Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Trojan.Sirefef.BV and "about:blank" home page

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Trojan.Sirefef.BV and "about:blank" home page

Unread postby monctonrc » May 11th, 2012, 9:44 pm

DDS (Ver_2011-09-30.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31
Run by HP_Administrator at 23:01:59 on 2012-05-11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3326.2558 [GMT -2.5:30]
.
AV: Bitdefender Antivirus *Enabled/Outdated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: Bitdefender Firewall *Disabled*
.
============== Running Processes ================
.
C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\eHome\ehRec.exe
C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: Ask Toolbar: {3041D03E-FD4B-44E0-B742-2D9B88305F98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2012\bdagent.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
LSP: mswsock.dll
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://a1540.g.akamai.net/7/1540/52/200 ... plugin.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/200 ... oader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/ ... ontrol.cab
DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} - hxxp://design-concept.ca/Core/Player/20 ... _Win32.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDow ... ab_nvd.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {49232000-16E4-426C-A231-62846947304B} - hxxp://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab
DPF: {63BAECA2-9E3C-45DE-B2B1-BBC5FA99958E} - hxxp://nsprdnacw-vip.aliant.net/lwp/sta ... taller.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/i ... ction2.cab
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDow ... rtScan.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FD68625-2346-418A-8899-67CB36B1917F} - hxxp://nsprdnacw-vip.aliant.net/motived ... _4-0-0.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D9CDEFE3-51BB-4737-A12C-53D9814A148C} - hxxps://webmail.gov.nl.ca/exchweb/controls/DAX.cab
TCP: NameServer = 192.168.2.1 142.163.63.129
TCP: Interfaces\{00726A88-3FEE-45D1-BE62-61E17B97D8DC} : DHCPNameServer = 192.168.2.1 142.163.63.129
TCP: Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D} : DHCPNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\vmt0ikz8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\hp_administrator\local settings\application data\google\update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\progra~1\common~1\nero\browse~1\npBrowserPlugin.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2012-3-20 611520]
R0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\drivers\NBVol.sys [2012-3-7 56496]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\drivers\NBVolUp.sys [2012-3-7 12464]
R0 sojubus;sojubus;c:\windows\system32\drivers\sojubus.sys [2003-10-5 123520]
R0 sojuscsi;sojuscsi;c:\windows\system32\drivers\sojuscsi.sys [2003-9-28 5504]
R1 BDVEDISK;BDVEDISK;c:\windows\system32\drivers\bdvedisk.sys [2010-1-19 85128]
R1 RapportCerberus_34302;RapportCerberus_34302;c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportcerberus\baseline\RapportCerberus32_34302.sys [2012-1-25 228208]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2012-5-6 101112]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\bitdefender\bitdefender 2012\updatesrv.exe [2012-3-13 53224]
R3 avchv;avchv Function Driver;c:\windows\system32\drivers\avchv.sys [2011-11-25 240184]
R3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2012-2-17 447208]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2011-10-8 119528]
S0 RapportKELL;RapportKELL;c:\windows\system32\drivers\rapportkell.sys --> c:\windows\system32\drivers\RapportKELL.sys [?]
S1 RapportEI;RapportEI;\??\c:\program files\trusteer\rapport\bin\rapportei.sys --> c:\program files\trusteer\rapport\bin\RapportEI.sys [?]
S1 RapportPG;RapportPG;\??\c:\program files\trusteer\rapport\bin\rapportpg.sys --> c:\program files\trusteer\rapport\bin\RapportPG.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-10-7 2255464]
S2 PCKeeperService;PCKeeper Worker Service;c:\program files\zeobit\pckeeper\zeoservice.exe --> c:\program files\zeobit\pckeeper\ZeoService.exe [?]
S2 rt2870;SWNC8U51;c:\windows\system32\svchost.exe -k netsvcs [2004-8-9 14336]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-15 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-19 257696]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [2011-5-13 30312]
S3 APL531;Film and Photo Scanner;c:\windows\system32\drivers\OVTX16.sys [2010-5-17 110080]
S3 bdsandbox;bdsandbox;c:\windows\system32\drivers\bdsandbox.sys [2011-11-17 63056]
S3 fileHiders;fileHiders;c:\windows\system32\drivers\fileHiders.sys [2011-11-23 26392]
S3 protecter.sys;protecter.sys;\??\c:\documents and settings\hp_administrator\local settings\temp\bdremovaltool\protecter.sys --> c:\documents and settings\hp_administrator\local settings\temp\bdremovaltool\protecter.sys [?]
S3 RapportIaso;RapportIaso;c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\baseline\RapportIaso.sys [2012-1-25 21520]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\drivers\silabenm.sys [2011-1-27 47176]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\drivers\silabser.sys [2011-1-27 58496]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2011-5-13 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2011-5-13 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2011-5-13 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [2011-5-13 114280]
S3 Update Server;BitDefender Update Server v2;c:\program files\common files\bitdefender\bitdefender arrakis server\bin\arrakis3.exe [2011-10-14 307544]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-9 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 ASKService;ASKService;c:\program files\askbardis\bar\bin\AskService.exe [2009-10-1 464264]
S4 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-10-1 234888]
S4 cpuz130;cpuz130; [x]
S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-10 135664]
S4 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-3-10 135664]
S4 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2011-11-25 687400]
S4 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\nitro pdf\professional\NitroPDFDriverService.exe [2009-9-15 188736]
.
=============== Created Last 30 ================
.
2012-05-09 02:45:18 -------- d-----w- c:\program files\ZeoBIT
2012-05-09 02:45:00 -------- d-----w- c:\documents and settings\all users\application data\ZeoBIT
2012-05-09 02:16:56 -------- d-----w- c:\program files\Registrar Registry Manager
2012-05-08 00:20:08 -------- d-----w- c:\documents and settings\hp_administrator\application data\Windows Search
2012-05-07 20:43:19 -------- d-----w- c:\program files\common files\Windows Live
2012-05-07 20:42:18 -------- d-----w- c:\windows\system32\winrm
2012-05-07 20:42:11 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2012-05-07 20:41:34 -------- d-----w- c:\documents and settings\hp_administrator\application data\Windows Desktop Search
2012-05-07 20:40:59 -------- d-----w- c:\documents and settings\hp_administrator\local settings\application data\PCHealth
2012-05-07 20:40:41 -------- d-----w- c:\windows\system32\GroupPolicy
2012-05-07 20:40:41 -------- d-----w- c:\program files\Windows Desktop Search
2012-05-07 20:39:11 98304 ------w- c:\windows\system32\dllcache\nlhtml.dll
2012-05-07 20:39:11 29696 ------w- c:\windows\system32\dllcache\mimefilt.dll
2012-05-07 20:39:11 192000 ------w- c:\windows\system32\dllcache\offfilt.dll
2012-05-07 04:02:09 143840 ----a-w- c:\documents and settings\all users\application data\1336363164.bdinstall.bin
2012-05-07 04:01:25 -------- d-----w- c:\documents and settings\hp_administrator\application data\Bitdefender
2012-05-07 04:01:04 340624 ----a-w- c:\windows\system32\drivers\trufos.sys
2012-05-07 04:01:03 360976 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2012-05-07 03:57:31 64830 ----a-w- c:\documents and settings\all users\application data\1336363005.bdinstall.bin
2012-05-07 03:17:36 165723 ----a-w- c:\documents and settings\all users\application data\1336360462.bdinstall.bin
2012-05-07 03:16:07 -------- d-----w- c:\documents and settings\all users\application data\Bitdefender
2012-05-07 03:05:34 15590 ----a-w- c:\documents and settings\all users\application data\1336359929.bdinstall.bin
2012-05-07 03:03:36 403524 ----a-w- c:\documents and settings\all users\application data\1336359699.bdinstall.bin
2012-05-07 03:03:36 -------- d-----w- c:\program files\Bitdefender
2012-05-06 14:09:37 81877 ----a-w- c:\documents and settings\all users\application data\1336313139.bdinstall.bin
2012-05-06 14:02:14 76087 ----a-w- c:\documents and settings\all users\application data\1336312911.bdinstall.bin
2012-05-06 13:57:42 -------- d-----w- c:\documents and settings\all users\application data\HitmanPro
2012-05-06 05:48:00 133981 ----a-w- c:\documents and settings\all users\application data\1336282979.bdinstall.bin
2012-05-06 05:47:27 -------- d-----w- c:\documents and settings\all users\application data\BDLogging
2012-05-06 05:40:29 131326 ----a-w- c:\documents and settings\all users\application data\1336282691.bdinstall.bin
2012-05-06 05:31:45 15590 ----a-w- c:\documents and settings\all users\application data\1336282301.bdinstall.bin
2012-05-06 05:27:01 86604 ----a-w- c:\documents and settings\all users\application data\1336282006.bdinstall.bin
2012-05-06 05:26:35 -------- d-----w- c:\program files\common files\Bitdefender
2012-05-06 04:38:13 42864 ----a-r- c:\windows\system32\SBBD.EXE
2012-05-06 04:38:13 101112 ----a-r- c:\windows\system32\drivers\SBREDrv.sys
2012-05-05 05:51:05 -------- d-----w- c:\documents and settings\hp_administrator\application data\QuickScan
2012-05-05 03:48:53 327368 ----a-w- c:\windows\system32\drivers\avisfltr.sys
2012-05-05 03:48:53 309320 ----a-w- c:\windows\system32\drivers\TrufosAlt.sys
2012-05-05 01:16:42 245248 ----a-w- c:\windows\system32\mswsok.dll
2012-05-05 01:16:42 245248 ----a-w- c:\windows\system32\dllcache\mswsock.dll
2012-05-05 01:16:42 245248 ------w- c:\windows\system32\mswsock.dll
2012-05-04 04:43:58 -------- d-----w- C:\sh4ldr
2012-05-04 04:43:58 -------- d-----w- c:\program files\Enigma Software Group
2012-05-04 04:43:32 -------- d-----w- c:\windows\4E0C6314A8B84026AC15084E8B63AFB5.TMP
2012-05-04 04:43:29 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2012-05-04 02:35:53 -------- d-----w- c:\program files\Radialpoint Malware Removal Tool
2012-05-03 19:01:12 -------- d-----w- c:\documents and settings\hp_administrator\local settings\application data\LogMeIn Rescue Applet
2012-05-03 02:22:11 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software
2012-05-03 01:57:15 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2012-05-03 01:55:20 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-05-03 01:55:20 -------- d-----w- c:\windows\system32\wbem\Repository
2012-04-20 02:02:12 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
.
==================== Find3M ====================
.
2012-05-05 10:23:03 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-20 22:52:08 611520 ----a-w- c:\windows\system32\drivers\avc3.sys
2012-03-10 05:58:59 280276 ----a-w- c:\windows\system32\nvdrsdb1.bin
2012-03-10 05:58:59 1 ----a-w- c:\windows\system32\nvdrssel.bin
2012-03-10 05:58:50 280276 ----a-w- c:\windows\system32\nvdrsdb0.bin
2012-03-05 03:15:44 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-03-05 03:15:43 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-01 11:01:32 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 11:01:32 43520 ------w- c:\windows\system32\licmgr10.dll
2012-03-01 11:01:32 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10:16 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10:16 148480 ------w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17:40 385024 ------w- c:\windows\system32\html.iec
2012-02-26 02:50:36 0 ----a-w- c:\windows\system32\drivers\80123A36.SYS
2012-02-17 19:15:12 447208 ----a-w- c:\windows\system32\drivers\avckf.sys
.
============= FINISH: 23:03:06.75 ===============

