Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

possible trojans

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

possible trojans

Unread postby plastichelper » March 8th, 2011, 5:44 am

Zonealarm security says that a lot of my programs are monitoring user activity and opening processes.

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Alfred at 4:32:05.61 on Tue 03/08/2011
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2047.766 [GMT -5:00]
.
AV: ZoneAlarm Security Suite Antivirus *Disabled/Updated* {E9467272-859A-F159-FA9E-55E7E32D7A25}
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: ZoneAlarm Security Suite Anti-Spyware *Disabled/Updated* {52279396-A3A0-FED7-C02E-6E9598AA3098}
FW: ZoneAlarm Security Suite Firewall *Enabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\ZoneLabs\vsmon.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Common Files\Steam\SteamService.exe
c:\program files\steam\steamapps\masterlaserd\team fortress 2\hl2.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Steam\GameOverlayUI.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Alfred\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [ATICustomerCare] "c:\program files\ati\aticustomercare\ATICustomerCare.exe"
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\alfred\appdata\roaming\mozilla\firefox\profiles\ucjm2zya.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: DownThemAll!: {DDC359D1-844A-42a7-9AA1-88A850A938A8} - %profile%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
FF - Ext: FireGestures: firegestures@xuldev.org - %profile%\extensions\firegestures@xuldev.org
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: SkipScreen: SkipScreen@SkipScreen - %profile%\extensions\SkipScreen@SkipScreen
FF - Ext: Session Manager: {1280606b-2510-4fe0-97ef-9b5a22eafe30} - %profile%\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}
FF - Ext: Linkification: {35106bca-6c78-48c7-ac28-56df30b51d2a} - %profile%\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
FF - Ext: 4chan: {9AA46F4F-4DC7-4c06-97AF-5035170633FE} - %profile%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
FF - Ext: Fasterfox Lite: FasterFox_Lite@BigRedBrent - %profile%\extensions\FasterFox_Lite@BigRedBrent
FF - Ext: Default Full Zoom Level: {D9A7CBEC-DE1A-444f-A092-844461596C4D} - %profile%\extensions\{D9A7CBEC-DE1A-444f-A092-844461596C4D}
FF - Ext: Save Image in Folder: {5e594888-3e8e-47da-b2c6-b0b545112f84} - %profile%\extensions\{5e594888-3e8e-47da-b2c6-b0b545112f84}
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-3-3 218688]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-3-2 61960]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2011-3-2 7566848]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-3-2 238592]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-3-2 101392]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-1 139776]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
.
=============== Created Last 30 ================
.
2011-03-08 04:20:30 49152 ----a-w- c:\windows\system32\ffdrv1.dll
2011-03-08 04:20:30 290816 ----a-w- c:\windows\system32\Projoycpl.dll
2011-03-08 04:15:29 248320 ------w- c:\windows\eiunin21.exe
2011-03-07 22:19:31 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2011-03-07 22:19:31 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2011-03-07 22:19:28 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2011-03-07 22:12:18 -------- d-----w- c:\users\alfred\appdata\roaming\The Creative Assembly
2011-03-07 12:15:54 -------- d-----w- c:\progra~2\Kaspersky SDK
2011-03-05 16:33:33 -------- d-----w- c:\users\alfred\appdata\local\PunyHumanGames.com
2011-03-05 16:32:27 -------- d-----w- c:\program files\StarCraft II
2011-03-05 16:32:27 -------- d-----w- c:\program files\common files\Blizzard Entertainment
2011-03-05 16:32:27 -------- d-----w- c:\progra~2\Blizzard Entertainment
2011-03-05 02:29:08 -------- d-----w- c:\users\alfred\dwhelper
2011-03-05 02:27:56 -------- d-----w- c:\windows\system32\appmgmt
2011-03-04 01:57:00 -------- d-----w- c:\windows\ja-JP
2011-03-04 01:56:44 -------- d-----w- c:\windows\system32\XPSViewer
2011-03-04 01:56:44 -------- d-----w- c:\windows\system32\ja
2011-03-04 01:56:44 -------- d-----w- c:\windows\system32\0411
2011-03-04 01:56:43 -------- d-----w- c:\windows\system32\drivers\umdf\ja-JP
2011-03-04 01:56:43 -------- d-----w- c:\windows\system32\drivers\ja-JP
2011-03-04 01:56:33 -------- d-----w- c:\windows\system32\wbem\ja-JP
2011-03-04 01:51:33 3072 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\ja-jp\LXKPTPRC.DLL.mui
2011-03-04 01:51:16 11507712 ----a-w- c:\program files\common files\microsoft shared\ink\mshwjpnr.dll
2011-03-04 01:51:15 9728 ----a-w- c:\program files\common files\microsoft shared\ink\dicjp.dll
2011-03-04 01:51:15 377856 ----a-w- c:\program files\common files\microsoft shared\ink\mshwjpn.dll
2011-03-04 01:51:15 1179136 ----a-w- c:\program files\common files\microsoft shared\ink\imjplm.dll
2011-03-04 01:50:57 266240 ----a-w- c:\windows\system32\lzhfldr2.dll
2011-03-04 01:31:22 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2011-03-04 01:30:34 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-03-03 23:31:00 279712 ----a-w- c:\windows\system32\drivers\atksgt.sys
2011-03-03 23:31:00 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2011-03-03 23:08:09 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-03-03 23:07:58 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-03-03 23:07:03 -------- d-----w- c:\users\alfred\appdata\roaming\DAEMON Tools Lite
2011-03-03 23:07:03 -------- d-----w- c:\progra~2\DAEMON Tools Lite
2011-03-03 23:06:34 -------- d-----w- c:\program files\CCleaner
2011-03-03 23:04:32 -------- d-----w- c:\users\alfred\appdata\roaming\FFSJ
2011-03-03 22:55:28 -------- d-----w- c:\windows\system32\FFSJ
2011-03-03 22:55:27 794906 ----a-w- c:\windows\unins000.exe
2011-03-03 22:01:39 -------- d-----w- c:\users\alfred\appdata\roaming\CDisplayEx
2011-03-03 22:01:11 -------- d-----w- c:\program files\CDisplayEx
2011-03-03 22:00:21 -------- d-----w- c:\program files\Combined Community Codec Pack
2011-03-03 12:09:47 -------- d-----w- c:\users\alfred\appdata\roaming\MailFrontier
2011-03-03 12:05:02 72704 ----a-w- c:\windows\zllsputility.exe
2011-03-03 12:04:59 128016 ----a-w- c:\windows\system32\drivers\kl1.sys
2011-03-03 12:03:30 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2011-03-03 12:03:23 465496 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2011-03-03 12:03:23 -------- d-----w- c:\windows\system32\ZoneLabs
2011-03-03 12:03:21 -------- d-----w- c:\program files\Zone Labs
2011-03-03 11:30:30 257024 ----a-w- c:\windows\system32\msv1_0.dll
2011-03-03 11:24:00 -------- d-----w- c:\users\alfred\appdata\local\ATI
2011-03-03 11:18:23 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-03-03 11:18:23 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-03-03 11:18:23 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-03-03 11:18:23 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-03-03 11:18:23 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-03-03 11:11:17 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2011-03-03 11:08:59 987136 ----a-w- c:\program files\common files\system\ado\msado15.dll
2011-03-02 21:23:37 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2011-03-02 21:18:28 -------- d--h--w- c:\windows\msdownld.tmp
2011-03-02 21:18:23 -------- d-----w- c:\windows\system32\directx
2011-03-02 21:15:38 -------- d-----w- c:\program files\common files\ATI Technologies
2011-03-02 21:14:47 -------- d-----w- c:\program files\ATI
2011-03-02 21:14:27 -------- d-----w- c:\program files\ATI Technologies
2011-03-02 21:12:54 294912 ----a-w- c:\windows\system32\ATIODE.exe
2011-03-02 21:12:51 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-03-02 21:12:49 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-03-02 21:12:44 28672 ----a-w- c:\windows\system32\atiu9pag.dll
2011-03-02 21:12:44 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2011-03-02 21:12:42 45056 ----a-w- c:\windows\system32\ATIODCLI.exe
2011-03-02 21:12:41 17204736 ----a-w- c:\windows\system32\atioglxx.dll
2011-03-02 21:12:41 118784 ----a-w- c:\windows\system32\atibtmon.exe
2011-03-02 21:12:41 101392 ----a-w- c:\windows\system32\drivers\AtihdW73.sys
2011-03-02 21:12:39 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-03-02 21:12:38 15872 ----a-w- c:\windows\system32\atimuixx.dll
2011-03-02 21:12:36 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-03-02 21:12:36 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2011-03-02 18:54:22 0 ----a-w- c:\windows\ativpsrm.bin
2011-03-02 18:51:25 -------- d-----w- c:\windows\Panther
2011-03-02 18:46:37 -------- d-----w- c:\program files\Steam
2011-03-02 18:46:37 -------- d-----w- c:\program files\common files\Steam
2011-03-02 18:43:42 -------- d-----w- C:\Windows.old
2011-03-02 17:25:17 -------- d-----w- c:\users\alfred\appdata\local\ElevatedDiagnostics
2011-03-02 17:03:55 -------- d-----w- c:\users\alfred\appdata\local\Mozilla
2011-03-02 16:49:43 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-03-02 16:49:42 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2011-03-02 16:49:23 -------- d-----w- c:\program files\Winamp Detect
2011-03-02 16:49:03 -------- d-----w- c:\program files\common files\PX Storage Engine
2011-03-02 16:48:07 -------- d-----w- c:\users\alfred\appdata\roaming\Malwarebytes
2011-03-02 16:47:29 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-02 16:47:28 -------- d-----w- c:\progra~2\Malwarebytes
2011-03-02 16:47:25 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-02 16:47:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-03-02 16:25:11 5943120 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{755a95c3-f676-46ff-bfb9-14ddf8c7a4dd}\mpengine.dll
2011-03-02 16:25:11 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-03-02 16:23:06 240008 ----a-w- c:\windows\system32\drivers\netio.sys
2011-03-02 16:22:18 -------- d-----w- c:\progra~2\CheckPoint
2011-03-02 16:22:17 -------- d-----w- c:\windows\Internet Logs
2011-03-02 16:16:15 -------- d-----w- c:\users\alfred\appdata\roaming\Avira
2011-03-02 16:13:23 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-03-02 16:13:22 -------- d-----w- c:\program files\Avira
2011-03-02 16:13:22 -------- d-----w- c:\progra~2\Avira
2011-03-02 16:12:00 -------- d-sh--w- c:\windows\Installer
2011-03-02 16:11:20 -------- d-----w- c:\windows\system32\wbem\Performance
2011-03-02 16:11:14 -------- d-----w- c:\users\alfred\appdata\local\Diagnostics
2011-03-02 16:01:59 172032 ----a-w- c:\windows\system32\wintrust.dll
2011-03-02 16:01:59 132608 ----a-w- c:\windows\system32\cabview.dll
2011-03-02 16:00:27 -------- d-sh--w- C:\Recovery
2011-03-02 15:38:25 -------- d-sh--w- C:\Boot
2011-03-02 12:14:58 -------- d-----w- C:\Intel
2011-03-02 11:18:01 -------- d-----w- C:\DELL
.
==================== Find3M ====================
.
2011-03-02 21:14:01 4170752 ----a-w- c:\windows\system32\atiumdag.dll
2011-03-02 21:12:43 4105728 ----a-w- c:\windows\system32\atidxx32.dll
2011-01-07 07:31:10 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-07 07:31:10 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-07 07:27:11 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-07 05:33:11 294400 ----a-w- c:\windows\system32\atmfd.dll
2011-01-05 05:37:33 428032 ----a-w- c:\windows\system32\vbscript.dll
2011-01-05 03:37:38 2329088 ----a-w- c:\windows\system32\win32k.sys
2010-12-21 05:38:24 73728 ----a-w- c:\windows\system32\wscsvc.dll
2010-12-21 05:38:24 51200 ----a-w- c:\windows\system32\wscapi.dll
2010-12-21 05:38:22 981504 ----a-w- c:\windows\system32\wininet.dll
2010-12-21 05:38:22 350720 ----a-w- c:\windows\system32\winhttp.dll
2010-12-21 05:38:21 204800 ----a-w- c:\windows\system32\WebClnt.dll
2010-12-21 05:38:19 204288 ----a-w- c:\windows\system32\upnp.dll
2010-12-21 05:38:16 14336 ----a-w- c:\windows\system32\slwga.dll
2010-12-21 05:36:17 1389568 ----a-w- c:\windows\system32\msxml6.dll
2010-12-21 05:36:16 1236992 ----a-w- c:\windows\system32\msxml3.dll
2010-12-21 05:34:12 80384 ----a-w- c:\windows\system32\davclnt.dll
2010-12-18 05:29:40 44544 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-18 05:29:31 541184 ----a-w- c:\windows\system32\kerberos.dll
2010-12-18 04:20:55 386048 ----a-w- c:\windows\system32\html.iec
2010-12-18 03:47:59 1638912 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 4:33:40.52 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 3/2/2011 1:57:08 PM
System Uptime: 3/8/2011 3:28:46 AM (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5QL/EPU
Processor: Pentium(R) Dual-Core CPU E6300 @ 2.80GHz | LGA775 | 1596/266mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 186 GiB total, 86.714 GiB free.
D: is FIXED (NTFS) - 145 GiB total, 2.058 GiB free.
E: is CDROM ()
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP36: 3/7/2011 5:18:04 PM - Installed DirectX
RP37: 3/7/2011 5:19:47 PM - Installed Microsoft Visual C++ 2005 Redistributable
RP38: 3/7/2011 5:21:15 PM - Installed Microsoft Visual C++ 2005 Redistributable
.
==== Installed Programs ======================
.
7-Zip 9.20
Adobe Flash Player 10 Plugin
AMD Drag and Drop Transcoding
ATI Catalyst Install Manager
ATI Catalyst Registration
Avira AntiVir Personal - Free Antivirus
Blade Symphony Build 1
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
ccc-core-static
ccc-utility
CCC Help English
CCleaner
CDisplayEx 1.7
ClassicPro© v1.15
Combined Community Codec Pack 2010-10-10
Crysis 2 Demo
DAEMON Tools Lite
File Splitter and Joiner (FFSJ v3.3)
Half-Life 2: Deathmatch
Malwarebytes' Anti-Malware
Microsoft .NET Framework 4 Client Profile
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox (3.6.15)
Source SDK Base 2007
StarCraft II
Steam
Team Fortress 2
Total War: SHOGUN 2 Demo
Winamp
Winamp Detector Plug-in
WMV9/VC-1 Video Playback
ZoneAlarm Security Suite
.
==== Event Viewer Messages From Past Week ========
.
3/8/2011 3:29:50 AM, Error: Service Control Manager [7000] - The atksgt service failed to start due to the following error: This driver has been blocked from loading
3/8/2011 3:29:50 AM, Error: Application Popup [875] - Driver atksgt.sys has been blocked from loading.
3/6/2011 6:18:40 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
3/6/2011 6:18:40 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/6/2011 12:40:13 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
3/6/2011 12:40:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
3/6/2011 12:40:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
3/6/2011 12:40:05 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
3/6/2011 12:40:05 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
3/6/2011 12:40:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/6/2011 12:39:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
3/6/2011 12:39:41 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avipbb CSC DfsC discache kl1 KLIF NetBIOS NetBT nsiproxy Psched rdbss spldr ssmdrv tdx Vsdatant Wanarpv6 WfpLwf
3/6/2011 12:39:41 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
3/6/2011 12:39:41 PM, Error: Service Control Manager [7001] - The TrueVector Internet Monitor service depends on the Zone Alarm Firewall Driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/6/2011 12:39:41 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
3/6/2011 12:39:41 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
3/6/2011 12:39:41 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
3/6/2011 12:39:41 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
3/6/2011 12:39:41 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
3/6/2011 12:39:41 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
3/6/2011 12:39:41 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
3/6/2011 12:39:41 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/6/2011 12:39:41 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
3/3/2011 7:03:35 AM, Error: Service Control Manager [7030] - The TrueVector Internet Monitor service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
3/3/2011 6:23:26 AM, Error: Service Control Manager [7023] -
.
==== End Of File ===========================
plastichelper
Active Member
 
Posts: 1
Joined: March 8th, 2011, 5:36 am
Advertisement
Register to Remove

Re: possible trojans

Unread postby askey127 » March 9th, 2011, 12:50 pm

Hi plastichelper,
-----------------------------------------------
Update Antivir
Right click the red umbrella icon and choose Start Antivir.
When the window comes up click Start Update.

When the update is complete, Disable the Avira Antivir Guard as follows:
Next to "Antivir Guard", click on Deactivate.
In the System Tray, you should now see a closed umbrella on a red background (looks like this: Image )[/list]

Now Run a System Scan
Next to "Last Complete System Scan", click on Scan System Now.
This full scan could take a hour or more.
It will ask what to do with any items it finds.
IMPORTANT >> For Now, tell it to IGNORE any items it finds. Do not choose Quarantine or Delete.
-----------------------------------------------
Get Last Avira Report
Right click the red umbrella icon in the system tray and click Start Antivir
In the left pane, click Overview, then click Reports
There wil be reports titled Update and reports titled Scan. Find the most recent report in the list titled Scan
Click on the Report File button, or Right click the report and choose Display Report.
The report contents will come up in Notepad. Highlight the entire report (Ctrl+A) and copy to the clipboard (Ctrl+C).
Paste the contents (Ctrl+V) into your next reply.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: possible trojans

Unread postby askey127 » March 12th, 2011, 7:34 pm

Due to Lack of Response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 292 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware