Possible virus... now paypal hacked?
Started by
mp2010
, Apr 17 2011 11:15 AM
-
This topic is locked
#16
Posted 09 May 2011 - 02:30 PM
Render
-
- Malware Removal
-
- 4,195 posts
Trusted Helper
#17
Posted 10 May 2011 - 10:46 AM
mp2010
- Topic Starter
-
- Member
-
- 33 posts
Member
SP3 now loaded and installed.
#18
Posted 10 May 2011 - 11:08 AM
Render
-
- Malware Removal
-
- 4,195 posts
Trusted Helper
Hi,
Then try with this new browser to access those not loading sites.
So you are using only Internet Explorer 8? Please download and install one of these browsers:Despite deleting the virus' i still seem to be having problems with images not loading on certain sites, especially thumbnails etc and sites that i know are working fine won't load.
Then try with this new browser to access those not loading sites.
What router is this (brand and model)? Where you see that sync flooding? Can you post a router's traffic log?Router showing outbound Syn Floods etc
#19
Posted 10 May 2011 - 12:20 PM
mp2010
- Topic Starter
-
- Member
-
- 33 posts
Member
Always used explorer and never had a problem.. Used netscpe back in the day...
Router: Belkin F5D7634-4
Partial Traffic log:
05/10/2011 19:12:46 192.168.2.6 login success
05/10/2011 19:12:42 User from 192.168.2.6 timed out
05/10/2011 19:09:40 **SYN Flood to Host** 192.168.2.6, 3846->> 64.13.232.146, 80 (from ATM1 Outbound)
05/10/2011 19:02:27 **SYN Flood to Host** 192.168.2.6, 3712->> 199.93.52.126, 80 (from ATM1 Outbound)
05/10/2011 18:08:21 **SYN Flood to Host** 192.168.2.6, 3202->> 93.184.220.20, 80 (from ATM1 Outbound)
I'm getting lots of time outs, which cause sites not to load i guess and the lack of images showing....
Router: Belkin F5D7634-4
Partial Traffic log:
05/10/2011 19:12:46 192.168.2.6 login success
05/10/2011 19:12:42 User from 192.168.2.6 timed out
05/10/2011 19:09:40 **SYN Flood to Host** 192.168.2.6, 3846->> 64.13.232.146, 80 (from ATM1 Outbound)
05/10/2011 19:02:27 **SYN Flood to Host** 192.168.2.6, 3712->> 199.93.52.126, 80 (from ATM1 Outbound)
05/10/2011 18:08:21 **SYN Flood to Host** 192.168.2.6, 3202->> 93.184.220.20, 80 (from ATM1 Outbound)
I'm getting lots of time outs, which cause sites not to load i guess and the lack of images showing....
#20
Posted 10 May 2011 - 12:36 PM
Render
-
- Malware Removal
-
- 4,195 posts
Trusted Helper
Please do the following:
OTL Extras Scan
OTL Extras Scan
- Double click on the
icon to run it. Make sure all other windows are closed and to let it run uninterrupted. - Click on None button at the top.
- Under the Extra Registry section, check Use SafeList
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of Extras.txt and post it.
#21
Posted 10 May 2011 - 12:45 PM
mp2010
- Topic Starter
-
- Member
-
- 33 posts
Member
ok. running now.
Chrome works a treat. Pages loading fine and images as well.....? Explorer the problem?
Chrome works a treat. Pages loading fine and images as well.....? Explorer the problem?
#22
Posted 10 May 2011 - 12:47 PM
mp2010
- Topic Starter
-
- Member
-
- 33 posts
Member
Extras Log:
OTL Extras logfile created on: 10/05/2011 19:45:11 - Run 8
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\MP2006\My Documents\drivers
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 30.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): C:\pagefile.sys 1500 1500 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38.28 Gb Total Space | 3.28 Gb Free Space | 8.56% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 114.48 Gb Total Space | 7.79 Gb Free Space | 6.80% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TOMATO-W14GXZZR
Current User Name: MP2006
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FinePix] -- "C:\Program Files\FinePixViewer\FinePixViewer.exe" "%1" (FUJIFILM Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"3074:TCP" = 3074:TCP:*:Enabled:xbox
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client -- (www.BitComet.com)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series" = Canon MP210 series
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{20110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{225AF9A1-B556-88D5-94AA-0010B5426419}" = My DSC
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.5.3
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 24
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2C3CE8F0-F4AD-4D54-A520-975309C617E2}" = LG PC Suite III
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3248F0A8-6813-11D6-A77B-00B0D0150170}" = J2SE Runtime Environment 5.0 Update 17
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D826618-59C6-11D4-976E-00C04F8EEB39}" = Macromedia FreeHand 10
"{53EF6570-21A4-47ED-A40A-E6470A5677A3}" = Studio 8
"{5490882C-6961-11D5-BAE5-00E0188E010B}" = FUJIFILM USB Driver
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59C2635E-336A-4CDF-8936-994F989E67D1}" = Belkin 802.11g Wireless PCI Card
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{B093990A-AAF2-44AC-9216-14BB7A2189B6}" = ImageMixer VCD2 LE for FinePix
"{B44529FF-501E-47CD-A06D-223C161BE058}" = FinePixViewer Resource
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1" = ConvertXtoDVD 2.2.3.258g
"{C0E18DC4-C74A-4889-AE3A-933471023787}" = LG PC Suite III
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E3B3AB03-8ABC-46CF-8CA9-DB5581E1F368}" = FinePix Studio
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}" = Disc2Phone
"ACE-HIGH MP3 WAV WMA OGG Converter" = ACE-HIGH MP3 WAV WMA OGG Converter
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"AVG8Uninstall" = AVG Free 8.5
"AVI MPEG RM WMV Joiner_is1" = AVI/MPEG/RM/WMV Joiner 4.11
"BitComet" = BitComet 0.63
"BookSmart® 2.8.0 2.8.0" = BookSmart® 2.8.0 2.8.0
"Canon MP210 series User Registration" = Canon MP210 series User Registration
"CanonMyPrinter" = Canon My Printer
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DVDFab Platinum 4_is1" = DVDFab Platinum 4.0.5.5
"HijackThis" = HijackThis 1.99.1
"Hollywood FX 4.6" = Pinnacle Hollywood FX 4.6
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSI Live Update 3" = MSI Live Update 3
"Nero - Burning Rom!UninstallKey" = Ahead Nero - Burning Rom
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Audio Driver" = NVIDIA Audio Driver
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nForce Drivers" = NVIDIA nForce Drivers
"QuicktimeAlt_is1" = QuickTime Alternative 1.68
"RealPlayer 6.0" = RealPlayer
"SpywareBlaster_is1" = SpywareBlaster 4.4
"Streambox Vcr Suite_is1" = Streambox Vcr Suite 2
"Tweak UI 2.10" = Tweak UI
"VLC media player" = VideoLAN VLC media player 0.8.6c
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XP Codec Pack" = XP Codec Pack
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Customizations" = Yahoo! Extras
"Yahoo! Internet Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12/04/2011 18:43:42 | Computer Name = TOMATO-W14GXZZR | Source = MsiInstaller | ID = 11721
Description = Product: LG USB Modem Drivers -- Error 1721. There is a problem with
this Windows Installer package. A program required for this install to complete
could not be run. Contact your support personnel or package vendor. Action: ExeLauncher.exe,
location: C:\Program Files\LG Electronics\LG USB Modem Drivers\ExeLauncher.exe,
command: C:\Program Files\\LG Electronics\LG USB Modem Drivers
Error - 12/04/2011 18:43:45 | Computer Name = TOMATO-W14GXZZR | Source = MsiInstaller | ID = 11500
Description = Product: LG USB Modem Drivers -- Error 1500. Another installation
is in progress. You must complete that installation before continuing this one.
Error - 12/04/2011 18:43:49 | Computer Name = TOMATO-W14GXZZR | Source = Application Error | ID = 1000
Description = Faulting application usbautorun.exe, version 1.0.0.7, faulting module
usbautorun.exe, version 1.0.0.7, fault address 0x000122a6.
Error - 14/04/2011 15:40:27 | Computer Name = TOMATO-W14GXZZR | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 10.0.0.1270, faulting
module msvcr80.dll, version 8.0.50727.4053, fault address 0x00008aa0.
Error - 16/04/2011 11:21:36 | Computer Name = TOMATO-W14GXZZR | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 19/04/2011 14:12:55 | Computer Name = TOMATO-W14GXZZR | Source = Application Hang | ID = 1002
Description = Hanging application rundll32.exe, version 5.1.2600.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 04/05/2011 13:19:18 | Computer Name = TOMATO-W14GXZZR | Source = Application Error | ID = 1000
Description = Faulting application mbam.exe, version 1.50.1.3, faulting module version.dll,
version 5.1.2600.2180, fault address 0x00001deb.
Error - 04/05/2011 16:50:47 | Computer Name = TOMATO-W14GXZZR | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 10.0.0.1270, faulting
module msvcr80.dll, version 8.0.50727.5592, fault address 0x00008aa0.
Error - 04/05/2011 17:23:39 | Computer Name = TOMATO-W14GXZZR | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.
Error - 10/05/2011 13:11:20 | Computer Name = TOMATO-W14GXZZR | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 04/05/2011 13:03:05 | Computer Name = TOMATO-W14GXZZR | Source = Service Control Manager | ID = 7000
Description = The DNINDIS5 NDIS Protocol Driver service failed to start due to the
following error: %%3
Error - 04/05/2011 13:03:05 | Computer Name = TOMATO-W14GXZZR | Source = Service Control Manager | ID = 7000
Description = The DNINDIS5 NDIS Protocol Driver service failed to start due to the
following error: %%3
Error - 04/05/2011 13:03:05 | Computer Name = TOMATO-W14GXZZR | Source = Service Control Manager | ID = 7000
Description = The DNINDIS5 NDIS Protocol Driver service failed to start due to the
following error: %%3
Error - 04/05/2011 13:03:05 | Computer Name = TOMATO-W14GXZZR | Source = Service Control Manager | ID = 7000
Description = The DNINDIS5 NDIS Protocol Driver service failed to start due to the
following error: %%3
Error - 04/05/2011 13:03:05 | Computer Name = TOMATO-W14GXZZR | Source = Service Control Manager | ID = 7000
Description = The DNINDIS5 NDIS Protocol Driver service failed to start due to the
following error: %%3
Error - 04/05/2011 13:03:05 | Computer Name = TOMATO-W14GXZZR | Source = Service Control Manager | ID = 7000
Description = The DNINDIS5 NDIS Protocol Driver service failed to start due to the
following error: %%3
Error - 04/05/2011 13:03:06 | Computer Name = TOMATO-W14GXZZR | Source = Service Control Manager | ID = 7000
Description = The DNINDIS5 NDIS Protocol Driver service failed to start due to the
following error: %%3
Error - 04/05/2011 13:03:06 | Computer Name = TOMATO-W14GXZZR | Source = Service Control Manager | ID = 7000
Description = The DNINDIS5 NDIS Protocol Driver service failed to start due to the
following error: %%3
Error - 04/05/2011 13:03:06 | Computer Name = TOMATO-W14GXZZR | Source = Service Control Manager | ID = 7000
Description = The DNINDIS5 NDIS Protocol Driver service failed to start due to the
following error: %%3
Error - 04/05/2011 13:03:06 | Computer Name = TOMATO-W14GXZZR | Source = Service Control Manager | ID = 7000
Description = The DNINDIS5 NDIS Protocol Driver service failed to start due to the
following error: %%3
< End of report >
OTL Extras logfile created on: 10/05/2011 19:45:11 - Run 8
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\MP2006\My Documents\drivers
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 30.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): C:\pagefile.sys 1500 1500 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38.28 Gb Total Space | 3.28 Gb Free Space | 8.56% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 114.48 Gb Total Space | 7.79 Gb Free Space | 6.80% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TOMATO-W14GXZZR
Current User Name: MP2006
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FinePix] -- "C:\Program Files\FinePixViewer\FinePixViewer.exe" "%1" (FUJIFILM Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"3074:TCP" = 3074:TCP:*:Enabled:xbox
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client -- (www.BitComet.com)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series" = Canon MP210 series
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{20110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{225AF9A1-B556-88D5-94AA-0010B5426419}" = My DSC
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.5.3
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 24
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2C3CE8F0-F4AD-4D54-A520-975309C617E2}" = LG PC Suite III
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3248F0A8-6813-11D6-A77B-00B0D0150170}" = J2SE Runtime Environment 5.0 Update 17
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D826618-59C6-11D4-976E-00C04F8EEB39}" = Macromedia FreeHand 10
"{53EF6570-21A4-47ED-A40A-E6470A5677A3}" = Studio 8
"{5490882C-6961-11D5-BAE5-00E0188E010B}" = FUJIFILM USB Driver
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59C2635E-336A-4CDF-8936-994F989E67D1}" = Belkin 802.11g Wireless PCI Card
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{B093990A-AAF2-44AC-9216-14BB7A2189B6}" = ImageMixer VCD2 LE for FinePix
"{B44529FF-501E-47CD-A06D-223C161BE058}" = FinePixViewer Resource
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1" = ConvertXtoDVD 2.2.3.258g
"{C0E18DC4-C74A-4889-AE3A-933471023787}" = LG PC Suite III
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E3B3AB03-8ABC-46CF-8CA9-DB5581E1F368}" = FinePix Studio
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}" = Disc2Phone
"ACE-HIGH MP3 WAV WMA OGG Converter" = ACE-HIGH MP3 WAV WMA OGG Converter
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"AVG8Uninstall" = AVG Free 8.5
"AVI MPEG RM WMV Joiner_is1" = AVI/MPEG/RM/WMV Joiner 4.11
"BitComet" = BitComet 0.63
"BookSmart® 2.8.0 2.8.0" = BookSmart® 2.8.0 2.8.0
"Canon MP210 series User Registration" = Canon MP210 series User Registration
"CanonMyPrinter" = Canon My Printer
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DVDFab Platinum 4_is1" = DVDFab Platinum 4.0.5.5
"HijackThis" = HijackThis 1.99.1
"Hollywood FX 4.6" = Pinnacle Hollywood FX 4.6
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSI Live Update 3" = MSI Live Update 3
"Nero - Burning Rom!UninstallKey" = Ahead Nero - Burning Rom
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Audio Driver" = NVIDIA Audio Driver
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nForce Drivers" = NVIDIA nForce Drivers
"QuicktimeAlt_is1" = QuickTime Alternative 1.68
"RealPlayer 6.0" = RealPlayer
"SpywareBlaster_is1" = SpywareBlaster 4.4
"Streambox Vcr Suite_is1" = Streambox Vcr Suite 2
"Tweak UI 2.10" = Tweak UI
"VLC media player" = VideoLAN VLC media player 0.8.6c
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XP Codec Pack" = XP Codec Pack
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Customizations" = Yahoo! Extras
"Yahoo! Internet Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12/04/2011 18:43:42 | Computer Name = TOMATO-W14GXZZR | Source = MsiInstaller | ID = 11721
Description = Product: LG USB Modem Drivers -- Error 1721. There is a problem with
this Windows Installer package. A program required for this install to complete
could not be run. Contact your support personnel or package vendor. Action: ExeLauncher.exe,
location: C:\Program Files\LG Electronics\LG USB Modem Drivers\ExeLauncher.exe,
command: C:\Program Files\\LG Electronics\LG USB Modem Drivers
Error - 12/04/2011 18:43:45 | Computer Name = TOMATO-W14GXZZR | Source = MsiInstaller | ID = 11500
Description = Product: LG USB Modem Drivers -- Error 1500. Another installation
is in progress. You must complete that installation before continuing this one.
Error - 12/04/2011 18:43:49 | Computer Name = TOMATO-W14GXZZR | Source = Application Error | ID = 1000
Description = Faulting application usbautorun.exe, version 1.0.0.7, faulting module
usbautorun.exe, version 1.0.0.7, fault address 0x000122a6.
Error - 14/04/2011 15:40:27 | Computer Name = TOMATO-W14GXZZR | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 10.0.0.1270, faulting
module msvcr80.dll, version 8.0.50727.4053, fault address 0x00008aa0.
Error - 16/04/2011 11:21:36 | Computer Name = TOMATO-W14GXZZR | Source = Lavasoft Ad-Aware Service | ID = 0
Description =
Error - 19/04/2011 14:12:55 | Computer Name = TOMATO-W14GXZZR | Source = Application Hang | ID = 1002
Description = Hanging application rundll32.exe, version 5.1.2600.2180, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 04/05/2011 13:19:18 | Computer Name = TOMATO-W14GXZZR | Source = Application Error | ID = 1000
Description = Faulting application mbam.exe, version 1.50.1.3, faulting module version.dll,
version 5.1.2600.2180, fault address 0x00001deb.
Error - 04/05/2011 16:50:47 | Computer Name = TOMATO-W14GXZZR | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 10.0.0.1270, faulting
module msvcr80.dll, version 8.0.50727.5592, fault address 0x00008aa0.
Error - 04/05/2011 17:23:39 | Computer Name = TOMATO-W14GXZZR | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This operation returned because the timeout period expired.
Error - 10/05/2011 13:11:20 | Computer Name = TOMATO-W14GXZZR | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 04/05/2011 13:03:05 | Computer Name = TOMATO-W14GXZZR | Source = Service Control Manager | ID = 7000
Description = The DNINDIS5 NDIS Protocol Driver service failed to start due to the
following error: %%3
Error - 04/05/2011 13:03:05 | Computer Name = TOMATO-W14GXZZR | Source = Service Control Manager | ID = 7000
Description = The DNINDIS5 NDIS Protocol Driver service failed to start due to the
following error: %%3
Error - 04/05/2011 13:03:05 | Computer Name = TOMATO-W14GXZZR | Source = Service Control Manager | ID = 7000
Description = The DNINDIS5 NDIS Protocol Driver service failed to start due to the
following error: %%3
Error - 04/05/2011 13:03:05 | Computer Name = TOMATO-W14GXZZR | Source = Service Control Manager | ID = 7000
Description = The DNINDIS5 NDIS Protocol Driver service failed to start due to the
following error: %%3
Error - 04/05/2011 13:03:05 | Computer Name = TOMATO-W14GXZZR | Source = Service Control Manager | ID = 7000
Description = The DNINDIS5 NDIS Protocol Driver service failed to start due to the
following error: %%3
Error - 04/05/2011 13:03:05 | Computer Name = TOMATO-W14GXZZR | Source = Service Control Manager | ID = 7000
Description = The DNINDIS5 NDIS Protocol Driver service failed to start due to the
following error: %%3
Error - 04/05/2011 13:03:06 | Computer Name = TOMATO-W14GXZZR | Source = Service Control Manager | ID = 7000
Description = The DNINDIS5 NDIS Protocol Driver service failed to start due to the
following error: %%3
Error - 04/05/2011 13:03:06 | Computer Name = TOMATO-W14GXZZR | Source = Service Control Manager | ID = 7000
Description = The DNINDIS5 NDIS Protocol Driver service failed to start due to the
following error: %%3
Error - 04/05/2011 13:03:06 | Computer Name = TOMATO-W14GXZZR | Source = Service Control Manager | ID = 7000
Description = The DNINDIS5 NDIS Protocol Driver service failed to start due to the
following error: %%3
Error - 04/05/2011 13:03:06 | Computer Name = TOMATO-W14GXZZR | Source = Service Control Manager | ID = 7000
Description = The DNINDIS5 NDIS Protocol Driver service failed to start due to the
following error: %%3
< End of report >
#23
Posted 10 May 2011 - 01:02 PM
Render
-
- Malware Removal
-
- 4,195 posts
Trusted Helper
These looks like a browser requests:
Local IP of that machine is 192.168.2.6? During those flooding issues Bit Comet is not running? Also on other machines (one desktop and one laptop) P2P programs are not running?
On completion of this please test your browser (during test please turn off other two machines):
05/10/2011 19:09:40 **SYN Flood to Host** 192.168.2.6, 3846->> 64.13.232.146, 80 (from ATM1 Outbound)
05/10/2011 19:02:27 **SYN Flood to Host** 192.168.2.6, 3712->> 199.93.52.126, 80 (from ATM1 Outbound)
05/10/2011 18:08:21 **SYN Flood to Host** 192.168.2.6, 3202->> 93.184.220.20, 80 (from ATM1 Outbound)
Local IP of that machine is 192.168.2.6? During those flooding issues Bit Comet is not running? Also on other machines (one desktop and one laptop) P2P programs are not running?
On completion of this please test your browser (during test please turn off other two machines):
- Exit all programs, including Internet Explorer (if it is running).
- Click Start, and then click Run. Type the following command in the Open box, and then press ENTER:
inetcpl.cpl
- The Internet Options dialog box appears.
- Click the Advanced tab.
- Under Reset Internet Explorer settings, click Reset. Then click Reset again.
- When Internet Explorer finishes resetting the settings, click Close in the Reset Internet Explorer Settings dialog box.
- Start Internet Explorer again.
#24
Posted 10 May 2011 - 01:10 PM
Render
-
- Malware Removal
-
- 4,195 posts
Trusted Helper
Ups. They don't look like a browser requests.05/10/2011 19:09:40 **SYN Flood to Host** 192.168.2.6, 3846->> 64.13.232.146, 80 (from ATM1 Outbound)
05/10/2011 19:02:27 **SYN Flood to Host** 192.168.2.6, 3712->> 199.93.52.126, 80 (from ATM1 Outbound)
05/10/2011 18:08:21 **SYN Flood to Host** 192.168.2.6, 3202->> 93.184.220.20, 80 (from ATM1 Outbound)
#25
Posted 10 May 2011 - 01:22 PM
mp2010
- Topic Starter
-
- Member
-
- 33 posts
Member
The weird thing is they are all outbound from my machine...almost like a reverse DoS attack....
I haven't had bitcomet running in the last few days. So it happens on and off.
I haven't had bitcomet running in the last few days. So it happens on and off.
Edited by mp2010, 10 May 2011 - 01:23 PM.
#26
Posted 10 May 2011 - 01:33 PM
Render
-
- Malware Removal
-
- 4,195 posts
Trusted Helper
Yes. I see that. You are from UK? Those three IPs are from LA and Vichita in Kansas. Let's dig deeper.
We need to temporarily remove your Anti-Virus, as it interes with the fix I want to run. You can reinstall it again later. If you are not happy about doing this, please let me know before proceding
If you don't have AVG antivirus installer please download it from here to your desktop. Don't install it yet.
Download AppRemover and run it.
Click Next >>
Ensure "Remove Security Application" is collected and click Next >>
AppRemover will scan all the security applications on your PC
Select Any AVG entries from the applications offered and click Next >> twice.
Follow any further on-screen instructions. If asked to reboot,please do so.
Note: Please do not browse the internet or open any email attachments until your Anti-Virus is re-installed
NEXT...
Please download ComboFix from one of these locations:
Bleepingcomputer
ForoSpyware
Notes:
Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.
Give it atleast 20-30 minutes to finish if needed.
Please do not attach the scan results from Combofx. Use copy/paste.
We need to temporarily remove your Anti-Virus, as it interes with the fix I want to run. You can reinstall it again later. If you are not happy about doing this, please let me know before proceding
If you don't have AVG antivirus installer please download it from here to your desktop. Don't install it yet.
Download AppRemover and run it.
Click Next >>
Ensure "Remove Security Application" is collected and click Next >>
AppRemover will scan all the security applications on your PC
Select Any AVG entries from the applications offered and click Next >> twice.
Follow any further on-screen instructions. If asked to reboot,please do so.
Note: Please do not browse the internet or open any email attachments until your Anti-Virus is re-installed
NEXT...
Please download ComboFix from one of these locations:Bleepingcomputer
ForoSpyware
Notes:
- Do not mouse-click Combofix's window while it is running. That may cause it to stall.
- ComboFix may reset a number of Internet Explorer's settings, including making Internet Explorer the default browser.
- Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
- CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
- If you are using personal certificates I recommend you to export them before running ComboFix and save them to external media.
- Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
- Double click on Combofix.exe and follow the prompts.
Notes: Combofix will run without the Recovery Console installed. Skip the Recovery Console part if you're running Vista or Windows 7. - As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
- Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.
- Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
- Click on Yes. ComboFix will now start scanning your computer for known infections. This procedure can take some time, so please be patient.
- When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Give it atleast 20-30 minutes to finish if needed.
Please do not attach the scan results from Combofx. Use copy/paste.
#28
Posted 10 May 2011 - 03:49 PM
mp2010
- Topic Starter
-
- Member
-
- 33 posts
Member
coming up with 'too large to paste'....??
Edited by mp2010, 10 May 2011 - 03:51 PM.
#29
Posted 10 May 2011 - 03:55 PM
Render
-
- Malware Removal
-
- 4,195 posts
Trusted Helper
Split it into two posts please or just attach a log.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