DDS (Ver_2011-09-30.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\Harddisk0\DP(1)0x7e00-0x484eedfc00+2
Install Date: 19/10/2006 12:02:14 AM
System Uptime: 11/05/2012 10:38:18 PM (1 hours ago)
.
Motherboard: ASUSTek Computer INC. | | NODUSM3
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ | Socket AM2 | 2605/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 289 GiB total, 168.988 GiB free.
D: is FIXED (FAT32) - 9 GiB total, 0.665 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is FIXED (NTFS) - 149 GiB total, 55.959 GiB free.
H: is Removable
I: is Removable
J: is Removable
K: is CDROM ()
L: is Removable
Z: is FIXED (NTFS) - 466 GiB total, 393.735 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP502: 06/02/2012 11:30:48 PM - System Checkpoint
RP503: 08/02/2012 11:09:39 PM - System Checkpoint
RP504: 09/02/2012 11:26:58 PM - System Checkpoint
RP505: 12/02/2012 10:37:04 PM - System Checkpoint
RP506: 13/02/2012 10:41:19 PM - System Checkpoint
RP507: 14/02/2012 12:37:51 AM - Installed Microsoft Fix it 50195
RP508: 15/02/2012 3:00:20 AM - Software Distribution Service 3.0
RP509: 16/02/2012 10:26:07 PM - Software Distribution Service 3.0
RP510: 17/02/2012 11:27:11 PM - System Checkpoint
RP511: 19/02/2012 10:15:32 PM - System Checkpoint
RP512: 20/02/2012 11:10:26 PM - System Checkpoint
RP513: 22/02/2012 12:16:35 AM - System Checkpoint
RP514: 01/03/2012 10:20:00 PM - System Checkpoint
RP515: 03/03/2012 7:50:56 PM - System Checkpoint
RP516: 04/03/2012 10:47:45 PM - System Checkpoint
RP517: 04/03/2012 11:44:56 PM - Removed Java(TM) 6 Update 27
RP518: 04/03/2012 11:45:36 PM - Installed Java(TM) 6 Update 31
RP519: 06/03/2012 12:31:42 AM - System Checkpoint
RP520: 07/03/2012 9:04:49 PM - System Checkpoint
RP521: 07/03/2012 10:14:19 PM - Removed Microsoft Visual C++ 2005 Redistributable
RP522: 07/03/2012 10:15:42 PM - Installed Microsoft Visual C++ 2005 Redistributable
RP523: 07/03/2012 10:17:51 PM - Installed Windows XP KB942288-v3.
RP524: 07/03/2012 10:18:18 PM - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP525: 07/03/2012 10:18:45 PM - Installed DirectX
RP526: 07/03/2012 10:19:03 PM - Installed DirectX
RP527: 07/03/2012 10:19:23 PM - Installed DirectX
RP528: 07/03/2012 10:45:21 PM - Installed DirectX
RP529: 07/03/2012 10:48:24 PM - Installed Nero 11.
RP530: 09/03/2012 1:51:00 AM - Software Distribution Service 3.0
RP531: 11/03/2012 10:15:58 PM - System Checkpoint
RP532: 14/03/2012 1:23:13 AM - Software Distribution Service 3.0
RP533: 14/03/2012 2:13:37 AM - Installed Rapport
RP534: 16/03/2012 11:33:38 PM - System Checkpoint
RP535: 18/03/2012 10:47:16 PM - Installed AceTax 2011
RP536: 21/03/2012 12:21:09 AM - System Checkpoint
RP537: 23/03/2012 11:19:55 PM - System Checkpoint
RP538: 27/03/2012 12:01:01 AM - System Checkpoint
RP539: 28/03/2012 12:18:27 AM - System Checkpoint
RP540: 29/03/2012 10:58:27 PM - System Checkpoint
RP541: 30/03/2012 11:24:36 PM - System Checkpoint
RP542: 02/04/2012 11:22:28 PM - System Checkpoint
RP543: 04/04/2012 10:25:56 PM - System Checkpoint
RP544: 05/04/2012 11:25:13 PM - System Checkpoint
RP545: 07/04/2012 1:00:47 AM - System Checkpoint
RP546: 08/04/2012 10:23:59 PM - System Checkpoint
RP547: 10/04/2012 10:14:41 PM - System Checkpoint
RP548: 12/04/2012 1:58:02 AM - Software Distribution Service 3.0
RP549: 13/04/2012 9:39:14 AM - System Checkpoint
RP550: 16/04/2012 11:44:05 PM - System Checkpoint
RP551: 20/04/2012 3:08:14 AM - System Checkpoint
RP552: 25/04/2012 10:43:45 PM - System Checkpoint
RP553: 26/04/2012 10:50:46 PM - System Checkpoint
RP554: 28/04/2012 12:05:55 AM - System Checkpoint
RP555: 29/04/2012 12:56:24 AM - System Checkpoint
RP556: 30/04/2012 3:44:24 PM - System Checkpoint
RP557: 02/05/2012 11:23:40 PM - Restore Operation
RP558: 03/05/2012 4:31:13 AM - avast! Free Antivirus Setup
RP559: 04/05/2012 2:13:57 AM - Installed SpyHunter
RP560: 04/05/2012 3:29:42 AM - Removed SpyHunter
RP561: 05/05/2012 7:00:05 AM - System Checkpoint
RP562: 06/05/2012 2:07:53 AM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.
RP563: 06/05/2012 2:29:59 AM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.
RP564: 07/05/2012 6:09:03 PM - Software Distribution Service 3.0
RP565: 07/05/2012 10:38:20 PM - Software Distribution Service 3.0
RP566: 08/05/2012 12:56:33 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
360Share Pro(remove only)
AceTax 2009
AceTax 2010
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Shockwave Player 11.5
AeroFly Professional Deluxe
AeroFly Professional Expansion Pack Volume 1
AutoUpdate
Azureus
Beyond Compare Version 3.0.15
Bitdefender Antivirus Plus 2012
BufferChm
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_LightScribeConfig
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
cp_PosterPrintConfig
cp_UpdateProjectsConfig
Critical Update for Windows Media Player 11 (KB959772)
CueTour
Customer Experience Enhancement
CustomerResearchQFolder
D4100
D4100_Help
Data Fax SoftModem with SmartCP
Destinations
DivX
doPDF 6.2 printer
DTC Library
Enhanced Multimedia Keyboard Solution
eSupportQFolder
Flight Log
FullDPAppQFolder
Google Chrome
Google Toolbar for Internet Explorer
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 10 (KB910393)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 7.0
HP DVD Play 2.1
HP Imaging Device Functions 7.0
HP Photosmart and Deskjet 7.0 Software
HP Photosmart for Media Center PC
HP Photosmart Premier Software 6.5
HP Solution Center 7.0
HP Web Helper
hph_readme
hph_software
hph_software_req
HPPhotoSmartExpress
HPProductAssistant
HpSdpAppCoreApp
InstantShareDevices
InstantShareDevicesMFC
Internet Explorer (Enable DEP)
Java Auto Updater
MarketResearch
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Away Mode
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003 60 days trial
Microsoft User-Mode Driver Framework Feature Pack 1.0
Mozilla Firefox 11.0 (x86 en-US)
MSN
muvee autoProducer 5.0
muvee autoProducer unPlugged 2.0
My HP Games
nero.prerequisites.msi
Nomadio Digital RC Desktop, 3.0.1
Null-modem emulator (com0com)
NVIDIA Control Panel 280.26
NVIDIA Drivers
NVIDIA Graphics Driver 280.26
NVIDIA HD Audio Driver 1.2.23.3
NVIDIA Install Application
NVIDIA nView 135.94
NVIDIA nView Desktop Manager
NVIDIA PhysX System Software 9.10.0514
NVIDIA Update 1.4.28
NVIDIA Update Components
OptionalContentQFolder
Otto
PanoStandAlone
PhotoGallery
Radialpoint Malware Removal Tool version 1.51.1.2100
RandMap
RealFlight G2 Simulator
RealFlight G3 R/C Simulator
RealPlayer
RealRace Simulator
Registrar Registry Manager 7.02
SAMSUNG Mobile Composite Device Software
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3 USB Driver Installer
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SkinsHP1
SlideShow
SlideShowMusic
SolutionCenter
Sonic_PrimoSDK
Stanza
Status
System Requirements Lab
Toolbox
TrayApp
Tweak UI
Uniblue RegistryBooster
Uninstall Film and Photo Scanner
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Updates from HP (remove only)
Vuze
Vuze Toolbar
WebFldrs XP
WebReg
WildTangent Web Driver
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinRAR archiver
Yahoo! Emoticon Assistant 1.1
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
ZOTAC FireStorm
.
==== Event Viewer Messages From Past Week ========
.
11/05/2012 10:40:49 PM, error: Service Control Manager [7023] - The Sonytvc service terminated with the following error: The specified module could not be found.
11/05/2012 10:40:49 PM, error: Service Control Manager [7023] - The LwUsbHid service terminated with the following error: The specified module could not be found.
11/05/2012 10:40:49 PM, error: Service Control Manager [7023] - The Ftpqueue service terminated with the following error: The specified module could not be found.
11/05/2012 10:40:49 PM, error: Service Control Manager [7023] - The DellAMBrokerService service terminated with the following error: The specified module could not be found.
10/05/2012 11:13:11 PM, error: Service Control Manager [7034] - The Terminal Services service terminated unexpectedly. It has done this 1 time(s).
10/05/2012 11:13:11 PM, error: Service Control Manager [7031] - The DCOM Server Process Launcher service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
10/05/2012 11:13:01 PM, error: Service Control Manager [7034] - The HTTP SSL service terminated unexpectedly. It has done this 1 time(s).
10/05/2012 10:34:20 PM, error: Service Control Manager [7023] - The LwUsbHid service terminated with the following error: Access is denied.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Z800mdfl service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Wg6n service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Wanatw service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Upsentry_smart service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Sympxsvc service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The SWNC8U51 service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Sstpsvc service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Ser2pl service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Scanwscs service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Sbservice service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The PGPdisk service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Pdlndoem service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Ntsyslog service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Ntservice1 service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The LxdmCATSCustConnectService service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Int15.sys service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Hsvcmod service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The GTPTSER service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Fsbwsys service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Freepops service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The EACSys service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Cwbrxd service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Btwaudio service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Backupexecdevicemediaservice service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The ATKGFNEXSrv service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Atinrvxx service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The ASDR service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Artdhcp service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The Ageremodemaudio service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7023] - The {85ccb53b-23d8-4e73-b1b7-9ddb71827d9b} service terminated with the following error: The specified module could not be found.
10/05/2012 10:32:33 PM, error: Service Control Manager [7000] - The PCKeeper Worker Service service failed to start due to the following error: The system cannot find the file specified.
10/05/2012 10:31:11 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000043' while processing the file 'netbt.sys' on the volume 'DP(1)0x7e00-0x484eedfc00+2'. It has stopped monitoring the volume.
09/05/2012 6:57:02 AM, error: Service Control Manager [7023] - The Sstpsvc service terminated with the following error: Access is denied.
09/05/2012 6:41:59 AM, error: Service Control Manager [7023] - The {85ccb53b-23d8-4e73-b1b7-9ddb71827d9b} service terminated with the following error: Access is denied.
09/05/2012 6:26:59 AM, error: Service Control Manager [7023] - The Artdhcp service terminated with the following error: Access is denied.
09/05/2012 6:12:00 AM, error: Service Control Manager [7023] - The Btwaudio service terminated with the following error: Access is denied.
09/05/2012 5:57:05 AM, error: Service Control Manager [7023] - The Scanwscs service terminated with the following error: Access is denied.
09/05/2012 5:41:59 AM, error: Service Control Manager [7023] - The Ageremodemaudio service terminated with the following error: Access is denied.
09/05/2012 5:26:58 AM, error: Service Control Manager [7023] - The GTPTSER service terminated with the following error: Access is denied.
09/05/2012 5:11:56 AM, error: Service Control Manager [7023] - The Ser2pl service terminated with the following error: Access is denied.
09/05/2012 4:56:58 AM, error: Service Control Manager [7023] - The Ntsyslog service terminated with the following error: Access is denied.
09/05/2012 4:41:57 AM, error: Service Control Manager [7023] - The LxdmCATSCustConnectService service terminated with the following error: Access is denied.
09/05/2012 4:26:56 AM, error: Service Control Manager [7023] - The Wg6n service terminated with the following error: Access is denied.
09/05/2012 4:11:55 AM, error: Service Control Manager [7023] - The Hsvcmod service terminated with the following error: Access is denied.
09/05/2012 3:56:54 AM, error: Service Control Manager [7023] - The Pdlndoem service terminated with the following error: Access is denied.
09/05/2012 3:41:54 AM, error: Service Control Manager [7023] - The SWNC8U51 service terminated with the following error: Access is denied.
09/05/2012 3:26:52 AM, error: Service Control Manager [7023] - The Ntservice1 service terminated with the following error: Access is denied.
09/05/2012 3:11:53 AM, error: Service Control Manager [7023] - The PGPdisk service terminated with the following error: Access is denied.
09/05/2012 3:09:05 AM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
09/05/2012 2:56:53 AM, error: Service Control Manager [7023] - The Sympxsvc service terminated with the following error: Access is denied.
09/05/2012 2:41:49 AM, error: Service Control Manager [7023] - The Cwbrxd service terminated with the following error: Access is denied.
09/05/2012 2:26:49 AM, error: Service Control Manager [7023] - The Upsentry_smart service terminated with the following error: Access is denied.
09/05/2012 2:18:41 AM, error: Service Control Manager [7034] - The PCKeeper Worker Service service terminated unexpectedly. It has done this 2 time(s).
09/05/2012 2:18:26 AM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
09/05/2012 2:18:18 AM, error: Service Control Manager [7031] - The PCKeeper Worker Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
09/05/2012 2:11:49 AM, error: Service Control Manager [7023] - The Freepops service terminated with the following error: Access is denied.
09/05/2012 2:10:49 AM, error: Service Control Manager [7023] - The EACSys service terminated with the following error: Access is denied.
09/05/2012 2:08:45 AM, error: Service Control Manager [7034] - The NVIDIA Update Service Daemon service terminated unexpectedly. It has done this 1 time(s).
09/05/2012 2:08:43 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ftsata2 RapportKELL
09/05/2012 2:08:43 AM, error: Service Control Manager [7022] - The NVIDIA Update Service Daemon service hung on starting.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Zpsc service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The XUIF service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Wps service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The WmUsbHid service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Wandrv service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The W700mgmt service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The VX1000 service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The VirtualCam service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The VAIOMediaPlatform-VideoServer-UPnP service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Vaiomediaplatform-integratedserver-upnp service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Usprserv service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Uscbs108 service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The UNDPX2A service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The UimBus service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Uim_IM service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Ufdsvc service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The U81xmdfl service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Tvtnetwk service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Tunnelguardservice service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Tifmsony service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The TestHandler service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The STV680 service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Stllssvr service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Steamdvr service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Sscdbhk5 service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Sr_service service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Spcsutilityservice service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Smservauth service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Smrt service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Smartscaps service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Slpsvdr service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The SilverLink service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Servidor service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Se44unic service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The SE2Cmdm service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The ScFBPNT3 service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Sbiesvc service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The S125mgmt service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The S116mgmt service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The S116bus service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The RR2Mjpeg service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The RR2IOMod service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Regsrvc service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Radiosvr service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Psimsvc service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Prevxdriver service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Pdfcreatormessages service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The PCTINDIS5 service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Pavdrv service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Outpostfirewall service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The OdysseyIM4 service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Ntrtscan service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The NETw5x32 service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The NetTcpActivator service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Mssql$sony_mediamgr service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The MA8032M service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The L8042mou service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Ipssvc service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Icm10blk service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The IAimTV6 service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Iaimtv1 service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The HPFXBULK service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Houdinilicenseserver service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Eventclientmultiplexer service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Elnkupdateservice service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Elnkfwppservice service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The CTEDSPIO.DLL service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Cqmgstor service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Cpqfcalm service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Cmdagent service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Clientservice service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Cicssfs.scmmc223 service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Cdr4_2k service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The CBN service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Btnetfilter service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Axinstsv service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Awecho service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Avgascln service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The ATMsrvc service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The Atimpab service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:13 AM, error: Service Control Manager [7023] - The As32svc service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The Vcommmgr service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The UDFReadr service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The Truecrypt service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The Tosrfec service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The Tifsfilter service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The Tifm21 service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The TcpipBM service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The TBPanel service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The Tbiosdrv service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The StkASSrv service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The Ssm_mdm service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The Soma service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The Smsmdd service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The Scsk4 service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The NVR0FLASHDev service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The Nimcrpcsu service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The Lp6nds35 service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The LMouFilt service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The Kerbkey service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The Iaimtv0 service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The Eloggersvc6 service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The Dpc_srv_webcast service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The CdaC15BA service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The Alcaudsl service terminated with the following error: The specified module could not be found.
09/05/2012 2:07:12 AM, error: Service Control Manager [7023] - The {834170a7-af3b-4d34-a757-e05eb29ee96d} service terminated with the following error: The specified module could not be found.
09/05/2012 12:57:18 AM, error: Service Control Manager [7023] - The Nimcrpcsu service terminated with the following error: Access is denied.
09/05/2012 12:42:17 AM, error: Service Control Manager [7023] - The W700mgmt service terminated with the following error: Access is denied.
09/05/2012 12:27:17 AM, error: Service Control Manager [7023] - The Cicssfs.scmmc223 service terminated with the following error: Access is denied.
09/05/2012 12:12:16 AM, error: Service Control Manager [7023] - The Tosrfec service terminated with the following error: Access is denied.
09/05/2012 12:09:00 AM, error: Schedule [7901] - The At1.job command failed to start due to the following error: %%2147942402
09/05/2012 12:06:06 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
09/05/2012 12:06:04 AM, error: Schedule [7901] - The At25.job command failed to start due to the following error: %%2147942402
09/05/2012 1:57:20 AM, error: Service Control Manager [7023] - The Pdfcreatormessages service terminated with the following error: Access is denied.
09/05/2012 1:42:20 AM, error: Service Control Manager [7023] - The Mssql$sony_mediamgr service terminated with the following error: Access is denied.
09/05/2012 1:27:18 AM, error: Service Control Manager [7023] - The VAIOMediaPlatform-VideoServer-UPnP service terminated with the following error: Access is denied.
09/05/2012 1:12:18 AM, error: Service Control Manager [7023] - The Outpostfirewall service terminated with the following error: Access is denied.
08/05/2012 3:42:51 AM, error: Service Control Manager [7023] - The U81xmdfl service terminated with the following error: Access is denied.
08/05/2012 2:57:49 AM, error: Service Control Manager [7023] - The Cpqfcalm service terminated with the following error: Access is denied.
08/05/2012 2:42:47 AM, error: Service Control Manager [7023] - The Sbiesvc service terminated with the following error: Access is denied.
08/05/2012 11:57:46 PM, error: Service Control Manager [7023] - The Stllssvr service terminated with the following error: Access is denied.
08/05/2012 11:42:46 PM, error: Service Control Manager [7023] - The NETw5x32 service terminated with the following error: Access is denied.
08/05/2012 11:12:45 PM, error: Service Control Manager [7023] - The Spcsutilityservice service terminated with the following error: Access is denied.
08/05/2012 10:56:45 PM, error: Service Control Manager [7023] - The Kerbkey service terminated with the following error: Access is denied.
08/05/2012 10:54:46 PM, error: Service Control Manager [7034] - The Adobe Flash Player Update Service service terminated unexpectedly. It has done this 1 time(s).
08/05/2012 10:54:41 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
08/05/2012 10:43:14 PM, error: Service Control Manager [7023] - The TBPanel service terminated with the following error: Access is denied.
07/05/2012 9:53:02 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1176 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 9:29:34 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1153 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 9:28:33 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1152 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 9:27:32 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1151 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 9:26:31 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1150 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 9:25:30 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1149 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 9:24:29 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1148 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 9:23:28 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1147 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 9:22:27 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1146 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 9:21:26 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1145 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 9:20:24 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1144 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 9:19:23 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1143 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 9:18:22 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1142 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 9:17:21 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1141 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 9:16:20 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1140 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 9:15:19 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1139 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 9:14:18 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1138 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 9:13:17 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1137 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 4:34:54 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 864 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 3:55:02 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 825 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 3:54:01 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 824 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 3:17:54 AM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 85 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 3:00:00 AM, error: Schedule [7901] - The At28.job command failed to start due to the following error: %%2147942402
07/05/2012 2:58:52 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 770 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:57:51 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 769 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:56:50 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 768 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:55:49 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 767 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:54:47 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 766 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:53:46 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 765 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:53:05 AM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 61 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:34:24 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 746 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:33:22 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 745 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:32:21 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 744 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:31:20 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 743 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:30:19 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 742 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:29:18 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 741 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:28:16 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 740 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:27:15 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 739 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:26:14 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 738 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:25:13 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 737 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:24:11 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 736 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:23:10 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 735 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:22:09 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 734 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:21:08 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 733 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:20:04 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 732 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:19:03 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 731 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 2:18:01 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 730 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 11:53:33 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 69 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 10:54:42 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 11 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/05/2012 10:53:41 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 10 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
06/05/2012 12:21:52 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
06/05/2012 11:00:00 PM, error: Schedule [7901] - The At48.job command failed to start due to the following error: %%2147942402
06/05/2012 11:00:00 PM, error: Schedule [7901] - The At24.job command failed to start due to the following error: %%2147942402
06/05/2012 10:55:25 PM, error: Service Control Manager [7034] - The Bell Aliant Security Services service terminated unexpectedly. It has done this 5 time(s).
06/05/2012 10:00:00 PM, error: Schedule [7901] - The At47.job command failed to start due to the following error: %%2147942402
06/05/2012 10:00:00 PM, error: Schedule [7901] - The At23.job command failed to start due to the following error: %%2147942402
05/05/2012 3:11:11 AM, error: Service Control Manager [7023] - The VX1000 service terminated with the following error: Access is denied.
.
==== End Of File ===========================
monctonrc
Active Member
 
Posts: 11
Joined: May 11th, 2012, 12:22 am
Advertisement
Register to Remove

Re: Trojan.Sirefef.BV and "about:blank" home page

Unread postby diver79 » May 13th, 2012, 4:16 pm

Hi and welcome to MalwareRemoval.com, sorry for any delay in answering your request for help, the forum is really busy.
My name is Diver79, and I will be helping you with your malware problems.

Before we start please note the following important guidelines.
  • The instructions given are for THIS computer only! Using these instructions on a different computer, can make it inoperable!
  • Please DO NOT run any other software or scans whilst I am helping you.

Note: If you haven't done so already, please ensure you have read the following article. ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
diver79 wrote:Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.
Because of this, I advise you to backup any personal files and folders before you start.
How do I backup my files and folders in XP?

Looking into your logs now. Will post instructions soon...

diver79.
User avatar
diver79
Retired Graduate
 
Posts: 1004
Joined: January 3rd, 2010, 7:03 pm

Re: Trojan.Sirefef.BV and "about:blank" home page

Unread postby diver79 » May 13th, 2012, 4:32 pm

Hi monctonrc,

Remove P2P Programs
  • I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.
    360Share Pro(remove only)
    Azureus
    Vuze
    Vuze Toolbar
  • Please read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.
  • Note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.
  • If you wish to continue receiving support here you must remove these programs.

    • Click on start
    • Then Run
    • In the open text entry box please copy/paste appwiz.cpl Then click enter.
    • Press the "Remove" or "Change/Remove"...button to uninstall the programs listed above (in red) and any other P2P you have installed NOW.
      While you are there, please also uninstall the below programs.
      MarketResearch
      Uniblue RegistryBooster
    • Take care when answering any questions posed by an uninstaller. Some questions may be worded to deceive you into keeping the program.
User avatar
diver79
Retired Graduate
 
Posts: 1004
Joined: January 3rd, 2010, 7:03 pm

Re: Trojan.Sirefef.BV and "about:blank" home page

Unread postby monctonrc » May 13th, 2012, 9:24 pm

Did as requested but when I tried to uninstall Azurous I get a error "Couldn't load main class"
all other software you requested removed has been removed
I await your next email
monctonrc
Active Member
 
Posts: 11
Joined: May 11th, 2012, 12:22 am

Re: Trojan.Sirefef.BV and "about:blank" home page

Unread postby monctonrc » May 13th, 2012, 9:24 pm

Did as requested but when I tried to uninstall Azurous I get a error "Couldn't load main class"
all other software you requested removed has been removed
I await your next email
monctonrc
Active Member
 
Posts: 11
Joined: May 11th, 2012, 12:22 am

Re: Trojan.Sirefef.BV and "about:blank" home page

Unread postby monctonrc » May 13th, 2012, 9:24 pm

Did as requested but when I tried to uninstall Azurous I get a error "Couldn't load main class"
all other software you requested removed has been removed
I await your next email
monctonrc
Active Member
 
Posts: 11
Joined: May 11th, 2012, 12:22 am

Re: Trojan.Sirefef.BV and "about:blank" home page

Unread postby monctonrc » May 13th, 2012, 9:24 pm

Did as requested but when I tried to uninstall Azurous I get a error "Couldn't load main class"
all other software you requested removed has been removed
I await your next email
monctonrc
Active Member
 
Posts: 11
Joined: May 11th, 2012, 12:22 am

Re: Trojan.Sirefef.BV and "about:blank" home page

Unread postby diver79 » May 14th, 2012, 8:46 am

Hi monctonrc,

Did as requested but when I tried to uninstall Azurous I get a error "Couldn't load main class"
Thats no problem we can address that later.

The logs shows that you have been infected with a dangerous rootkit called zeroaccess. We can attempt to remove it but it can be quite tricky. See my note below on this type of rootkit for further information

Rootkit

Your computer has a dangerous Rootkit infection. A rootkit is a set of software tools intended for concealing running processes, files or system data from the operating system. The only true way to ensure there are no remnants of a rootkit on your machine is to fully wipe the hard drive. I understand that this may not be what you want to hear, but it is the safest way to deal with such an infection. There are tools that may identify the infection but removing it can sometimes cause more problems than it solves. The truth is, invasive rootkit malware can dig itself so deep that your safest bet is to wipe and re-install OS.

You are strongly advised to do the following:

  • Disconnect the computer from the Internet and from any networked computers until it is cleaned.
  • Back up all your important data except programs. The programs can be reinstalled back from the original disc or from the Net.
  • Call all your banks, financial institutions, credit card companies and inform them that you may be a victim of identity theft and put a watch on your accounts. If you don't mind the hassle, change all your account numbers.
  • From a clean computer, change all your passwords (ISP login password, your email address(es) passwords, financial accounts, PayPal, eBay, Amazon, online groups and forums and any other online activities you carry out which require a username and password).

DO NOT change your passwords from this computer as the attacker will be able to get all the new passwords and transaction records.

To help you understand more, please take some time to read the following articles:
What are rootkits from Wikipedia
How do I respond to a possible identity theft and how do I prevent it
When should I do a reformat and reinstallation of my OS
How to backup your files in Windows XP

Should you have any questions please feel free to ask.

Please let us know what you have decided to do in your next post.
User avatar
diver79
Retired Graduate
 
Posts: 1004
Joined: January 3rd, 2010, 7:03 pm

Re: Trojan.Sirefef.BV and "about:blank" home page

Unread postby monctonrc » May 14th, 2012, 7:39 pm

Ok I'll wipe the computer
I have 3 hard drives do I wipe all 3
Also my xp install files are on drive d a partition of drive c
Tell me how I should progress next
Cheers,
monctonrc
Active Member
 
Posts: 11
Joined: May 11th, 2012, 12:22 am

Re: Trojan.Sirefef.BV and "about:blank" home page

Unread postby diver79 » May 15th, 2012, 1:36 pm

Hi monctonrc,

monctonrc wrote:Ok I'll wipe the computer
Good, it is the best option here.

monctonrc wrote:Also my xp install files are on drive d a partition of drive c
Is this a recovery partition that came with the computer?
Normally you either create a set of recovery disks or boot the computer into recovery mode.

You can find more information on this here http://h10025.www1.hp.com/ewfrf/wc/docu ... 07145#N296

Let me know which one you think applies to your computer.

diver79
User avatar
diver79
Retired Graduate
 
Posts: 1004
Joined: January 3rd, 2010, 7:03 pm

Re: Trojan.Sirefef.BV and "about:blank" home page

Unread postby monctonrc » May 15th, 2012, 2:35 pm

I have recovery disks
I formatted and reinstalled
Computer seems to be running fine
I had 2 other hd I removed them
Is it safe to connect and scan them
I dont want to introduce the virus again
Guess what I asking is do I install the drives and scan them or format those drives also
Please note all my data
backups are on those drives
I won't do anything till I hear back from you
monctonrc
Active Member
 
Posts: 11
Joined: May 11th, 2012, 12:22 am

Re: Trojan.Sirefef.BV and "about:blank" home page

Unread postby diver79 » May 15th, 2012, 2:50 pm

Hi monctonrc,

Yes, the drives need to be scanned, but see the information below first.

Zeroaccess takes advantage of several vulnerabilities in outdated software. This includes Windows, Java and Adobe Flash and Reader. Your main priority here is to update to the latest Windows Service Pack (sp3), and then update all 3rd party applications.

You also need to install Anti Virus software and update it. Below are some free versions I would recommend.
Note: You should run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and results in program conflicts and false virus alerts.

Secunia Personal Software Inspector - Copyright © Secunia. This app will monitor programs on your computer for known vulnerabilities. You can set it to auto-update for you, or just prompt you if an update is available. I highly recommend it.

Once you have updated your Anti-Virus, Windows, and other programs to the latest version you will have significantly reduced your chances of re-infection. You can then connect your Hard Disks and scan them for Viruses. It might be a good idea to scan them before booting the OS. See information below on creating a Kaspersky Rescue Disk to scan the drives outside of the OS.

Kaspersky Rescue Disk

I want you to download Kaspersky's rescue disk and create a bootable USB drive with it.

This will allow us to scan the computer outside of the Operating System and identify whatever is causing the problem.

Download the following files to your Desktop.
http://rescuedisk.kaspersky-labs.com/rescuedisk/updatable/kav_rescue_10.iso
http://rescuedisk.kaspersky-labs.com/rescuedisk/updatable/rescue2usb.exe

  • Run the downloaded file rescue2usb.exe.
  • On the Kaspersky USB Rescue Disk Maker window, click Browse... and select the kav_rescue_10.iso file downloaded earlier.
  • Under the USB Medium section select your USB device from the drop-down menu.
  • Click START.
  • Wait until the process is complete.

Configure the computer to boot from USB
  • Turn off the Computer
  • Turn on the computer and repeatedly tap either the DEL or F2 keys to enter the BIOS.
  • If neither of these work you may try the following keys instead;F1, F8, F10, F11, F12.
  • Look for Boot options in the BIOS and make sure that Removable Devices is top of the list.
More information http://pcsupport.about.com/od/fixtheproblem/ss/bootorderchange_3.htm


Boot to KAS Rescue
  • Restart your computer (with the USB drive inserted). After reboot, a message will appear on the screen: Press any key to enter the menu. Press any key...
  • Select English as the Language using the keyboard.
  • Press the 1 key to accept the agreement.
  • Select Kaspersky Rescue Disk. Graphic Mode

Update Anti-Virus Database
  • In the bottom left hand corner click on the blue Start button and select Kaspersky Rescue Disk from the open menu.
  • Select the My Update Center tab.
  • Select Start Update
  • If the update fails it will be due to a connection problem, either you need to enter your wireless settings or you have DHCP turned off at the router. See here for info on solving this problem.

Start Scan
  • At the Kaspersky Rescue Disk window go to the Objects Scan tab.
  • Check all the checkboxes and select Start Objects Scan.
  • If anything is found choose Skip. We will deal with it later.
  • When the scan is finished click on the Report link at the top of the screen.
  • Click on Detailed report and click Save.
  • Save the report to your USB disk and post its contents in your next reply.

Let me know if you have any more questions.
User avatar
diver79
Retired Graduate
 
Posts: 1004
Joined: January 3rd, 2010, 7:03 pm

Re: Trojan.Sirefef.BV and "about:blank" home page

Unread postby monctonrc » May 16th, 2012, 1:44 am

Objects Scan: stopped 3 hours ago (events: 2, objects: 12946, time: 00:07:16)
5/15/12 11:04 PM Task stopped
5/15/12 10:57 PM Task started
Virus Scan: malfunction (events: 1, objects: 0, time: Unknown)
5/15/12 11:11 PM Task started
Objects Scan: completed 15476 days ago (events: 16, objects: 812772, time: 03:00:36)
5/15/12 11:17 PM Task started
5/15/12 11:38 PM Detected: not-a-virus:AdWare.Win32.WeatherBug.a C:/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP3/A0000966.exe/WiseSFXDropper/WISE0015.BIN
5/15/12 11:38 PM Untreated: not-a-virus:AdWare.Win32.WeatherBug.a C:/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP3/A0000966.exe/WiseSFXDropper/WISE0015.BIN Postponed
5/16/12 12:18 AM Detected: not-a-virus:AdWare.Win32.WeatherBug.a D:/I386/APPS/APP14197/src/CompaqPresario_Spring06.exe/WiseSFXDropper/WISE0015.BIN
5/16/12 12:18 AM Detected: not-a-virus:AdWare.Win32.WeatherBug.a D:/I386/APPS/APP14197/src/HPPavillion_Spring06.exe/WiseSFXDropper/WISE0015.BIN
5/16/12 12:18 AM Untreated: not-a-virus:AdWare.Win32.WeatherBug.a D:/I386/APPS/APP14197/src/CompaqPresario_Spring06.exe/WiseSFXDropper/WISE0015.BIN Postponed
5/16/12 12:18 AM Untreated: not-a-virus:AdWare.Win32.WeatherBug.a D:/I386/APPS/APP14197/src/HPPavillion_Spring06.exe/WiseSFXDropper/WISE0015.BIN Postponed
5/16/12 12:57 AM Processing error sdg5/downloads/phoenix flight simulator + all updates.rar/phoenix flight simulator + all updates/phoenixRC_25k_update.exe/Phoenix 2.5.k update.msi/Data1.cab Read error
5/16/12 12:57 AM Processing error sdg5/expansion packs/Expansion.Pack.1.rar Read error
5/16/12 2:08 AM Detected: not-a-virus:AdWare.Win32.WeatherBug.a C:/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP3/A0000966.exe/WiseSFXDropper/WISE0015.BIN
5/16/12 2:17 AM Deleted: not-a-virus:AdWare.Win32.WeatherBug.a C:/System Volume Information/_restore{106CF321-99A3-4E3A-9103-1BD027606A99}/RP3/A0000966.exe
5/16/12 2:17 AM Detected: not-a-virus:AdWare.Win32.WeatherBug.a D:/I386/APPS/APP14197/src/CompaqPresario_Spring06.exe/WiseSFXDropper/WISE0015.BIN
5/16/12 2:17 AM Deleted: not-a-virus:AdWare.Win32.WeatherBug.a D:/I386/APPS/APP14197/src/CompaqPresario_Spring06.exe
5/16/12 2:17 AM Detected: not-a-virus:AdWare.Win32.WeatherBug.a D:/I386/APPS/APP14197/src/HPPavillion_Spring06.exe/WiseSFXDropper/WISE0015.BIN
5/16/12 2:18 AM Deleted: not-a-virus:AdWare.Win32.WeatherBug.a D:/I386/APPS/APP14197/src/HPPavillion_Spring06.exe
5/16/12 2:18 AM Task completed
monctonrc
Active Member
 
Posts: 11
Joined: May 11th, 2012, 12:22 am

Re: Trojan.Sirefef.BV and "about:blank" home page

Unread postby diver79 » May 16th, 2012, 12:26 pm

Good work monctonrc,

Scans look clear except for the fact that HP bundle the weatherbug application with the restore image. This application is known to have certain adware features. There is no need to delete the files it found but you can uninstall the program if you so wish.

One last check to make sure you are not running vulnerable software.

Security Check
  • Please download Security Check by screen317 from one of the links below:
  • Save it to your Desktop.
  • Double click SecurityCheck.exe , then follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt
  • Please post the contents of that document.
User avatar
diver79
Retired Graduate
 
Posts: 1004
Joined: January 3rd, 2010, 7:03 pm

Re: Trojan.Sirefef.BV and "about:blank" home page

Unread postby monctonrc » May 16th, 2012, 9:00 pm

Results of screen317's Security Check version 0.99.32
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
Bitdefender Antivirus Plus 2012
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:

JavaFX 2.1.0
Java(TM) 7 Update 4
````````````````````````````````
Process Check:
objlist.exe by Laurent

Bitdefender Bitdefender 2012 vsserv.exe
Bitdefender Bitdefender 2012 bdagent.exe
Bitdefender Bitdefender 2012 updatesrv.exe
``````````End of Log````````````
monctonrc
Active Member
 
Posts: 11
Joined: May 11th, 2012, 12:22 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 348 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware