Jump to content
Sign in to follow this  
isiswisdom

Was told to come here I think my computer has been jacked!

Recommended Posts

Greetings,

I was instructed to come here and post these logs. I was in another forum I did the malwarebytes run and now I'm posting here from running a different program called DDS as instructed from another tech. Bottom line my computer's Antivirus (AVG) does not work. Chrome and firefox had to be uninstalled and I can't even use any flash plugins from Adobe. My computer shuts down the browsers constantly crash it claims there is no memory. I uninstalled every programmed I instaleld in the year 2013 the only browser that is working now is explorer will see how long that lasts. Need assistance very frustrating. Here is the log from DDS both notepad version and attached are posted here thank you.

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows XP ProfessionalBoot Device: DeviceHarddiskVolume1Install Date: 6/10/2010 6:05:32 PMSystem Uptime: 6/28/2013 5:30:46 PM (3 hours ago).Motherboard: Dell Inc. | | 0G5611Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/800mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 37 GiB total, 8.478 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP768: 6/9/2013 11:45:34 PM - System CheckpointRP769: 6/11/2013 3:38:18 AM - System CheckpointRP770: 6/12/2013 4:56:07 AM - System CheckpointRP771: 6/13/2013 3:00:25 AM - Software Distribution Service 3.0RP772: 6/14/2013 3:39:38 AM - System CheckpointRP773: 6/15/2013 4:39:11 AM - System CheckpointRP774: 6/16/2013 7:15:22 AM - System CheckpointRP775: 6/17/2013 8:51:14 AM - System CheckpointRP776: 6/17/2013 6:21:41 PM - Removed AVG 2013RP777: 6/17/2013 6:23:13 PM - Removed AVG 2013RP778: 6/17/2013 6:48:03 PM - Installed AVG 2013RP779: 6/17/2013 6:48:54 PM - Installed AVG 2013RP780: 6/18/2013 8:33:32 PM - System CheckpointRP781: 6/19/2013 10:25:50 PM - System CheckpointRP782: 6/20/2013 7:43:52 AM - Removed Adobe Reader XI (11.0.03).RP783: 6/20/2013 5:25:42 PM - Removed Microsoft SilverlightRP784: 6/20/2013 5:26:44 PM - Removed LG United Mobile Drivers.RP785: 6/21/2013 6:13:59 PM - System CheckpointRP786: 6/22/2013 10:44:53 PM - System CheckpointRP787: 6/23/2013 8:19:20 AM - Removed IObit Apps Toolbar v7.2.RP788: 6/24/2013 9:21:24 PM - System CheckpointRP789: 6/25/2013 9:26:05 PM - System CheckpointRP790: 6/27/2013 9:02:14 AM - System Checkpoint.==== Installed Programs ======================.Apple Software UpdateiTunesMalwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 2.0 Service Pack 2Microsoft Office Single Image 2010MotoHelper 2.1.32 Driver 5.4.0Motorola Mobile Drivers Installation 5.4.0Security Update for Windows Internet Explorer 8 (KB2817183)Security Update for Windows Internet Explorer 8 (KB2829530)Security Update for Windows Internet Explorer 8 (KB2838727)Security Update for Windows Internet Explorer 8 (KB2847204)Seesmic Desktop 2Windows Management Framework Core.==== Event Viewer Messages From Past Week ========.6/28/2013 6:53:16 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service ntmssvc with arguments "-Service" in order to run the server: {D61A27C6-8F53-11D0-BFA0-00A024151983}6/28/2013 6:42:23 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}6/28/2013 6:18:01 AM, error: PlugPlayManager [11] - The device RootLEGACY_AVGTP0000 disappeared from the system without first being prepared for removal.6/28/2013 6:18:01 AM, error: PlugPlayManager [11] - The device RootLEGACY_AVGTDIX0000 disappeared from the system without first being prepared for removal.6/28/2013 6:18:01 AM, error: PlugPlayManager [11] - The device RootLEGACY_AVGLOGX0000 disappeared from the system without first being prepared for removal.6/28/2013 6:18:01 AM, error: PlugPlayManager [11] - The device RootLEGACY_AVGLDX860000 disappeared from the system without first being prepared for removal.6/28/2013 6:18:01 AM, error: PlugPlayManager [11] - The device RootLEGACY_AVGIDSSHIM0000 disappeared from the system without first being prepared for removal.6/28/2013 6:18:01 AM, error: PlugPlayManager [11] - The device RootLEGACY_AVGIDSHX0000 disappeared from the system without first being prepared for removal.6/28/2013 6:18:01 AM, error: PlugPlayManager [11] - The device RootLEGACY_AVGIDSDRIVER0000 disappeared from the system without first being prepared for removal.6/28/2013 6:08:55 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AVGIDSDriver AVGIDSShim Avgldx86 Avgtdix Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip6/28/2013 6:08:55 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.6/28/2013 6:08:55 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.6/28/2013 6:08:55 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.6/28/2013 6:08:55 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.6/28/2013 6:08:55 AM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.6/28/2013 6:08:55 AM, error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.6/28/2013 6:08:27 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}6/28/2013 6:08:22 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}6/28/2013 12:07:27 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx86 IntelIde6/25/2013 9:46:23 PM, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.6/24/2013 7:24:39 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.6/24/2013 7:19:42 PM, error: Service Control Manager [7024] - The AVGIDSAgent service terminated with service-specific error 3758213659 (0xE001CA1B).6/24/2013 2:58:47 AM, error: Service Control Manager [7009] - Timeout (120000 milliseconds) waiting for the vToolbarUpdater15.2.0 service to connect.6/24/2013 2:58:47 AM, error: Service Control Manager [7000] - The vToolbarUpdater15.2.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.6/24/2013 10:51:18 AM, error: Service Control Manager [7031] - The AVG WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.6/24/2013 10:41:26 PM, error: Service Control Manager [7031] - The AVG WatchDog service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.6/23/2013 9:23:49 AM, error: Service Control Manager [7000] - The AVG AVI Loader Driver service failed to start due to the following error: %%37581985326/22/2013 9:32:44 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx866/22/2013 9:32:36 PM, error: Service Control Manager [7024] - The AVGIDSAgent service terminated with service-specific error 3758162040 (0xE0010078).6/22/2013 12:59:26 AM, error: Dhcp [1002] - The IP address lease 192.168.1.64 for the Network Card with network address 000F1FD92C83 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).6/21/2013 9:59:01 PM, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.6/21/2013 4:09:12 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.6/21/2013 10:27:34 PM, error: Service Control Manager [7034] - The Advanced SystemCare Service 6 service terminated unexpectedly. It has done this 1 time(s)..==== End Of File ===========================

 

 

The attached log copied and pasted here:

.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows XP ProfessionalBoot Device: DeviceHarddiskVolume1Install Date: 6/10/2010 6:05:32 PMSystem Uptime: 6/28/2013 5:30:46 PM (3 hours ago).Motherboard: Dell Inc. | | 0G5611Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/800mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 37 GiB total, 8.478 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP768: 6/9/2013 11:45:34 PM - System CheckpointRP769: 6/11/2013 3:38:18 AM - System CheckpointRP770: 6/12/2013 4:56:07 AM - System CheckpointRP771: 6/13/2013 3:00:25 AM - Software Distribution Service 3.0RP772: 6/14/2013 3:39:38 AM - System CheckpointRP773: 6/15/2013 4:39:11 AM - System CheckpointRP774: 6/16/2013 7:15:22 AM - System CheckpointRP775: 6/17/2013 8:51:14 AM - System CheckpointRP776: 6/17/2013 6:21:41 PM - Removed AVG 2013RP777: 6/17/2013 6:23:13 PM - Removed AVG 2013RP778: 6/17/2013 6:48:03 PM - Installed AVG 2013RP779: 6/17/2013 6:48:54 PM - Installed AVG 2013RP780: 6/18/2013 8:33:32 PM - System CheckpointRP781: 6/19/2013 10:25:50 PM - System CheckpointRP782: 6/20/2013 7:43:52 AM - Removed Adobe Reader XI (11.0.03).RP783: 6/20/2013 5:25:42 PM - Removed Microsoft SilverlightRP784: 6/20/2013 5:26:44 PM - Removed LG United Mobile Drivers.RP785: 6/21/2013 6:13:59 PM - System CheckpointRP786: 6/22/2013 10:44:53 PM - System CheckpointRP787: 6/23/2013 8:19:20 AM - Removed IObit Apps Toolbar v7.2.RP788: 6/24/2013 9:21:24 PM - System CheckpointRP789: 6/25/2013 9:26:05 PM - System CheckpointRP790: 6/27/2013 9:02:14 AM - System Checkpoint.==== Installed Programs ======================.Apple Software UpdateiTunesMalwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 2.0 Service Pack 2Microsoft Office Single Image 2010MotoHelper 2.1.32 Driver 5.4.0Motorola Mobile Drivers Installation 5.4.0Security Update for Windows Internet Explorer 8 (KB2817183)Security Update for Windows Internet Explorer 8 (KB2829530)Security Update for Windows Internet Explorer 8 (KB2838727)Security Update for Windows Internet Explorer 8 (KB2847204)Seesmic Desktop 2Windows Management Framework Core.==== Event Viewer Messages From Past Week ========.6/28/2013 6:53:16 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service ntmssvc with arguments "-Service" in order to run the server: {D61A27C6-8F53-11D0-BFA0-00A024151983}6/28/2013 6:42:23 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}6/28/2013 6:18:01 AM, error: PlugPlayManager [11] - The device RootLEGACY_AVGTP0000 disappeared from the system without first being prepared for removal.6/28/2013 6:18:01 AM, error: PlugPlayManager [11] - The device RootLEGACY_AVGTDIX0000 disappeared from the system without first being prepared for removal.6/28/2013 6:18:01 AM, error: PlugPlayManager [11] - The device RootLEGACY_AVGLOGX0000 disappeared from the system without first being prepared for removal.6/28/2013 6:18:01 AM, error: PlugPlayManager [11] - The device RootLEGACY_AVGLDX860000 disappeared from the system without first being prepared for removal.6/28/2013 6:18:01 AM, error: PlugPlayManager [11] - The device RootLEGACY_AVGIDSSHIM0000 disappeared from the system without first being prepared for removal.6/28/2013 6:18:01 AM, error: PlugPlayManager [11] - The device RootLEGACY_AVGIDSHX0000 disappeared from the system without first being prepared for removal.6/28/2013 6:18:01 AM, error: PlugPlayManager [11] - The device RootLEGACY_AVGIDSDRIVER0000 disappeared from the system without first being prepared for removal.6/28/2013 6:08:55 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AVGIDSDriver AVGIDSShim Avgldx86 Avgtdix Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip6/28/2013 6:08:55 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.6/28/2013 6:08:55 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.6/28/2013 6:08:55 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.6/28/2013 6:08:55 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.6/28/2013 6:08:55 AM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.6/28/2013 6:08:55 AM, error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.6/28/2013 6:08:27 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}6/28/2013 6:08:22 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}6/28/2013 12:07:27 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx86 IntelIde6/25/2013 9:46:23 PM, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.6/24/2013 7:24:39 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.6/24/2013 7:19:42 PM, error: Service Control Manager [7024] - The AVGIDSAgent service terminated with service-specific error 3758213659 (0xE001CA1B).6/24/2013 2:58:47 AM, error: Service Control Manager [7009] - Timeout (120000 milliseconds) waiting for the vToolbarUpdater15.2.0 service to connect.6/24/2013 2:58:47 AM, error: Service Control Manager [7000] - The vToolbarUpdater15.2.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.6/24/2013 10:51:18 AM, error: Service Control Manager [7031] - The AVG WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.6/24/2013 10:41:26 PM, error: Service Control Manager [7031] - The AVG WatchDog service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.6/23/2013 9:23:49 AM, error: Service Control Manager [7000] - The AVG AVI Loader Driver service failed to start due to the following error: %%37581985326/22/2013 9:32:44 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx866/22/2013 9:32:36 PM, error: Service Control Manager [7024] - The AVGIDSAgent service terminated with service-specific error 3758162040 (0xE0010078).6/22/2013 12:59:26 AM, error: Dhcp [1002] - The IP address lease 192.168.1.64 for the Network Card with network address 000F1FD92C83 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).6/21/2013 9:59:01 PM, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.6/21/2013 4:09:12 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.6/21/2013 10:27:34 PM, error: Service Control Manager [7034] - The Advanced SystemCare Service 6 service terminated unexpectedly. It has done this 1 time(s)..==== End Of File ===========================

Share this post


Link to post
Share on other sites

Hi isiswisdom,

:wp:

My name is Tomk. I would be glad to take a look at your log and help you with solving any malware problems. Logs can take a while to research, so please be patient and I'd be grateful if you would note the following:

  • [*]I will be working on your Malware issues, this may or may not, solve other issues you have with your machine. [*]The fixes are specific to
your problem and should only be used for the issues on this machine. [*]Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear. [*]It's often worth reading through these instructions and printing them for ease of reference. [*]If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry. [*]Please reply to this thread. Do not start a new topic.

 

 

Unfortunately you accidently posted the attach.txt twice. I need you to post the DDS.txt file please.

 

My best guess is that you ran AVG and IOBit's advanced system care (yuck!) at the same time and IOBit scrambled things. However, I'll have a better idea what is going on once you post DDS.txt.

Edited by Tomk_

Share this post


Link to post
Share on other sites

Hi TomK I thought I may have posted the same log twice. Here is the correct one and your statements are well noted looking forward to at least beginning to find out what the real problem is and yes you are correct I ran orbit and AVG at the same time I wish would have known this a little sooner smdh.

Here is the DDS TEXT

 

DDS (Ver_2012-11-20.01) - NTFS_x86Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29Run by User at 20:51:39 on 2013-06-28Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.467 [GMT -4:00].AV: AVG AntiVirus 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}.============== Running Processes ================.C:WINDOWSsystem32spoolsv.exeC:Program FilesFileOpenServicesFileOpenManagerService32.exeC:Program FilesFlip VideoFlipShareFlipShareService.exeC:Program FilesFlip VideoFlipShareServerFlipShareServer.exeC:Program FilesJavajre6binjqs.exeC:Program FilesMotorolaMotoHelperMotoHelperService.exeC:WINDOWSsystem32HPZipm12.exeC:Program FilesAnalog DevicesSoundMAXspkrmon.exeC:WINDOWSSystem32alg.exeC:WINDOWSsystem32wbemunsecapp.exeC:WINDOWSExplorer.EXEC:Program FilesMotorolaMotoHelperMotoHelperAgent.exeC:WINDOWSsystem32ctfmon.exeC:Program FilesInternet Exploreriexplore.exeC:Program FilesInternet Exploreriexplore.exeC:Program FilesInternet Exploreriexplore.exeC:WINDOWSsystem32wbemwmiprvse.exeC:WINDOWSsystem32svchost.exe -k WudfServiceGroupC:WINDOWSsystem32svchost.exe -k NetworkServiceC:WINDOWSsystem32svchost.exe -k LocalServiceC:WINDOWSsystem32svchost.exe -k imgsvcC:WINDOWSSystem32svchost.exe -k netsvcs.============== Pseudo HJT Report ===============.uInternet Connection Wizard,ShellNext = "c:program filesoutlook expressmsimn.exe" //mailurl:mailto:[email protected]?body=%0A%0A%0ASent%20via%20TweetDeck%20%28www%2Etweetdeck%2Ecom%29uProxyOverride = 192.168.*.*uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:program filesmicrosoft officeoffice14URLREDIR.DLLBHO: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - <orphaned>BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:program filesjavajre6binjp2ssv.dllBHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:program filesjavajre6libdeployjqsiejqs_plugin.dlluRun: [ctfmon.exe] c:windowssystem32ctfmon.exedRunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32uPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoDriveTypeAutoRun = dword:145IE: E&xport to Microsoft Excel - c:progra~1micros~2office14EXCEL.EXE/3000IE: Se&nd to OneNote - c:progra~1micros~2office14ONBttnIE.dll/105IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:program filesmicrosoft officeoffice14ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:program filesmicrosoft officeoffice14ONBttnIELinkedNotes.dll.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option..TCP: NameServer = 192.168.1.254TCP: Interfaces{8FDF867E-BE18-4522-8CE0-C303F67A2035} : DHCPNameServer = 192.168.1.254Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:program filescommon filesmicrosoft sharedoffice14MSOXMLMF.DLLNotify: igfxcui - igfxdev.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:windowssystem32WPDShServiceObj.dllHosts: 127.0.0.1 validation.sls.microsoft.com============= SERVICES / DRIVERS ===============.R1 avgtp;avgtp;c:windowssystem32driversavgtpx86.sys [2013-6-17 37664]R2 FileOpenManagerService;FileOpen Manager Service;c:program filesfileopenservicesFileOpenManagerService32.exe [2012-10-17 213432]R2 FlipShareServer;FlipShare Server;c:program filesflip videoflipshareserverFlipShareServer.exe [2010-12-15 1085440]R2 MotoHelper;MotoHelper Service;c:program filesmotorolamotohelperMotoHelperService.exe [2011-12-6 214896]S3 BTCFilterService;USB Networking Driver Filter Service;c:windowssystem32driversmotfilt.sys --> c:windowssystem32driversmotfilt.sys [?]S3 HTCAND32;HTC Device Driver;c:windowssystem32driversandroidusb.sys --> c:windowssystem32driversANDROIDUSB.sys [?]S3 motandroidusb;Mot ADB Interface Driver;c:windowssystem32driversmotoandroid.sys --> c:windowssystem32driversmotoandroid.sys [?]S3 motccgp;Motorola USB Composite Device Driver;c:windowssystem32driversmotccgp.sys --> c:windowssystem32driversmotccgp.sys [?]S3 motccgpfl;MotCcgpFlService;c:windowssystem32driversmotccgpfl.sys --> c:windowssystem32driversmotccgpfl.sys [?]S3 Motousbnet;Motorola USB Networking Driver Service;c:windowssystem32driversmotousbnet.sys --> c:windowssystem32driversMotousbnet.sys [?]S3 motusbdevice;Motorola USB Dev Driver;c:windowssystem32driversmotusbdevice.sys --> c:windowssystem32driversmotusbdevice.sys [?]S3 WDC_SAM;WD SCSI Pass Thru driver;c:windowssystem32driverswdcsam.sys [2008-5-6 11520]S3 WinRM;Windows Remote Management (WS-Management);c:windowssystem32svchost.exe -k WINRM [2008-4-14 14336].=============== Created Last 30 ================.2013-06-28 10:15:23 208184 ----a-w- c:windowssystem32driversavgidsdriverx.sys2013-06-28 10:15:22 60216 ----a-w- c:windowssystem32driversavgidshx.sys2013-06-28 10:15:22 22328 ----a-w- c:windowssystem32driversavgidsshimx.sys2013-06-28 10:15:21 182072 ----a-w- c:windowssystem32driversavgtdix.sys2013-06-28 10:15:20 39224 ----a-w- c:windowssystem32driversavgrkx86.sys2013-06-28 10:15:20 170808 ----a-w- c:windowssystem32driversavgldx86.sys2013-06-28 10:15:18 245048 ----a-w- c:windowssystem32driversavglogx.sys2013-06-28 03:43:35 -------- d-----w- c:documents and settingsuserapplication dataMalwarebytes2013-06-28 03:43:20 -------- d-----w- c:documents and settingsall usersapplication dataMalwarebytes2013-06-28 03:43:07 22856 ----a-w- c:windowssystem32driversmbam.sys2013-06-28 03:43:07 -------- d-----w- c:program filesMalwarebytes' Anti-Malware2013-06-22 02:24:13 -------- d-----w- c:program filescommon filesSpigot2013-06-21 01:21:08 -------- d-----w- c:documents and settingsall usersapplication dataPCPitstop2013-06-17 22:51:24 37664 ----a-w- c:windowssystem32driversavgtpx86.sys2013-06-12 01:22:33 9089416 ----a-w- c:windowssystem32FlashPlayerInstaller.exe.==================== Find3M ====================.2013-05-07 22:30:06 920064 ----a-w- c:windowssystem32wininet.dll2013-05-07 22:30:05 43520 ----a-w- c:windowssystem32licmgr10.dll2013-05-07 22:30:05 1469440 ----a-w- c:windowssystem32inetcpl.cpl2013-05-07 21:53:29 385024 ----a-w- c:windowssystem32html.iec2013-05-03 01:30:20 2149888 ----a-w- c:windowssystem32ntoskrnl.exe2013-05-03 00:38:17 2028544 ----a-w- c:windowssystem32ntkrnlpa.exe2013-04-18 00:22:24 23360 ----a-w- c:windowssystem32RegistryDefragBootTime.exe2013-04-10 01:31:19 1876352 ----a-w- c:windowssystem32win32k.sys2012-06-13 13:23:30 893560 ----a-w- c:program filescommon filesAutoCompletePro.exe.============= FINISH: 20:52:15.45 ===============

Share this post


Link to post
Share on other sites

I'm not seeing an "infection". I'm thinking things just got scrambled.

 

Personally, I won't let anything by IOBit on my systems... but I've been told by some colleagues that I'm too critical. They are not scamware... but they have some pretty shady practices. The important thing is that you never want more than one anti-virus. It's like asking two dogs to guard the same bone... problems are likely to ensue. You also only want one firewall and one "real-time" spyware scanner. I like AVAST! or Microsoft Security Essentials for Anti-virus (they're free) and I run Malwarebytes' for anti-spyware. AVG isn't as good as it once was (actually it's not as bad as it used to be either) and is an acceptable anti-virus solution.

 

OK... let's get started fixing things. First off... uninstall IOBit.

 

We would want to disable AVG in order to run the next tool I'd like you to run... but since it is scrambled... let's uninstall it. Go to AVG's site and download the removal tool. You will want the first one on the list - 2013 32 bit. Go ahead and run it. This should remove all traces of AVG... you will then need to reinstall it once we have you straightened out.

 

As part of the AVG removal process... you will probably have to reboot your computer. After that is done...

 

Download ComboFix:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • [*]Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link -->
http://forums.whatthetech.com/How_Disable_your_Security_Programs_t96260.html (you shouldn't have to do this after you uninstall AVG)
[*]Double click on ComboFix.exe & follow the prompts.
[*]As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
[*]Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.



Posted Image

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:ComboFix.txt in your next reply.


Notes:

1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

 

 

 

Share this post


Link to post
Share on other sites

Greetings, I just went and purchased another computer. It was so bad I was not even able to get online not even log onto my desktop. I kept getting the blue screen of doom and gloom. The line of business that I work in I didn't have much time to waste. The computer was rather old anyway I had already backed up all of my files so I'm good now. As for anything Iobit never again and I'm going to try and see if I can even get my money back. As far as AVG I did keep that so I'm going to stick with it until it expires in November. Iobit never said anything about antivirus it was supposed to keep my computer malware free and keep it optimized what a waste of money. Thank you very much for your time and if I ever have any future issues I will hit you guys up.

Share this post


Link to post
Share on other sites

Enjoy the new box. I'm guessing Windows 8? If so, I hear there is a bit of a learning curve to get used to.

 

If you should need us... you know where to find us. :adios:

Share this post


Link to post
Share on other sites

Actually Tomk, No I could not do it. I looked at windows 8 and they are truly on some Minority report stuff. I need simple not complicated. I'm a die hard fan of XP dude. I went and got a nice refurb and called it a day. Yeah I know about Microsoft not supporting it next year but I don't care. I will cross that road when I get to it. They should have kept XP. I will probably jump to Windows 7 or Start using Linux not sure but for now I'm straight. I'm really curious to see how you techs are going to give support for that windows 8 and that touch screen software smh.

Share this post


Link to post
Share on other sites

It's a bigger transition for the actual Tech people. Us malware folk just need to keep figuring out how to identify and remove the bad stuff. As far as I know, you can do everything on Windows 8 with your mouse and keyboard... you don't have to have a touch screen. I just had the opportunity last week to help my cousins wife set up a new Windows 8 laptop on their network. It sure looks different... but it actually sets up pretty much the same. Granted, I didn't do any "work" on it... but I get the feeling that it is more a case of it "feels" different than it is of "it's harder to operate".

Share this post


Link to post
Share on other sites

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Sign in to follow this  

×
×
  • Create New...