Since last week I am experiencing the following problem: when running the "check for problems" scan on Spybot S&D the progress stops in the Fraud.UPSInvoice check. The Spybot S&D window does not crash and i receive no error message. But the scan progress freezes always in this very point.

I followed the guide at http://forums.spybot.info/showthread.php?t=57083. My search with reg edit made me able to find and delete the related registry entries.

Assuming my PC could then still be infected with Fraud.UPSInvoice, I also searched for it with the start/search application and two files were found. I deleted them.

Still, all the time I run the Spybot "check for problems" scan, the progress never advance any further from the Fraud.UPSInvoice check.

I'm afraid my PC is still infected with it. And there may be also other infections I cannot remove because the scan never finishes.

Unfortunately, I was unable to paste any log file because the scan is not reaching its end.

I'm running Windows XP Home Edition Service Pack 3, in an Acer Aspire One netbook,1.60GHZ, 1 GB RAM. I made sure SpyBot was fully updated before running the unsuccessful scans.

Avast (also fully updated) was unable to find any threat. But this is irrelevant since Avast never detects threats only Spybot seem to be able to fix.

I also ran Windows Live One Care Scan and no threats were find, and the situation remains the same.

I also deleted all the content of my temp folder, but i noticed that no matter how many times I empty it there are some unknown small files that keep being generated every second and within a couple minutes I already got thousands of files in my temp folder.

I'm willing to proceed to any measure in attempt to fix this situation, because this small netbook is the one I bring with me to classes and public places (due to its small size) and I'd like to assure its safe to access my email and other personal services on it.

Finally, I'd like to thank Safer Networking for your great job and I'm sure you will help me find a solution.

Hi,

Download DDS and save it to your desktop from here (http://download.bleepingcomputer.com/sUBs/dds.com) or here (http://download.bleepingcomputer.com/sUBs/dds.scr) or here (http://www.forospyware.com/sUBs/dds).
Disable any script blocker, and then double click dds file to run the tool.
When done, DDS will open two (2) logs:
DDS.txt
Attach.txt

Save both reports to your desktop. Post them back to your topic.

6871

6872

there they are. i didnt simply copy and paste them because a info window instructed me not to do so but to post 'em as file attachments

thank you for answering my post. your kind help is very needed, mate :bigthumb:

i didnt simply copy and paste them because a info window instructed me not to do so but to post 'em as file attachments
That's general instructions DDS shows. However, different forums have different practices and here we want logs copy-pasted unless they are very long :)


IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

µTorrent


I'd like you to read this thread (http://forums.spybot.info/showthread.php?t=282).

Please go and uninstall the programs listed above (in red). Post fresh dds logs contents when ready.

I uninstalled uTorrent and these are the new logs below:



DDS (Ver_10-12-12.02) - NTFSx86
Run by gus at 18:05:07,85 on qui 24/02/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.55.1033.18.1014.499 [GMT -3:00]

AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\PLFSetL.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Documents and Settings\gus\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\gus\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_one&r=0xph01104825l03f4wu15w68823392
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_one&r=0xph01104825l03f4wu15w68823392
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_one&r=0xph01104825l03f4wu15w68823392
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_one&r=0xph01104825l03f4wu15w68823392
uInternet Connection Wizard,ShellNext = "c:\program files\outlook express\msimn.exe" //mailurl:mailto:--edited out--
uInternet Settings,ProxyServer = 192.168.1.200:3128
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\gus\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AzMixerSel] c:\program files\realtek\audio\drivers\AzMixerSel.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [PLFSetL] c:\windows\PLFSetL.exe
mRun: [snp2uvc] rundll32.exe c:\windows\system32\csnp2uvc.dll,ResetCIDS
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acervc~1.lnk - c:\program files\acer\acer vcm\AcerVCM.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel
IE: Google Sidewiki...
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6886.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\acer\acer vcm\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
Hosts: 127.0.0.1 www.spywareinfo.com

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-3-15 294608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-3-15 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-3-15 40384]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\sony ericsson\sony ericsson pc suite\SupServ.exe [2010-4-6 90112]
R2 RS_Service;Raw Socket Service;c:\program files\acer\acer vcm\RS_Service.exe [2009-8-1 237568]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2009-8-1 38912]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-2 135664]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-8-1 1684736]
S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\rts5121.sys --> c:\windows\system32\drivers\RTS5121.sys [?]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\drivers\rts516xir.sys --> c:\windows\system32\drivers\Rts516xIR.sys [?]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2010-4-6 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2010-4-6 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2010-4-6 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2010-4-6 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2010-4-6 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2010-4-6 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2010-4-6 115752]

=============== File Associations ===============

.scr=AutoCADScriptFile

=============== Created Last 30 ================

2011-02-22 11:34:09 -------- d-----w- c:\docume~1\gus\applic~1\Malwarebytes
2011-02-22 11:34:01 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-22 11:34:00 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-02-22 11:33:52 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-22 11:33:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-15 19:47:39 -------- d-----w- c:\docume~1\gus\applic~1\Safer Networking
2011-02-15 19:47:11 -------- d-----w- c:\program files\Safer Networking
2011-02-10 16:09:18 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-02-10 16:09:18 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy

==================== Find3M ====================

2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-13 08:47:35 38848 ----a-w- c:\windows\avastSS.scr
2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10:33 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:59:20 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:59:19 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:59:19 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55:26 385024 ----a-w- c:\windows\system32\html.iec
2010-12-09 15:15:09 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 14:30:22 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-12-09 13:42:26 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 13:07:07 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe

============= FINISH: 18:07:06,34 ===============






UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 21/1/2010 07:54:06
System Uptime: 24/2/2011 17:54:16 (1 hours ago)

Motherboard: Acer | | Aspire one
Processor: Intel(R) Atom(TM) CPU N270 @ 1.60GHz | CPU | 1595/533mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 139 GiB total, 103,968 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP124: 18/11/2010 22:54:57 - System Checkpoint
RP125: 20/11/2010 02:55:43 - System Checkpoint
RP126: 22/11/2010 16:52:00 - System Checkpoint
RP127: 24/11/2010 12:02:38 - System Checkpoint
RP128: 25/11/2010 19:36:33 - System Checkpoint
RP129: 27/11/2010 14:49:47 - System Checkpoint
RP130: 30/11/2010 13:55:52 - System Checkpoint
RP131: 28/12/2010 14:39:01 - Software Distribution Service 3.0
RP132: 12/1/2011 13:20:48 - Installed Microsoft Office Enterprise 2007
RP133: 12/1/2011 13:38:36 - Printer Driver Send To Microsoft OneNote Driver Installed
RP134: 13/1/2011 13:57:31 - Software Distribution Service 3.0
RP135: 14/1/2011 10:08:47 - Software Distribution Service 3.0
RP136: 16/1/2011 11:34:47 - System Checkpoint
RP137: 20/1/2011 15:45:46 - Software Distribution Service 3.0
RP138: 21/1/2011 13:59:38 - Software Distribution Service 3.0
RP139: 24/1/2011 14:06:45 - Software Distribution Service 3.0
RP140: 2/2/2011 11:28:00 - System Checkpoint
RP141: 9/2/2011 10:08:21 - Removed eSobi v2
RP142: 9/2/2011 16:48:34 - Cleaned registry with Windows Live OneCare safety scanner
RP143: 9/2/2011 22:05:26 - Software Distribution Service 3.0
RP144: 12/2/2011 14:58:30 - System Checkpoint
RP145: 15/2/2011 16:02:22 - System Checkpoint
RP146: 16/2/2011 21:00:14 - System Checkpoint

==== Installed Programs ======================

32 Bit HP CIO Components Installer
Acer Crystal Eye webcam
Acer eRecovery Management
Acer ScreenSaver
Acer VCM
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.2
AIO_Scan
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
AutoCAD 2010 - English
AutoCAD 2010 Language Pack - English
avast! Free Antivirus
BufferChm
C4200
C4200_doccd
c4200_Help
Compatibility Pack for the 2007 Office system
Copy
CorelDRAW Graphics Suite X3
CustomerResearchQFolder
DAEMON Tools Toolbar
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DocProc
DocProcQFolder
EN
eSupportQFolder
Fallout
FontNav
Google Chrome
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 9.0
HP Imaging Device Functions 9.0
HP OCR Software 9.0
HP Photosmart All-In-One Software 9.0
HP Photosmart Essential 2.01
HP Photosmart Essential2.01
HP Solution Center 9.0
HP Update
HPProductAssistant
HPSSupply
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Java Auto Updater
Java(TM) 6 Update 20
Junk Mail filter update
Last.fm 1.5.4.27091
Launch Manager
Malwarebytes' Anti-Malware
MarketResearch
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2003 Portuguese (Brazil) User Interface Pack
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
MSN
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser
PS_AIO_ProductContext
PS_AIO_Software
PS_AIO_Software_min
PSSWCORE
Realtek High Definition Audio Driver
RegAlyzer
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SolutionCenter
Sony Ericsson PC Suite 6.011.00
Spybot - Search & Destroy
Status
Synaptics Pointing Device Driver
Toolbox
TrayApp
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Outlook 2007 Junk Email Filter (KB2492475)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB898461)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Manager
USB2.0 Card Reader Software
VBA
VideoToolkit01
VLC media player 1.0.5
WebCam
WebFldrs XP
WebReg
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 10
WinRAR archiver
Your Freedom 20100222-01

==== Event Viewer Messages From Past Week ========

24/2/2011 16:02:07, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
23/2/2011 17:26:10, error: Dhcp [1002] - The IP address lease 192.168.6.164 for the Network Card with network address 0CEEE6DEB24E has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).
22/2/2011 14:06:11, error: Dhcp [1002] - The IP address lease 192.168.101.3 for the Network Card with network address 0CEEE6DEB24E has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
21/2/2011 17:35:32, error: Dhcp [1002] - The IP address lease 192.168.6.142 for the Network Card with network address 0CEEE6DEB24E has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).
17/2/2011 18:25:26, error: Dhcp [1002] - The IP address lease 192.168.6.128 for the Network Card with network address 0CEEE6DEB24E has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).

==== End Of File ===========================

Hi,

Uninstall DAEMON Tools Toolbar if not installed on purpose.


Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update to the latest version...

Updating Java:

Download the latest version of Java Runtime Environment (JRE) 6 Update 24 (http://java.sun.com/javase/downloads/index.jsp).
Click the
Download
button to the right.
Select Windows on platform combobox and check the box that says:
Accept License Agreement. Click continue.

The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-6u24-windows-i586-p.exe to install the newest version. Uncheck Carbonite online backup trial if it's offered there.



* Go here (http://www.eset.eu/online-scanner) to run an online scanner from ESET.
Note: You will need to use Internet explorer for this scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Click Start
Make sure that the option Remove found threats is UNchecked.
Click Scan
Wait for the scan to finish.




Post back its report & a fresh dds log. Please update Spybot (if you haven't done so yet) and run a scan with antivirus protection disabled first.

Hello,

I can’t access the link you provided me to download Java Runtime Environment (JRE) 6 Update 24. It never loads. :sick:

I am connected to the internet via a LAN that does not allow me to download from this site. So I tried to access the file by using a proxy and now the site itself won’t load, although other sites are working perfectly.

I attempted to download this file from another path by browsing Java sites but the closest I got was a file called jre-6u24-windows-i586-s.exe, which differs from the file you say I should be executing by one letter ("s" instead of "p").

I won’t have access to a free internet connection soon so I'd like to know if it’s ok to go with this jre-6u24-windows-i586-s.exe or to proceed to the online java removal tool and then online installation or any other solution.

Try this address (http://www.java.com/en/download/index.jsp) instead.

i updated spybot a ran another scan but the problem persists.

the eset scan and dds logs are as follows:



C:\Documents and Settings\gus\Desktop\MS Office 2007 ULTIMATE [GR420]\Launcher.exe probably a variant of Win32/Agent.FGHQVIS trojan
C:\Documents and Settings\gus\Desktop\MS Office 2007 ULTIMATE [GR420]\MS Office 2007 ULTIMATE.iso probably a variant of Win32/Agent.FGHQVIS trojan







UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 21/1/2010 07:54:06
System Uptime: 8/3/2011 10:13:47 (0 hours ago)

Motherboard: Acer | | Aspire one
Processor: Intel(R) Atom(TM) CPU N270 @ 1.60GHz | CPU | 1596/533mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 139 GiB total, 104,912 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP131: 28/12/2010 14:39:01 - Software Distribution Service 3.0
RP132: 12/1/2011 13:20:48 - Installed Microsoft Office Enterprise 2007
RP133: 12/1/2011 13:38:36 - Printer Driver Send To Microsoft OneNote Driver Installed
RP134: 13/1/2011 13:57:31 - Software Distribution Service 3.0
RP135: 14/1/2011 10:08:47 - Software Distribution Service 3.0
RP136: 16/1/2011 11:34:47 - System Checkpoint
RP137: 20/1/2011 15:45:46 - Software Distribution Service 3.0
RP138: 21/1/2011 13:59:38 - Software Distribution Service 3.0
RP139: 24/1/2011 14:06:45 - Software Distribution Service 3.0
RP140: 2/2/2011 11:28:00 - System Checkpoint
RP141: 9/2/2011 10:08:21 - Removed eSobi v2
RP142: 9/2/2011 16:48:34 - Cleaned registry with Windows Live OneCare safety scanner
RP143: 9/2/2011 22:05:26 - Software Distribution Service 3.0
RP144: 12/2/2011 14:58:30 - System Checkpoint
RP145: 15/2/2011 16:02:22 - System Checkpoint
RP146: 16/2/2011 21:00:14 - System Checkpoint
RP147: 2/3/2011 17:56:10 - Removed Java(TM) 6 Update 20
RP148: 8/3/2011 01:01:32 - Installed Java(TM) 6 Update 24

==== Installed Programs ======================

32 Bit HP CIO Components Installer
Acer Crystal Eye webcam
Acer eRecovery Management
Acer ScreenSaver
Acer VCM
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.2
AIO_Scan
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
AutoCAD 2010 - English
AutoCAD 2010 Language Pack - English
avast! Free Antivirus
BufferChm
C4200
C4200_doccd
c4200_Help
Compatibility Pack for the 2007 Office system
Copy
CorelDRAW Graphics Suite X3
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DocProc
DocProcQFolder
EN
ESET Online Scanner v3
eSupportQFolder
FontNav
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 9.0
HP Imaging Device Functions 9.0
HP OCR Software 9.0
HP Photosmart All-In-One Software 9.0
HP Photosmart Essential 2.01
HP Photosmart Essential2.01
HP Solution Center 9.0
HP Update
HPProductAssistant
HPSSupply
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Java Auto Updater
Java(TM) 6 Update 24
Junk Mail filter update
Last.fm 1.5.4.27091
Launch Manager
Malwarebytes' Anti-Malware
MarketResearch
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2003 Portuguese (Brazil) User Interface Pack
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
MSN
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser
PS_AIO_ProductContext
PS_AIO_Software
PS_AIO_Software_min
PSSWCORE
Realtek High Definition Audio Driver
RegAlyzer
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SolutionCenter
Sony Ericsson PC Suite 6.011.00
Spybot - Search & Destroy
Status
Synaptics Pointing Device Driver
Toolbox
TrayApp
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Outlook 2007 Junk Email Filter (KB2492475)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB898461)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Manager
USB2.0 Card Reader Software
VBA
VideoToolkit01
VLC media player 1.0.5
WebCam
WebFldrs XP
WebReg
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 10
WinRAR archiver
Your Freedom 20100222-01

==== Event Viewer Messages From Past Week ========

8/3/2011 10:15:34, error: System Error [1003] - Error code 1000000a, parameter1 00461000, parameter2 00000002, parameter3 00000000, parameter4 8056e8d8.
3/3/2011 17:56:36, error: Dhcp [1002] - The IP address lease 192.168.6.139 for the Network Card with network address 0CEEE6DEB24E has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).
2/3/2011 17:56:39, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
2/3/2011 17:48:51, error: Dhcp [1002] - The IP address lease 192.168.6.135 for the Network Card with network address 0CEEE6DEB24E has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).
1/3/2011 14:14:40, error: Dhcp [1002] - The IP address lease 192.168.101.3 for the Network Card with network address 0CEEE6DEB24E has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
1/3/2011 13:24:30, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
1/3/2011 13:23:57, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Pml Driver HPZ12 service to connect.
1/3/2011 13:23:57, error: Service Control Manager [7000] - The Pml Driver HPZ12 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

==== End Of File ===========================







DDS (Ver_10-12-12.02) - NTFSx86
Run by gus at 10:16:28,17 on ter 08/03/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.560 [GMT -3:00]

AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\PLFSetL.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Documents and Settings\gus\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/ig?hl=pt-BR&source=iglk
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_one&r=0xph01104825l03f4wu15w68823392
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_one&r=0xph01104825l03f4wu15w68823392
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_one&r=0xph01104825l03f4wu15w68823392
uInternet Connection Wizard,ShellNext = "c:\program files\outlook express\msimn.exe" //mailurl:mailto:karolbart@hotmail.com
uInternet Settings,ProxyServer = 192.168.1.200:3128
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AzMixerSel] c:\program files\realtek\audio\drivers\AzMixerSel.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [PLFSetL] c:\windows\PLFSetL.exe
mRun: [snp2uvc] rundll32.exe c:\windows\system32\csnp2uvc.dll,ResetCIDS
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acervc~1.lnk - c:\program files\acer\acer vcm\AcerVCM.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel
IE: Google Sidewiki...
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6886.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\acer\acer vcm\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
Hosts: 127.0.0.1 www.spywareinfo.com

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-3-15 294608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-3-15 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-3-15 40384]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\sony ericsson\sony ericsson pc suite\SupServ.exe [2010-4-6 90112]
R2 RS_Service;Raw Socket Service;c:\program files\acer\acer vcm\RS_Service.exe [2009-8-1 237568]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2009-8-1 38912]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-2 135664]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-8-1 1684736]
S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\rts5121.sys --> c:\windows\system32\drivers\RTS5121.sys [?]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\drivers\rts516xir.sys --> c:\windows\system32\drivers\Rts516xIR.sys [?]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2010-4-6 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2010-4-6 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2010-4-6 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2010-4-6 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2010-4-6 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2010-4-6 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2010-4-6 115752]

=============== File Associations ===============

.scr=AutoCADScriptFile

=============== Created Last 30 ================

2011-03-08 04:10:27 -------- d-----w- c:\program files\ESET
2011-03-08 04:02:02 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-22 11:34:09 -------- d-----w- c:\docume~1\gus\applic~1\Malwarebytes
2011-02-22 11:34:01 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-22 11:34:00 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-02-22 11:33:52 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-22 11:33:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-15 19:47:39 -------- d-----w- c:\docume~1\gus\applic~1\Safer Networking
2011-02-15 19:47:11 -------- d-----w- c:\program files\Safer Networking
2011-02-10 16:09:18 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-02-10 16:09:18 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy

==================== Find3M ====================

2011-03-08 04:01:42 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-13 08:47:35 38848 ----a-w- c:\windows\avastSS.scr
2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10:33 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:59:20 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:59:19 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:59:19 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55:26 385024 ----a-w- c:\windows\system32\html.iec
2010-12-09 15:15:09 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 14:30:22 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-12-09 13:42:26 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 13:07:07 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe

============= FINISH: 10:23:58,65 ===============

Delete ESET findings. Run a disk check (http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/tips/kbtip.mspx) and see if Spybot scan works any better. If not, please try to scan in safe mode.

Due to inactivity, this thread will now be closed.

Note:If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

If it has been less than three days since your last response and you need the thread re-opened, please send me or other MOD a private message (pm). A valid, working link to the closed topic is required.