GeekPolice
Welcome to GeekPolice.net!

From "wow" to "whoa" - we're teaching practical technology and helping others with tech support. Join our family here!

You are viewing the forum as a "Guest" which doesn't give you member privileges to ask questions or post comments.

Take 30 seconds to register or log in below and unlock the limitations of this website to discover new computer knowledge!

NEED MAJOR HELP!

View previous topic View next topic Go down

NEED MAJOR HELP!

Post by durimi on Fri Aug 28, 2009 1:58 am

Yeah i don't know much about computers but i do know my computer will be a peice of shit if you guys dont help me, thanks..

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:57:10 PM, on 8/27/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Zoom Player\zplayer.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\Documents and Settings\Tanisha\temp\TeamViewer\Version4\TeamViewer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN\Toolbar\3.0.1203.0\msntask.exe
c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Tanisha\Desktop\winlogon.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [You must be registered and logged in to see this link.]
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
O2 - BHO: superiorads browser enhancer - {1C7743B6-95A4-14AD-90B1-251FE497B6F7} - C:\WINDOWS\system32\hxmnmqkqlpio.dll (file missing)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: dcads - {469fd5df-9cac-0167-61a3-a8c8ad33e374} - C:\WINDOWS\system32\nsu2E75.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: browser optimizer superiorads - {8E015787-B1E3-404a-95DE-3E71E1FA0305} - C:\WINDOWS\system32\spads.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O2 - BHO: dcads - {C7C90A5E-BE0A-44DD-83D2-1BE138460BAC} - C:\WINDOWS\system32\nspA.dll (file missing)
O2 - BHO: &Research - {D263FA6D-84CC-48A8-9AF6-C664362B7A5B} - C:\WINDOWS\system32\winconfig.dll (file missing)
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe
O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe
O4 - HKLM\..\Run: [bhttonppiqjib] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\hxmnmqkqlpio.dll"
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [SSA.exe] "C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe" /AUTORUN
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [ErrorFix] C:\Program Files\ErrorFix\ErrorFix.exe -boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: MP3 Rocket (Minimized).lnk = C:\Program Files\MP3 Rocket\MP3Rocket.exe
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - [You must be registered and logged in to see this link.] Files\Monopoly\Images\stg_drm.ocx
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - [You must be registered and logged in to see this link.]
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - [You must be registered and logged in to see this link.]
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - [You must be registered and logged in to see this link.] Files\Monopoly\Images\armhelper.ocx
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 9198 bytes

durimi
Novice
Novice

Status :
Online
Offline

Posts : 8
Joined : 2009-08-28
OS : XP
Points : 26550
# Likes : 0

View user profile

Back to top Go down

Re: NEED MAJOR HELP!

Post by durimi on Mon Aug 31, 2009 2:53 am

Bump

durimi
Novice
Novice

Status :
Online
Offline

Posts : 8
Joined : 2009-08-28
OS : XP
Points : 26550
# Likes : 0

View user profile

Back to top Go down

Re: NEED MAJOR HELP!

Post by Belahzur on Mon Aug 31, 2009 5:31 pm

Hello.

  • Open HijackThis
  • Choose "Do a system scan only"
  • Check the boxes in front of these lines:


    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [You must be registered and logged in to see this link.]
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [You must be registered and logged in to see this link.]
    R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
    O2 - BHO: superiorads browser enhancer - {1C7743B6-95A4-14AD-90B1-251FE497B6F7} - C:\WINDOWS\system32\hxmnmqkqlpio.dll (file missing)
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: dcads - {469fd5df-9cac-0167-61a3-a8c8ad33e374} - C:\WINDOWS\system32\nsu2E75.dll (file missing)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: browser optimizer superiorads - {8E015787-B1E3-404a-95DE-3E71E1FA0305} - C:\WINDOWS\system32\spads.dll (file missing)
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
    O2 - BHO: dcads - {C7C90A5E-BE0A-44DD-83D2-1BE138460BAC} - C:\WINDOWS\system32\nspA.dll (file missing)
    O2 - BHO: &Research - {D263FA6D-84CC-48A8-9AF6-C664362B7A5B} - C:\WINDOWS\system32\winconfig.dll (file missing)
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
    O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
    O4 - HKLM\..\Run: [bhttonppiqjib] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\system32\hxmnmqkqlpio.dll"
    O4 - HKCU\..\Run: [ErrorFix] C:\Program Files\ErrorFix\ErrorFix.exe -boot
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
    O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing


  • Press "Fix Checked"
  • Close Hijack This.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245039
# Likes : 1

View user profile

Back to top Go down

Re: NEED MAJOR HELP!

Post by durimi on Wed Sep 02, 2009 1:46 am

Malwarebytes' Anti-Malware 1.40
Database version: 2728
Windows 5.1.2600 Service Pack 3

9/1/2009 9:51:29 PM
mbam-log-2009-09-01 (21-51-27).txt

Scan type: Quick Scan
Objects scanned: 101795
Time elapsed: 31 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 10
Registry Values Infected: 1
Registry Data Items Infected: 3
Folders Infected: 26
Files Infected: 689

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d263fa6d-84cc-48a8-9af6-c664362b7a5b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\aa618030-a752-2db1-e42e-b1e88f1aed66 (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\dcads (Adware.DCads) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\superiorads (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\AdvRemoteDbg (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Relevant Knowledge (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\Documents and Settings\Tanisha\Application Data\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\QuarantineW (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\QuarantineW\2009-06-05 12-39-180 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\QuarantineW\2009-06-09 12-09-130 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\QuarantineW\2009-08-01 12-19-450 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\QuarantineW\2009-08-01 12-19-580 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\QuarantineW\2009-08-01 12-20-160 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\QuarantineW\2009-08-01 12-20-350 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\QuarantineW\2009-08-01 12-20-430 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\QuarantineW\2009-08-01 12-20-510 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\QuarantineW\2009-08-01 12-20-570 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\QuarantineW\2009-08-01 12-21-050 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\QuarantineW\2009-08-01 12-21-140 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\QuarantineW\2009-08-18 13-17-440 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Results (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\ShoppingReport (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\ShoppingReport\cs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\ShoppingReport\cs\db (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\ShoppingReport\cs\dwld (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\ShoppingReport\cs\report (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\ShoppingReport\cs\res1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\A360 (Rogue.A360AntiVirus) -> Quarantined and deleted successfully.
C:\Program Files\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data (Adware.DoubleD) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\system32\aa618030-a752-2db1-e42e-b1e88f1aed66.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dcads-remove.exe (Adware.DCads) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\superiorads-uninst.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\spy_ignore.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-05-26 10-29-070.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-05-26 10-48-550.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-05-26 12-00-070.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-05-26 12-00-120.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-05-27 08-19-210.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-05-27 12-00-030.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-05-27 12-00-031.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-05-28 07-21-030.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-05-28 12-00-090.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-05-28 12-00-110.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-05-28 23-34-330.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-05-29 12-00-160.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-05-29 12-00-240.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-05-30 12-00-250.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-05-30 12-00-330.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-05-31 23-10-290.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-01 12-00-050.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-01 12-00-120.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-02 12-00-090.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-02 12-00-100.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-03 12-00-120.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-03 12-00-160.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-03 19-44-150.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-04 01-00-250.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-04 01-09-400.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-04 12-00-130.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-04 12-00-160.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-05 12-00-060.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-05 12-00-080.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-06 12-00-130.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-06 12-00-200.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-07 12-00-230.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-07 12-00-260.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-07 21-38-210.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-08 12-00-080.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-08 12-00-170.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-08 14-28-500.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-08 17-47-120.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-09 00-35-140.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-09 05-20-110.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-09 06-40-530.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-09 12-00-020.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-09 12-00-021.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-10 12-00-040.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.

durimi
Novice
Novice

Status :
Online
Offline

Posts : 8
Joined : 2009-08-28
OS : XP
Points : 26550
# Likes : 0

View user profile

Back to top Go down

Re: NEED MAJOR HELP!

Post by durimi on Wed Sep 02, 2009 1:47 am

C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-10 12-00-060.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-11 12-00-250.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-11 12-00-340.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-12 12-00-110.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-12 12-00-140.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-13 12-00-020.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-13 12-00-021.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-13 14-55-110.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-13 15-17-490.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-14 12-41-400.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-15 12-00-000.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-15 12-00-001.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-16 12-00-000.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-16 12-00-010.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-17 12-00-000.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-17 12-00-010.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-17 15-38-530.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-18 12-00-000.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-18 12-00-010.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-19 02-21-550.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-19 12-00-030.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-19 12-00-031.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-20 12-00-000.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-20 12-00-010.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-21 12-00-040.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-21 12-00-050.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-22 12-00-000.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-22 12-00-010.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-23 12-00-020.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-23 12-00-021.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-24 12-00-000.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-24 12-00-010.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-24 23-38-360.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-25 12-00-010.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-25 12-00-011.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-26 12-00-030.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-26 12-00-040.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-06-30 17-18-010.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-07-01 12-00-000.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-07-01 12-00-010.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-07-01 14-00-380.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-07-02 04-46-130.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-07-02 12-03-280.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-07-03 12-00-000.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-07-03 12-00-001.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-07-04 12-00-000.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Logs\2009-07-04 12-00-001.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.


and it keeps goin like this for awhile...

durimi
Novice
Novice

Status :
Online
Offline

Posts : 8
Joined : 2009-08-28
OS : XP
Points : 26550
# Likes : 0

View user profile

Back to top Go down

Re: NEED MAJOR HELP!

Post by durimi on Wed Sep 02, 2009 1:48 am

C:\Documents and Settings\Tanisha\Application Data\ErrorFix\QuarantineW\2009-08-01 12-20-510\filelist.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\QuarantineW\2009-08-01 12-20-570\filelist.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\QuarantineW\2009-08-01 12-21-050\filelist.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\QuarantineW\2009-08-01 12-21-140\filelist.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\QuarantineW\2009-08-18 13-17-440\filelist.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Results\Evidence.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Results\Junk.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Results\Registry.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Application Data\ErrorFix\Results\Update.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\ShoppingReport\cs\Config.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Documents and Settings\NetworkService\Application Data\ShoppingReport\cs\res1\WhiteList.dbs (Adware.ShopperReports) -> Quarantined and deleted successfully.
C:\Program Files\ErrorFix\definitions.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Program Files\ErrorFix\ErrorFix.exe (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Program Files\ErrorFix\ErrorFix.url (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Program Files\ErrorFix\privacy.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\bg.jpg (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\CurrentVersion.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\icon.ico (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\productinfo.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\System\Uninstall\Uninstall A360.lnk (Rogue.AV360) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\components\169bac55-5ccd-d02c-d4b3-f35c70da7a78.dll- (Adware.Yoog) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\N0k7M802.exe.a_a (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\ErrorFix Scan.job (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tanisha\Desktop\winlogon.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.


and this si the end

durimi
Novice
Novice

Status :
Online
Offline

Posts : 8
Joined : 2009-08-28
OS : XP
Points : 26550
# Likes : 0

View user profile

Back to top Go down

Re: NEED MAJOR HELP!

Post by Belahzur on Wed Sep 02, 2009 1:45 pm


  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
  • Double click DDS.scr to run.
  • When complete, two logs will open. Save both of the report to your Desktop.
  • Copy and paste DDS.txt back here, I don't need to see attach.txt just yet.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245039
# Likes : 1

View user profile

Back to top Go down

Re: NEED MAJOR HELP!

Post by durimi on Thu Sep 03, 2009 8:42 pm

DDS (Ver_09-07-30.01) - NTFSx86
Run by Tanisha at 17:04:03.26 on Thu 09/03/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.382.129 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Bell\Sympatico Security Advisor\SSA.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Zoom Player\zplayer.exe
C:\Documents and Settings\Tanisha\temp\TeamViewer\Version4\TeamViewer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Tanisha\Local Settings\Temporary Internet Files\Content.IE5\QUIK6FB4\dds[1].scr

============== Pseudo HJT Report ===============

uStart Page = [You must be registered and logged in to see this link.]
uSearch Page = [You must be registered and logged in to see this link.]
uDefault_Page_URL = [You must be registered and logged in to see this link.]
uSearchAssistant = [You must be registered and logged in to see this link.]
mSearchAssistant = [You must be registered and logged in to see this link.]
uURLSearchHooks: FCToolbarURLSearchHook Class: {c3e3ddd5-bad5-4717-aa77-14e141548b83} - c:\program files\gaia online toolbar\Helper.dll
uURLSearchHooks: H - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Freecause Toolbar BHO: {b1be275b-78bf-4a33-81ab-380699cff329} - c:\program files\gaia online toolbar\Toolbar.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll
TB: Gaia Online Toolbar: {b3535c18-0e70-4d4b-b36b-bbfe139bb144} - c:\program files\gaia online toolbar\Toolbar.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [Sony Ericsson PC Suite] "c:\program files\sony ericsson\sony ericsson pc suite\SEPCSuite.exe" /systray /nologon
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [MMTray] MMTray.exe
mRun: [MMTray2K] MMTray2k.exe
mRun: [MMTrayLSI] MMTrayLSI.exe
mRun: [VX3000] c:\windows\vVX3000.exe
mRun: [SSA.exe] "c:\program files\bell\sympatico security advisor\SSA.exe" /AUTORUN
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
StartupFolder: c:\docume~1\tanisha\startm~1\programs\startup\mp3roc~1.lnk - c:\program files\mp3 rocket\MP3Rocket.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
DPF: {00000055-9980-0010-8000-00AA00389B71} - [You must be registered and logged in to see this link.]
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - [You must be registered and logged in to see this link.]
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - [You must be registered and logged in to see this link.] files\monopoly\images\stg_drm.ocx
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - [You must be registered and logged in to see this link.]
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - [You must be registered and logged in to see this link.]
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - [You must be registered and logged in to see this link.]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - [You must be registered and logged in to see this link.]
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - [You must be registered and logged in to see this link.]
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - [You must be registered and logged in to see this link.] files\monopoly\images\armhelper.ocx
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\tanisha\applic~1\mozilla\firefox\profiles\4zo6gvsg.default\
FF - prefs.js: browser.search.defaulturl - [You must be registered and logged in to see this link.]
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - plugin: c:\program files\mozilla firefox\plugins\npclntax_ZangoSA.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----




============= SERVICES / DRIVERS ===============

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-5-26 55152]
R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512]
S1 AvgLdx86;AVG Free AVI Loader Driver x86; [x]
S1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; [x]
S1 AvgTdiX;AVG Free8 Network Redirector; [x]
S2 avg8emc;AVG Free8 E-mail Scanner; [x]
S2 avg8wd;AVG Free8 WatchDog; [x]
S3 fsssvc;Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2009-2-6 533360]
S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; [x]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [2009-4-23 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [2009-4-23 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [2009-4-23 110632]

=============== Created Last 30 ================

2009-09-02 15:11 --d----- c:\program files\Gaia Online Toolbar
2009-09-01 21:15 --d----- c:\docume~1\tanisha\applic~1\Malwarebytes
2009-09-01 21:15 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-01 21:15 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-09-01 21:15 --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-09-01 21:15 --d----- c:\program files\Malwarebytes' Anti-Malware
2009-08-27 21:43 --d----- c:\docume~1\tanisha\applic~1\TeamViewer
2009-08-27 21:43 --d----- c:\documents and settings\tanisha\temp
2009-08-27 18:13 --d----- c:\program files\Ventrilo
2009-08-27 18:12 262 a------- c:\windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
2009-08-27 18:12 --d----- c:\program files\common files\Wise Installation Wizard
2009-08-22 08:47 1,089,593 -c------ c:\windows\system32\dllcache\ntprint.cat
2009-08-22 07:16 --d----- c:\program files\AskBarDis
2009-08-22 05:14 --d----- c:\windows\system32\XPSViewer
2009-08-22 05:11 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-22 05:11 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-22 05:11 117,760 -------- c:\windows\system32\prntvpt.dll
2009-08-22 05:11 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-22 05:11 575,488 -------- c:\windows\system32\xpsshhdr.dll
2009-08-22 05:11 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll
2009-08-22 05:11 1,676,288 -------- c:\windows\system32\xpssvcs.dll
2009-08-22 05:11 --d----- C:\995abbbf04ca06be84c0
2009-08-13 05:11 128,512 -c------ c:\windows\system32\dllcache\dhtmled.ocx
2009-08-13 05:10 1,315,328 -c------ c:\windows\system32\dllcache\msoe.dll
2009-08-05 05:01 204,800 -c------ c:\windows\system32\dllcache\mswebdvd.dll

==================== Find3M ====================

2009-08-05 05:01 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-08-02 15:21 0 a------- c:\documents and settings\tanisha\jagex_runescape_preferences.dat
2009-07-17 15:01 58,880 a------- c:\windows\system32\atl.dll
2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll
2009-07-03 13:09 915,456 a------- c:\windows\system32\wininet.dll
2009-06-16 10:36 119,808 a------- c:\windows\system32\t2embed.dll
2009-06-16 10:36 81,920 a------- c:\windows\system32\fontsub.dll
2009-06-12 08:31 80,896 a------- c:\windows\system32\tlntsess.exe
2009-06-12 08:31 76,288 a------- c:\windows\system32\telnet.exe
2009-06-10 10:13 84,992 a------- c:\windows\system32\avifil32.dll
2009-06-10 09:19 2,066,432 a------- c:\windows\system32\mstscax.dll
2009-06-10 02:14 132,096 a------- c:\windows\system32\wkssvc.dll
2009-06-09 10:42 171,052 a------- c:\windows\pchealth\helpctr\config\cache\Professional_32_1033.dat

============= FINISH: 17:05:16.06 ===============

durimi
Novice
Novice

Status :
Online
Offline

Posts : 8
Joined : 2009-08-28
OS : XP
Points : 26550
# Likes : 0

View user profile

Back to top Go down

Re: NEED MAJOR HELP!

Post by Belahzur on Thu Sep 03, 2009 10:38 pm

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

    Ask Toolbar


How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245039
# Likes : 1

View user profile

Back to top Go down

Re: NEED MAJOR HELP!

Post by durimi on Fri Sep 04, 2009 2:03 am

Yeah it's going much better then before, but there's still a problem. My background doesn't change to what i want, like it changes but after restarting it goes back to "You may be a victim of software counterfeiting. This copy of Windows did not pass genuine Windows validation." and if there's anything else to make my computer faster please suggest it Smile.

durimi
Novice
Novice

Status :
Online
Offline

Posts : 8
Joined : 2009-08-28
OS : XP
Points : 26550
# Likes : 0

View user profile

Back to top Go down

Re: NEED MAJOR HELP!

Post by Origin on Fri Sep 04, 2009 4:47 am

Hello, what you are saying suggests that you are running a pirated version of Windows, this is not recommended since you can't get the critical updates needed for your computer and could get easily infected again. Until you get a genuine key for your system your desktop background will always stay like that.


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Status :
Online
Offline

Posts : 2685
Joined : 2009-05-05
Gender : Male
OS : Windows Xp Sp3
Points : 31453
# Likes : 0

View user profile

Back to top Go down

Re: NEED MAJOR HELP!

Post by durimi on Fri Sep 04, 2009 5:56 am

So you cant help me?

durimi
Novice
Novice

Status :
Online
Offline

Posts : 8
Joined : 2009-08-28
OS : XP
Points : 26550
# Likes : 0

View user profile

Back to top Go down

Re: NEED MAJOR HELP!

Post by Belahzur on Fri Sep 04, 2009 3:16 pm

Sorry, no. MS updates has detected that this OS may or may not be genuine.

That image is displayed if the OS is a cracked pirated version, of a real version that's not activated yet.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245039
# Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum