Member Avatar for abshake4u

Hello Helpers!

My Compaq M2000 laptop has been a victim of a very silly mistake done by me.

I've followed the steps given in the below link:

http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865/read-me-before-posting-a-request-for-assistance

following are the logs for your persual:

GMER One.log:

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-03-20 22:48:27
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 SAMSUNG_HM080IC rev.YK100-19
Running: GMER Rootkit Scanner.exe; Driver: C:\DOCUME~1\WINDOW~1\LOCALS~1\Temp\ugtdrpod.sys

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs FGUARD32.SYS (Folder Guard Kernel Driver/WinAbility® Software Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat FGUARD32.SYS (Folder Guard Kernel Driver/WinAbility® Software Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip pctfw1.sys (PC Tools TDI Driver/PC Tools)
AttachedDevice \Driver\Tcpip \Device\Tcp pctfw1.sys (PC Tools TDI Driver/PC Tools)
AttachedDevice \Driver\Tcpip \Device\Udp pctfw1.sys (PC Tools TDI Driver/PC Tools)
AttachedDevice \Driver\Tcpip \Device\RawIp pctfw1.sys (PC Tools TDI Driver/PC Tools)

---- EOF - GMER 1.0.15 ----

GMER Two.log

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-03-21 04:34:24
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 SAMSUNG_HM080IC rev.YK100-19
Running: GMER Rootkit Scanner.exe; Driver: C:\DOCUME~1\WINDOW~1\LOCALS~1\Temp\ugtdrpod.sys

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs FGUARD32.SYS (Folder Guard Kernel Driver/WinAbility® Software Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip pctfw1.sys (PC Tools TDI Driver/PC Tools)
AttachedDevice \Driver\Tcpip \Device\Tcp pctfw1.sys (PC Tools TDI Driver/PC Tools)
AttachedDevice \Driver\Tcpip \Device\Udp pctfw1.sys (PC Tools TDI Driver/PC Tools)
AttachedDevice \Driver\Tcpip \Device\RawIp pctfw1.sys (PC Tools TDI Driver/PC Tools)
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat FGUARD32.SYS (Folder Guard Kernel Driver/WinAbility® Software Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Classes\CLSID{076654f2-d289-4071-9086-4b9869ddc405}@Model 181
Reg HKLM\SOFTWARE\Classes\CLSID{076654f2-d289-4071-9086-4b9869ddc405}@Therad 2
Reg HKLM\SOFTWARE\Classes\CLSID{7B8E9164-324D-4A2E-A46D-0165FB2000EC}@scansk 0x08 0x9A 0x9F 0x96 ...

---- EOF - GMER 1.0.15 ----

**DDS.txt **

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Windows XP at 9:34:13 on 2012-03-21
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.667 [GMT 7:00]
.
FW: PC Tools Firewall Plus Enabled
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\Program Files\PC Tools Firewall Plus\FWService.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\WINABI~1\FOLDER~1\FGKEY.EXE
C:\Program Files\Simnet\Simple Sticky Notes\ssn.exe
C:\Documents and Settings\tazebama.dl_
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mWinlogon: SFCDisable=-99 (0xffffff9d)
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [Simple Sticky Notes] c:\program files\simnet\simple sticky notes\ssn.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [00PCTFW] "c:\program files\pc tools firewall plus\FirewallGUI.exe" -s
mRun: [FolderGuard] c:\progra~1\winabi~1\folder~1\FGKEY.EXE /CL
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
uPolicies-system: DisableTaskMgr = 1 (0x1)
uPolicies-system: DisableRegistryTools = 1 (0x1)
mPolicies-system: EnableLUA = 0 (0x0)
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249533074100
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {9b935470-ad4a-11d5-b63e-00c04faedb18}
DPF: {CAFECAFE-0013-0001-0017-ABCDEFABCDEF}
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: FolderGuard - c:\progra~1\winabi~1\folder~1\FGuard32.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
STS: FencesShlExt Class: {1984dd45-52cf-49cd-ab77-18f378fea264} - c:\program files\stardock\fences\FencesMenu.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\windows xp\application data\mozilla\firefox\profiles\luw6b6xw.default\
FF - prefs.js: browser.startup.homepage - hxxp://start.bramjnet.com/vb/
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension for Firefox: {B13721C7-F507-4982-B2E5-502A71474FED} - c:\program files\mozilla firefox\extensions{B13721C7-F507-4982-B2E5-502A71474FED}
.
============= SERVICES / DRIVERS ===============
.
R1 pctfw1;pctfw1;c:\windows\system32\drivers\pctfw1.sys [2004-7-1 100448]
R2 FGUARD32;FGUARD32;c:\program files\winability\folder guard nt\FGuard32.sys [2004-7-1 77072]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-3-21 652360]
R2 PCToolsFirewallPlus;PC Tools Firewall Plus;c:\program files\pc tools firewall plus\FWService.exe [2004-7-1 792120]
R3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\nqnjjn.sys --> c:\windows\system32\drivers\nqnjjn.sys [?]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-3-21 20464]
S0 hptpro;hptpro;c:\windows\system32\drivers\hptpro.sys [2009-8-6 9809]
.
=============== Created Last 30 ================
.
2012-03-21 02:30:17 155251 --sh--r- C:\zPharaoh.exe
2012-03-21 02:28:14 -------- d-----w- c:\windows\system32\MpEngineStore
2012-03-20 21:37:29 -------- d-----w- c:\documents and settings\windows xp\application data\Malwarebytes
2012-03-20 21:36:56 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-03-20 21:36:55 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-20 21:36:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-03-20 14:29:58 -------- d-----w- C:\7bafdab94033acb9be32f7d4
2012-03-20 01:59:32 -------- d-----w- c:\program files\Symantec
2012-03-20 01:59:32 -------- d-----w- c:\program files\common files\Symantec Shared
2012-03-20 01:59:32 -------- d-----w- c:\documents and settings\all users\application data\Symantec
2012-03-19 14:10:53 -------- d-----w- c:\documents and settings\windows xp\application data\tazebama
2012-03-19 10:32:17 -------- d-----w- c:\documents and settings\windows xp\application data\uTorrent
2012-03-19 05:54:54 -------- d-----w- c:\windows\system32\appmgmt
2012-03-19 05:54:50 -------- d-----w- c:\program files\Simnet
2012-03-19 05:46:38 -------- d-----w- c:\documents and settings\windows xp\application data\Desktop Sidebar
2012-03-19 05:27:48 -------- d-----w- c:\documents and settings\windows xp\application data\Stardock
2012-03-19 05:27:42 -------- dc-h--w- c:\documents and settings\all users\application data{A87EB928-0C6C-4071-AEF1-59E32BAEDF1B}
2012-03-19 05:27:41 -------- d-----w- c:\program files\Stardock
2012-03-19 05:07:09 -------- d-----w- c:\windows\system32\XPSViewer
2012-03-19 05:06:34 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2012-03-19 05:06:07 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2012-03-19 05:06:07 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2012-03-19 05:06:07 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2012-03-19 05:06:07 117760 ------w- c:\windows\system32\prntvpt.dll
2012-03-19 05:06:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2012-03-19 05:06:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2012-03-19 05:06:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2012-03-19 05:06:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2012-03-19 05:06:06 -------- d-----w- C:\218e1da7eb7262266406
2012-03-19 05:01:51 -------- d-----w- c:\documents and settings\windows xp\local settings\application data\PackageAware
2012-03-18 02:08:49 -------- d-----w- c:\windows\system32\LogFiles
2012-03-18 02:07:12 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2012-03-18 02:07:12 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2012-03-18 02:06:52 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2012-03-18 01:55:57 26624 ----a-r- c:\windows\system32\GsiDi32.dll
2012-03-18 01:45:30 -------- d-----w- c:\documents and settings\windows xp\local settings\application data\Help
2012-03-18 01:35:19 -------- d-----w- c:\program files\CCleaner
2012-03-18 01:32:13 86094 ----a-w- c:\windows\system32\ImageDrive.cpl
2012-03-18 01:31:20 5504 ------w- c:\windows\system32\drivers\imagedrv.sys
2012-03-18 01:31:20 125184 ------w- c:\windows\system32\drivers\imagesrv.sys
2012-03-18 01:31:01 476320 ------w- c:\windows\system32\ImagXpr7.dll
2012-03-18 01:31:01 471040 ------w- c:\windows\system32\ImagXRA7.dll
2012-03-18 01:31:01 262144 ------w- c:\windows\system32\ImagXR7.dll
2012-03-18 01:31:01 1568768 ------w- c:\windows\system32\ImagX7.dll
2012-03-18 01:31:01 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2012-03-18 01:31:01 106496 ----a-w- c:\windows\system32\TwnLib20.dll
.
==================== Find3M ====================
.
2012-03-20 11:07:48 225647 ----a-w- c:\windows\system32\notepad.exe
2012-03-19 14:16:49 1735023 ----a-w- c:\windows\system32\spider.exe
2012-03-19 14:16:48 548719 ----a-w- c:\windows\system32\winmine.exe
2012-03-19 14:16:48 484207 ----a-w- c:\windows\system32\freecell.exe
2012-03-19 14:16:48 285551 ----a-w- c:\windows\system32\mshearts.exe
2012-03-19 14:16:42 201583 ----a-w- c:\windows\system32\odbcad32.exe
2012-03-19 14:16:41 238447 ----a-w- c:\windows\system32\charmap.exe
2012-03-19 14:16:41 2151279 ----a-w- c:\windows\system32\ntbackup.exe
2012-03-19 14:16:39 295791 ----a-w- c:\windows\system32\sndvol32.exe
2012-03-19 14:16:38 337263 ----a-w- c:\windows\system32\sndrec32.exe
2012-03-19 14:16:35 831343 ----a-w- c:\windows\system32\mstsc.exe
2012-03-19 14:16:35 557423 ----a-w- c:\windows\system32\mspaint.exe
2012-03-19 14:16:35 277871 ----a-w- c:\windows\system32\calc.exe
2012-03-19 14:15:57 373615 ----a-w- c:\windows\system32\osk.exe
2012-03-19 14:15:56 212335 ----a-w- c:\windows\system32\narrator.exe
2012-03-19 14:15:55 215919 ----a-w- c:\windows\system32\magnify.exe
2012-03-19 14:15:53 1011567 ----a-w- c:\windows\system32\mobsync.exe
2012-03-19 14:15:48 572271 ----a-w- c:\windows\system32\cmd.exe
2012-03-19 14:15:08 351087 ----a-w- c:\windows\pchealth\helpctr\binaries\msconfig.exe
2012-03-19 14:11:05 920943 ----a-w- c:\windows\pchealth\helpctr\binaries\HelpCtr.exe
.
============= FINISH: 9:34:43.79 ===============

** DDS Attach.txt**

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/1/2004 12:05:58 AM
System Uptime: 3/21/2012 9:28:59 AM (0 hours ago)
.
Motherboard: Quanta | | 3090
Processor: Intel(R) Pentium(R) M processor 1.60GHz | U1 | 1197/400mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 20 GiB total, 10.325 GiB free.
D: is FIXED (NTFS) - 29 GiB total, 4.361 GiB free.
E: is FIXED (NTFS) - 26 GiB total, 7.01 GiB free.
F: is CDROM ()
G: is CDROM ()
H: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Realtek RTL8139/810x Family Fast Ethernet NIC
Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_3080103C&REV_10\4&1636C719&0&00F0
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek RTL8139/810x Family Fast Ethernet NIC
PNP Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_3080103C&REV_10\4&1636C719&0&00F0
Service: RTL8023xp
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Broadcom 802.11b/g WLAN
Device ID: PCI\VEN_14E4&DEV_4318&SUBSYS_1356103C&REV_02\4&1636C719&0&30F0
Manufacturer: Broadcom
Name: Broadcom 802.11b/g WLAN #2
PNP Device ID: PCI\VEN_14E4&DEV_4318&SUBSYS_1356103C&REV_02\4&1636C719&0&30F0
Service: BCM43XX
.
Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia 5230
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia 5230
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd
.
==== System Restore Points ===================
.
RP1: 3/19/2012 12:00:36 PM - System Checkpoint
RP2: 3/19/2012 12:01:06 PM - 19032012
RP3: 3/19/2012 12:02:02 PM - Installed Desktop Sidebar
RP4: 3/19/2012 12:06:16 PM - Installed Windows KB954550-v5.
RP5: 3/19/2012 12:06:27 PM - Printer Driver Microsoft XPS Document Writer Installed
RP6: 3/19/2012 12:06:39 PM - Printer Driver Microsoft XPS Document Writer Installed
RP7: 3/19/2012 12:54:07 PM - Removed Desktop Sidebar
RP8: 3/20/2012 9:02:06 AM - Installed Symantec Endpoint Protection.
RP9: 3/20/2012 9:21:38 AM - Installed Symantec Endpoint Protection.
RP10: 3/20/2012 6:18:31 PM - Installed Symantec Endpoint Protection.
RP11: 3/21/2012 9:33:52 AM - Installed Symantec Endpoint Protection.
.
==== Installed Programs ======================
.
Adobe Acrobat 8 Professional - English, Français, Deutsch
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
CCleaner
Conexant AC-Link Audio
Critical Update for Windows Media Player 11 (KB959772)
Fences
Folder Guard
Foxit Reader
Google Talk (remove only)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Java(TM) 6 Update 7
K-Lite Codec Pack 5.0.0 (Full)
Malwarebytes Anti-Malware version 1.60.1.1000
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.5
Motorola SM56 Speakerphone Modem
Mozilla Firefox (3.5.2)
MSVC80_x86
Nero 6 Enterprise Edition
Nokia Connectivity Cable Driver
Nokia PC Suite
Oracle JInitiator 1.1.8.16
Oracle JInitiator 1.3.1.17
PC Connectivity Solution
PC Tools Firewall Plus 2.0
Real Alternative 1.9.0
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB973346)
Simple Sticky Notes Version 1.4.6.1
Skype™ 4.0
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
VLC media player 1.0.0-rc1
WebFldrs XP
Winamp
Windows Driver Package - Nokia Modem (02/23/2009 7.01.0.2)
Windows Driver Package - Nokia Modem (02/24/2009 4.0)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
3/21/2012 9:30:15 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PCIIde
3/21/2012 9:30:00 AM, error: Sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
3/21/2012 9:30:00 AM, error: Sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
3/20/2012 9:49:36 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
3/20/2012 9:00:00 AM, error: Schedule [7901] - The At2.job command failed to start due to the following error: %%2147942402
3/20/2012 9:00:00 AM, error: Schedule [7901] - The At1.job command failed to start due to the following error: %%2147942402
3/20/2012 10:47:03 PM, error: System Error [1003] - Error code 100000d1, parameter1 0000000c, parameter2 00000005, parameter3 00000001, parameter4 f73d95f7.
3/19/2012 12:27:15 PM, error: PSched [14103] - QoS [Adapter NDISWANIP]: The netcard driver failed the query for OID_GEN_LINK_SPEED.
3/18/2012 9:04:06 AM, error: DCOM [10005] - DCOM got error "84" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/18/2012 9:03:43 AM, error: DCOM [10005] - DCOM got error "84" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
3/18/2012 9:02:56 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT pctfw1 RasAcd Rdbss Tcpip
3/18/2012 9:02:56 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
3/18/2012 9:02:56 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/18/2012 9:02:56 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/18/2012 9:02:56 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
.
==== End Of File ===========================

Please helpers.

The Kid!

  • 2 Contributors
  • 2 Replies
  • 307 Views
  • 16 Hours Discussion Span
  • Latest Post Latest Post by gALENA

Recommended Answers

All 2 Replies

Member Avatar for gALENA

I ones had it and removed it using Avast antivirus, provided you won't mind lossing some of you files especiall, especially saved webpages.

..!

Member Avatar for gALENA

...also repair your XP installation, if you succeded as some files might be deleted by this Worm !

Good Luck.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.