Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Hijacked IE8 from ebay scam

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Hijacked IE8 from ebay scam

Unread postby gigabyte1 » December 27th, 2010, 10:47 pm

When I ran the ATF cleaner, Firefox and Opera were unselectable. I figured thats because I don't have those on my PC>

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5406

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

12/27/2010 9:23:18 PM
mbam-log-2010-12-27 (21-23-18).txt

Scan type: Quick scan
Objects scanned: 186783
Time elapsed: 10 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Typelib\{3C2D2A1E-031F-4397-9614-87C932A848E0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04A38F6B-006F-4247-BA4C-02A139D5531C} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BB05BD70-4605-4829-93FC-AD80D8CC5B66} (Rogue.PerformanceCenter) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MiniBugTransporter.MiniBugTransporterX (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MiniBugTransporter.MiniBugTransporterX.1 (Adware.Minibug) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\Marion\Desktop\explorer.com (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
gigabyte1
Active Member
 
Posts: 10
Joined: December 19th, 2010, 8:02 pm
Advertisement
Register to Remove

Re: Hijacked IE8 from ebay scam

Unread postby km2357 » December 28th, 2010, 3:32 am

When I ran the ATF cleaner, Firefox and Opera were unselectable. I figured thats because I don't have those on my PC


That's correct.


Update Adobe Acrobat Reader

There is a newer version of Adobe Acrobat Reader available. (See Note below)

  • First, go to Add/Remove Programs and uninstall Adobe Reader 8.2.5.
  • Please go to this link Adobe Acrobat Reader Download Link
  • On the right Untick McAfee® Security Scan Plus if you do not wish to include this in the installation.
  • Click the Continue button
  • Click Run, and click Run again
  • Next click the Install Now button and follow the on screen prompts

Note: Adobe Reader X is a large program and if you prefer a smaller program you can get Foxit 4.3.0 instead from http://www.foxitsoftware.com/downloads/index.php

If you decide to install Foxit 4.3.0 instead of Adobe, do the following during Foxit's Setup/Installation process:

Uncheck the following boxes:

I accept the License Terms and want to install Foxit Toolbar

Make Ask.com my default search

Create desktop, quick launch and start menu icon to eBay


I'd like us to scan your machine with ESET OnlineScan
  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the Image button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on Image to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the Image icon on your desktop.
  4. Check Image
  5. Click the Image button.
  6. Accept any security warnings from your browser.
  7. Check Image
  8. Push the Start button.
  9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  10. When the scan completes, push Image
  11. Make sure that Remove found threats is unchecked
  12. Push Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  13. Push the Image button.
  14. Push Image


In your next post/reply, I need to see the following:

1. The ESET Log
2. A fresh DDS Log
3. How is your computer doing, any problems?
User avatar
km2357
MRU Master
MRU Master
 
Posts: 3007
Joined: January 30th, 2007, 2:48 pm
Location: California

Re: Hijacked IE8 from ebay scam

Unread postby gigabyte1 » December 31st, 2010, 1:17 am

My PC seems to be running fine, Thank You! I reinstalled IE8 and that fixed the issues I was having with it. I ran the ESET scan and it came up with no threats so there's no report there.

DDS (Ver_10-12-12.02) - NTFSx86
Run by Marion at 23:34:55.21 on Thu 12/30/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.384 [GMT -5:00]

AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\ALLTEL DSL Check-up Center\SmartBridge\MotiveSB.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
svchost.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\System32\PackethSvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Marion\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe -k HPService
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Qualcomm\Eudora\Eudora.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Marion\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = 192.168.*.*;*.local
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn3\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: UberButton Class: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: YahooTaggedBM Class: {65d886a2-7ca7-479b-bb95-14d1efb7946a} - c:\program files\yahoo!\common\YIeTagBm.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn3\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "c:\documents and settings\marion\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [zBrowser Launcher] c:\program files\logitech\itouch\iTouch.exe
mRun: [UpdReg] c:\windows\Updreg.exe
mRun: [TCASUTIEXE] TCAUDIAG -off
mRun: [nwiz] "nwiz.exe" /install
mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NeroFilterCheck] "c:\program files\common files\ahead\lib\NeroCheck.exe"
mRun: [Motive SmartBridge] "c:\progra~1\alltel dsl check-up center\smartbridge\MotiveSB.exe"
mRun: [Microsoft Works Update Detection] "c:\program files\common files\microsoft shared\works shared\WkUFind.exe"
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [EverioService] "c:\program files\cyberlink\pcm4everio\EverioService.exe"
mRun: [EM_EXEC] c:\progra~1\mousew~1\system\EM_EXEC.EXE
mRun: [AHQInit] "c:\program files\creative\sblive\program\AHQInit.exe"
mRun: [AdaptecDirectCD] "c:\program files\adaptec\easy cd creator 5\directcd\DirectCD.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hp digital imaging monitor.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\microsoft office.lnk - c:\program files\microsoft office\office10\OSA.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\microsoft works calendar reminders.lnk - c:\program files\common files\microsoft shared\works shared\wkcalrem.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\windows desktop search.lnk - c:\program files\windows desktop search\WindowsSearch.exe
uPolicies-explorer: <NO NAME> =
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\aim95\aim.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\npjpi160_23.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/ ... ontrol.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - hxxp://h20264.www2.hp.com/ediags/dd/ins ... csxp2k.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Eudora's Shell Extension: {edb0e980-90bd-11d4-8599-0008c7d3b6f8} - c:\qualcomm\eudora\EuShlExt.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

============= SERVICES / DRIVERS ===============

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 151216]
R2 MotoConnect Service;MotoConnect Service;c:\program files\motorola\motoconnectservice\MotoConnectService.exe [2010-8-15 91456]
R2 PackethSvc;Virtual NIC Service;c:\windows\system32\PackethSvc.exe [2002-2-26 64512]
R2 tcaicchg;tcaicchg;c:\windows\system32\TCAICCHG.SYS [2002-2-26 21233]
R2 TCAITDI;TCAITDI Protocol;c:\windows\system32\drivers\TCAITDI.SYS [2002-2-26 19534]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-1-10 24652]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-16 135664]
S2 mrtRate;mrtRate; [x]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\motoandroid.sys [2010-8-15 25856]

=============== Created Last 30 ================

2010-12-31 04:08:06 6273872 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{89594af4-2ebd-4c72-89a1-9b5cc0b1469e}\mpengine.dll
2010-12-30 02:57:06 -------- d-----w- c:\program files\ESET
2010-12-28 02:08:44 -------- d-----w- c:\docume~1\marion\applic~1\Malwarebytes
2010-12-28 02:08:30 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-28 02:08:29 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-12-28 02:08:25 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-28 02:08:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-26 03:00:16 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-26 02:59:21 45568 ------w- c:\windows\system32\dllcache\wab.exe
2010-12-26 02:58:29 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2010-12-26 02:58:28 974848 ------w- c:\windows\system32\dllcache\mfc42.dll
2010-12-26 02:58:01 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2010-12-25 07:53:00 69120 ------w- c:\windows\system32\wlanapi.dll
2010-12-25 07:52:41 50688 ------w- c:\windows\system32\tspkg.dll
2010-12-25 07:52:40 53248 ------w- c:\windows\system32\tsgqec.dll
2010-12-25 07:52:21 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2010-12-25 07:52:20 32768 ------w- c:\windows\system32\setupn.exe
2010-12-25 07:52:11 290304 ------w- c:\windows\system32\rhttpaa.dll
2010-12-25 07:52:07 61952 ------w- c:\windows\system32\rasqec.dll
2010-12-25 07:52:06 76800 ------w- c:\windows\system32\qutil.dll
2010-12-25 07:52:02 62464 ------w- c:\windows\system32\qcliprov.dll
2010-12-25 07:52:01 291328 ------w- c:\windows\system32\qagentrt.dll
2010-12-25 07:52:01 150528 ------w- c:\windows\system32\qagent.dll
2010-12-25 07:50:53 397312 ------w- c:\windows\system32\mmcex.dll
2010-12-25 07:49:54 7168 ------w- c:\windows\system32\bitsprx4.dll
2010-12-25 07:49:54 233472 ------w- c:\windows\system32\azroles.dll
2010-12-25 07:49:43 136192 ------w- c:\windows\system32\aaclient.dll
2010-12-25 07:12:26 357248 ------w- c:\windows\system32\dllcache\srv.sys
2010-12-25 07:12:03 455680 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2010-12-25 07:12:00 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2010-12-25 07:11:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2010-12-25 07:10:17 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2010-12-25 07:10:16 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2010-12-25 07:10:00 284160 ------w- c:\windows\system32\dllcache\pdh.dll
2010-12-25 07:09:59 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
2010-12-25 07:09:59 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2010-12-25 07:09:59 110592 ------w- c:\windows\system32\dllcache\services.exe
2010-12-25 07:09:57 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2010-12-25 07:09:56 730112 ------w- c:\windows\system32\dllcache\lsasrv.dll
2010-12-25 07:09:56 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-12-25 07:09:55 714752 ------w- c:\windows\system32\dllcache\ntdll.dll
2010-12-25 07:09:55 617472 ------w- c:\windows\system32\dllcache\advapi32.dll
2010-12-25 07:09:54 2146304 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-12-25 07:09:53 2189952 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-12-25 07:09:51 2024448 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-12-25 07:05:24 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2010-12-25 07:04:01 218112 ------w- c:\windows\system32\dllcache\wordpad.exe
2010-12-23 22:04:20 -------- d-sha-r- C:\cmdcons
2010-12-23 21:55:50 98816 ----a-w- c:\windows\sed.exe
2010-12-23 21:55:50 89088 ----a-w- c:\windows\MBR.exe
2010-12-23 21:55:50 256512 ----a-w- c:\windows\PEV.exe
2010-12-23 21:55:50 161792 ----a-w- c:\windows\SWREG.exe
2010-12-19 23:01:03 388096 ----a-r- c:\docume~1\marion\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2010-12-19 23:01:00 -------- d-----w- c:\program files\Trend Micro
2010-12-03 16:05:29 6273872 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2010-12-02 14:52:31 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-12-02 14:47:59 -------- d-----w- c:\program files\Microsoft Security Essentials

==================== Find3M ====================

2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 23:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-12 21:34:10 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ------w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2001-08-18 12:00:00 94784 --sh--w- c:\windows\TWAIN.DLL

============= FINISH: 23:37:08.36 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 2/28/2002 5:46:08 PM
System Uptime: 12/29/2010 12:58:58 AM (47 hours ago)

Motherboard: Dell Computer Corporation | | Dimension 8200
Processor: Intel(R) Pentium(R) 4 CPU 2.00GHz | Microprocessor | 1993/100mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 16.398 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
Description: Photosmart Plus B209a-m
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart Plus B209a-m
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:

==== System Restore Points ===================

RP1062: 12/25/2010 3:10:36 AM - Software Distribution Service 3.0
RP1063: 12/25/2010 4:04:12 AM - System Checkpoint
RP1064: 12/25/2010 9:29:54 AM - Software Distribution Service 3.0
RP1065: 12/25/2010 9:46:07 AM - Software Distribution Service 3.0
RP1066: 12/25/2010 11:04:26 AM - Software Distribution Service 3.0
RP1067: 12/25/2010 12:44:59 PM - Software Distribution Service 3.0
RP1068: 12/25/2010 12:50:37 PM - Software Distribution Service 3.0
RP1069: 12/25/2010 1:02:16 PM - Software Distribution Service 3.0
RP1070: 12/25/2010 1:04:17 PM - Software Distribution Service 3.0
RP1071: 12/25/2010 1:24:30 PM - Software Distribution Service 3.0
RP1072: 12/25/2010 2:13:27 PM - Software Distribution Service 3.0
RP1073: 12/25/2010 2:56:11 PM - Software Distribution Service 3.0
RP1074: 12/25/2010 10:00:53 PM - Software Distribution Service 3.0
RP1075: 12/25/2010 10:40:40 PM - Software Distribution Service 3.0
RP1076: 12/25/2010 11:49:21 PM - Software Distribution Service 3.0
RP1077: 12/26/2010 1:47:16 AM - Software Distribution Service 3.0
RP1078: 12/27/2010 3:00:21 AM - Software Distribution Service 3.0
RP1079: 12/27/2010 10:33:00 AM - Software Distribution Service 3.0
RP1080: 12/27/2010 7:11:08 PM - Removed J2SE Runtime Environment 5.0 Update 10
RP1081: 12/27/2010 7:12:16 PM - Removed J2SE Runtime Environment 5.0 Update 6
RP1082: 12/27/2010 7:14:37 PM - Removed J2SE Runtime Environment 5.0 Update 9
RP1083: 12/27/2010 7:21:58 PM - Removed Java(TM) 6 Update 3
RP1084: 12/27/2010 7:23:10 PM - Removed Java(TM) 6 Update 5
RP1085: 12/27/2010 7:24:35 PM - Removed Java(TM) 6 Update 7
RP1086: 12/27/2010 7:26:30 PM - Removed Java(TM) SE Runtime Environment 6 Update 1
RP1087: 12/27/2010 8:21:49 PM - Software Distribution Service 3.0
RP1088: 12/28/2010 3:00:21 AM - Software Distribution Service 3.0
RP1089: 12/28/2010 2:02:20 PM - Software Distribution Service 3.0
RP1090: 12/28/2010 6:29:09 PM - Removed Adobe Reader 8.2.5
RP1091: 12/28/2010 6:51:49 PM - Installed Adobe Reader X.
RP1092: 12/28/2010 10:53:20 PM - Installed Windows Internet Explorer 8.
RP1093: 12/28/2010 10:54:10 PM - Software Distribution Service 3.0
RP1094: 12/28/2010 11:08:14 PM - Software Distribution Service 3.0
RP1095: 12/29/2010 3:00:21 AM - Software Distribution Service 3.0
RP1096: 12/29/2010 4:45:12 PM - Software Distribution Service 3.0
RP1097: 12/29/2010 6:23:32 PM - Software Distribution Service 3.0
RP1098: 12/29/2010 9:11:57 PM - Software Distribution Service 3.0
RP1099: 12/29/2010 9:32:51 PM - Software Distribution Service 3.0
RP1100: 12/30/2010 11:07:55 PM - Software Distribution Service 3.0

==== Installed Programs ======================

32 Bit HP CIO Components Installer
3Com NIC Diagnostics
3D Groove Playback Engine
7-Zip 4.65
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop Album 2.0 Starter Edition
Adobe Reader X
Adobe Shockwave Player
AIM 6
AnswerWorks 5.0 English Runtime
AOL Instant Messenger
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Aquatica 3D
ArcSoft Camera Suite
ArcSoft PhotoBase
ArcSoft PhotoStudio 2000
Art Explosion Label Factory Deluxe
AutoUpdate
AviSynth 2.5
B209a-m
Belarc Advisor 7.2
Better Homes and Gardens Home Designer Suite 6.0
Bing Maps 3D
Bonjour
BufferChm
Camera Window
Canon Camera WIA Driver
Canon Camera Window for ZoomBrowser EX
Canon Digital Camera USB WIA Driver
Canon FV40, ZR70 MC WIA Driver
Canon PhotoRecord
Canon Utilities PhotoStitch 3.1
Canon Utilities RAW Image Converter
Canon Utilities RemoteCapture 2.2
Canon Utilities ZoomBrowser EX
Conexant HSF V92 56K RTAD Speakerphone PCI Modem
Coupon Printer for Windows
Creativity Kit for Windows Movie Maker 2
Critical Update for Windows Media Player 11 (KB959772)
Dell Digital Jukebox Driver
Dell Picture Studio - Image Expert 2000
Dell Solution Center
Desktop Alert
Destinations
DeviceDiscovery
Digital Photo Navigator 1.5
DivX
DivX Player
DVD Decrypter (Remove Only)
Easy CD Creator 5 Basic
Eudora
FileMaker Pro 6
Force ASPI GUI
Garmin Communicator Plugin
Garmin USB Drivers
Garmin WebUpdater
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
Greeting Card Factory 2 Deluxe
Help and Support Customization
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 13.0
HP Driver Diagnostics
HP Imaging Device Functions 13.0
HP Photosmart Plus B209a-m All-In-One Driver Software 13.0 Rel .6
HP Print Projects 1.0
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
hpPrintProjects
HPProductAssistant
HPSSupply
hpWLPGInstaller
InterActual Player
iPhone Configuration Utility
ItsDeductible Express
iTunes
Java Auto Updater
Java(TM) 6 Update 23
LG USB Modem driver
Licking Dog Screen Clean Screensaver
Live Picture Viewer Plugin
LiveUpdate 3.0 (Symantec Corporation)
Logitech iTouch Software
Magic Notes
Malwarebytes' Anti-Malware
MarketResearch
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Encarta Encyclopedia Standard 2002
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Math Add-in for Word 2007
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel 2007 Get Started Tab
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office XP Media Content
Microsoft Picture It! Photo 2002
Microsoft Plus! for Windows XP
Microsoft Publisher 2002
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Streets and Trips 2002
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 2002 Setup Launcher
Microsoft Works 6.0
Microsoft Works Suite Add-in for Microsoft Word
Modem Helper
Motorola Driver Installation 4.6.5
MouseWare 9.41 .3
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
Nero 7 Essentials
Netflix Movie Viewer
Network
NOOK for PC
NVIDIA Windows 2000/XP Display Drivers
OmniPage Pro 9.0
Palm Desktop
Payment Book v5.6
PhoneTools
PowerCinema NE for Everio
PowerDirector Express
PowerDVD
PowerProducer
Print Server
PS_AIO_06_B209a-m_SW_Min
Punch! Home Design Viewer
Punch! Super Home Suite
Quicken 2010
Quicken WillMaker Plus 2010
QuickTime
RamBooster
RealPlayer
Scan
Scan Manager 5.2
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
Shockwave
Shockwave Player
Shop for HP Supplies
SmartWebPrinting
SolutionCenter
Sound Blaster Live! Value
Spelling Dictionaries Support For Adobe Reader 8
Status
SurferNETWORK Player
Toolbox
TrayApp
TurboTax Basic 2003
TurboTax Basic 2004
Typing Instructor Deluxe
Uniblue ProcessScanner
Uniblue RegistryBooster 2
Uniblue SpeedUpMyPC 3
Uniblue System Tweaker
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB973874)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Veetle TV 0.9.14
Videora iPod Converter 5.04
Viewpoint Manager (Remove Only)
Viewpoint Media Player
WebFldrs XP
WebReg
WexTech AnswerWorks
WIDCOMM Bluetooth Software
Windows Desktop Search 3.01
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 11
Windows Movie Maker 2.0
Windows XP Service Pack 3
Works Suite OS Pack
Works Synchronization
XPort 360
Yahoo! extras
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Toolbar
YouTube Downloader App 2.03

==== Event Viewer Messages From Past Week ========

12/28/2010 11:05:11 PM, error: Service Control Manager [7031] - The MotoConnect Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
12/28/2010 10:53:38 PM, error: DCOM [10005] - DCOM got error "%1068" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B68-F52A-11D8-B9A5-505054503030}
12/27/2010 8:22:02 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x8007f0f4: Update for Windows XP (KB2443685).
12/27/2010 8:19:02 PM, error: DCOM [10005] - DCOM got error "%1068" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
12/27/2010 8:16:31 PM, error: Service Control Manager [7001] - The Windows Search service depends on the Terminal Services service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
12/27/2010 8:16:31 PM, error: Service Control Manager [7000] - The mrtRate service failed to start due to the following error: The system cannot find the file specified.
12/27/2010 7:23:49 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.

==== End Of File ===========================
gigabyte1
Active Member
 
Posts: 10
Joined: December 19th, 2010, 8:02 pm

Re: Hijacked IE8 from ebay scam

Unread postby km2357 » December 31st, 2010, 3:24 am

Since you report no more problems, you're good to go. :)

You can delete the following off of your computer:

DDS.scr
The two DDS Logs
GMER.zip
GMER.exe
The GMER Log


To remove ComboFix, do the following:

Go to Start > Run - type in ComboFix /Uninstall & click OK

Empty your Recycle Bin.


Please take the time to read my All Clean Post.

Please follow these simple steps in order to keep your computer clean and secure:

This is a good time to clear your existing system restore points and establish a new clean restore point

  • Go to Start > All Programs > Accessories > System Tools > System Restore
  • Select Create a restore point, and Ok it.
  • Next, go to Start > Run and type in cleanmgr
  • Make sure the C:\ drive is selected and click OK. If your computer's Hard Drive is not located on C:, change it to the correct drive letter then click OK.
  • Select the More options tab
  • Choose the option to clean up system restore and OK it.
  • This will remove all restore points except the new one you just created.
.

Clearing your restore points is not something you should do on a regular basis. Normally, this process only needs to be done after clearing out an infestation of malware.


Make your Internet Explorer more secure This can be done by following these simple instructions:
  1. From within Internet Explorer click on the Tools menu and then click on Options.
  2. Click once on the Security tab
  3. Click once on the Internet icon so it becomes highlighted.
  4. Click once on the Custom Level button.
    • Change the Download signed ActiveX controls to Prompt
    • Change the Download unsigned ActiveX controls to Disable
    • Change the Initialize and script ActiveX controls not marked as safe to Disable
    • Change the Installation of desktop items to Prompt
    • Change the Launching programs and files in an IFRAME to Prompt
    • Change the Navigate sub frames across different domains to Prompt
  5. When all these settings have been made, click on the OK button.
  6. If it asks you if you want to save the settings, press the Yes button.
  7. Next press the Apply button and then the OK to exit the Internet Properties page.
Set correct settings for files that should be hidden in Windows XP
  • Click Start > My Computer > Tools menu (at top of page) > Folder Options > View tab.
  • Under "Hidden files and folders" if necessary select Do not show hidden files and folders.
  • If unchecked please checkHide protected operating system files (Recommended)
  • If necessary check "Display content of system folders"
  • If necessary Uncheck Hide file extensions for known file types.
  • Click OK
  • Use An Antivirus Software and Keep It Updated - It is very important that your computer has an antivirus software running on your machine. This alone can save you a lot of trouble with malware in the future. It is imperative that you update your antivirus software at least once a day. If you do not update your antivirus software, then it will not be able to catch any of the new variants that may come out.
  • Visit Microsoft's Update Site Frequently It is important that you visit Microsoft Updates regularly. This will ensure your computer has the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
  • Install SpywareBlaster SpywareBlaster will add a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs. You can find SpywareBlaster here:
    SpywareBlaster
  • Use the hosts file: Every version of windows has a hosts file as part of them. In a very basic sense, they are used to locate web pages. We can customize a hosts file so that it blocks certain web pages. However, it can slow down certain computers. This is why using a hosts file is optional. Download mvps hosts file Make sure you read the instructions on how to install the hosts file. There is a good tutorial HERE If you decide to download the hosts file, the slowdown problems can usually be avoided by following these steps:
    1. Click the start button on the task bar at the bottom of your screen
    2. Click run
    3. In the dialog box, type services.msc
    4. hit enter, then locate dns client
    5. Highlight it, then doubleclick it.
    6. On the dropdown box, change the setting from automatic to manual.
    7. Click ok..
  • Use an alternative instant messenger program.Trillian and Miranda IM These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)
  • Please read Tony Klein's excellent article: How I got Infected in the First Place
  • Please read Understanding Spyware, Browser Hijackers, and Dialers
  • Please read Simple and easy ways to keep your computer safe and secure on the Internet
  • If you are using Internet Explorer, please consider using an alternate browser: Mozilla's Firefox or
    Opera.
    If you decide to use either FireFox or Opera, it is very important that you keep them up to date and check frequently for updates of the browser of your choice.
  • Update all these programs regularly Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.


Here's a good website to read about Malware prevention:

http://users.telenet.be/bluepatchy/miek ... ntion.html

If your computer is running slow, click here for instructions on how to help speed up your computer.

Good luck!

Please reply one last time so that I know you have read my post and this thread can be closed.
User avatar
km2357
MRU Master
MRU Master
 
Posts: 3007
Joined: January 30th, 2007, 2:48 pm
Location: California

Re: Hijacked IE8 from ebay scam

Unread postby Cypher » January 3rd, 2011, 4:06 pm

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 63 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware