personal antivirus

View previous topic View next topic Go down

Re: personal antivirus

Post by Ransom on 10th August 2009, 6:17 pm

NLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-07-30.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 3/9/2007 5:07:57 PM
System Uptime: 8/10/2009 9:12:04 AM (4 hours ago)

Motherboard: Dell Inc. | | 0MH651
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Microprocessor | 3000/800mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 133.962 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP535: 5/13/2009 11:10:34 AM - System Checkpoint
RP536: 5/13/2009 2:09:53 PM - Software Distribution Service 3.0
RP537: 5/14/2009 2:33:02 PM - System Checkpoint
RP538: 5/15/2009 8:31:50 PM - System Checkpoint
RP539: 5/18/2009 6:24:02 AM - System Checkpoint
RP540: 5/19/2009 11:36:20 AM - System Checkpoint
RP541: 5/20/2009 12:12:53 PM - System Checkpoint
RP542: 5/21/2009 12:13:58 PM - System Checkpoint
RP543: 5/22/2009 1:12:53 PM - System Checkpoint
RP544: 5/26/2009 11:56:01 AM - System Checkpoint
RP545: 5/27/2009 12:56:02 PM - System Checkpoint
RP546: 5/28/2009 2:08:02 PM - System Checkpoint
RP547: 5/29/2009 2:32:02 PM - System Checkpoint
RP548: 6/2/2009 6:15:10 AM - System Checkpoint
RP549: 6/3/2009 10:37:20 AM - System Checkpoint
RP550: 6/4/2009 12:08:22 PM - System Checkpoint
RP551: 6/5/2009 12:17:44 PM - System Checkpoint
RP552: 6/8/2009 2:22:19 PM - System Checkpoint
RP553: 6/9/2009 3:18:28 PM - System Checkpoint
RP554: 6/11/2009 10:59:23 AM - Software Distribution Service 3.0
RP555: 6/16/2009 11:20:45 PM - System Checkpoint
RP556: 6/19/2009 9:32:52 AM - System Checkpoint
RP557: 6/22/2009 8:20:28 AM - System Checkpoint
RP558: 6/23/2009 8:21:14 AM - System Checkpoint
RP559: 6/24/2009 8:24:01 AM - System Checkpoint
RP560: 6/25/2009 10:41:01 AM - System Checkpoint
RP561: 6/27/2009 11:25:32 AM - System Checkpoint
RP562: 6/29/2009 10:33:58 AM - System Checkpoint
RP563: 6/30/2009 11:55:39 AM - System Checkpoint
RP564: 7/1/2009 2:35:33 PM - System Checkpoint
RP565: 7/2/2009 3:06:01 PM - System Checkpoint
RP566: 7/3/2009 3:40:56 PM - System Checkpoint
RP567: 7/4/2009 4:40:56 PM - System Checkpoint
RP568: 7/5/2009 5:16:56 PM - System Checkpoint
RP569: 7/9/2009 9:02:18 AM - System Checkpoint
RP570: 7/13/2009 9:09:35 AM - Software Distribution Service 3.0
RP571: 7/14/2009 9:21:21 AM - System Checkpoint
RP572: 7/15/2009 9:31:34 AM - Software Distribution Service 3.0
RP573: 7/16/2009 1:40:17 PM - System Checkpoint
RP574: 7/20/2009 1:47:20 PM - System Checkpoint
RP575: 7/22/2009 8:48:10 AM - System Checkpoint
RP576: 7/23/2009 5:16:10 PM - System Checkpoint
RP577: 7/29/2009 12:16:58 PM - Software Distribution Service 3.0
RP578: 7/31/2009 10:18:11 AM - System Checkpoint
RP579: 8/3/2009 10:02:14 AM - System Checkpoint
RP580: 8/4/2009 10:23:50 AM - System Checkpoint
RP581: 8/5/2009 2:37:37 PM - System Checkpoint
RP582: 8/5/2009 2:41:01 PM - Installed AVG Free 8.5
RP583: 8/5/2009 3:33:25 PM - Removed AAYx86en
RP584: 8/5/2009 4:20:28 PM - Installed Java(TM) 6 Update 15
RP585: 8/6/2009 9:46:04 AM - Avg8 Update
RP586: 8/7/2009 10:35:40 AM - Installed NBL Purchasing
RP587: 8/7/2009 10:37:36 AM - Installed Microsoft SQL Server Desktop Engine
RP588: 8/7/2009 10:45:48 AM - Removed NBL Purchasing
RP589: 8/10/2009 9:29:03 AM - System Checkpoint
RP590: 8/10/2009 12:46:12 PM - Installed MalwareRemovalBot
RP591: 8/10/2009 12:51:32 PM - Removed MalwareRemovalBot

Ransom
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2009-08-10
OS OS : XP
Points Points : 26786
# Likes # Likes : 0

View user profile

Back to top Go down

Re: personal antivirus

Post by Ransom on 10th August 2009, 6:18 pm

DDS (Ver_09-07-30.01) - NTFSx86
Run by Richard at 13:15:30.01 on Mon 08/10/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.990.279 [GMT -5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\svcadmin.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\Intuit\QUICKB~1\QBDBMgrN.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\PersonalAV\pav.exe
C:\WINDOWS\system32\NetFilter.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\palmOne\Hotsync.exe
C:\Program Files\SHARP\OZ_ZQ-590A\sync.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBServerUtilityMgr.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Anyplace Control 4\apc_Admin.exe
C:\Program Files\MalwareRemovalBot\MalwareRemovalBot.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Richard\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = [You must be registered and logged in to see this link.]
uSearch Page = [You must be registered and logged in to see this link.]
uSearch Bar = [You must be registered and logged in to see this link.]
uDefault_Page_URL = [You must be registered and logged in to see this link.]
uInternet Connection Wizard,ShellNext = [You must be registered and logged in to see this link.]
uSearchAssistant = [You must be registered and logged in to see this link.]
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
mSearchAssistant = [You must be registered and logged in to see this link.]
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: : {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: : {a77d3539-581d-450c-9e44-a84c415a6172} - c:\windows\system32\msxmlm.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.15642\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [MalwareRemovalBot] c:\program files\malwareremovalbot\MalwareRemovalBot.exe -boot
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [PersonalAV] c:\program files\personalav\pav.exe
mRun: [MSDRV] NetFilter.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hotsyn~1.lnk - c:\program files\palmone\Hotsync.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\oz_zq-~1.lnk - c:\program files\sharp\oz_zq-590a\sync.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~2.lnk - c:\program files\common files\intuit\quickbooks\QBServerUtilityMgr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\servic~1.lnk - c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exe
uPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
uPolicies-system: Wallpaper =
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {0884DBCD-21DC-433B-B538-31C7F2843462} - [You must be registered and logged in to see this link.]
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - [You must be registered and logged in to see this link.]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R0 atiide;atiide;c:\windows\system32\drivers\atiide.sys [2007-2-23 3456]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-8-5 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-1-21 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-8-5 108552]
R2 Anyplace Control Security;Anyplace Control Security;c:\windows\svcadmin.exe [2009-5-19 112128]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-8-5 297752]
R2 QuickBooksDB17;QuickBooksDB17;c:\progra~1\intuit\quickb~1\qbdbmgrn.exe -hvquickbooksdb17 --> c:\progra~1\intuit\quickb~1\QBDBMgrN.exe -hvQuickBooksDB17 [?]
S3 MSSQL$NEBULA2K;MSSQL$NEBULA2K;c:\program files\microsoft sql server\mssql$nebula2k\binn\sqlservr.exe -snebula2k --> c:\program files\microsoft sql server\mssql$nebula2k\binn\sqlservr.exe -sNEBULA2K [?]
S3 SPCP825K;Sunplus Serial port driver;c:\windows\system32\drivers\SPCP825K.sys [2007-6-20 26624]
S3 SQLAgent$NEBULA2K;SQLAgent$NEBULA2K;c:\program files\microsoft sql server\mssql$nebula2k\binn\sqlagent.exe -i nebula2k --> c:\program files\microsoft sql server\mssql$nebula2k\binn\sqlagent.EXE -i NEBULA2K [?]

=============== Created Last 30 ================

2009-08-10 12:46 --d----- c:\docume~1\richard\applic~1\MalwareRemovalBot
2009-08-10 12:34 --d----- c:\program files\common files\PC Tools
2009-08-10 12:34 --d----- c:\program files\Spyware Doctor
2009-08-10 08:45 114,688 a------- c:\windows\system32\NetFilter.exe
2009-08-10 08:45 61,440 a------- c:\windows\system32\ndisapi.dll
2009-08-10 08:45 24,576 a------- c:\windows\system32\drivers\ndisrd.sys
2009-08-10 08:44 376,832 a------- c:\windows\system32\msxmlm.dll
2009-08-10 08:44 --d----- c:\program files\common files\Uninstall
2009-08-10 08:44 --d----- c:\program files\PersonalAV
2009-08-07 10:48 1,077,248 a------- c:\windows\system32\ChilkatMail.dll
2009-08-07 10:48 137,000 a------- c:\windows\system32\msmapi32.ocx
2009-08-07 10:48 --d----- c:\docume~1\richard\applic~1\WaverlyStreet
2009-08-07 10:37 --d----- C:\MSDERelA
2009-08-07 10:36 --d----- c:\docume~1\richard\applic~1\Business Suite
2009-08-07 10:35 --d----- c:\program files\NBL Purchasing
2009-08-07 10:16 --d----- c:\program files\Purchasing ToolPak 2009
2009-08-07 09:25 --d----- C:\BS1en20085Free
2009-08-06 14:07 20 a------- c:\windows\twain.dat
2009-08-06 13:52 1,803,776 a------- c:\windows\NetworkCfg.exe
2009-08-06 13:51 --d----- c:\program files\Anyplace Control 4
2009-08-06 13:51 --d----- c:\documents and settings\all users\Anyplace Control 4
2009-08-05 16:20 411,368 a------- c:\windows\system32\deploytk.dll
2009-08-05 16:20 73,728 a------- c:\windows\system32\javacpl.cpl
2009-08-05 15:29 --d----- c:\program files\DSS
2009-08-05 14:41 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-08-05 14:41 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-08-05 14:41 335,240 a------- c:\windows\system32\drivers\avgldx86.sys
2009-08-05 14:41 --d----- c:\windows\system32\drivers\Avg
2009-08-05 14:41 --d----- c:\program files\AVG
2009-08-05 14:41 --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-08-05 14:21 --d----- c:\docume~1\richard\applic~1\AVG8
2009-07-29 10:08 594,432 -------- c:\windows\system32\dllcache\msfeeds.dll
2009-07-29 10:08 55,296 -------- c:\windows\system32\dllcache\msfeedsbs.dll
2009-07-14 08:45 --dsh--- c:\documents and settings\richard\IECompatCache
2009-07-13 12:25 --dsh--- c:\documents and settings\richard\PrivacIE
2009-07-13 09:49 --dsh--- c:\documents and settings\richard\IETldCache
2009-07-13 09:16 102,912 -------- c:\windows\system32\dllcache\iecompat.dll
2009-07-13 09:16 --d----- c:\windows\ie8updates
2009-07-13 09:15 12,800 -------- c:\windows\system32\dllcache\xpshims.dll
2009-07-13 09:15 11,067,392 -------- c:\windows\system32\dllcache\ieframe.dll
2009-07-13 09:15 1,985,536 -------- c:\windows\system32\dllcache\iertutil.dll
2009-07-13 09:15 246,272 -------- c:\windows\system32\dllcache\ieproxy.dll
2009-07-13 09:13 -cd-h--- c:\windows\ie8

==================== Find3M ====================

2009-07-19 08:18 5,937,152 -------- c:\windows\system32\dllcache\mshtml.dll
2009-07-03 12:09 915,456 a------- c:\windows\system32\wininet.dll
2009-07-03 12:09 915,456 -------- c:\windows\system32\dllcache\wininet.dll
2009-07-03 12:09 1,208,832 -------- c:\windows\system32\dllcache\urlmon.dll
2009-07-03 12:09 206,848 -------- c:\windows\system32\dllcache\occache.dll
2009-07-03 12:09 25,600 -------- c:\windows\system32\dllcache\jsproxy.dll
2009-07-03 12:09 184,320 -------- c:\windows\system32\dllcache\iepeers.dll
2009-07-03 12:09 386,048 -------- c:\windows\system32\dllcache\iedkcs32.dll
2009-07-03 06:01 173,056 -------- c:\windows\system32\dllcache\ie4uinit.exe
2009-06-16 09:36 119,808 a------- c:\windows\system32\t2embed.dll
2009-06-16 09:36 81,920 a------- c:\windows\system32\fontsub.dll
2009-06-16 09:36 119,808 -------- c:\windows\system32\dllcache\t2embed.dll
2009-06-16 09:36 81,920 -------- c:\windows\system32\dllcache\fontsub.dll
2009-06-03 14:09 1,291,264 a------- c:\windows\system32\quartz.dll
2009-06-03 14:09 1,291,264 -------- c:\windows\system32\dllcache\quartz.dll
2009-05-19 19:10 112,128 a------- c:\windows\svcadmin.exe

============= FINISH: 13:15:56.20 ===============

Ransom
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2009-08-10
OS OS : XP
Points Points : 26786
# Likes # Likes : 0

View user profile

Back to top Go down

Re: personal antivirus

Post by Belahzur on 10th August 2009, 6:38 pm

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

how do I remove this paysite from my computer called personal antivirus?

Post by clint on 10th August 2009, 6:52 pm

I am having trouble trying to remove a program called personal antivirus from my computer. How is it done?

clint
Beginner
Beginner

Posts Posts : 2
Joined Joined : 2009-08-10
OS OS : vista
Points Points : 26784
# Likes # Likes : 0

View user profile

Back to top Go down

Re: personal antivirus

Post by Ransom on 10th August 2009, 6:55 pm

Thank you so much!! IT worked so quickly! After a very annoying morning, my day just improved! Thank you so much!

Ransom
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2009-08-10
OS OS : XP
Points Points : 26786
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum