virus/ malware issue

View previous topic View next topic Go down

virus/ malware issue

Post by mundo3 on 26th November 2009, 3:41 pm

I keep getting random pop ups and i am redirected to sites when i search.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:40:58 AM, on 11/26/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Sun\SDK\jdk\bin\javaw.exe
C:\Documents and Settings\Compaq_Owner\Desktop\winlogon.scr
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [You must be registered and logged in to see this link.]
O1 - Hosts: ::1 localhost
O1 - Hosts: 91.206.201.8 oemantivir.microsoft.com
O1 - Hosts: 91.206.201.8 oemantivir.com
O1 - Hosts: 91.206.201.8 [You must be registered and logged in to see this link.]
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\1.5.0.850\HPIEAddOn.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.4.0.4340\NPIEAddOn.dll
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.3.0.840\ssd.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Startup: SDK Tray Menu.lnk = ?
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin/module.main/favorites\ie_add_to.html
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\Common\ylogin.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - c:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: absoƖute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (HKCU)
O9 - Extra 'Tools' menuitem: absoƖute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (HKCU)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

--
End of file - 6471 bytes

mundo3
Novice
Novice

Posts Posts : 28
Joined Joined : 2009-01-13
OS OS : windows xp
Points Points : 29063
# Likes # Likes : 0

View user profile

Back to top Go down

Re: virus/ malware issue

Post by Belahzur on 26th November 2009, 8:44 pm

Hello.

  • Open HijackThis
  • Choose "Do a system scan only"
  • Check the boxes in front of these lines:


    O1 - Hosts: ::1 localhost
    O1 - Hosts: 91.206.201.8 oemantivir.microsoft.com
    O1 - Hosts: 91.206.201.8 oemantivir.com
    O1 - Hosts: 91.206.201.8 [You must be registered and logged in to see this link.]


  • Press "Fix Checked"
  • Close Hijack This.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Re: virus/ malware issue

Post by mundo3 on 28th November 2009, 12:41 am

Malwarebytes' Anti-Malware 1.41
Database version: 3245
Windows 5.1.2600 Service Pack 3

11/27/2009 6:35:06 PM
mbam-log-2009-11-27 (18-35-05).txt

Scan type: Quick Scan
Objects scanned: 116964
Time elapsed: 14 minute(s), 56 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 5
Registry Keys Infected: 32
Registry Values Infected: 4
Registry Data Items Infected: 3
Folders Infected: 31
Files Infected: 516

Memory Processes Infected:
C:\Documents and Settings\Compaq_Owner\Desktop\winlogon.scr (Heuristics.Reserved.Word.Exploit) -> Unloaded process successfully.

Memory Modules Infected:
C:\Program Files\System Search Dispatcher\1.3.0.840\ssd.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\NPCommon.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup\1.5.0.850\HPCommon.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup\1.5.0.850\FF\components\HPFFAddOn.dll (Adware.DoubleD) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c28a0312-c403-417b-a425-a915bc0519cd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AvScan (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{16b6279b-9ff5-41fb-8bf9-404324f5dd1f}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1fb52ab3-5987-45a2-85e0-f3ec30dddc29}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c5096216-7703-409e-b85a-8a6ee7395128}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\defaultscope (Adware.DoubleD) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\Program Files\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340 (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\chrome (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\components (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup\1.5.0.850 (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup\1.5.0.850\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.0.850\FF (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup\1.5.0.850\FF\chrome (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup\1.5.0.850\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.0.850\FF\components (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\System Search Dispatcher\1.3.0.840 (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\System Search Dispatcher\1.3.0.840\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DoubleD\JuicyAccess Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer (Adware.DoubleD) -> Delete on reboot.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340 (Adware.DoubleD) -> Delete on reboot.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Media Access Startup (Adware.DoubleD) -> Delete on reboot.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Media Access Startup\1.5.0.850 (Adware.DoubleD) -> Delete on reboot.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\Media Access Startup\1.5.0.850\HPIEAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.0.840\ssd.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\NPIEAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lsp.dll (Trojan.Proxy) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\productinfo.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\stbup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\adwpx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\NPCommon.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\NPAddOn.jar (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.0.850\HPCommon.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup\1.5.0.850\hppx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.0.850\MAHelper.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.0.850\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.0.850\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.0.850\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.0.850\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.0.850\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.0.850\FF\chrome\HPAddOn.jar (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.0.850\FF\components\HPFFAddOn.dll (Adware.DoubleD) -> Delete on reboot.
C:\Program Files\Media Access Startup\1.5.0.850\FF\components\HPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.0.850\FF\components\HPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.0.840\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.0.840\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.0.840\Data\eacore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.0.840\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.0.840\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\ipdata.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090727-235158.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-182543.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-182636.750.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-182922.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-183224.578.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090728-183529.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-104943.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-105052.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-105139.953.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-105209.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-105214.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-105322.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-110130.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-110148.406.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-110639.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-110941.250.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-111211.750.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-111240.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-151614.250.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-152315.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-152417.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-152603.718.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-152707.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-153057.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-154409.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-161025.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-161228.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-161229.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-161247.859.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-161442.609.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-162008.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-175031.750.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-175403.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090729-175749.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090803-085618.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090803-085731.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090803-090849.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090803-091152.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090803-092542.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090803-103918.531.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090803-104419.890.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090803-105803.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090803-105858.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090803-110520.640.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090803-111445.843.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090803-111659.734.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090803-111708.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090803-112535.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090803-113511.375.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090803-113805.562.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090803-114757.390.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090805-133315.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090805-134626.750.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090812-111042.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090812-111205.062.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090812-111630.750.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090812-131655.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090812-133015.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090812-192912.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090812-193305.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090814-180751.562.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090814-181341.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090815-175258.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090815-175756.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090815-180030.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090815-180239.593.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090815-180656.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090816-144731.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090817-164058.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090817-164326.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090823-095338.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090823-100353.296.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090824-163349.718.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090824-164759.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090826-160411.578.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090826-160815.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090826-162207.843.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090827-163215.937.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090827-165958.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090827-171219.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090827-171511.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090827-182709.562.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090827-183015.078.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090827-183633.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090827-183633.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090827-184223.093.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090827-185940.468.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090827-190852.671.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090827-192039.218.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090831-174957.234.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090901-174145.359.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090901-174146.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090901-174234.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090901-175128.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090901-175527.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090902-173718.171.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090902-173905.718.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090902-180501.656.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090902-180806.687.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090902-182826.796.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090902-184719.906.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090903-163534.921.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090905-161744.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090905-162915.406.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090905-163320.171.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090905-163731.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090905-163749.437.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090905-181616.015.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090906-092740.000.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090906-111318.140.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090907-105337.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090907-105955.765.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090908-163416.125.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090909-155243.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090909-171138.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090909-172711.187.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090910-181701.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090912-083852.968.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090912-084912.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090912-085947.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090912-105852.781.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090912-110455.156.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090914-174930.554.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090917-171239.343.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090921-171904.406.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090921-172204.843.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090930-170259.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20090930-170550.484.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091011-131649.406.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091011-132445.968.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091011-135542.265.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091014-170716.625.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091014-171431.609.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091014-172256.812.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091014-173028.031.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091014-175655.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091014-180656.203.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091014-181516.312.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091014-190711.328.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091016-162107.828.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091019-181004.352.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091019-182225.649.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091021-171543.453.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091023-164811.281.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091023-170156.046.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091026-181140.421.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091026-181155.609.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091026-182111.984.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091028-181210.703.log (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091101-143920.515.log (Adware.DoubleD) -> Quarantined and deleted successfully.

mundo3
Novice
Novice

Posts Posts : 28
Joined Joined : 2009-01-13
OS OS : windows xp
Points Points : 29063
# Likes # Likes : 0

View user profile

Back to top Go down

Re: virus/ malware issue

Post by Belahzur on 28th November 2009, 6:56 pm

Hello.

  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
  • Double click DDS.scr to run.
  • When complete, two logs will open. Save both of the report to your Desktop.
  • Copy and paste BOTH LOGS back here, use more than one post if needed.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Re: virus/ malware issue

Post by mundo3 on 29th November 2009, 8:35 pm

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-11-29.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 6/8/2005 12:29:26 AM
System Uptime: 11/29/2009 2:06:12 PM (0 hours ago)

Motherboard: ASUSTek Computer INC. | | Guppy
Processor: Intel(R) Celeron(R) CPU 2.80GHz | PGA 478 | 2800/133mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 68 GiB total, 54.998 GiB free.
D: is FIXED (FAT32) - 7 GiB total, 2.99 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP171: 9/6/2009 11:57:52 AM - System Checkpoint
RP172: 9/7/2009 12:02:20 PM - System Checkpoint
RP173: 9/9/2009 4:36:24 PM - System Checkpoint
RP174: 9/9/2009 5:54:26 PM - Software Distribution Service 3.0
RP175: 10/16/2009 4:37:29 PM - Software Distribution Service 3.0
RP176: 10/21/2009 5:37:49 PM - Software Distribution Service 3.0
RP177: 10/23/2009 5:47:11 PM - System Checkpoint
RP178: 11/8/2009 1:52:51 PM - System Checkpoint
RP179: 11/8/2009 2:31:10 PM - Software Distribution Service 3.0
RP180: 11/11/2009 6:25:17 PM - Software Distribution Service 3.0
RP181: 11/22/2009 8:24:46 AM - System Checkpoint
RP182: 11/25/2009 8:58:21 PM - System Checkpoint
RP183: 11/25/2009 10:26:45 PM - Software Distribution Service 3.0
RP184: 11/26/2009 7:46:54 AM - Configured easy Internet sign-up
RP185: 11/26/2009 8:02:25 AM - Software Distribution Service 3.0
RP186: 11/26/2009 8:06:23 AM - Software Distribution Service 3.0
RP187: 11/26/2009 9:48:55 AM - Removed Adobe Reader 6.0.1
RP188: 11/26/2009 9:49:20 AM - Removed Adobe Acrobat - Reader 6.0.2 Update
RP189: 11/26/2009 9:49:32 AM - Installed Adobe Reader 9.2.
RP190: 11/26/2009 9:47:43 PM - Software Distribution Service 3.0
RP191: 11/28/2009 8:54:47 AM - System Checkpoint

==== Installed Programs ======================

absoƖute Poker
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.2
Agere Systems PCI Soft Modem
America Online (Choose which version to remove)
Apple Mobile Device Support
Apple Software Update
ArcSoft Panorama Maker 3
Blasterball 2 from Compaq (remove only)
Blasterball 2 Remix from Compaq (remove only)
Bounce Symphony from Compaq (remove only)
Compaq Connections
Compaq Organize
Crystal Maze from Compaq (remove only)
Help and Support Additions
HijackThis 2.0.2
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
hp instant support
hp officejet 7100 series
HP Photo Printing Software
HP Share-to-Web
HpSdpAppCoreApp
Intel(R) Extreme Graphics Driver
InterVideo WinDVD Player
iTunes
Java Platform, Enterprise Edition 5 SDK
KBD
Macromedia Shockwave Player
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft Digital Image Library 9 - Blocker
Microsoft Encarta Encyclopedia Standard 2005
Microsoft Money
Microsoft Photo Premium 10
Microsoft Picture It! Library 10
Microsoft Plus! Dancer LE
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Word 2002
Microsoft Works
Microsoft Works 2005 Setup Launcher
Microsoft Works Suite Add-in for Microsoft Word
Mozilla Firefox (3.0.10)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nikon Message Center
Orbital from Compaq (remove only)
Overball from Compaq (remove only)
PC-Doctor for Windows
Photo Viewer
PictureProject
PictureProject In Touch Downloader 1.0
Polar Bowler from Compaq (remove only)
Polar Golfer from Compaq (remove only)
PS2
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
QuickTime
RealPlayer
SBC Self Support Tool
SBC Yahoo! Applications
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Shockwave
Shrek 2 Ogre Bowler from Compaq (remove only)
Sonic Express Labeler
Sonic RecordNow!
SpySubtract
Super Granny from Compaq (remove only)
Tradewinds from Compaq (remove only)
Typer Shark Deluxe 1.01
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Visual IP InSight(SBC)
WebFldrs XP
WildTangent Web Driver
Windows Driver Package - (mr7910) Image (08/08/2006 1.4.0.0)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 3
Works Upgrade
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

11/29/2009 9:07:34 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
11/26/2009 9:38:43 AM, error: Service Control Manager [7034] - The getPlus(R) Helper service terminated unexpectedly. It has done this 1 time(s).
11/26/2009 8:04:51 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 8 for Windows XP.
11/26/2009 7:40:14 AM, error: Service Control Manager [7034] - The AOL Connectivity Service service terminated unexpectedly. It has done this 1 time(s).
11/25/2009 8:38:58 PM, error: Dhcp [1002] - The IP address lease 192.168.1.64 for the Network Card with network address 0011D8EEA611 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

==== End Of File ===========================

mundo3
Novice
Novice

Posts Posts : 28
Joined Joined : 2009-01-13
OS OS : windows xp
Points Points : 29063
# Likes # Likes : 0

View user profile

Back to top Go down

Re: virus/ malware issue

Post by mundo3 on 29th November 2009, 8:36 pm

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-11-29.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 6/8/2005 12:29:26 AM
System Uptime: 11/29/2009 2:06:12 PM (0 hours ago)

Motherboard: ASUSTek Computer INC. | | Guppy
Processor: Intel(R) Celeron(R) CPU 2.80GHz | PGA 478 | 2800/133mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 68 GiB total, 54.998 GiB free.
D: is FIXED (FAT32) - 7 GiB total, 2.99 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP171: 9/6/2009 11:57:52 AM - System Checkpoint
RP172: 9/7/2009 12:02:20 PM - System Checkpoint
RP173: 9/9/2009 4:36:24 PM - System Checkpoint
RP174: 9/9/2009 5:54:26 PM - Software Distribution Service 3.0
RP175: 10/16/2009 4:37:29 PM - Software Distribution Service 3.0
RP176: 10/21/2009 5:37:49 PM - Software Distribution Service 3.0
RP177: 10/23/2009 5:47:11 PM - System Checkpoint
RP178: 11/8/2009 1:52:51 PM - System Checkpoint
RP179: 11/8/2009 2:31:10 PM - Software Distribution Service 3.0
RP180: 11/11/2009 6:25:17 PM - Software Distribution Service 3.0
RP181: 11/22/2009 8:24:46 AM - System Checkpoint
RP182: 11/25/2009 8:58:21 PM - System Checkpoint
RP183: 11/25/2009 10:26:45 PM - Software Distribution Service 3.0
RP184: 11/26/2009 7:46:54 AM - Configured easy Internet sign-up
RP185: 11/26/2009 8:02:25 AM - Software Distribution Service 3.0
RP186: 11/26/2009 8:06:23 AM - Software Distribution Service 3.0
RP187: 11/26/2009 9:48:55 AM - Removed Adobe Reader 6.0.1
RP188: 11/26/2009 9:49:20 AM - Removed Adobe Acrobat - Reader 6.0.2 Update
RP189: 11/26/2009 9:49:32 AM - Installed Adobe Reader 9.2.
RP190: 11/26/2009 9:47:43 PM - Software Distribution Service 3.0
RP191: 11/28/2009 8:54:47 AM - System Checkpoint

==== Installed Programs ======================

absoƖute Poker
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.2
Agere Systems PCI Soft Modem
America Online (Choose which version to remove)
Apple Mobile Device Support
Apple Software Update
ArcSoft Panorama Maker 3
Blasterball 2 from Compaq (remove only)
Blasterball 2 Remix from Compaq (remove only)
Bounce Symphony from Compaq (remove only)
Compaq Connections
Compaq Organize
Crystal Maze from Compaq (remove only)
Help and Support Additions
HijackThis 2.0.2
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
hp instant support
hp officejet 7100 series
HP Photo Printing Software
HP Share-to-Web
HpSdpAppCoreApp
Intel(R) Extreme Graphics Driver
InterVideo WinDVD Player
iTunes
Java Platform, Enterprise Edition 5 SDK
KBD
Macromedia Shockwave Player
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft Digital Image Library 9 - Blocker
Microsoft Encarta Encyclopedia Standard 2005
Microsoft Money
Microsoft Photo Premium 10
Microsoft Picture It! Library 10
Microsoft Plus! Dancer LE
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Word 2002
Microsoft Works
Microsoft Works 2005 Setup Launcher
Microsoft Works Suite Add-in for Microsoft Word
Mozilla Firefox (3.0.10)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nikon Message Center
Orbital from Compaq (remove only)
Overball from Compaq (remove only)
PC-Doctor for Windows
Photo Viewer
PictureProject
PictureProject In Touch Downloader 1.0
Polar Bowler from Compaq (remove only)
Polar Golfer from Compaq (remove only)
PS2
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
QuickTime
RealPlayer
SBC Self Support Tool
SBC Yahoo! Applications
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Shockwave
Shrek 2 Ogre Bowler from Compaq (remove only)
Sonic Express Labeler
Sonic RecordNow!
SpySubtract
Super Granny from Compaq (remove only)
Tradewinds from Compaq (remove only)
Typer Shark Deluxe 1.01
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Visual IP InSight(SBC)
WebFldrs XP
WildTangent Web Driver
Windows Driver Package - (mr7910) Image (08/08/2006 1.4.0.0)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 3
Works Upgrade
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

11/29/2009 9:07:34 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
11/26/2009 9:38:43 AM, error: Service Control Manager [7034] - The getPlus(R) Helper service terminated unexpectedly. It has done this 1 time(s).
11/26/2009 8:04:51 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 8 for Windows XP.
11/26/2009 7:40:14 AM, error: Service Control Manager [7034] - The AOL Connectivity Service service terminated unexpectedly. It has done this 1 time(s).
11/25/2009 8:38:58 PM, error: Dhcp [1002] - The IP address lease 192.168.1.64 for the Network Card with network address 0011D8EEA611 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

==== End Of File ===========================

mundo3
Novice
Novice

Posts Posts : 28
Joined Joined : 2009-01-13
OS OS : windows xp
Points Points : 29063
# Likes # Likes : 0

View user profile

Back to top Go down

Re: virus/ malware issue

Post by Belahzur on 29th November 2009, 11:53 pm

Hello.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

    SpySubtract

You posted attach.txt twice there, can you post DDS.txt please. Smile


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum