alpha anitvirus!

View previous topic View next topic Go down

alpha anitvirus!

Post by tinkerbell123 on Wed Sep 23, 2009 6:20 pm

please get this off my computer, its driving me bonkers Smile

i have copied and pasted from the hijack this like yu requested

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:18:46 PM, on 23/09/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\AlphaAV\Alpha Antivirus.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A77D3539-581D-450C-9E44-A84C415A6172} - C:\Windows\System32\msnaoladdon.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] "C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe (User 'Default user')
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - [You must be registered and logged in to see this link.]
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - [You must be registered and logged in to see this link.]
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 9493 bytes

tinkerbell123
Novice
Novice

Posts Posts : 14
Joined Joined : 2009-09-23
OS OS : vista
Points Points : 26307
# Likes # Likes : 0

View user profile

Back to top Go down

Re: alpha anitvirus!

Post by tinkerbell123 on Wed Sep 23, 2009 6:36 pm

and this is the log from malware

Malwarebytes' Anti-Malware 1.41
Database version: 2851
Windows 6.0.6002 Service Pack 2

23/09/2009 12:35:18 PM
mbam-log-2009-09-23 (12-35-18).txt

Scan type: Quick Scan
Objects scanned: 89350
Time elapsed: 8 minute(s), 48 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 7
Files Infected: 115

Memory Processes Infected:
C:\Program Files\AlphaAV\Alpha Antivirus.exe (Rogue.AlphaAV) -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{a77d3539-581d-450c-9e44-a84c415a6172} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a77d3539-581d-450c-9e44-a84c415a6172} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a77d3539-581d-450c-9e44-a84c415a6172} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Adware_Pro (Rogue.AdwarePro) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\Environment\avapp (Rogue.PersonalAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Environment\avuninst (Rogue.PersonalAntiVirus) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Users\Owner\AppData\Roaming\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\Logs (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360 (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\Results (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Program Files\Adware_Pro (Rogue.AdwarePro) -> Quarantined and deleted successfully.
C:\Program Files\AlphaAV (Rogue.AlphaAV) -> Quarantined and deleted successfully.

Files Infected:
C:\Users\Owner\AppData\Roaming\ErrorFix\Logs\2009-03-28 15-31-330.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\filelist.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-0.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-1.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-10.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-100.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-101.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-102.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-103.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-104.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-105.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-11.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-12.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-13.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-14.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-15.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-16.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-17.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-18.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-19.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-2.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-20.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-21.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-22.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-23.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-24.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-25.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-26.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-27.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-28.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-29.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-3.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-30.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-31.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-32.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-33.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-34.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-35.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-36.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-37.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-38.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-39.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-4.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-40.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-41.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-42.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-43.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-44.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-45.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-46.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-47.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-48.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-49.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-5.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-50.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-51.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-52.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-53.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-54.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-55.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-56.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-57.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-58.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-59.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-6.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-60.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-61.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-62.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-63.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-64.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-65.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-66.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-67.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-68.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-69.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-7.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-70.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-71.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-72.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-73.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-74.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-75.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-76.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-77.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-78.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-79.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-8.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-80.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-81.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-82.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-83.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-84.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-85.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-86.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-87.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-88.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-89.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-9.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-90.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-91.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-92.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-93.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-94.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-95.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-96.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-97.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-98.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\QuarantineW\2009-03-28 15-40-360\regb-99.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\Results\Evidence.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\Results\Junk.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\Results\Registry.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Roaming\ErrorFix\Results\Update.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Program Files\Adware_Pro\APSchedule.txt (Rogue.AdwarePro) -> Quarantined and deleted successfully.
C:\Program Files\AlphaAV\Alpha Antivirus.exe (Rogue.AlphaAV) -> Quarantined and deleted successfully.
C:\Windows\Tasks\ErrorFix Scan.job (Rogue.ErrorFix) -> Quarantined and deleted successfully.

tinkerbell123
Novice
Novice

Posts Posts : 14
Joined Joined : 2009-09-23
OS OS : vista
Points Points : 26307
# Likes # Likes : 0

View user profile

Back to top Go down

Re: alpha anitvirus!

Post by Belahzur on Wed Sep 23, 2009 7:06 pm


  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
  • Double click DDS.scr to run.
  • When complete, two logs will open. Save both of the report to your Desktop.
  • Copy and paste DDS.txt back here, I don't need to see attach.txt just yet.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245049
# Likes # Likes : 1

View user profile

Back to top Go down

Re: alpha anitvirus!

Post by tinkerbell123 on Thu Sep 24, 2009 2:16 pm

its asks me to disable on board script blocking tools? im not sure what this means?

tinkerbell123
Novice
Novice

Posts Posts : 14
Joined Joined : 2009-09-23
OS OS : vista
Points Points : 26307
# Likes # Likes : 0

View user profile

Back to top Go down

Re: alpha anitvirus!

Post by tinkerbell123 on Thu Sep 24, 2009 2:28 pm

DDS (Ver_09-07-30.01) - NTFSx86
Run by Owner at 8:19:36.56 on 24/09/2009
Internet Explorer: 8.0.6001.18813
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.1013.95 [GMT -6:00]

AV: Norton Internet Security *On-access scanning enabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Norton Internet Security *enabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\Windows Media Player\wmplayer.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H37251CM\dds[1].scr

============== Pseudo HJT Report ===============

uSearch Page = [You must be registered and logged in to see this link.]
uSearch Bar = Preserve
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {1e8a6170-7264-4d0f-beae-d42a53123c75} - c:\program files\common files\symantec shared\coshared\browser\1.0\NppBho.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: Show Norton Toolbar: {90222687-f593-4738-b738-fbee9c7b26df} - c:\program files\common files\symantec shared\coshared\browser\1.0\UIBHO.dll
TB: {4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [TOSCDSPD] TOSCDSPD.EXE
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [NDSTray.exe] NDSTray.exe
mRun: [KeNotify] c:\program files\toshiba\utilities\KeNotify.exe
mRun: [HWSetup] c:\program files\toshiba\utilities\HWSetup.exe hwSetUP
mRun: [SVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTIL
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe"
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [PaperPort PTD] c:\program files\scansoft\paperport\pptd40nt.exe
mRun: [IndexSearch] c:\program files\scansoft\paperport\IndexSearch.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [IS CfgWiz] "c:\program files\common files\symantec shared\opc\{31011d49-d90c-4da0-878b-78d28ad507af}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
mRun: [osCheck] "c:\program files\norton internet security\osCheck.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
dRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - [You must be registered and logged in to see this link.]
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - [You must be registered and logged in to see this link.]
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - [You must be registered and logged in to see this link.]
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - [You must be registered and logged in to see this link.]
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - [You must be registered and logged in to see this link.]
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - [You must be registered and logged in to see this link.]
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - [You must be registered and logged in to see this link.]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
Notify: igfxcui - igfxdev.dll

============= SERVICES / DRIVERS ===============

R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]
S3 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\idsdefs\20061025.029\IDSvix86.sys [2009-9-23 202872]
S3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\drivers\s916bus.sys [2007-11-2 83496]
S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:\windows\system32\drivers\s916mdfl.sys [2007-11-2 15016]
S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:\windows\system32\drivers\s916mdm.sys [2007-11-2 109992]

=============== Created Last 30 ================

2009-09-23 12:17 --d----- c:\program files\Trend Micro
2009-09-23 12:14 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-23 12:14 19,160 a------- c:\windows\system32\drivers\mbam.sys
2009-09-23 12:14 --d----- c:\program files\Malwarebytes' Anti-Malware
2009-09-23 11:41 0 a------- c:\windows\system32\msnaoladdon.dll.tmp
2009-09-23 09:37 --d----- c:\program files\Norton Internet Security
2009-09-23 09:35 109,744 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2009-09-23 09:35 8,014 a------- c:\windows\system32\drivers\SYMEVENT.CAT
2009-09-23 09:35 805 a------- c:\windows\system32\drivers\SYMEVENT.INF
2009-09-23 09:30 --d----- c:\program files\Symantec
2009-09-23 08:03 7,396 a------- c:\windows\system32\drivers\pctcore.cat
2009-09-23 08:03 506,368 a------- c:\windows\system32\msxml.dll
2009-09-22 14:05 61,440 a------- c:\windows\system32\ndisapi.dll
2009-09-22 14:05 13,312 a------- c:\windows\system32\drivers\snetcfg.exe
2009-09-22 14:05 --d----- c:\program files\common files\Uninstall
2009-09-11 14:27 --d----- c:\windows\system32\eu-ES
2009-09-11 14:27 --d----- c:\windows\system32\ca-ES
2009-09-11 14:27 --d----- c:\windows\system32\vi-VN
2009-09-11 13:28 3,601,896 a------- c:\windows\system32\ntkrnlpa.exe
2009-09-11 13:27 978,944 a------- c:\windows\system32\crypt32.dll
2009-09-09 08:53 904,776 a------- c:\windows\system32\drivers\tcpip.sys
2009-09-09 08:53 105,984 a------- c:\windows\system32\netiohlp.dll
2009-09-09 08:53 30,720 a------- c:\windows\system32\drivers\tcpipreg.sys
2009-09-09 08:53 27,136 a------- c:\windows\system32\NETSTAT.EXE
2009-09-09 08:53 19,968 a------- c:\windows\system32\ARP.EXE
2009-09-09 08:53 10,240 a------- c:\windows\system32\finger.exe
2009-09-09 08:53 9,728 a------- c:\windows\system32\TCPSVCS.EXE
2009-09-09 08:53 17,920 a------- c:\windows\system32\ROUTE.EXE
2009-09-09 08:53 17,920 a------- c:\windows\system32\netevent.dll
2009-09-09 08:53 11,264 a------- c:\windows\system32\MRINFO.EXE
2009-09-09 08:53 8,704 a------- c:\windows\system32\HOSTNAME.EXE
2009-09-09 08:52 2,501,921 a------- c:\windows\system32\wlan.tmf
2009-09-09 08:52 513,536 a------- c:\windows\system32\wlansvc.dll
2009-09-09 08:52 293,376 a------- c:\windows\system32\wlanmsm.dll
2009-09-09 08:52 68,096 a------- c:\windows\system32\wlanhlp.dll
2009-09-09 08:52 302,592 a------- c:\windows\system32\wlansec.dll
2009-09-09 08:52 127,488 a------- c:\windows\system32\L2SecHC.dll
2009-09-09 08:52 65,024 a------- c:\windows\system32\wlanapi.dll
2009-09-09 08:51 2,868,224 a------- c:\windows\system32\mf.dll
2009-09-09 08:51 98,816 a------- c:\windows\system32\mfps.dll
2009-09-09 08:51 53,248 a------- c:\windows\system32\rrinstaller.exe
2009-09-09 08:51 24,576 a------- c:\windows\system32\mfpmp.exe
2009-09-09 08:51 2,048 a------- c:\windows\system32\mferror.dll
2009-09-03 13:49 --d----- c:\windows\system32\EventProviders
2009-09-03 13:44 164,352 a------- c:\windows\system32\spwizui.dll
2009-09-03 13:43 754,688 a------- c:\windows\system32\propsys.dll
2009-09-03 13:42 738,816 a------- c:\windows\system32\inetcomm.dll
2009-09-03 13:41 74,752 a------- c:\windows\system32\newdev.exe
2009-09-03 13:40 52,992 a------- c:\windows\system32\drivers\stream.sys
2009-09-03 13:40 1,009 a------- c:\windows\system32\wbem\wcnwiz2.mof
2009-09-03 13:40 334 a------- c:\windows\system32\wbem\WscEapPr.mof
2009-09-03 13:40 93,696 a------- c:\windows\system32\drivers\bridge.sys
2009-09-03 13:40 15,872 a------- c:\windows\system32\drivers\usb8023.sys
2009-09-03 13:40 265,728 a------- c:\windows\system32\wbem\esscli.dll
2009-09-03 13:40 189,440 a------- c:\windows\system32\wbem\mofd.dll
2009-09-03 13:40 83,968 a------- c:\windows\system32\wbem\wmiutils.dll
2009-09-03 13:40 30,208 a------- c:\windows\system32\wbem\wbemprox.dll
2009-09-03 13:40 265,728 a------- c:\windows\system32\wbem\repdrvfs.dll
2009-09-03 13:40 705,536 a------- c:\windows\system32\SmiEngine.dll
2009-09-03 13:40 247,808 a------- c:\windows\system32\drvstore.dll
2009-09-03 13:18 55,656 a------- c:\windows\system32\drivers\avgntflt.sys
2009-09-03 12:42 --d----- c:\users\owner\appdata\roaming\OpenOffice.org
2009-09-02 11:11 28,672 a------- c:\windows\system32\Apphlpdm.dll
2009-09-02 11:11 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-27 08:46 --d----- c:\program files\JRE
2009-08-27 08:45 --d----- c:\program files\OpenOffice.org 3
2009-08-27 08:44 410,984 a------- c:\windows\system32\deploytk.dll
2009-08-27 08:04 2,048 a------- c:\windows\system32\tzres.dll
2009-08-26 07:23 1,696,768 a------- c:\windows\system32\gameux.dll

==================== Find3M ====================

2009-09-11 14:38 86,016 a------- c:\windows\inf\infstor.dat
2009-09-11 14:38 51,200 a------- c:\windows\inf\infpub.dat
2009-09-11 14:38 143,360 a------- c:\windows\inf\infstrng.dat
2009-09-11 14:27 665,600 a------- c:\windows\inf\drvindex.dat
2009-08-28 20:30 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2009-08-28 20:30 458,752 a------- c:\windows\apppatch\AcSpecfc.dll
2009-08-28 20:30 2,159,616 a------- c:\windows\apppatch\AcGenral.dll
2009-08-28 20:30 542,720 a------- c:\windows\apppatch\AcLayers.dll
2009-07-21 15:52 915,456 a------- c:\windows\system32\wininet.dll
2009-07-21 15:47 109,056 a------- c:\windows\system32\iesysprep.dll
2009-07-21 15:47 71,680 a------- c:\windows\system32\iesetup.dll
2009-07-21 14:13 133,632 a------- c:\windows\system32\ieUnatt.exe
2009-07-17 07:54 71,680 a------- c:\windows\system32\atl.dll
2009-07-15 06:40 8,147,456 a------- c:\windows\system32\wmploc.DLL
2009-07-15 06:39 313,344 a------- c:\windows\system32\wmpdxm.dll
2009-07-15 06:39 4,096 a------- c:\windows\system32\dxmasf.dll
2009-07-15 06:39 7,680 a------- c:\windows\system32\spwmp.dll
2009-03-30 13:02 3,190,688 a------- c:\users\owner\ccsetup218.exe
2008-10-21 13:52 174 a--sh--- c:\program files\desktop.ini
2006-11-02 06:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 06:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 06:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 06:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 03:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 03:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 03:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 03:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2009-06-23 07:30 16,384 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2009-06-23 07:30 32,768 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2009-06-23 07:30 16,384 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat
2009-06-23 07:30 245,760 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat

============= FINISH: 8:24:59.37 ===============

tinkerbell123
Novice
Novice

Posts Posts : 14
Joined Joined : 2009-09-23
OS OS : vista
Points Points : 26307
# Likes # Likes : 0

View user profile

Back to top Go down

Re: alpha anitvirus!

Post by tinkerbell123 on Thu Sep 24, 2009 2:35 pm

NLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-07-30.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 18/10/2007 1:02:14 PM
System Uptime: 24/09/2009 4:16:19 AM (4 hours ago)

Motherboard: TOSHIBA | | ISKAE
Processor: Intel(R) Core(TM)2 CPU T5300 @ 1.73GHz | U2E1 | 800/mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 148 GiB total, 82.36 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP499: 18/09/2009 7:25:12 AM - Windows Update
RP500: 21/09/2009 7:24:34 AM - Installed Java(TM) 6 Update 15
RP501: 21/09/2009 8:48:14 AM - Windows Update
RP503: 22/09/2009 8:59:08 AM - Avira AntiVir Personal - 22/09/2009 8:58
RP505: 23/09/2009 12:02:49 PM - Windows Defender Checkpoint
RP506: 24/09/2009 7:40:45 AM - Windows Update

==== Installed Programs ======================


Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.1.3
Adobe Shockwave Player 11.5
Adobe® Photoshop® Album Starter Edition 3.2
Advanced SystemCare 3
ALPS Touch Pad Driver
AppCore
Apple Software Update
AV
Camera Assistant Software for Toshiba
ccCommon
CD/DVD Drive Acoustic Silencer
DVD MovieFactory for TOSHIBA
ESET Online Scanner v3
Google Toolbar for Internet Explorer
Highlight Viewer (Windows Live Toolbar)
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
Java(TM) 6 Update 13
Java(TM) 6 Update 6
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6
LiveUpdate 3.2 (Symantec Corporation)
Malwarebytes' Anti-Malware
Map Button (Windows Live Toolbar)
Microsoft .NET Framework 3.5 SP1
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft XML Parser
MSRedist
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
Norton AntiVirus
Norton Confidential Browser Component
Norton Confidential Web Protection Component
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton Protection Center
OpenOffice.org 3.1
PaperPort
PowerISO
QuickTime
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
Realtek High Definition Audio Driver
Security Update for Windows Media Encoder (KB954156)
Smart Defrag 1.20
Smart Menus (Windows Live Toolbar)
Sony Ericsson Media Manager 1.1
SPBBC 32bit
Symantec Real Time Storage Protection Component
SymNet
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
The Sims™ 2 Double Deluxe
TIPCI
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Flash Cards Support Utility
TOSHIBA Hardware Setup
Toshiba Registration
TOSHIBA SD Memory Utilities
TOSHIBA Software Modem
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Utility Common Driver
VideoLAN VLC media player 0.8.6e
Windows Live Favorites for Windows Live Toolbar
Windows Live installer
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Media Encoder 9 Series
WinDVD for TOSHIBA
Yahoo! Toolbar

==== End Of File ===========================

tinkerbell123
Novice
Novice

Posts Posts : 14
Joined Joined : 2009-09-23
OS OS : vista
Points Points : 26307
# Likes # Likes : 0

View user profile

Back to top Go down

Re: alpha anitvirus!

Post by tinkerbell123 on Thu Sep 24, 2009 2:36 pm

DDS (Ver_09-07-30.01) - NTFSx86
Run by Owner at 8:29:01.10 on 24/09/2009
Internet Explorer: 8.0.6001.18813
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.1013.176 [GMT -6:00]

AV: Norton Internet Security *On-access scanning enabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Norton Internet Security *enabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\Windows Media Player\wmplayer.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\DllHost.exe
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VQJ1B4H\dds[1].scr

============== Pseudo HJT Report ===============

uSearch Page = [You must be registered and logged in to see this link.]
uSearch Bar = Preserve
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {1e8a6170-7264-4d0f-beae-d42a53123c75} - c:\program files\common files\symantec shared\coshared\browser\1.0\NppBho.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: Show Norton Toolbar: {90222687-f593-4738-b738-fbee9c7b26df} - c:\program files\common files\symantec shared\coshared\browser\1.0\UIBHO.dll
TB: {4E7BD74F-2B8D-469E-85B2-BC27FE9AAE2E} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [TOSCDSPD] TOSCDSPD.EXE
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [NDSTray.exe] NDSTray.exe
mRun: [KeNotify] c:\program files\toshiba\utilities\KeNotify.exe
mRun: [HWSetup] c:\program files\toshiba\utilities\HWSetup.exe hwSetUP
mRun: [SVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTIL
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe"
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [PaperPort PTD] c:\program files\scansoft\paperport\pptd40nt.exe
mRun: [IndexSearch] c:\program files\scansoft\paperport\IndexSearch.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [IS CfgWiz] "c:\program files\common files\symantec shared\opc\{31011d49-d90c-4da0-878b-78d28ad507af}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
mRun: [osCheck] "c:\program files\norton internet security\osCheck.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
dRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - [You must be registered and logged in to see this link.]
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - [You must be registered and logged in to see this link.]
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - [You must be registered and logged in to see this link.]
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - [You must be registered and logged in to see this link.]
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - [You must be registered and logged in to see this link.]
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - [You must be registered and logged in to see this link.]
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - [You must be registered and logged in to see this link.]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
Notify: igfxcui - igfxdev.dll

============= SERVICES / DRIVERS ===============

R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]
S3 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\idsdefs\20061025.029\IDSvix86.sys [2009-9-23 202872]
S3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\drivers\s916bus.sys [2007-11-2 83496]
S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:\windows\system32\drivers\s916mdfl.sys [2007-11-2 15016]
S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:\windows\system32\drivers\s916mdm.sys [2007-11-2 109992]

=============== Created Last 30 ================

2009-09-23 12:17 --d----- c:\program files\Trend Micro
2009-09-23 12:14 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-23 12:14 19,160 a------- c:\windows\system32\drivers\mbam.sys
2009-09-23 12:14 --d----- c:\program files\Malwarebytes' Anti-Malware
2009-09-23 11:41 0 a------- c:\windows\system32\msnaoladdon.dll.tmp
2009-09-23 09:37 --d----- c:\program files\Norton Internet Security
2009-09-23 09:35 109,744 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2009-09-23 09:35 8,014 a------- c:\windows\system32\drivers\SYMEVENT.CAT
2009-09-23 09:35 805 a------- c:\windows\system32\drivers\SYMEVENT.INF
2009-09-23 09:30 --d----- c:\program files\Symantec
2009-09-23 08:03 7,396 a------- c:\windows\system32\drivers\pctcore.cat
2009-09-23 08:03 506,368 a------- c:\windows\system32\msxml.dll
2009-09-22 14:05 61,440 a------- c:\windows\system32\ndisapi.dll
2009-09-22 14:05 13,312 a------- c:\windows\system32\drivers\snetcfg.exe
2009-09-22 14:05 --d----- c:\program files\common files\Uninstall
2009-09-11 14:27 --d----- c:\windows\system32\eu-ES
2009-09-11 14:27 --d----- c:\windows\system32\ca-ES
2009-09-11 14:27 --d----- c:\windows\system32\vi-VN
2009-09-11 13:28 3,601,896 a------- c:\windows\system32\ntkrnlpa.exe
2009-09-11 13:27 978,944 a------- c:\windows\system32\crypt32.dll
2009-09-09 08:53 904,776 a------- c:\windows\system32\drivers\tcpip.sys
2009-09-09 08:53 105,984 a------- c:\windows\system32\netiohlp.dll
2009-09-09 08:53 30,720 a------- c:\windows\system32\drivers\tcpipreg.sys
2009-09-09 08:53 27,136 a------- c:\windows\system32\NETSTAT.EXE
2009-09-09 08:53 19,968 a------- c:\windows\system32\ARP.EXE
2009-09-09 08:53 10,240 a------- c:\windows\system32\finger.exe
2009-09-09 08:53 9,728 a------- c:\windows\system32\TCPSVCS.EXE
2009-09-09 08:53 17,920 a------- c:\windows\system32\ROUTE.EXE
2009-09-09 08:53 17,920 a------- c:\windows\system32\netevent.dll
2009-09-09 08:53 11,264 a------- c:\windows\system32\MRINFO.EXE
2009-09-09 08:53 8,704 a------- c:\windows\system32\HOSTNAME.EXE
2009-09-09 08:52 2,501,921 a------- c:\windows\system32\wlan.tmf
2009-09-09 08:52 513,536 a------- c:\windows\system32\wlansvc.dll
2009-09-09 08:52 293,376 a------- c:\windows\system32\wlanmsm.dll
2009-09-09 08:52 68,096 a------- c:\windows\system32\wlanhlp.dll
2009-09-09 08:52 302,592 a------- c:\windows\system32\wlansec.dll
2009-09-09 08:52 127,488 a------- c:\windows\system32\L2SecHC.dll
2009-09-09 08:52 65,024 a------- c:\windows\system32\wlanapi.dll
2009-09-09 08:51 2,868,224 a------- c:\windows\system32\mf.dll
2009-09-09 08:51 98,816 a------- c:\windows\system32\mfps.dll
2009-09-09 08:51 53,248 a------- c:\windows\system32\rrinstaller.exe
2009-09-09 08:51 24,576 a------- c:\windows\system32\mfpmp.exe
2009-09-09 08:51 2,048 a------- c:\windows\system32\mferror.dll
2009-09-03 13:49 --d----- c:\windows\system32\EventProviders
2009-09-03 13:44 164,352 a------- c:\windows\system32\spwizui.dll
2009-09-03 13:43 754,688 a------- c:\windows\system32\propsys.dll
2009-09-03 13:42 738,816 a------- c:\windows\system32\inetcomm.dll
2009-09-03 13:41 74,752 a------- c:\windows\system32\newdev.exe
2009-09-03 13:40 52,992 a------- c:\windows\system32\drivers\stream.sys
2009-09-03 13:40 1,009 a------- c:\windows\system32\wbem\wcnwiz2.mof
2009-09-03 13:40 334 a------- c:\windows\system32\wbem\WscEapPr.mof
2009-09-03 13:40 93,696 a------- c:\windows\system32\drivers\bridge.sys
2009-09-03 13:40 15,872 a------- c:\windows\system32\drivers\usb8023.sys
2009-09-03 13:40 265,728 a------- c:\windows\system32\wbem\esscli.dll
2009-09-03 13:40 189,440 a------- c:\windows\system32\wbem\mofd.dll
2009-09-03 13:40 83,968 a------- c:\windows\system32\wbem\wmiutils.dll
2009-09-03 13:40 30,208 a------- c:\windows\system32\wbem\wbemprox.dll
2009-09-03 13:40 265,728 a------- c:\windows\system32\wbem\repdrvfs.dll
2009-09-03 13:40 705,536 a------- c:\windows\system32\SmiEngine.dll
2009-09-03 13:40 247,808 a------- c:\windows\system32\drvstore.dll
2009-09-03 13:18 55,656 a------- c:\windows\system32\drivers\avgntflt.sys
2009-09-03 12:42 --d----- c:\users\owner\appdata\roaming\OpenOffice.org
2009-09-02 11:11 28,672 a------- c:\windows\system32\Apphlpdm.dll
2009-09-02 11:11 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-27 08:46 --d----- c:\program files\JRE
2009-08-27 08:45 --d----- c:\program files\OpenOffice.org 3
2009-08-27 08:44 410,984 a------- c:\windows\system32\deploytk.dll
2009-08-27 08:04 2,048 a------- c:\windows\system32\tzres.dll
2009-08-26 07:23 1,696,768 a------- c:\windows\system32\gameux.dll

==================== Find3M ====================

2009-09-11 14:38 86,016 a------- c:\windows\inf\infstor.dat
2009-09-11 14:38 51,200 a------- c:\windows\inf\infpub.dat
2009-09-11 14:38 143,360 a------- c:\windows\inf\infstrng.dat
2009-09-11 14:27 665,600 a------- c:\windows\inf\drvindex.dat
2009-08-28 20:30 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2009-08-28 20:30 458,752 a------- c:\windows\apppatch\AcSpecfc.dll
2009-08-28 20:30 2,159,616 a------- c:\windows\apppatch\AcGenral.dll
2009-08-28 20:30 542,720 a------- c:\windows\apppatch\AcLayers.dll
2009-07-21 15:52 915,456 a------- c:\windows\system32\wininet.dll
2009-07-21 15:47 109,056 a------- c:\windows\system32\iesysprep.dll
2009-07-21 15:47 71,680 a------- c:\windows\system32\iesetup.dll
2009-07-21 14:13 133,632 a------- c:\windows\system32\ieUnatt.exe
2009-07-17 07:54 71,680 a------- c:\windows\system32\atl.dll
2009-07-15 06:40 8,147,456 a------- c:\windows\system32\wmploc.DLL
2009-07-15 06:39 313,344 a------- c:\windows\system32\wmpdxm.dll
2009-07-15 06:39 4,096 a------- c:\windows\system32\dxmasf.dll
2009-07-15 06:39 7,680 a------- c:\windows\system32\spwmp.dll
2009-03-30 13:02 3,190,688 a------- c:\users\owner\ccsetup218.exe
2008-10-21 13:52 174 a--sh--- c:\program files\desktop.ini
2006-11-02 06:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 06:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 06:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 06:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 03:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 03:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 03:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 03:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2009-06-23 07:30 16,384 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2009-06-23 07:30 32,768 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2009-06-23 07:30 16,384 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat
2009-06-23 07:30 245,760 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat

============= FINISH: 8:34:13.11 ===============

tinkerbell123
Novice
Novice

Posts Posts : 14
Joined Joined : 2009-09-23
OS OS : vista
Points Points : 26307
# Likes # Likes : 0

View user profile

Back to top Go down

Re: alpha anitvirus!

Post by tinkerbell123 on Thu Sep 24, 2009 2:40 pm

Thank You! i dont really know anything about computers, i iknd of feel lost. I hope everything you need is here for you! I really appreciate EVERYTHING!! Hooray!

tinkerbell123
Novice
Novice

Posts Posts : 14
Joined Joined : 2009-09-23
OS OS : vista
Points Points : 26307
# Likes # Likes : 0

View user profile

Back to top Go down

Re: alpha anitvirus!

Post by Belahzur on Thu Sep 24, 2009 6:30 pm

Hello.


  • Click Start >> Control Panel.
  • Under the Programs click Uninstall a Program
  • Highlight the following:

    Java(TM) 6 Update 13
    Java(TM) 6 Update 6
    Java(TM) 6 Update 7
    Java(TM) SE Runtime Environment 6

  • Click on the Uninstall/Change button at the top.

Next, delete this file in bold:
c:\windows\system32\msnaoladdon.dll.tmp

How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245049
# Likes # Likes : 1

View user profile

Back to top Go down

Re: alpha anitvirus!

Post by tinkerbell123 on Thu Sep 24, 2009 7:30 pm

Next, delete this file in bold:
c:\windows\system32\msnaoladdon.dll.tmp

what does this mean?

tinkerbell123
Novice
Novice

Posts Posts : 14
Joined Joined : 2009-09-23
OS OS : vista
Points Points : 26307
# Likes # Likes : 0

View user profile

Back to top Go down

Re: alpha anitvirus!

Post by Belahzur on Thu Sep 24, 2009 11:44 pm

Find the file in bold using Windows Exporer (Windows key + E) then right click, and hit delete.

Or we can use a tool to do it automatically for us.

Please download the [You must be registered and logged in to see this link.].

  • Save it to your desktop.
  • Please double-click OTM.exe to run it.
  • Copy the bolded text below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose CopyCrying


    :files
    c:\windows\system32\msnaoladdon.dll.tmp


  • Return to OTMoveIt, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245049
# Likes # Likes : 1

View user profile

Back to top Go down

Re: alpha anitvirus!

Post by tinkerbell123 on Fri Sep 25, 2009 1:50 pm

========== FILES ==========
c:\windows\system32\msnaoladdon.dll.tmp moved successfully.

OTM by OldTimer - Version 3.0.0.6 log created on 09252009_074921

tinkerbell123
Novice
Novice

Posts Posts : 14
Joined Joined : 2009-09-23
OS OS : vista
Points Points : 26307
# Likes # Likes : 0

View user profile

Back to top Go down

Re: alpha anitvirus!

Post by Belahzur on Fri Sep 25, 2009 6:32 pm

We can remove OTMoveIt now.

  • Please double-click OTM.exe to run it again.
  • Press the green CleanUp! button.
  • Press Yes cleanup process prompt, do the same for the reboot prompt.
How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245049
# Likes # Likes : 1

View user profile

Back to top Go down

Re: alpha anitvirus!

Post by tinkerbell123 on Fri Sep 25, 2009 9:30 pm

its running pretty good. is there anything you would recommend me to do?
do i have alot of problems with my computer? should i just get a new one. or does this one work fine?

tinkerbell123
Novice
Novice

Posts Posts : 14
Joined Joined : 2009-09-23
OS OS : vista
Points Points : 26307
# Likes # Likes : 0

View user profile

Back to top Go down

Re: alpha anitvirus!

Post by Belahzur on Sat Sep 26, 2009 12:15 am

Hello.
No, the machine is fine, luckily this malware is just the fraud type and not one that does serious damage.

We need to make a new restore point.

To turn off System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (or the Turn off System Restore on all drives check box), and then click OK.
4. Click Yes when you receive the prompt to the turn off System Restore.

Now we need to make a new restore point.
To turn on System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (To turn on System Restore), and then click OK.

Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems. As happy as we are to help you, for your sake we would rather not have repeat customers. Goofy

1) Please navigate to [You must be registered and logged in to see this link.] and download all the "critical updates" for Windows. This can patch many of the security holes through which attackers can gain access to your computer.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates , or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

2) In order to protect yourself against spyware, you should consider installing and running the following free programs:

[You must be registered and logged in to see this link.]
A tutorial on using Ad-Aware to remove spyware from your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]
A tutorial on using Spybot to remove spyware from your computer may be found [You must be registered and logged in to see this link.]. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

[You must be registered and logged in to see this link.]
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found [You must be registered and logged in to see this link.].

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

3) Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
[You must be registered and logged in to see this link.]
I also recommand the following add-ons for Firefox, they will help keep you safe from malicious scripts or activeX exploits.
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.

To help you keep your software updated, please considering using this free software program that will check for program updates.
[You must be registered and logged in to see this link.]

5) Finally, consider maintaining a firewall. Some good free firewalls are [You must be registered and logged in to see this link.], or
[You must be registered and logged in to see this link.]
A tutorial on understanding and using firewalls may be found [You must be registered and logged in to see this link.].

Please also read Tony Klein's excellent article: [You must be registered and logged in to see this link.]

If you would take a moment to fill out our feedback form, we would appreciate it.
The link can be found [You must be registered and logged in to see this link.].

Hopefully this should take care of your problems! Good luck. Big Grin


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245049
# Likes # Likes : 1

View user profile

Back to top Go down

Re: alpha anitvirus!

Post by tinkerbell123 on Mon Sep 28, 2009 9:58 pm

thank you so much for your fast response. i really appreciate it. i have downloaded all of the programs you have recommended to me. the only one i am having issues wiht is spy bot search and destroy, it says i need to be admininstrator, but arnt i already? and if not how do i become it?

tinkerbell123
Novice
Novice

Posts Posts : 14
Joined Joined : 2009-09-23
OS OS : vista
Points Points : 26307
# Likes # Likes : 0

View user profile

Back to top Go down

Re: alpha anitvirus!

Post by Belahzur on Tue Sep 29, 2009 12:14 am

Hello.
You may think you are the administrator, but seeing as this is XP, but there is hȋdden admin account, it can only be seen from Safe Mode, or another hȋdden advanced logon menu box.

What is the error saying exactly?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245049
# Likes # Likes : 1

View user profile

Back to top Go down

Re: alpha anitvirus!

Post by tinkerbell123 on Tue Sep 29, 2009 4:24 pm

hello thank you for your response i have downloaded all of your reccommendations except the spy bot search and destroy says i need to be an admininstrator? what does that mean? please help me! Smile

tinkerbell123
Novice
Novice

Posts Posts : 14
Joined Joined : 2009-09-23
OS OS : vista
Points Points : 26307
# Likes # Likes : 0

View user profile

Back to top Go down

Re: alpha anitvirus!

Post by Belahzur on Tue Sep 29, 2009 10:28 pm

Uninstall Spybot and then re-install it. Smile


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245049
# Likes # Likes : 1

View user profile

Back to top Go down

spybot search and detroy

Post by tinkerbell123 on Thu Oct 01, 2009 2:39 pm

so when i first downloaded the spybot search and detroy it says if you remove advertising robots with this program you may not be allowed to continue using thier hosts programs. Read their liscense agreement for further information.

then when i run a a scan and i go to fix problems it says:
This action may not be performed completely since you are not admininstrator, if you want this performed for all users please run this application elevated as an admininstrator.

so i click okay and then it says:
unexpected error in fixing problems (cannot create file "C:\windows\wininit.ini." access denied.


so im not to sure, i uninstalled it and re installed it and same issue so im not to sure.

Thanks for all the help Smile Thank You! Cheesy Grin (sparkly

tinkerbell123
Novice
Novice

Posts Posts : 14
Joined Joined : 2009-09-23
OS OS : vista
Points Points : 26307
# Likes # Likes : 0

View user profile

Back to top Go down

Re: alpha anitvirus!

Post by tinkerbell123 on Wed Oct 07, 2009 4:34 pm

so when i first downloaded the spybot search and detroy it says if you remove advertising robots with this program you may not be allowed to continue using thier hosts programs. Read their liscense agreement for further information.

then when i run a a scan and i go to fix problems it says:
This action may not be performed completely since you are not admininstrator, if you want this performed for all users please run this application elevated as an admininstrator.

so i click okay and then it says:
unexpected error in fixing problems (cannot create file "C:\windows\wininit.ini." access denied.


so im not to sure, i uninstalled it and re installed it and same issue so im not to sure.

Thanks for all the help

tinkerbell123
Novice
Novice

Posts Posts : 14
Joined Joined : 2009-09-23
OS OS : vista
Points Points : 26307
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum