0

So, yes, what I am looking for is already posted, but I don't understand the logs and there is no answer, as well it seems like a customized answer for every user, and I don't think I can post my logs into someone else's to avoid confusion.

A couple of days ago my computer started working slow, and I noticed a "ping.exe" thing running in the taskmanager. It was taking anywhere between 0 and 99 percent of the process and up to around 600k of the memory. Neither avast nor malwarebytes has detected anything. I checked the forums here and got the logs, so here they are:

MBA-M

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8341

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/10/2011 12:13:43 AM
mbam-log-2011-12-10 (00-13-43).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 526292
Time elapsed: 3 hour(s), 42 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\owner.your-daa99072cb\start menu\Programs\Startup\k4sma7bl6.exe (Trojan.Agent) -> Delete on reboot.


GMER:
1
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-12-11 10:01:56
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 ST916031 rev.0303
Running: ke1jcckm.exe; Driver: C:\DOCUME~1\OWNER~1.YOU\LOCALS~1\Temp\kwndykog.sys


---- Devices - GMER 1.0.15 ----

Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)

AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

---- EOF - GMER 1.0.15 ----
2

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-12-11 09:56:07
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 ST916031 rev.0303
Running: ke1jcckm.exe; Driver: C:\DOCUME~1\OWNER~1.YOU\LOCALS~1\Temp\kwndykog.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0x909EC6B8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0x909EC574]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0x909ECA52]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0x909EC14C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0x909EC64E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0x909EC08C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0x909EC0F0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0x909EC76E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0x909EC72E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0x909EC8AE]

---- Devices - GMER 1.0.15 ----

Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)

AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
Device Cdfs.SYS (CD-ROM File System Driver/Microsoft Corporation)

---- Modules - GMER 1.0.15 ----

Module (noname) (*** hidden *** ) B8E78000-B8E8F000 (94208 bytes)

---- Files - GMER 1.0.15 ----

File C:\WINDOWS\$NtUninstallKB12677$\2470683334 0 bytes
File C:\WINDOWS\$NtUninstallKB12677$\2470683334\@ 2048 bytes
File C:\WINDOWS\$NtUninstallKB12677$\2470683334\bckfg.tmp 851 bytes
File C:\WINDOWS\$NtUninstallKB12677$\2470683334\cfg.ini 185 bytes
File C:\WINDOWS\$NtUninstallKB12677$\2470683334\Desktop.ini 4608 bytes
File C:\WINDOWS\$NtUninstallKB12677$\2470683334\keywords 153 bytes
File C:\WINDOWS\$NtUninstallKB12677$\2470683334\kwrd.dll 223744 bytes
File C:\WINDOWS\$NtUninstallKB12677$\2470683334\L 0 bytes
File C:\WINDOWS\$NtUninstallKB12677$\2470683334\L\mzayzxgd 57600 bytes
File C:\WINDOWS\$NtUninstallKB12677$\2470683334\U 0 bytes
File C:\WINDOWS\$NtUninstallKB12677$\2470683334\U\00000001.@ 2048 bytes
File C:\WINDOWS\$NtUninstallKB12677$\2470683334\U\00000002.@ 224768 bytes
File C:\WINDOWS\$NtUninstallKB12677$\2470683334\U\00000004.@ 1024 bytes
File C:\WINDOWS\$NtUninstallKB12677$\2470683334\U\80000000.@ 1024 bytes
File C:\WINDOWS\$NtUninstallKB12677$\2470683334\U\80000004.@ 12800 bytes
File C:\WINDOWS\$NtUninstallKB12677$\2470683334\U\80000032.@ 98304 bytes
File C:\WINDOWS\$NtUninstallKB12677$\2613830294 0 bytes

---- EOF - GMER 1.0.15 ----

DDS:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
Run by Owner at 10:27:58 on 2011-12-11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.778 [GMT -6:00]
.
AV: avast! antivirus 4.8.1368 [VPS 111104-0] *Enabled/Outdated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Tablet\Pen\Pen_TouchService.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\PROGRA~1\PHAROS~1\Core\CTskMstr.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
c:\program files\real\realplayer\RealPlay.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MX6931
uStart Page = about:blank
uInternet Connection Wizard,ShellNext = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MX6931
mSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MX6931
uURLSearchHooks: TVersitybar Toolbar: {66bd2442-241b-44cd-8c7a-b51037053cdb} - c:\program files\tversitybar\prxtbTVe0.dll
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 10\SnagitBHO.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: TVersitybar Toolbar: {66bd2442-241b-44cd-8c7a-b51037053cdb} - c:\program files\tversitybar\prxtbTVe0.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: 100% Free Chess Toolbar Helper: {ae4f4014-3bf4-4ceb-b46c-3730a2340c4e} - c:\program files\100% free chess toolbar\v3.3.0.1\100%_Free_Chess_Toolbar.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTo0.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTo0.dll
TB: 100% Free Chess Toolbar: {6f4f95af-1647-4b72-a632-055405455423} - c:\program files\100% free chess toolbar\v3.3.0.1\100%_Free_Chess_Toolbar.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll
TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 10\SnagitIEAddin.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: TVersitybar Toolbar: {66bd2442-241b-44cd-8c7a-b51037053cdb} - c:\program files\tversitybar\prxtbTVe0.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {00000000-0000-0000-0000-000000000000} - No File
uRun: [Power2GoExpress] NA
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [ISUSPM] "c:\documents and settings\all users\application data\flexnet\connect\11\ISUSPM.exe" -scheduler
uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [DAEMON Tools Pro Agent] "c:\program files\daemon tools pro\DTAgent.exe" -autorun
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Reminder] %WINDIR%\Creator\Remind_XP.exe
mRun: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [<NO NAME>]
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"
mRun: [Adobe_ID0ENQBO] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [Nuance PDF Reader-reminder] "c:\program files\nuance\pdf reader\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\nuance\pdf reader\ereg\Ereg.ini"
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
dRunOnce: [RunNarrator] Narrator.exe
IE: Append to existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert link target to existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
LSP: mswsock.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{03E47951-7AE1-4389-BDE9-F42DA796A356} : DhcpNameServer = 192.168.1.254
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner.your-daa99072cb\application data\mozilla\firefox\profiles\1eq002ss.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2548838&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - TVersitybar Customized Web Search
FF - prefs.js: browser.startup.homepage - about:blank
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2548838&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\owner.your-daa99072cb\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\adobe\acrobat 9.0\acrobat\air\nppdf32.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\nuance\pdf reader\bin\nppdf.dll
FF - plugin: c:\program files\nuance\pdf reader\bin\nppdf.dll
FF - plugin: c:\program files\tabletplugins\npwacom.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2011-2-4 114768]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-9-10 233024]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-2-4 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2011-2-4 138680]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-4-11 366152]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 TabletServicePen;TabletServicePen;c:\program files\tablet\pen\Pen_Tablet.exe [2011-2-10 6076272]
R2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\tablet\pen\Pen_TouchService.exe [2011-2-10 616816]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2011-2-4 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2011-2-4 352920]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-4-11 22216]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-9-8 136176]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 284016]
S3 Andbus;LGE Android Composite USB Device;c:\windows\system32\drivers\lgandbus.sys [2011-9-4 14336]
S3 AndDiag;LGE Android USB Serial Port;c:\windows\system32\drivers\lganddiag.sys [2011-9-4 20864]
S3 AndGps;LGE Android USB GPS NMEA Port;c:\windows\system32\drivers\lgandgps.sys [2011-9-4 19968]
S3 ANDModem;LGE Android USB Modem;c:\windows\system32\drivers\lgandmodem.sys [2011-9-4 24960]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-9-8 136176]
.
=============== Created Last 30 ================
.
2011-12-11 16:18:00 388096 ----a-r- c:\documents and settings\owner.your-daa99072cb\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-12-11 16:17:58 -------- d-----w- c:\program files\Trend Micro
2011-12-04 07:41:29 -------- d-----w- c:\program files\Linkrealms
2011-11-30 01:47:57 -------- d-----w- c:\documents and settings\owner.your-daa99072cb\application data\Unity
2011-11-30 01:12:27 -------- d-----w- c:\documents and settings\owner.your-daa99072cb\local settings\application data\Unity
2011-11-18 23:11:35 -------- d-----w- c:\documents and settings\owner.your-daa99072cb\application data\AVS4YOU
2011-11-18 23:09:28 11137024 ----a-w- c:\windows\system32\libmfxsw32.dll
2011-11-18 23:09:12 -------- d-----w- c:\program files\common files\AVSMedia
2011-11-18 23:08:43 24576 ----a-w- c:\windows\system32\msxml3a.dll
2011-11-18 23:08:43 -------- d-----w- c:\program files\AVS4YOU
2011-11-18 23:08:43 -------- d-----w- c:\documents and settings\all users\application data\AVS4YOU
.
==================== Find3M ====================
.
2011-10-29 02:45:53 1909192 ----a-w- C:\mirc722.exe
2011-10-28 02:58:20 410744 ----a-w- C:\hamsterfreevideoconverter.exe
2011-09-27 23:50:20 303104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpcpp107.dll
.
============= FINISH: 10:34:46.79 ===============


Attach:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/7/2009 5:30:19 PM
System Uptime: 12/10/2011 5:10:26 PM (17 hours ago)
.
Motherboard: Gateway | | MX6931
Processor: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz | uFCPGA2 | 981/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 143 GiB total, 10.631 GiB free.
D: is FIXED (FAT32) - 6 GiB total, 2.745 GiB free.
E: is CDROM ()
F: is CDROM (CDFS)
G: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) PRO/Wireless 3945ABG Network Connection
Device ID: PCI\VEN_8086&DEV_4222&SUBSYS_10008086&REV_02\4&20975680&0&00E1
Manufacturer: Intel Corporation
Name: Intel(R) PRO/Wireless 3945ABG Network Connection
PNP Device ID: PCI\VEN_8086&DEV_4222&SUBSYS_10008086&REV_02\4&20975680&0&00E1
Service: w39n51
.
==== System Restore Points ===================
.
RP125: 9/12/2011 10:11:10 PM - System Checkpoint
RP126: 9/14/2011 1:52:15 PM - System Checkpoint
RP127: 9/16/2011 9:25:36 AM - System Checkpoint
RP128: 9/17/2011 5:18:16 PM - System Checkpoint
RP129: 9/18/2011 5:48:37 PM - System Checkpoint
RP130: 9/19/2011 7:09:30 PM - System Checkpoint
RP131: 9/20/2011 7:44:42 PM - System Checkpoint
RP132: 9/22/2011 6:54:38 AM - System Checkpoint
RP133: 9/23/2011 9:13:58 AM - System Checkpoint
RP134: 9/24/2011 11:32:20 AM - System Checkpoint
RP135: 9/25/2011 12:19:11 PM - System Checkpoint
RP136: 9/26/2011 1:12:26 PM - System Checkpoint
RP137: 9/27/2011 4:00:24 PM - System Checkpoint
RP138: 9/27/2011 6:50:32 PM - Printer Driver HP Universal Printing PS Installed
RP139: 9/28/2011 7:46:33 PM - System Checkpoint
RP140: 9/30/2011 9:16:43 PM - System Checkpoint
RP141: 10/1/2011 9:27:41 PM - System Checkpoint
RP142: 10/3/2011 1:23:42 AM - System Checkpoint
RP143: 10/4/2011 2:18:38 PM - System Checkpoint
RP144: 10/5/2011 3:05:45 PM - System Checkpoint
RP145: 10/7/2011 9:15:05 AM - System Checkpoint
RP146: 10/8/2011 12:20:16 PM - System Checkpoint
RP147: 10/9/2011 12:24:01 PM - System Checkpoint
RP148: 10/10/2011 4:21:44 PM - System Checkpoint
RP149: 10/10/2011 5:45:53 PM - Installed Microsoft Office Word Viewer 2003
RP150: 10/11/2011 6:21:20 PM - System Checkpoint
RP151: 10/12/2011 6:28:50 PM - System Checkpoint
RP152: 10/13/2011 8:52:00 PM - System Checkpoint
RP153: 10/15/2011 1:42:18 PM - System Checkpoint
RP154: 10/16/2011 2:34:00 PM - System Checkpoint
RP155: 10/17/2011 9:31:15 PM - System Checkpoint
RP156: 10/19/2011 12:08:55 PM - System Checkpoint
RP157: 10/20/2011 9:29:20 PM - System Checkpoint
RP158: 10/21/2011 9:59:04 PM - System Checkpoint
RP159: 10/22/2011 10:43:59 PM - System Checkpoint
RP160: 10/23/2011 11:11:13 PM - System Checkpoint
RP161: 10/25/2011 6:34:09 AM - System Checkpoint
RP162: 10/26/2011 6:44:20 PM - System Checkpoint
RP163: 10/27/2011 7:42:12 PM - System Checkpoint
RP164: 10/28/2011 8:09:01 PM - System Checkpoint
RP165: 10/29/2011 8:57:47 PM - System Checkpoint
RP166: 10/31/2011 7:32:20 AM - System Checkpoint
RP167: 11/1/2011 3:40:33 PM - System Checkpoint
RP168: 11/2/2011 6:08:02 PM - System Checkpoint
RP169: 11/4/2011 7:43:09 AM - System Checkpoint
RP170: 11/5/2011 11:57:06 AM - System Checkpoint
RP171: 11/6/2011 12:27:10 PM - System Checkpoint
RP172: 11/7/2011 8:13:55 PM - System Checkpoint
RP173: 11/8/2011 8:59:10 PM - System Checkpoint
RP174: 11/10/2011 7:11:51 AM - System Checkpoint
RP175: 11/11/2011 7:23:45 AM - System Checkpoint
RP176: 11/12/2011 9:38:10 AM - System Checkpoint
RP177: 11/13/2011 10:03:54 AM - System Checkpoint
RP178: 11/14/2011 10:50:30 AM - System Checkpoint
RP179: 11/15/2011 1:26:48 PM - System Checkpoint
RP180: 11/16/2011 6:44:16 PM - System Checkpoint
RP181: 11/17/2011 8:17:42 PM - System Checkpoint
RP182: 11/18/2011 8:36:01 PM - System Checkpoint
RP183: 11/19/2011 9:13:41 PM - System Checkpoint
RP184: 11/20/2011 9:39:51 PM - System Checkpoint
RP185: 11/22/2011 7:10:38 AM - System Checkpoint
RP186: 11/23/2011 7:11:07 AM - System Checkpoint
RP187: 11/24/2011 7:14:13 AM - System Checkpoint
RP188: 11/25/2011 4:53:27 PM - System Checkpoint
RP189: 11/26/2011 5:40:22 PM - System Checkpoint
RP190: 11/27/2011 5:40:49 PM - System Checkpoint
RP191: 11/28/2011 6:52:30 PM - System Checkpoint
RP192: 11/29/2011 10:18:58 PM - System Checkpoint
RP193: 12/1/2011 9:15:27 AM - System Checkpoint
RP194: 12/2/2011 9:42:47 AM - System Checkpoint
RP195: 12/3/2011 11:07:25 AM - System Checkpoint
RP196: 12/4/2011 12:01:27 PM - System Checkpoint
RP197: 12/5/2011 5:19:16 PM - System Checkpoint
RP198: 12/6/2011 5:24:30 PM - System Checkpoint
RP199: 12/7/2011 9:41:52 PM - System Checkpoint
RP200: 12/10/2011 7:25:05 PM - System Checkpoint
RP201: 12/11/2011 10:17:54 AM - Installed HiJackThis
.
==== Installed Programs ======================
.
µTorrent
100% Free Chess 7.30
100% Free Chess Toolbar
32 Bit HP CIO Components Installer
Acrobat.com
Adobe Acrobat 9 Pro - English, Français, Deutsch
Adobe Acrobat 9.4.6 - CPSID_83708
Adobe After Effects CS4
Adobe After Effects CS4 Presets
Adobe After Effects CS4 Third Party Content
Adobe AIR
Adobe Anchor Service CS4
Adobe Asset Services CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles AE CS4
Adobe Color Video Profiles CS CS4
Adobe Contribute CS4
Adobe Creative Suite 4 Master Collection
Adobe CS4 American English Speech Analysis Models
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Dreamweaver CS4
Adobe Drive CS4
Adobe Dynamiclink Support
Adobe Encore CS4
Adobe Encore CS4 Codecs
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Fireworks CS4
Adobe Flash CS4
Adobe Flash CS4 Extension - Flash Lite STI en
Adobe Flash CS4 STI-en
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Illustrator CS4
Adobe InDesign CS4
Adobe InDesign CS4 Application Feature Set Files (Roman)
Adobe InDesign CS4 Common Base Files
Adobe InDesign CS4 Icon Handler
Adobe Linguistics CS4
Adobe Media Encoder CS4
Adobe Media Encoder CS4 Additional Exporter
Adobe Media Encoder CS4 Dolby
Adobe Media Encoder CS4 Exporter
Adobe Media Encoder CS4 Importer
Adobe Media Player
Adobe MotionPicture Color Files CS4
Adobe OnLocation CS4
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Premiere Pro CS4
Adobe Premiere Pro CS4 Functional Content
Adobe Premiere Pro CS4 Third Party Content
Adobe Reader X (10.1.1)
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe SGM CS4
Adobe Shockwave Player 11.5
Adobe SING CS4
Adobe Soundbooth CS4
Adobe Soundbooth CS4 Codecs
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe Version Cue CS4 Server
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Apple Application Support
Apple Software Update
Ask Toolbar
avast! Antivirus
AviSynth 2.5
AVS Update Manager 1.0
AVS Video Converter 8
AVS4YOU Software Navigator 1.4
Bamboo
Bandisoft MPEG-1 Decoder
Big Fish Games: Game Manager
CamStudio
Chess Titans
Chessmaster Challenge
Civilization III
Connect
ConvertHelper 2.2
DAEMON Tools Pro
DivX Setup
Driver Detective
DVD Solution
DVDx 2
ffdshow [rev 2583] [2009-01-05]
FLV to MP4 Converter 2009.2.20
Foxit Reader
Google Chrome
Google Update Helper
Haali Media Splitter
High Definition Audio Driver Package - KB888111
HiJackThis
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 10 (KB910393)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB981793)
Intel Matrix Storage Manager
Intel(R) Graphics Media Accelerator Driver
Intel(R) PROSet/Wireless Software
J2SE Runtime Environment 5.0 Update 2
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 26
kuler
LG Android Driver
LG USB Modem Driver
Linkrealms version 1.0.3.41
Malwarebytes' Anti-Malware version 1.51.2.1300
mCore
mDriver
mDrWiFi
mHelp
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Money 2006
Microsoft Office Standard Edition 2003
Microsoft Office Word Viewer 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
mIRC
mIWA
mLogView
mMHouse
Motorola SM56 Data Fax Modem
Mozilla Firefox 7.0.1 (x86 en-US)
mPfMgr
mPfWiz
mProSafe
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser
mWlsSafe
mXML
mZConfig
Napster Burn Engine
Network Addon Mod Version 30 with Essentials r132
Nexon Game Manager
Nuance PDF Reader
OpenOffice.org 3.3
PDF Settings CS4
Pharos
Photoshop Camera Raw
Pixel Bender Toolkit
Pixel Mine Launcher 1.00
Power2Go 4.0
PowerDVD
QuickTime
RAR Password Cracker 4.12
RAR Password Unlocker 3.3.0.0
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Recovery Software Suite Gateway
Safari
SCRABBLE
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Segoe UI
SigmaTel Audio
SimCity 4 Deluxe
Snagit 10
Sonic Encoders
Sothink Video Converter
Suite Shared Configuration CS4
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
Tradewinds
TVersity Codec Pack 1.4
TVersity Media Server 1.9.3
TVersitybar Toolbar
Unity Web Player
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
uTorrentBar Toolbar
VC80CRTRedist - 8.0.50727.6195
VIDEOzilla v3.2
Viewpoint Media Player
Vindictus
VLC media player 1.1.7
WebFldrs XP
WebTablet IE Plugin
WebTablet Netscape Plugin
WildTangent Web Driver
Windows Backup Utility
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinRAR 4.00 beta 5 (32-bit)
WinX Free FLV to MPEG Converter 4.1.9
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
12/9/2011 9:59:44 PM, error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
12/9/2011 9:58:19 PM, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
12/10/2011 12:18:05 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: abp480n5 adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p asc3550 cbidf cd20xrnt CmdIde Cpqarray dac2w2k dac960nt dpti2o hpn i2omp ini910u IntelIde mraid35x perc2 perc2hib ql1080 Ql10wnt ql12160 ql1240 ql1280 sisagp Sparrow symc810 symc8xx sym_hi sym_u3 TosIde ultra viaagp ViaIde
12/10/2011 11:21:37 AM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer HOME-HP that believes that it is the master browser for the domain on transport NetBT_Tcpip_{03E47951-7AE1-4389-B. The master browser is stopping or an election is being forced.
12/10/2011 1:01:53 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
.
==== End Of File ===========================


Another post on this forum suggested to run aswMBR, so i did that too and it found a bunch of infections, but it says not to fix anything before posting on the forums, so do you want me to post it here? It mentioned Win32:Alureon-AOV, seems like a nasty thing. Sooo, whats up with me lappy?

2
Contributors
3
Replies
4
Views
5 Years
Discussion Span
Last Post by PhilliePhan
0

Another post on this forum suggested to run aswMBR, so i did that too and it found a bunch of infections, but it says not to fix anything before posting on the forums, so do you want me to post it here? It mentioned Win32:Alureon-AOV, seems like a nasty thing. Sooo, whats up with me lappy?

Sorry for the late reply - the holiday season is rough when there are not many active volunteers.

-- Yeah you've got a nasty one.
Please go ahead and post the aswMBR log.

I will try to check back as time permits.

Cheers :)
PP

0

You know what, I somehow had my Avast updates turned off, strange! Once I updated it, the program started screaming that there is a virus in the active memory or something, so I did a boot scan and it removed 8 files. One was in the hiberfil.sys, but I don't have that file, so I think it is ok. This time the aswMBR scan didn't find anything, here it is:

(also, no more ping.exe process!)


aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-12-12 18:47:58
-----------------------------
18:47:58.484 OS Version: Windows 5.1.2600 Service Pack 3
18:47:58.484 Number of processors: 2 586 0xF06
18:47:58.484 ComputerName: YOUR-DAA99072CB UserName: Owner
18:48:07.687 Initialize success
18:48:41.609 AVAST engine defs: 11121102
18:49:05.187 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
18:49:05.187 Disk 0 Vendor: ST916031 0303 Size: 152627MB BusType: 3
18:49:05.234 Disk 0 MBR read successfully
18:49:05.234 Disk 0 MBR scan
18:49:05.406 Disk 0 unknown MBR code
18:49:05.453 Disk 0 scanning sectors +312576705
18:49:05.906 Disk 0 scanning C:\WINDOWS\system32\drivers
18:50:24.187 Service scanning
18:50:32.031 Modules scanning
18:50:59.031 Disk 0 trace - called modules:
18:50:59.062 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll IASTOR.SYS
18:50:59.062 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a6d72a0]
18:50:59.062 3 CLASSPNP.SYS[ba168fd7] -> nt!IofCallDriver -> \Device\000000a3[0x8a6744a0]
18:50:59.062 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8a6f7030]
18:51:06.656 AVAST engine scan C:\WINDOWS
18:51:32.984 AVAST engine scan C:\WINDOWS\system32
18:57:04.750 AVAST engine scan C:\WINDOWS\system32\drivers
18:57:31.250 AVAST engine scan C:\Documents and Settings\Owner.YOUR-DAA99072CB
19:10:38.093 AVAST engine scan C:\Documents and Settings\All Users
19:12:33.703 Scan finished successfully
19:18:18.875 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner.YOUR-DAA99072CB\My Documents\Ashen empires\MBR.dat"
19:18:19.046 The log file has been saved successfully to "C:\Documents and Settings\Owner.YOUR-DAA99072CB\My Documents\Ashen empires\aswMBR_post avast update.txt"

0

You know what, I somehow had my Avast updates turned off, strange! Once I updated it, the program started screaming that there is a virus in the active memory or something, so I did a boot scan and it removed 8 files.

Glad to hear it!

You might want to post the Avast! log from that removal to make sure you got it all (or at least all that was shown in the earlier scanlogs).

Or, you could also follow the steps in the linky below to run combofix and post that log:

How To Use Combofix

Cheers :)
PP

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.