personal antivirus

View previous topic View next topic Go down

personal antivirus

Post by trenay76 on 20th July 2009, 11:59 pm

I have some kind of virus or something. I tried to run the malawarebytes but it's not detecting anything. I keep getting error messages about my .exe files. I don't even know where I got it because I haven't been running any P2P programs on this computer for a long time. I was also getting a message about a trojan, but that doesn't seem to be coming up anymore. Hope you can help me.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:51:00 PM, on 7/20/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\Program Files\Common Files\AOL\1153224841\ee\services\safetyCore\ver210_5_2_1\AOLSP Scheduler.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PersonalAV\pav.exe
C:\WINDOWS\system32\NetFilter.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Plus\Dancer\Dancer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Common Files\AOL\1153224841\ee\aolsoftware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Safari\Safari.exe
C:\Program Files\mcafee.com\personal firewall\MpfTray.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\Common Files\AOL\1153224841\ee\aolsoftware.exe
C:\DOCUME~1\Natasha\LOCALS~1\Temp\SafA5.tmp\winlogon.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: &Helper - {A77D3539-581D-450C-9E44-A84C415A6172} - C:\WINDOWS\system32\msxmlm.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: GoogleAFE - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1153224841\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLSPScheduler] C:\Program Files\Common Files\AOL\1153224841\ee\services\safetyCore\ver210_5_2_1\AOLSP Scheduler.exe
O4 - HKLM\..\Run: [sscRun] C:\Program Files\Common Files\AOL\1153224841\ee\SSCRun.exe
O4 - HKLM\..\Run: [MPFExe] C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PersonalAV] C:\Program Files\PersonalAV\pav.exe
O4 - HKLM\..\Run: [MSDRV] NetFilter.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Dancer] "C:\Program Files\Windows Plus\Dancer\Dancer.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - [You must be registered and logged in to see this link.]
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - [You must be registered and logged in to see this link.]
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - [You must be registered and logged in to see this link.]
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - [You must be registered and logged in to see this link.]
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildTangent\Apps\Dell Game Console\GameConsoleService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

--
End of file - 11779 bytes

trenay76
Novice
Novice

Posts Posts : 12
Joined Joined : 2009-07-20
OS OS : xp
Points Points : 26994
# Likes # Likes : 0

View user profile

Back to top Go down

Re: personal antivirus

Post by Origin on 21st July 2009, 6:54 pm

Hello trenay76,

Welcome to Geek Police, my name is Origin and I will be helping you today. Please keep the following in mind:

  • If you do not get a reply from me or another helper within 2 days, please reply to your topic with the phrase BUMP
  • If you have any cracked/pirated software in your computer delete them or we will not help you.
  • Only follow advise from Geek Police Staff and not a regular member.
  • Do NOT run any tool without Geek Police supervision as it could hinder your system useless.


  • Open HijackThis.
  • Choose "Do a system scan only"
  • Check the boxes in front of these lines:


    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: &Helper - {A77D3539-581D-450C-9E44-A84C415A6172} - C:\WINDOWS\system32\msxmlm.dll
    O4 - HKLM\..\Run: [PersonalAV] C:\Program Files\PersonalAV\pav.exe



  • Press "Fix Checked"
  • Close Hijack This.

1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to Combo-Fix as follows:





3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. We need to disable your local AV (Anti-virus) before running Combofix.

  • See [You must be registered and logged in to see this link.] for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouse click combofix's window whilst it's running. That may cause it to stall.


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31503
# Likes # Likes : 0

View user profile

Back to top Go down

Re: personal antivirus

Post by trenay76 on 21st July 2009, 9:46 pm

I followed all the steps. When I click to run combofix I'm not sure it's running all the way. I don't get any prompts. A little box comes up as if it is running then it jumps to a blue screen that looks like it would be the text box, but there's nothing in it. what am I doing wrong?

trenay76
Novice
Novice

Posts Posts : 12
Joined Joined : 2009-07-20
OS OS : xp
Points Points : 26994
# Likes # Likes : 0

View user profile

Back to top Go down

Re: personal antivirus

Post by Origin on 22nd July 2009, 9:09 pm


  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
  • Double click DDS.scr to run.
  • When complete, two logs will open. Save both of the report to your Desktop.
  • Copy and paste DDS.txt back here, I don't need to see attach.txt.


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31503
# Likes # Likes : 0

View user profile

Back to top Go down

Re: personal antivirus

Post by trenay76 on 22nd July 2009, 9:24 pm

DDS (Ver_09-06-26.01) - NTFSx86
Run by Natasha at 17:20:30.12 on Wed 07/22/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.503.69 [GMT -4:00]

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: AOL Firewall *enabled* {6515F560-BD88-41EB-AD77-F1F3F6F80BEA}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\Program Files\Common Files\AOL\1153224841\ee\AOLSoftware.exe
C:\Program Files\Common Files\AOL\1153224841\ee\services\safetyCore\ver210_5_2_1\AOLSP Scheduler.exe
C:\Program Files\mcafee.com\personal firewall\MPfTray.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\NetFilter.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Plus\Dancer\Dancer.exe
C:\Program Files\Common Files\AOL\1153224841\ee\aolsoftware.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\AOL\Launch\aollaunch.exe
C:\Program Files\Common Files\AOL\Launch\aollaunch.exe
C:\Program Files\Common Files\AOL\Launch\aollaunch.exe
C:\WINDOWS\system32\PING.EXE
C:\WINDOWS\system32\ping.exe
C:\Program Files\Common Files\AOL\1153224841\ee\SSCEvtHdlr.exe
C:\WINDOWS\system32\PING.EXE
C:\WINDOWS\system32\ping.exe
C:\PROGRA~1\AMERIC~1.0\waol.exe
C:\Program Files\Common Files\Aol\aoltpspd.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\PING.EXE
C:\WINDOWS\system32\ping.exe
C:\WINDOWS\system32\PING.EXE
C:\WINDOWS\system32\ping.exe
C:\Program Files\Safari\Safari.exe
C:\WINDOWS\system32\PING.EXE
C:\WINDOWS\system32\ping.exe
C:\Program Files\Avira\AntiVir Desktop\update.exe
C:\Documents and Settings\Natasha\Desktop\dds.scr

trenay76
Novice
Novice

Posts Posts : 12
Joined Joined : 2009-07-20
OS OS : xp
Points Points : 26994
# Likes # Likes : 0

View user profile

Back to top Go down

Re: personal antivirus

Post by trenay76 on 22nd July 2009, 9:25 pm

============== Pseudo HJT Report ===============

uStart Page = [You must be registered and logged in to see this link.]
uSearch Page = [You must be registered and logged in to see this link.]
uSearch Bar = [You must be registered and logged in to see this link.]
uDefault_Page_URL = [You must be registered and logged in to see this link.]
uSearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
uSearchAssistant = [You must be registered and logged in to see this link.]
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
mSearchAssistant = [You must be registered and logged in to see this link.]
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.15642\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\googleafe\GoogleAE.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Dancer] "c:\program files\windows plus\dancer\Dancer.exe"
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: []
mRun: [IntelWireless] c:\program files\intel\wireless\bin\ifrmewrk.exe /tf Intel PROSet/Wireless
mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [RoxioDragToDisc] "c:\program files\roxio\easy media creator 7\drag to disc\DrgToDsc.exe"
mRun: [HostManager] c:\program files\common files\aol\1153224841\ee\AOLSoftware.exe
mRun: [AOLSPScheduler] c:\program files\common files\aol\1153224841\ee\services\safetycore\ver210_5_2_1\AOLSP Scheduler.exe
mRun: [sscRun] c:\program files\common files\aol\1153224841\ee\SSCRun.exe
mRun: [MPFExe] c:\program files\mcafee.com\personal firewall\MPfTray.exe
mRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [MSDRV] NetFilter.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\americ~1.lnk - c:\program files\america online 9.0\aoltray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dlbcserv.lnk - c:\program files\dell photo printer 720\dlbcserv.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpimag~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodaks~1.lnk - c:\program files\kodak\kodak software updater\7288971\program\Kodak Software Updater.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - [You must be registered and logged in to see this link.]
DPF: {15B782AF-55D8-11D1-B477-006097098764} - [You must be registered and logged in to see this link.]
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - [You must be registered and logged in to see this link.]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - [You must be registered and logged in to see this link.]
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [You must be registered and logged in to see this link.]
DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} - [You must be registered and logged in to see this link.]
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - [You must be registered and logged in to see this link.]
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Notify: igfxcui - igfxdev.dll
Notify: IntelWireless - c:\program files\intel\wireless\bin\LgNotify.dll

============= SERVICES / DRIVERS ===============

R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-7-19 11608]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-7-19 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-7-19 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-7-19 55640]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S0 ziflga;ziflga;c:\windows\system32\drivers\sgmqwca.sys --> c:\windows\system32\drivers\sgmqwca.sys [?]

=============== Created Last 30 ================

2009-07-21 17:47 --ds---- C:\Combo-Fix
2009-07-21 17:47 389,120 a------- c:\windows\system32\CF28242.exe
2009-07-21 17:40 389,120 a------- c:\windows\system32\CF26864.exe
2009-07-21 17:39 389,120 a------- c:\windows\system32\CF26590.exe
2009-07-21 17:33 389,120 a------- c:\windows\system32\CF25401.exe
2009-07-21 17:32 389,120 a------- c:\windows\system32\CF25156.exe
2009-07-20 19:07 1,089,593 -------- c:\windows\system32\dllcache\ntprint.cat
2009-07-20 18:35 --d----- c:\windows\system32\XPSViewer
2009-07-20 18:33 1,676,288 -------- c:\windows\system32\xpssvcs.dll
2009-07-20 18:33 1,676,288 -------- c:\windows\system32\dllcache\xpssvcs.dll
2009-07-20 18:33 597,504 -------- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-07-20 18:33 575,488 -------- c:\windows\system32\xpsshhdr.dll
2009-07-20 18:33 575,488 -------- c:\windows\system32\dllcache\xpsshhdr.dll
2009-07-20 18:33 117,760 -------- c:\windows\system32\prntvpt.dll
2009-07-20 18:33 89,088 -------- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-07-20 18:33 --d----- C:\033fc94e0de911b998fcc43d
2009-07-20 18:16 --dsh--- c:\documents and settings\natasha\PrivacIE
2009-07-20 18:09 --dsh--- c:\documents and settings\natasha\IETldCache
2009-07-20 18:00 --d----- c:\windows\ie8updates
2009-07-20 17:45 -cd-h--- c:\windows\ie8
2009-07-20 17:33 246,272 -------- c:\windows\system32\dllcache\ieproxy.dll
2009-07-20 17:33 12,800 -------- c:\windows\system32\dllcache\xpshims.dll
2009-07-20 11:11 197 a------- c:\windows\system32\MRT.INI
2009-07-20 11:08 --d----- C:\ccf105ff12763a0355119ee1d9
2009-07-19 21:59 --d----- c:\docume~1\natasha\applic~1\Malwarebytes
2009-07-19 19:35 --d----- c:\program files\Nay
2009-07-19 19:14 --d----- c:\program files\dog
2009-07-19 18:24 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-19 18:24 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-07-19 18:24 --d----- c:\program files\Malwarebytes' Anti-Malware
2009-07-19 18:24 --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-07-19 10:06 55,640 a------- c:\windows\system32\drivers\avgntflt.sys
2009-07-19 10:06 --d----- c:\program files\Avira
2009-07-19 10:06 --d----- c:\docume~1\alluse~1\applic~1\Avira
2009-07-19 08:11 163,840 a------- c:\windows\system32\NetFilter.exe
2009-07-19 08:11 61,440 a------- c:\windows\system32\ndisapi.dll
2009-07-19 08:11 24,576 a------- c:\windows\system32\drivers\ndisrd.sys
2009-07-19 08:10 --d----- c:\program files\common files\Uninstall
2009-07-19 08:09 --d----- c:\program files\PersonalAV
2009-07-12 17:16 --d----- c:\docume~1\natasha\applic~1\ScreenSeven
2009-07-01 19:24 --d----- C:\AOL
2009-06-22 17:51 54,732 a---h--- c:\windows\system32\mlfcache.dat

==================== Find3M ====================

2009-06-16 10:36 119,808 a------- c:\windows\system32\t2embed.dll
2009-06-16 10:36 119,808 a------- c:\windows\system32\dllcache\t2embed.dll
2009-06-16 10:36 81,920 a------- c:\windows\system32\fontsub.dll
2009-06-16 10:36 81,920 a------- c:\windows\system32\dllcache\fontsub.dll
2009-06-03 15:09 1,291,264 a------- c:\windows\system32\quartz.dll
2009-06-03 15:09 1,291,264 -------- c:\windows\system32\dllcache\quartz.dll
2009-05-18 17:08 57,856 a------- c:\program files\Bulletin%20101607
2009-05-13 01:15 915,456 a------- c:\windows\system32\wininet.dll
2009-05-13 01:15 5,936,128 -------- c:\windows\system32\dllcache\mshtml.dll
2009-05-13 01:15 915,456 -------- c:\windows\system32\dllcache\wininet.dll
2009-05-09 08:08 4,704 a--sh--- c:\windows\system32\KGyGaAvL.sys
2009-05-07 11:32 345,600 a------- c:\windows\system32\localspl.dll
2009-05-07 11:32 345,600 -------- c:\windows\system32\dllcache\localspl.dll
2009-04-30 17:22 1,985,024 -------- c:\windows\system32\dllcache\iertutil.dll
2009-04-30 17:22 11,064,832 -------- c:\windows\system32\dllcache\ieframe.dll
2009-04-30 17:22 1,207,808 -------- c:\windows\system32\dllcache\urlmon.dll
2009-04-30 17:22 25,600 -------- c:\windows\system32\dllcache\jsproxy.dll
2009-04-30 17:22 385,536 -------- c:\windows\system32\dllcache\iedkcs32.dll
2009-04-30 07:21 173,056 -------- c:\windows\system32\dllcache\ie4uinit.exe
2007-10-28 13:43 43,815 a------- c:\program files\BO.jpg
2007-10-03 19:18 2,621,506 a------- c:\program files\whitt.bmp
2007-10-03 19:12 1,333,986 a------- c:\program files\britt.bmp
2007-04-20 06:55 77,097 ac------ c:\program files\083A.pdf
2007-04-20 06:54 239,905 ac------ c:\program files\004.pdf
2007-04-08 13:40 32,307,977 ac------ c:\program files\Second Life 1-14-0-1 Setup.exe
2007-03-09 17:16 359,112 ac------ c:\program files\LimeWireWin.exe
2007-03-08 20:08 37,844,544 ac------ c:\program files\iTunesSetup.exe
2007-01-28 16:09 24,631 ac------ c:\program files\Basketball Schedule 06_07.cwk
2007-01-04 17:57 21,822,168 ac------ c:\program files\AdbeRdr80_en_US.exe
2006-10-15 11:42 905,728 ac------ c:\program files\iview398.exe
2006-10-13 18:53 493,000 ac------ c:\program files\MyContracts.zip
2006-09-30 12:37 29,184 ac------ c:\program files\l_327_us0_lbl_bl_nam_2psht.doc
2006-08-01 15:13 5,866,006 ac------ c:\program files\puzzle_pro_pc1.exe
2006-07-31 16:27 14,038,392 ac------ c:\program files\examview_pc1.zip
2006-07-24 10:45 6,844,892 ac------ c:\program files\SudokuChallenge_AOL.exe
2006-07-18 11:26 584,840 ac------ c:\program files\flashplayer7r63_winax.exe
2006-06-07 12:28 14,028,827 ac------ c:\program files\examview_pc.zip
2006-04-17 18:03 254,680 ac------ c:\program files\wddu.exe
2006-03-02 06:12 11,030,005 ac------ c:\program files\examview_pc.exe
2005-12-28 18:25 251 ac------ c:\program files\wt3d.ini
2005-04-19 09:41 7,502,488 ac------ c:\program files\planner_pc.exe
2005-03-07 11:44 5,449,589 ac------ c:\program files\puzzle_pro_pc.exe
2003-08-18 11:44 4,767,951 ac------ c:\program files\puzzle_player_pc.exe
2008-11-15 18:18 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008111520081116\index.dat

============= FINISH: 17:21:02.10 ===============

trenay76
Novice
Novice

Posts Posts : 12
Joined Joined : 2009-07-20
OS OS : xp
Points Points : 26994
# Likes # Likes : 0

View user profile

Back to top Go down

Re: personal antivirus

Post by trenay76 on 22nd July 2009, 9:27 pm

i see that it says i have aol firewall enabled, but i can't get into aol to disable it.

trenay76
Novice
Novice

Posts Posts : 12
Joined Joined : 2009-07-20
OS OS : xp
Points Points : 26994
# Likes # Likes : 0

View user profile

Back to top Go down

Re: personal antivirus

Post by Origin on 22nd July 2009, 9:29 pm

Please download the [You must be registered and logged in to see this link.].

  • Save it to your desktop.
  • Please double-click OTM.exe to run it.
  • Copy the bolded text below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose CopyCrying


    :services
    ziflga

    :files
    C:\033fc94e0de911b998fcc43d
    C:\ccf105ff12763a0355119ee1d9
    c:\program files\PersonalAV
    c:\program files\LimeWireWin.exe



  • Return to OTMoveIt, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31503
# Likes # Likes : 0

View user profile

Back to top Go down

Re: personal antivirus

Post by trenay76 on 23rd July 2009, 9:21 pm

========== SERVICES/DRIVERS ==========

Service\Driver ziflga deleted successfully.
========== FILES ==========
C:\033fc94e0de911b998fcc43d\i386 moved successfully.
C:\033fc94e0de911b998fcc43d\amd64 moved successfully.
C:\033fc94e0de911b998fcc43d moved successfully.
C:\ccf105ff12763a0355119ee1d9 moved successfully.
c:\program files\PersonalAV moved successfully.
c:\program files\LimeWireWin.exe moved successfully.

OTM by OldTimer - Version 3.0.0.5 log created on 07232009_172004

trenay76
Novice
Novice

Posts Posts : 12
Joined Joined : 2009-07-20
OS OS : xp
Points Points : 26994
# Likes # Likes : 0

View user profile

Back to top Go down

Re: personal antivirus

Post by Origin on 23rd July 2009, 9:32 pm

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31503
# Likes # Likes : 0

View user profile

Back to top Go down

Re: personal antivirus

Post by trenay76 on 25th July 2009, 6:52 pm

Malwarebytes' Anti-Malware 1.38
Database version: 2297
Windows 5.1.2600 Service Pack 3

7/25/2009 2:38:51 PM
mbam-log-2009-07-25 (14-38-51).txt

Scan type: Quick Scan
Objects scanned: 120805
Time elapsed: 13 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\gxvxccounter (Trojan.DNSChanger) -> Quarantined and deleted successfully.

trenay76
Novice
Novice

Posts Posts : 12
Joined Joined : 2009-07-20
OS OS : xp
Points Points : 26994
# Likes # Likes : 0

View user profile

Back to top Go down

Re: personal antivirus

Post by Belahzur on 25th July 2009, 7:46 pm

Hello.
Did you rename Combofix as instructed? MBAM has found traces of a rootkit and I suspect that is the cause, and why Combofix isn't working if not renamed.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: personal antivirus

Post by trenay76 on 28th July 2009, 11:42 am

i did rename combofix to combo-fix.exe. it started to run because it told me to turn antivir off. then after I did, it took a few seconds then the blue "c:/" screen came up with nothing on it.

trenay76
Novice
Novice

Posts Posts : 12
Joined Joined : 2009-07-20
OS OS : xp
Points Points : 26994
# Likes # Likes : 0

View user profile

Back to top Go down

Re: personal antivirus

Post by Belahzur on 28th July 2009, 4:55 pm

Please do the following in Safe Mode with Networking: as the computer is booting press and hold your "F8 Key" which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode with Networking" and press your Enter key.

Note: With some computers if you press and hold a key as the computer is booting you will get a stuck key message. If this occurs, instead of pressing and holding the "F8 key", tap the "F8 key" continuously until you get the startup menu.) Once in the start up menu, select "Safe Mode with Networking", then try Combofix from there.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

Re: personal antivirus

Post by trenay76 on 11th August 2009, 1:52 pm

ComboFix 09-08-10.06 - Natasha 08/11/2009 9:24.1.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.503.301 [GMT -4:00]
Running from: c:\documents and settings\Natasha\Desktop\Combo-Fix.exe
AV: AntiVir Desktop *On-access scanning enabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: AOL Firewall *enabled* {6515F560-BD88-41EB-AD77-F1F3F6F80BEA}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Start Menu\HP Image Zone .lnk
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\accessories\cup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\accessories\customer_cup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\accessories\heart.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\accessories\menu_down.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\accessories\menu_up.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\accessories\plates.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\accessories\ticket.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\accessories\tray.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\music\mainmenumusic.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_bring_check_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_deliver_order_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_diner.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_food_ready_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_gain_heart_1.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_pencil_write_2.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_rollover_1.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\audio\sfx\sfx_seat_people_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\choosedifficulty.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\credits.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\flo_lose.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\flo_win.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\help1.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\help2.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\highscores.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\levelintro.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\levelintro_mask.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\levelover.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\levelover_mask.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\mainmenu.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\popup.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\popup_mask.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\upgradegrid.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\upgradetitle.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\backgrounds\upsell.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\arrowleft_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\arrowleft_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\arrowright_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\arrowright_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\back_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\back_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\backchalk.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\backchalkup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\backtomenu_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\backtomenu_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\cancel.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\cancelup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\career.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\career_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\close.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\closeup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\continue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\continueover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\credits_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\credits_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\download_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\download_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\easy.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\easy_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\endlessshift.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\endlessshift_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\hard.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\hard_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\help.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\help_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\highscores.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\highscores_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\instructions_blue.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\instructions_yellow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\letsplay.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\letsplayover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\medium.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\medium_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\moreinfo.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\moreinfoup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\off.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\off_on.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\on.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\on_on.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\pause.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\pauseover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\quit.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\quitgame.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\quitgameover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\quitover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\resumegame.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\resumegameover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\submit.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\submitup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\tryagain.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\tryagainover.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\upgrade_over.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\upgrade_up.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\viewglobal.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\viewglobalup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\viewhighscore.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\viewhighscoreon.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\viewlocal.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\buttons\viewlocalup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\comics\webcomic.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\config\career.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\config\customer.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\config\endless.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\config\global.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\config\powerups.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\cook\cook.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\cook\cook.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\cook\stove.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\cursor\arrow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\cursor\click.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\cursor\click2.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\cursor\grab.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\cursor\open.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\blue\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\blue\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\blue\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\green\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\green\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\green\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\purple\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\purple\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\purple\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\red\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\red\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\red\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\yellow\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\yellow\anim.xml

trenay76
Novice
Novice

Posts Posts : 12
Joined Joined : 2009-07-20
OS OS : xp
Points Points : 26994
# Likes # Likes : 0

View user profile

Back to top Go down

Re: personal antivirus

Post by trenay76 on 11th August 2009, 1:52 pm

c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\old_male\yellow\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\blue\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\blue\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\blue\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\green\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\green\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\green\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\purple\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\purple\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\purple\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\red\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\red\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\red\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\yellow\anim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\yellow\anim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\customers\young_female\yellow\sit_legs.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\flo\idle.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\flo\idle.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\flo\lower.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\flo\lower.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\flo\upper.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\flo\upper.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\fonts\arial.mvec
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\fonts\komikaaxis.mvec
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\chair.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\chair.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\dirt2top.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\dirt4top.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\dishcart.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\dishcart.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\drinkstation_off.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\drinkstation_on1.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\drinkstation_on2.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\ticketstation.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\furniture\ticketstation.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\arrowdown.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\arrowdownon.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\arrowleft.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\arrowlefton.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\arrowright.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\arrowrighton.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\arrowup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\arrowupon.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\p1icon.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\textedit.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\hiscore\title.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_1.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_1_a.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_1_b.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_1_c.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_2.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_2_a.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_2_b.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_2_c.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_2_d.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_3.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_3_a.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_3_b.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_3_c.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\endless_1_3_d.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\fifth_level_diner.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\first_level_diner.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\fourth_level_diner.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\layouts\second_level_diner.txt
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\playfirst_logo.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\background.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\food\food1.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\food\food1.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\food\food2.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\food\food2.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\food\food3.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\food\food3.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\frames\upgrade_0001.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\tables\2top.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\tables\2top.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\tables\4top.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\tables\4top.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\diner\upgrades.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\restaurants\tableshadow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\choosedifficulty.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\chooseplayer.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\chooserestaurant.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\credits.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\game.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\gothighscore.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\help.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\help2.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\hiscore.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\hiscoreinfo.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\hiscoresubmit.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\levelintro.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\levelover.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\loading.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\mainloop.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\mainmenu.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\ok.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\pause.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\style.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\tutorialintro.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\upgrade.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\upsell.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\webcomic.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\scripts\yesno.lua
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\splash\aol_logo.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\splash\gamelabsplash.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\splash\playfirst_logo.jpg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\strings.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\angersmoke.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\angersmoke.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\chairflags.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\chairflags.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\check.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\checkmark.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\clock.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\closed.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\closingtime.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\coinflip.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\coinflip.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\dollar.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\doodles\coffee.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\doodles\tables.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\doodles\wallpaper.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\expert.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\expertscore.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\foodpoof.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\foodpoof.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\fork_timer.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\goalcompleted.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\heartgrow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\heartgrow.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\jar.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\jar.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\level.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\level_career.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\score.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\sound.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\staroff.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\staron.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\tablenumber.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\tablenumberup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\traynumber.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\tutorial_character.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\tutorialarrow.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\tutorialbox.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\upgradeanim.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\upgradeanim.xml
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\upgrades\drinks.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\upgrades\maitred.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\upgrades\oven.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\upgrades\select.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\upgrades\shoes.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\upgrades\stereo.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\assets\ui\upgrades\table.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.72\dinerdash.exe
c:\windows\Downloaded Program Files\popcaploader.dll
c:\windows\Downloaded Program Files\popcaploader.inf
c:\windows\Installer\43133.msi
c:\windows\kb913800.exe
c:\windows\system32\drivers\gxvxckeebliljwanprphfkdraiyccyusctahi.sys
c:\windows\system32\gxvxccounter
c:\windows\system32\gxvxcnwexojdhppebwiuqkoryuoiitbptxefv.dll

trenay76
Novice
Novice

Posts Posts : 12
Joined Joined : 2009-07-20
OS OS : xp
Points Points : 26994
# Likes # Likes : 0

View user profile

Back to top Go down

Re: personal antivirus

Post by trenay76 on 11th August 2009, 1:53 pm

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_gxvxcserv.sys
-------\Legacy_gxvxcserv.sys


((((((((((((((((((((((((( Files Created from 2009-07-11 to 2009-08-11 )))))))))))))))))))))))))))))))
.

2009-08-10 14:55 . 2009-08-10 14:55 193793 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\wks_avira\win32\en\basic-nt\avnotify.exe
2009-08-10 14:55 . 2009-08-10 14:55 185089 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\wks_avira\win32\en\basic-nt\avguard.exe
2009-08-10 14:55 . 2009-08-10 14:55 455033 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aescript.dll
2009-08-10 14:55 . 2009-08-10 14:55 1917302 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aeheur.dll
2009-08-10 14:54 . 2009-08-10 14:54 356723 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\ave2\win32\int\aegen.dll
2009-08-10 14:50 . 2009-08-10 14:50 404737 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\wks_avira\win32\en\basic-nt\update.exe
2009-07-23 21:20 . 2009-07-23 21:20 -------- d-----w- C:\_OTM
2009-07-20 22:35 . 2009-07-20 22:35 -------- d-----w- c:\windows\system32\XPSViewer
2009-07-20 22:35 . 2009-07-20 22:35 -------- d-----w- c:\program files\MSBuild
2009-07-20 22:34 . 2009-07-20 22:34 -------- d-----w- c:\program files\Reference Assemblies
2009-07-20 22:33 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-07-20 22:33 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-07-20 22:33 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-07-20 22:33 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-07-20 22:33 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2009-07-20 22:33 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-07-20 22:33 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-07-20 22:16 . 2009-07-20 22:16 -------- d-sh--w- c:\documents and settings\Natasha\PrivacIE
2009-07-20 22:09 . 2009-07-20 22:09 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-07-20 22:09 . 2009-07-20 22:09 -------- d-sh--w- c:\documents and settings\Natasha\IETldCache
2009-07-20 22:00 . 2009-08-02 14:35 -------- d-----w- c:\windows\ie8updates
2009-07-20 21:45 . 2009-07-20 21:57 -------- dc-h--w- c:\windows\ie8
2009-07-20 21:33 . 2009-07-03 17:09 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2009-07-20 21:33 . 2009-07-03 17:09 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2009-07-20 01:59 . 2009-07-20 01:59 -------- d-----w- c:\documents and settings\Natasha\Application Data\Malwarebytes
2009-07-20 00:14 . 2009-07-20 00:14 -------- d-----w- c:\documents and settings\Jackie\Application Data\Malwarebytes
2009-07-19 23:35 . 2009-07-20 00:03 -------- d-----w- c:\program files\Nay
2009-07-19 23:14 . 2009-07-19 23:14 -------- d-----w- c:\program files\dog
2009-07-19 22:24 . 2009-06-17 15:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-19 22:24 . 2009-07-19 23:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-19 22:24 . 2009-07-19 22:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-07-19 22:24 . 2009-06-17 15:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-19 14:06 . 2009-03-30 14:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-07-19 14:06 . 2009-03-24 20:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-07-19 14:06 . 2009-02-13 16:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-07-19 14:06 . 2009-02-13 16:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-07-19 14:06 . 2009-07-19 14:06 -------- d-----w- c:\program files\Avira
2009-07-19 14:06 . 2009-07-19 14:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-07-19 12:11 . 2009-06-22 14:58 24576 ----a-w- c:\windows\system32\drivers\ndisrd.sys
2009-07-19 12:11 . 2009-05-14 09:58 61440 ----a-w- c:\windows\system32\ndisapi.dll
2009-07-19 12:10 . 2009-07-19 12:10 -------- d-----w- c:\program files\Common Files\Uninstall
2009-07-12 21:16 . 2009-07-12 21:16 -------- d-----w- c:\documents and settings\Natasha\Application Data\ScreenSeven

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-10 14:56 . 2009-08-10 14:56 55656 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\wks_avira\win32\en\basic-nt\xp\avgntflt.sys
2009-08-10 14:56 . 2009-08-10 14:56 682241 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\wks_avira\win32\en\basic-nt\setup.exe
2009-08-10 14:56 . 2009-08-10 14:56 61442 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\wks_avira\win32\en\basic-nt\setup.dll
2009-08-10 14:56 . 2009-08-10 14:56 466689 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\wks_avira\win32\en\basic-nt\avscan.exe
2009-08-10 14:50 . 2009-08-10 14:56 404737 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\TMP_UPDATE\update.exe
2009-07-27 16:04 . 2005-12-29 13:53 4704 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-07-27 16:04 . 2005-12-29 13:53 104 --sh--r- c:\windows\system32\0C4E6EE6DD.sys
2009-07-20 23:35 . 2009-06-22 21:51 54732 ---ha-w- c:\windows\system32\mlfcache.dat
2009-07-20 22:56 . 2005-12-28 22:25 63688 -c--a-w- c:\documents and settings\Natasha\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-19 13:35 . 2008-08-03 18:26 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-07-12 21:59 . 2006-12-03 18:43 -------- d-----w- c:\documents and settings\All Users\Application Data\WildTangent
2009-07-03 17:09 . 2005-08-16 10:18 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-25 00:01 . 2005-12-22 01:07 -------- d-----w- c:\program files\WildTangent
2009-06-22 21:40 . 2009-06-22 21:40 -------- d-----w- c:\documents and settings\Jackie\Application Data\Apple Computer
2009-06-22 21:35 . 2006-04-23 19:07 63688 -c--a-w- c:\documents and settings\Jackie\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-22 21:34 . 2009-06-22 21:34 -------- d-----w- c:\documents and settings\Jackie\Application Data\PC Tools
2009-06-21 14:14 . 2008-09-22 22:21 1608712 ----a-w- c:\documents and settings\All Users\Application Data\WildTangent\Dell Game Console\Downloads\en-us\Installers\SetupGamesClient.exe
2009-06-21 14:00 . 2009-06-21 14:00 -------- d-----w- c:\documents and settings\Natasha\Application Data\Gaijin Ent
2009-06-21 13:52 . 2008-08-03 18:26 -------- d-----w- c:\program files\Chill
2009-06-16 14:36 . 2005-08-16 10:18 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:36 . 2005-08-16 10:18 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-03 20:26 . 2009-08-10 14:56 345345 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\TMP_UPDATE\update.dll
2009-06-03 19:09 . 2005-08-16 10:18 1291264 ----a-w- c:\windows\system32\quartz.dll
2009-05-18 21:08 . 2007-10-16 19:29 57856 ----a-w- c:\program files\Bulletin%20101607
2009-05-15 20:39 . 2009-08-10 14:56 2438913 ----a-w- c:\documents and settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\TMP_UPDATE\rcimage.dll
2007-10-28 17:43 . 2007-10-28 17:43 43815 ----a-w- c:\program files\BO.jpg
2007-10-03 23:18 . 2007-10-03 23:14 2621506 ----a-w- c:\program files\whitt.bmp
2007-10-03 23:12 . 2007-10-03 23:12 1333986 ----a-w- c:\program files\britt.bmp
2007-04-20 10:55 . 2007-04-20 10:55 77097 -c--a-w- c:\program files\083A.pdf
2007-04-20 10:54 . 2007-04-20 10:54 239905 -c--a-w- c:\program files\004.pdf
2007-04-08 17:40 . 2007-04-08 17:39 32307977 -c--a-w- c:\program files\Second Life 1-14-0-1 Setup.exe
2007-03-09 00:08 . 2006-12-29 14:32 37844544 -c--a-w- c:\program files\iTunesSetup.exe
2007-01-28 20:09 . 2007-01-28 20:09 24631 -c--a-w- c:\program files\Basketball Schedule 06_07.cwk
2007-01-04 21:57 . 2007-01-04 21:55 21822168 -c--a-w- c:\program files\AdbeRdr80_en_US.exe
2006-10-15 15:42 . 2006-10-15 15:42 905728 -c--a-w- c:\program files\iview398.exe
2006-10-13 22:53 . 2006-10-13 22:52 493000 -c--a-w- c:\program files\MyContracts.zip
2006-09-30 16:37 . 2006-09-30 16:37 29184 -c--a-w- c:\program files\l_327_us0_lbl_bl_nam_2psht.doc
2006-08-01 19:13 . 2006-08-01 18:39 5866006 -c--a-w- c:\program files\puzzle_pro_pc1.exe
2006-07-31 20:27 . 2006-07-31 20:27 14038392 -c--a-w- c:\program files\examview_pc1.zip
2006-07-24 14:45 . 2006-07-24 14:45 6844892 -c--a-w- c:\program files\SudokuChallenge_AOL.exe
2006-07-18 15:26 . 2006-07-18 15:20 584840 -c--a-w- c:\program files\flashplayer7r63_winax.exe
2006-06-07 16:28 . 2006-06-07 16:28 14028827 -c--a-w- c:\program files\examview_pc.zip
2006-04-17 22:03 . 2006-04-17 22:02 254680 -c--a-w- c:\program files\wddu.exe
2006-03-02 10:12 . 2006-06-07 15:04 11030005 -c--a-w- c:\program files\examview_pc.exe
2005-12-28 22:25 . 2005-12-28 22:25 251 -c--a-w- c:\program files\wt3d.ini
2005-04-19 13:41 . 2006-06-07 15:08 7502488 -c--a-w- c:\program files\planner_pc.exe
2005-03-07 15:44 . 2006-06-07 15:07 5449589 -c--a-w- c:\program files\puzzle_pro_pc.exe
2003-08-18 15:44 . 2006-06-07 15:08 4767951 -c--a-w- c:\program files\puzzle_player_pc.exe
.

trenay76
Novice
Novice

Posts Posts : 12
Joined Joined : 2009-07-20
OS OS : xp
Points Points : 26994
# Likes # Likes : 0

View user profile

Back to top Go down

Re: personal antivirus

Post by trenay76 on 11th August 2009, 1:53 pm

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Dancer"="c:\program files\Windows Plus\Dancer\Dancer.exe" [2004-08-10 188416]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-28 68856]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2004-09-13 155648]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-20 114688]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-30 385024]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2005-09-01 684032]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2005-12-22 26112]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"RoxioDragToDisc"="c:\program files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe" [2005-06-09 1695744]
"HostManager"="c:\program files\Common Files\AOL\1153224841\ee\AOLSoftware.exe" [2006-09-26 50736]
"AOLSPScheduler"="c:\program files\Common Files\AOL\1153224841\ee\services\safetyCore\ver210_5_2_1\AOLSP Scheduler.exe" [2006-11-20 8784]
"sscRun"="c:\program files\Common Files\AOL\1153224841\ee\SSCRun.exe" [2006-11-20 153168]
"MPFExe"="c:\program files\mcafee.com\personal firewall\MPfTray.exe" [2006-03-07 992808]
"AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2004-04-07 496752]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-12 49152]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-11-07 111936]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
America Online 9.0 Tray Icon.lnk - c:\program files\America Online 9.0\aoltray.exe [2005-12-21 156784]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2005-12-21 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
2004-09-07 22:08 110592 ----a-w- c:\program files\Intel\Wireless\Bin\LgNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLANKEEPER"=2 (0x2)
"tmproxy"=2 (0x2)
"TmPfw"=2 (0x2)
"Tmntsrv"=2 (0x2)
"S24EventMonitor"=2 (0x2)
"RegSrvc"=2 (0x2)
"Pml Driver HPZ12"=2 (0x2)
"PcCtlCom"=2 (0x2)
"NICCONFIGSVC"=2 (0x2)
"MpfService"=2 (0x2)
"LexBceS"=2 (0x2)
"KodakCCS"=3 (0x3)
"ITMRTSVC"=2 (0x2)
"iPod Service"=3 (0x3)
"gusvc"=3 (0x3)
"EvtEng"=2 (0x2)
"DSBrokerService"=3 (0x3)
"AOL ACS"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [7/19/2009 10:06 AM 108289]

--- Other Services/Drivers In Memory ---

*Deregistered* - NDISRD

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-08-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-MSDRV - NetFilter.exe


.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uSearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-08-11 09:39
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1068)
c:\program files\Intel\Wireless\Bin\LgNotify.dll
.
Completion time: 2009-08-11 9:43
ComboFix-quarantined-files.txt 2009-08-11 13:42

Pre-Run: 16,145,993,728 bytes free
Post-Run: 17,633,431,552 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

539 --- E O F --- 2009-08-02 14:36

trenay76
Novice
Novice

Posts Posts : 12
Joined Joined : 2009-07-20
OS OS : xp
Points Points : 26994
# Likes # Likes : 0

View user profile

Back to top Go down

Re: personal antivirus

Post by Belahzur on 11th August 2009, 1:56 pm

Hello.

I see that you are running Limewire.
P2P(Peer to peer) applications are designed to help you easily share and distribute files between you and a group of people. But they can also be used to distribute malware, and thus are not considered safe.
The removal of these programs is optional, but highly recommended.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

    Limewire

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum