsoft Search Settings Control) - http://lg.home.microsoft.com/search/lob ... ttings.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: PTK License-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\licenseservice.exe
O23 - Service: PTK Live Update-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\updateservice.exe
O23 - Service: PTK Scanner-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\ScannerService.exe
O23 - Service: PTK SharedAccess-FIGHTERS-297811811 - SPAMfighter - C:\Program Files\Fighters\configservice.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WUSB54Gv2SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe

--
End of file - 8200 bytes


Malwarebytes

Malwarebytes' Anti-Malware 1.36
Database version: 1950
Windows 5.1.2600 Service Pack 3

4/17/2009 8:05:27 PM
mbam-log-2009-04-17 (20-05-27).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 187540
Time elapsed: 59 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Crash Analysis

Too many crashes have been detected. Only the latest 40 crashes will be displayed.

On Fri 2009-04-17 10:26:59 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000008E (0xC0000005, 0x8056987B, 0xEF68ABC4, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Fri 2009-04-17 10:01:52 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0xE, 0xFF, 0x0, 0x804DB65C)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Fri 2009-04-17 09:55:26 your computer crashed
This was likely caused by the following module: ntfs.sys
Bugcheck code: 0x24 (0x1902FE, 0xEE8C89C4, 0xEE8C86C0, 0x804E3619)
Error: NTFS_FILE_SYSTEM
file path: C:\WINDOWS\system32\drivers\ntfs.sys
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT File System Driver
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Fri 2009-04-17 09:48:17 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Fri 2009-04-17 09:38:26 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0x3, 0xFF, 0x0, 0x804F4885)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Thu 2009-04-16 10:35:57 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0xE, 0xFF, 0x0, 0x804DB65C)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Thu 2009-04-16 10:20:19 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x16, 0x2, 0x0, 0x804E4A7A)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Thu 2009-04-16 10:17:23 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Wed 2009-04-15 11:25:40 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Wed 2009-04-15 11:20:37 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x1, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Wed 2009-04-15 10:28:41 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x10000050 (0xEED10A60, 0x1, 0xF74FC8C1, 0x0)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Wed 2009-04-15 09:35:08 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Tue 2009-04-14 04:28:34 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Tue 2009-04-14 03:59:47 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x17, 0x2, 0x0, 0x804E4A7A)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Mon 2009-04-13 21:38:20 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Mon 2009-04-13 21:34:33 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000008E (0xC0000005, 0x80569763, 0xEE23ABC4, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Mon 2009-04-13 04:46:32 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0x3, 0xFF, 0x0, 0x804F4885)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Mon 2009-04-13 04:44:13 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Mon 2009-04-13 04:41:25 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0xE, 0xFF, 0x0, 0x804DB65C)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Mon 2009-04-13 04:36:29 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Mon 2009-04-13 04:32:03 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0xE, 0xFF, 0x0, 0x804DB65C)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Mon 2009-04-13 04:24:46 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x1, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Mon 2009-04-13 04:13:19 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Mon 2009-04-13 04:10:54 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0xE, 0xFF, 0x0, 0x804DB65C)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Mon 2009-04-13 04:06:26 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0x3, 0xFF, 0x0, 0x804F4885)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Mon 2009-04-13 02:44:47 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0x3, 0xFF, 0x0, 0x804F4885)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Mon 2009-04-13 02:32:40 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Mon 2009-04-13 01:21:11 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0xE, 0xFF, 0x0, 0x804DB65C)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Mon 2009-04-13 00:48:07 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Mon 2009-04-13 00:13:53 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x1, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Mon 2009-04-13 00:03:43 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x17, 0x2, 0x0, 0x804E4A7A)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Sun 2009-04-12 21:02:22 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0xE, 0xFF, 0x0, 0x804DB65C)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Sun 2009-04-12 20:19:39 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x1, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Sun 2009-04-12 20:04:41 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Sun 2009-04-12 20:00:47 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000008E (0xC0000005, 0x8056987B, 0xEF437A70, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Sun 2009-04-12 19:57:53 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x0, 0x2, 0x1, 0x804DC11D)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Sun 2009-04-12 19:53:49 your computer crashed
This was likely caused by the following module: vffilter.sys
Bugcheck code: 0x1000000A (0x17, 0x2, 0x0, 0x804E4A7A)
Error: Unknown
file path: C:\WINDOWS\system32\drivers\vffilter.sys



On Sun 2009-04-12 19:49:23 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0x3, 0xFF, 0x0, 0x804F4906)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Sun 2009-04-12 19:45:41 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0xE, 0xFF, 0x0, 0x804DB65C)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.



On Sun 2009-04-12 19:33:58 your computer crashed
This was likely caused by the following module: ntoskrnl.exe
Bugcheck code: 0x1000000A (0x3, 0xFF, 0x0, 0x804F4906)
Error: Unknown
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in a standard Microsoft module. Likely the culprit is another driver on your system which cannot be identified.




--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

93 crash dumps have been found on your computer. Only 40 have been analyzed. Note that it's not always possible to state with certainty whether a reported driver is really responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.
srr
Active Member
 
Posts: 2
Joined: April 1st, 2009, 10:07 am

Re: I Have Trojan Horse Vundo.FW - No Internet Access

Unread postby chryssi2001 » April 18th, 2009, 4:20 am

Hello srr,

As you are being helped here continue with that thread, untill your problem is resolved.

This thread will be closed.
User avatar
chryssi2001
MRU Teacher Emeritus
 
Posts: 14395
Joined: September 24th, 2006, 2:11 am
Location: far away

Re: I Have Trojan Horse Vundo.FW - No Internet Access

Unread postby NonSuch » April 18th, 2009, 4:34 am

While we appreciate that you very likely posted at multiple forums in order to ensure a response, that only serves to tie up the time of multiple helpers who could be using that time to help someone else who also has problems. Although there are many forums that handle HijackThis logs, there are not so many helpers; most of us help out at several forums. In addition, the results may not work out so well when you're following different instructions from different helpers. They may suggest different approaches for the same problem, all of which may be good; however, system conflicts may arise if different fixes for the same problem are applied simultaneously.

In the future, for your sake as well as ours, please refrain from requesting help from multiple forums. Choose one, and stick with that one until they've resolved your problem.

As you are currently receiving help elsewhere, this topic is now closed.

You can help support this site from this link :
Donations For Malware Removal
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27305
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 63 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware