Personal Antivirus Software

View previous topic View next topic Go down

Personal Antivirus Software

Post by lachatnoir on 24th November 2009, 4:42 am

Got infected again!!! It seems this happens when my daughter gets off of myspace. I have tried all of the the software I have, and nothing has helped, not even malwarebytes. Thank you.
Here is the log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:33:03 PM, on 11/23/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\2Wire\2PortalMon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\bdiqtp\iidusysguard.exe
C:\Program Files\Trojan Remover\Trjscan.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\bdiqtp\iidusysguard.exe
C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Compaq_Administrator\Application Data\Simply Super Software\Trojan Remover\wby9.exe
C:\Documents and Settings\Compaq_Administrator\Desktop\Exe\winlogon.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O1 - Hosts: ::1 localhost
O1 - Hosts: 193.169.12.50 win-guard2009.microsoft.com
O1 - Hosts: 193.169.12.50 win-guard2009.com
O1 - Hosts: 193.169.12.50 [You must be registered and logged in to see this link.]
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [2wSysTray] C:\Program Files\2Wire\2PortalMon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BitPump] "C:\Program Files\AnalogX\BitPump\bitpump.exe" /VerifySettings
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [ltpegoec] C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\bdiqtp\iidusysguard.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ltpegoec] C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\bdiqtp\iidusysguard.exe
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - [You must be registered and logged in to see this link.] Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - [You must be registered and logged in to see this link.] Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - [You must be registered and logged in to see this link.] Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - [You must be registered and logged in to see this link.] Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O8 - Extra context menu item: Open with BitPump - C:\Program Files\AnalogX\BitPump\ieint.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: [You must be registered and logged in to see this link.]
O15 - Trusted Zone: [You must be registered and logged in to see this link.] (HKLM)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - [You must be registered and logged in to see this link.]
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - [You must be registered and logged in to see this link.]
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - [You must be registered and logged in to see this link.]
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - [You must be registered and logged in to see this link.]
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\LG Software Innovations\1Click DVD Copy Pro\GameConsoleService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe

--
End of file - 13051 bytes

lachatnoir
Intermediate
Intermediate

Posts Posts : 99
Joined Joined : 2009-06-28
Gender Gender : Female
OS OS : Windows 7
Points Points : 28476
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Personal Antivirus Software

Post by Dr Jay on 24th November 2009, 5:39 am

Please download ComboFix from [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found [You must be registered and logged in to see this link.]
  • Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console


Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


  • Click on Yes, to continue scanning for malware.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14317
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 303008
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Personal Antivirus Software

Post by lachatnoir on 24th November 2009, 3:06 pm

Saved commy to desktop. Disabled mcafee, etc. Typed in "%userprofile%\desktop\commy.exe" /stepdel in Run box. Received Windows error, that file could not be found. I have tried many times... Please let me know what to do, thanks.

lachatnoir
Intermediate
Intermediate

Posts Posts : 99
Joined Joined : 2009-06-28
Gender Gender : Female
OS OS : Windows 7
Points Points : 28476
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Personal Antivirus Software

Post by Dr Jay on 24th November 2009, 6:45 pm

Try to double-click on the file, instead.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14317
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 303008
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Personal Antivirus Software

Post by lachatnoir on 24th November 2009, 7:14 pm

I did and it stayed stuck on a dialog box that said Combofix. Then nothing happened. Now it has disappeared from my desktop. This happened twice.

lachatnoir
Intermediate
Intermediate

Posts Posts : 99
Joined Joined : 2009-06-28
Gender Gender : Female
OS OS : Windows 7
Points Points : 28476
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Personal Antivirus Software

Post by lachatnoir on 24th November 2009, 7:25 pm

Now I can't even download Combofix.

lachatnoir
Intermediate
Intermediate

Posts Posts : 99
Joined Joined : 2009-06-28
Gender Gender : Female
OS OS : Windows 7
Points Points : 28476
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Personal Antivirus Software

Post by Dr Jay on 24th November 2009, 8:28 pm

Delete your copy of ComboFix; grab a fresh copy, except before you download it, rename it to blackpudding.bat


Navigate to Start --> Run, and enter the following command exactly as shown:

"%userprofile%\desktop\blackpudding.bat" /killall

See if ComboFix will run now.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14317
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 303008
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Personal Antivirus Software

Post by lachatnoir on 24th November 2009, 9:15 pm

Did not run. As soon as typed in the command I got that same error message. Then the icon disappeared off of the desktop. When I tried to go back to the website I could not not access the bleepingcomputer.com, then went geekstogo and renamed the download and given an error of couldn't save it.

lachatnoir
Intermediate
Intermediate

Posts Posts : 99
Joined Joined : 2009-06-28
Gender Gender : Female
OS OS : Windows 7
Points Points : 28476
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Personal Antivirus Software

Post by Dr Jay on 24th November 2009, 9:21 pm

Please go to this webpage: [You must be registered and logged in to see this link.]

This is a Conficker test. Please let me know if you see all the images at the table at the top of the page. If you do not, please tell me which ones are missing. (I.E. Top Row Second Column, or Bottom Row First Column, etc.).


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14317
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 303008
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Personal Antivirus Software

Post by lachatnoir on 24th November 2009, 9:35 pm

First Column Top: F Secure Logo - Bottom - Blowfish
Second Column Top: Secure Works - Bottom - Penguin
Third Column Top: Trend Micro - Bottom - Devil

lachatnoir
Intermediate
Intermediate

Posts Posts : 99
Joined Joined : 2009-06-28
Gender Gender : Female
OS OS : Windows 7
Points Points : 28476
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Personal Antivirus Software

Post by Dr Jay on 25th November 2009, 12:51 am

Good. Yikes

Please download [You must be registered and logged in to see this link.] by DragonMaster Jay and save it to your Desktop.
  • Right-click on SpiderKill.zip and click Extract All. Follow the prompts and read carefully, to save it to your Desktop.
  • Double-click on the SpiderKill folder, and then double-click on SpiderKill.bat and follow all the prompts in the program.
  • Within a minute, it will save its log titled SpiderKill.txt. Please post that in your next reply. You may have to use two or three posts to be able to fit the information in.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14317
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 303008
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Personal Antivirus Software

Post by lachatnoir on 25th November 2009, 1:09 am

Hi! I turned my computer off and when it rebooted I was able to load the combofix. It ran and when it was finished a log (notepad) came up, but it was empty. I haven't had the personal antivirus pop up again. I am hoping combofix took care of it, so do you think I still need to run the spiderkill? I am paranoid now):

lachatnoir
Intermediate
Intermediate

Posts Posts : 99
Joined Joined : 2009-06-28
Gender Gender : Female
OS OS : Windows 7
Points Points : 28476
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Personal Antivirus Software

Post by Dr Jay on 25th November 2009, 1:24 am

Yes, please. Smile


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14317
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 303008
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Personal Antivirus Software

Post by lachatnoir on 25th November 2009, 1:29 am

SpiderKill by DragonMaster Jay ( Oct 2009 )


Microsoft Windows XP [Version 5.1.2600]

********************Drivers list********************


Volume in drive C is PRESARIO
Volume Serial Number is E809-19D8

Directory of C:\Windows\System32\Drivers

11/24/2009 06:30 PM .
11/24/2009 06:30 PM ..
04/13/2008 12:46 PM 53,376 1394bus.sys
04/13/2008 12:36 PM 187,776 acpi.sys
08/10/2004 06:00 AM 11,648 acpiec.sys
04/13/2008 06:11 PM 4,255 adv01nt5.dll
04/13/2008 06:11 PM 3,967 adv02nt5.dll
04/13/2008 06:11 PM 3,615 adv05nt5.dll
04/13/2008 06:11 PM 3,647 adv07nt5.dll
04/13/2008 06:11 PM 3,135 adv08nt5.dll
04/13/2008 06:11 PM 3,711 adv09nt5.dll
04/13/2008 06:11 PM 3,775 adv11nt5.dll
04/13/2008 10:39 AM 142,592 aec.sys
08/14/2008 04:04 AM 138,496 afd.sys
04/13/2008 12:36 PM 42,368 agp440.sys
04/13/2008 12:36 PM 44,928 agpcpq.sys
09/23/2005 02:26 PM 1,094,751 AGRSM.sys
08/29/2005 04:11 PM 3,644,928 ALCXWDM.SYS
04/13/2008 12:36 PM 42,752 alim1541.sys
04/13/2008 12:36 PM 43,008 amdagp.sys
04/13/2008 12:31 PM 37,376 amdk6.sys
04/13/2008 12:31 PM 37,760 amdk7.sys
03/09/2005 03:53 PM 36,352 AmdK8.sys
08/03/2005 01:19 AM 22,784 aracpi.sys
08/03/2005 01:19 AM 19,200 arhidfltr.sys
08/03/2005 01:19 AM 5,376 arkbcfltr.sys
08/03/2005 01:19 AM 4,992 armoucfltr.sys
04/13/2008 12:51 PM 60,800 arp1394.sys
08/03/2005 01:19 AM 10,112 arpolicy.sys
07/17/2002 08:05 AM 16,512 ASPI32.SYS
04/13/2008 12:57 PM 14,336 asyncmac.sys
04/13/2008 12:40 PM 96,512 atapi.sys
08/03/2004 09:29 PM 56,623 ati1btxx.sys
08/03/2004 09:29 PM 11,615 ati1mdxx.sys
08/03/2004 09:29 PM 12,047 ati1pdxx.sys
08/03/2004 09:29 PM 30,671 ati1raxx.sys
08/03/2004 09:29 PM 63,663 ati1rvxx.sys
08/03/2004 09:29 PM 26,367 ati1snxx.sys
08/03/2004 09:29 PM 21,343 ati1ttxx.sys
08/03/2004 09:29 PM 36,463 ati1tuxx.sys
08/03/2004 09:29 PM 29,455 ati1xbxx.sys
08/03/2004 09:29 PM 34,735 ati1xsxx.sys
08/13/2005 10:41 PM 40,960 ati2erec.dll
08/03/2004 09:29 PM 327,040 ati2mtaa.sys
08/13/2005 11:35 PM 1,313,792 ati2mtag.sys
08/03/2004 09:29 PM 57,856 atinbtxx.sys
08/03/2004 09:29 PM 13,824 atinmdxx.sys
08/03/2004 09:29 PM 14,336 atinpdxx.sys
08/03/2004 09:29 PM 52,224 atinraxx.sys
08/03/2004 09:29 PM 104,960 atinrvxx.sys
08/03/2004 09:29 PM 28,672 atinsnxx.sys
08/03/2004 09:29 PM 13,824 atinttxx.sys
08/03/2004 09:29 PM 73,216 atintuxx.sys
08/03/2004 09:29 PM 31,744 atinxbxx.sys
08/03/2004 09:29 PM 63,488 atinxsxx.sys
07/14/2005 04:08 PM 524,850 ativcaxx.cpa
07/14/2005 04:08 PM 929 ativcaxx.vp
06/08/2005 04:45 PM 58,560 ativckxx.vp
07/17/2004 10:36 AM 64,352 ativmc20.cod
08/14/2005 02:15 AM 22,944 ativvpxx.vp
04/13/2008 12:51 PM 59,904 atmarpc.sys
08/10/2004 06:00 AM 31,360 atmepvc.sys
04/13/2008 12:51 PM 55,808 atmlane.sys
08/10/2004 06:00 AM 352,256 atmuni.sys
04/13/2008 06:11 PM 21,183 atv01nt5.dll
04/13/2008 06:11 PM 11,359 atv02nt5.dll
04/13/2008 06:11 PM 25,471 atv04nt5.dll
04/13/2008 06:11 PM 14,143 atv06nt5.dll
04/13/2008 06:11 PM 17,279 atv10nt5.dll
08/17/2001 09:59 PM 3,072 audstub.sys
07/11/2007 01:37 PM 6,272 AWRTPD.sys
08/07/2007 12:58 PM 8,320 AWRTRD.sys
11/05/2003 04:45 PM 17,408 bb-run.sys
08/10/2004 06:00 AM 4,224 beep.sys
04/13/2008 12:53 PM 71,552 bridge.sys
04/13/2008 12:46 PM 17,024 bthenum.sys
04/13/2008 12:46 PM 37,888 bthmodem.sys
04/13/2008 12:51 PM 101,120 bthpan.sys
06/13/2008 05:05 AM 272,128 bthport.sys
04/13/2008 12:46 PM 36,480 bthprint.sys
04/13/2008 12:46 PM 18,944 bthusb.sys
08/10/2004 06:00 AM 13,952 cbidf2k.sys
04/13/2008 12:46 PM 17,024 CCDECODE.sys
08/10/2004 08:00 PM 18,688 cdaudio.sys
04/13/2008 01:14 PM 63,744 cdfs.sys
08/28/2006 08:48 PM 2,432 cdr4_xp.sys
08/28/2006 08:48 PM 2,560 cdralw2k.sys
04/13/2008 12:40 PM 62,976 cdrom.sys
04/13/2008 06:11 PM 15,423 ch7xxnt5.dll
08/10/2004 08:00 PM 262,528 cinemst2.sys
04/13/2008 01:16 PM 49,536 classpnp.sys
08/10/2004 08:00 PM 11,776 cpqdap01.sys
04/13/2008 12:31 PM 36,736 crusoe.sys
07/17/2004 09:55 PM 129,045 cxthsfs2.cty
07/01/2005 06:09 PM disdn
04/13/2008 12:40 PM 36,352 disk.sys
04/13/2008 12:40 PM 14,208 diskdump.sys
04/13/2008 12:44 PM 799,744 dmboot.sys
04/13/2008 12:44 PM 153,344 dmio.sys
08/10/2004 06:00 AM 5,888 dmload.sys
04/13/2008 12:45 PM 52,864 dmusic.sys
04/13/2008 12:39 PM 206,976 dot4.sys
08/17/2001 01:47 PM 12,928 Dot4Prt.sys
08/17/2001 01:47 PM 23,808 Dot4usb.sys
04/13/2008 12:45 PM 60,160 drmk.sys
04/13/2008 12:45 PM 2,944 drmkaud.sys
03/12/2006 02:48 PM 18,816 dvd43llh.sys
08/10/2004 06:00 AM 10,496 dxapi.sys
04/13/2008 12:38 PM 71,168 dxg.sys
08/10/2004 06:00 AM 3,328 dxgthk.sys
08/17/2001 10:46 PM 6,400 enum1394.sys
11/18/2000 06:00 AM 179,418 ep518vid.sys
11/18/2000 06:00 AM 24,330 epcamd.sys
11/24/2009 06:19 PM etc
04/13/2008 01:14 PM 143,744 fastfat.sys
12/03/2003 03:23 AM 142,336 Fasttx2k.sys
04/13/2008 12:40 PM 27,392 fdc.sys
04/13/2008 12:33 PM 44,544 fips.sys
04/13/2008 12:40 PM 20,480 flpydisk.sys
04/13/2008 12:32 PM 129,792 fltmgr.sys
08/10/2004 08:00 PM 12,160 fsvga.sys
08/10/2004 06:00 AM 7,936 fs_rec.sys
08/10/2004 06:00 AM 125,056 ftdisk.sys
04/14/2005 10:12 PM 175,616 ftsata2.sys
04/13/2008 12:36 PM 46,464 gagp30kx.sys
03/19/2009 03:32 PM 23,400 GEARAspiWDM.sys
08/10/2004 06:00 AM 3,440,660 gm.dls
08/10/2004 06:00 AM 646 gmreadme.txt
04/13/2008 10:36 AM 144,384 hdaudbus.sys
01/08/2005 02:07 AM 145,920 Hdaudio.sys
04/13/2008 12:46 PM 25,600 hidbth.sys
04/13/2008 12:45 PM 36,864 hidclass.sys
04/13/2008 12:45 PM 19,200 hidir.sys
04/13/2008 12:45 PM 24,960 hidparse.sys
08/23/2001 05:24 AM 50,704 hphid409.sys
08/23/2001 05:24 AM 15,984 hphipr09.sys
08/23/2001 05:24 AM 18,864 hphius09.sys
08/23/2001 05:24 AM 50,211 hphs2k09.sys
10/30/2007 03:25 AM 49,920 HPZid412.sys
10/30/2007 03:25 AM 16,496 HPZipr12.sys
10/30/2007 03:25 AM 21,568 HPZius12.sys
08/03/2004 09:41 PM 220,032 hsfbs2s2.sys
08/03/2004 09:41 PM 685,056 hsfcxts2.sys
08/03/2004 09:41 PM 1,041,536 hsfdpsp2.sys
04/13/2008 12:53 PM 264,832 http.sys
04/13/2008 01:18 PM 52,480 i8042prt.sys
04/13/2008 12:40 PM 42,112 imapi.sys
03/10/2006 08:33 PM 7,582 incdrm.sys
04/13/2008 12:40 PM 5,504 intelide.sys
04/13/2008 12:31 PM 36,352 intelppm.sys
04/13/2008 12:53 PM 36,608 ip6fw.sys
08/10/2004 06:00 AM 32,896 ipfltdrv.sys
04/13/2008 12:57 PM 20,864 ipinip.sys
04/13/2008 12:57 PM 152,832 ipnat.sys
04/13/2008 01:19 PM 75,264 ipsec.sys
04/13/2008 12:45 PM 46,592 irbus.sys
04/13/2008 12:54 PM 11,264 irenum.sys
04/13/2008 12:36 PM 37,248 isapnp.sys
04/13/2008 12:39 PM 24,576 kbdclass.sys
04/13/2008 12:45 PM 172,416 kmixer.sys
04/13/2008 01:16 PM 141,056 ks.sys
06/24/2009 05:18 AM 92,928 ksecdd.sys
07/30/2008 07:07 PM 17,144 mbam.sys
07/30/2008 07:07 PM 38,472 mbamswissarmy.sys
08/10/2004 06:00 AM 7,680 mcd.sys
07/12/2007 09:42 PM 8,413 mcstrm.sys
04/13/2004 07:20 PM 15,781 mdc8021x.sys
08/03/2004 09:41 PM 11,868 mdmxsdk.sys
04/13/2008 12:36 PM 63,744 mf.sys
09/16/2009 09:22 AM 79,816 mfeavfk.sys
09/16/2009 09:22 AM 35,272 mfebopk.sys
09/16/2009 09:22 AM 214,664 mfehidk.sys
09/16/2009 09:22 AM 34,248 mferkdk.sys
09/16/2009 09:22 AM 40,552 mfesmfk.sys
08/10/2004 07:45 PM 11,008 mhndrv.sys
08/10/2004 06:00 AM 4,224 mnmdd.sys
04/13/2008 01:00 PM 30,080 modem.sys
04/13/2008 12:39 PM 23,040 mouclass.sys
04/13/2008 12:39 PM 42,368 mountmgr.sys
07/16/2009 11:32 AM 120,136 Mpfp.sys
04/13/2008 12:39 PM 92,544 mqac.sys
04/13/2008 12:32 PM 180,608 mrxdav.sys
10/24/2008 05:21 AM 455,296 mrxsmb.sys
04/13/2008 12:32 PM 19,072 msfs.sys
04/13/2008 12:56 PM 35,072 msgpc.sys
04/13/2008 12:39 PM 7,552 mskssrv.sys
04/13/2008 12:39 PM 5,376 mspclock.sys
04/13/2008 12:39 PM 4,992 mspqm.sys
04/13/2008 12:36 PM 15,488 mssmbios.sys
04/13/2008 12:39 PM 5,504 MSTEE.sys
08/03/2004 09:41 PM 126,686 mtlmnt5.sys
08/03/2004 09:41 PM 1,309,184 mtlstrm.sys
08/03/2004 09:29 PM 452,736 mtxparhm.sys
04/13/2008 01:17 PM 105,344 mup.sys
04/13/2008 12:43 PM 12,672 mutohpen.sys
04/13/2008 12:46 PM 85,248 NABTSFEC.sys
04/13/2008 01:20 PM 182,656 ndis.sys
04/13/2008 12:46 PM 10,880 NdisIP.sys
04/13/2008 12:57 PM 10,112 ndistapi.sys
04/13/2008 12:55 PM 14,592 ndisuio.sys
04/13/2008 01:20 PM 91,520 ndiswan.sys
04/13/2008 12:57 PM 40,576 ndproxy.sys
04/13/2008 12:56 PM 34,688 netbios.sys
04/13/2008 01:21 PM 162,816 netbt.sys
07/17/2004 10:35 AM 67,866 netwlan5.img
04/13/2008 12:51 PM 61,824 nic1394.sys
08/10/2004 08:00 PM 12,032 nikedrv.sys
04/13/2008 12:53 PM 40,320 nmnt.sys
04/13/2008 12:32 PM 30,848 npfs.sys
08/07/2007 12:56 PM 9,344 NSDriver.sys
04/13/2008 01:15 PM 574,976 ntfs.sys
08/03/2004 09:41 PM 180,360 ntmtlfax.sys
08/10/2004 06:00 AM 2,944 null.sys
08/03/2004 09:29 PM 1,897,408 nv4_mini.sys
08/10/2004 06:00 AM 12,416 nwlnkflt.sys
08/10/2004 06:00 AM 32,512 nwlnkfwd.sys
04/13/2008 12:56 PM 88,320 nwlnkipx.sys
08/10/2004 06:00 AM 63,232 nwlnknb.sys
08/10/2004 06:00 AM 55,936 nwlnkspx.sys
04/13/2008 12:34 PM 163,584 nwrdr.sys
04/13/2008 12:46 PM 61,696 ohci1394.sys
08/10/2004 06:00 AM 3,456 oprghdlr.sys
04/13/2008 12:31 PM 42,752 p3.sys
04/13/2008 12:40 PM 80,128 parport.sys
04/13/2008 12:40 PM 19,712 partmgr.sys
08/10/2004 06:00 AM 6,784 parvdm.sys
08/31/2005 05:20 PM 13,440 pcdrndisuio.sys
04/13/2008 12:36 PM 68,224 pci.sys
08/17/2001 10:51 PM 3,328 pciide.sys
04/13/2008 12:40 PM 24,960 pciidex.sys
04/13/2008 12:36 PM 120,192 pcmcia.sys
06/12/2006 08:35 PM 47,360 Pcouffin.sys
04/13/2008 01:19 PM 146,048 portcls.sys
04/13/2008 12:31 PM 35,840 processr.sys
12/12/2005 04:27 PM 19,072 PS2.sys
04/13/2008 12:56 PM 69,120 psched.sys
08/10/2004 06:00 AM 17,792 ptilink.sys
11/02/2006 03:57 PM 36,624 pxhelp20.sys
08/10/2004 06:00 AM 8,832 rasacd.sys
04/13/2008 01:19 PM 51,328 rasl2tp.sys
04/13/2008 12:57 PM 41,472 raspppoe.sys
04/13/2008 01:19 PM 48,384 raspptp.sys
08/10/2004 06:00 AM 16,512 raspti.sys
08/10/2004 06:00 AM 34,432 rawwan.sys
04/13/2008 01:28 PM 175,744 rdbss.sys
08/10/2004 06:00 AM 4,224 rdpcdd.sys
04/13/2008 12:32 PM 196,224 rdpdr.sys
04/13/2008 06:13 PM 139,656 rdpwd.sys
05/14/2003 05:59 AM 55,850 rdwm1009.sys
08/03/2004 09:41 PM 13,776 recagent.sys
04/13/2008 12:40 PM 57,600 redbook.sys
04/13/2008 12:46 PM 59,136 rfcomm.sys
08/10/2004 08:00 PM 12,032 rio8drv.sys
08/10/2004 08:00 PM 12,032 riodrv.sys
05/08/2008 08:02 AM 203,136 rmcast.sys
04/13/2008 12:56 PM 30,592 rndismp.sys
04/13/2008 12:56 PM 30,592 rndismpx.sys
08/10/2004 06:00 AM 5,888 rootmdm.sys
08/04/2004 06:31 AM 20,992 RTL8139.sys
03/04/2005 12:10 PM 74,496 Rtlnicxp.sys
08/03/2004 09:29 PM 166,912 s3gnbm.sys
04/13/2008 12:40 PM 96,384 scsiport.sys
04/13/2008 12:36 PM 79,232 sdbus.sys
11/13/2007 04:25 AM 20,480 secdrv.sys
04/13/2008 12:40 PM 15,744 serenum.sys
04/13/2008 01:15 PM 64,512 serial.sys
04/13/2008 12:40 PM 11,904 sffdisk.sys
04/13/2008 12:40 PM 10,240 sffp_mmc.sys
04/13/2008 12:40 PM 11,008 sffp_sd.sys
04/13/2008 12:40 PM 11,392 sfloppy.sys
04/13/2008 06:12 PM 3,901 siint5.dll
04/13/2008 12:36 PM 40,960 sisagp.sys
04/13/2008 12:46 PM 11,136 SLIP.sys
08/03/2004 09:41 PM 129,535 slnt7554.sys
08/03/2004 09:41 PM 404,990 slntamr.sys
08/03/2004 09:41 PM 95,424 slnthal.sys
08/03/2004 09:41 PM 13,240 slwdmsup.sys
04/13/2008 12:36 PM 5,888 smbali.sys
08/10/2004 06:00 AM 14,592 smclib.sys
04/13/2008 12:46 PM 25,344 sonydcam.sys
08/17/2001 12:56 PM 7,552 SONYPVU1.SYS
04/13/2008 12:45 PM 6,272 splitter.sys
04/13/2008 12:36 PM 73,472 sr.sys
12/11/2008 04:57 AM 333,952 srv.sys
04/13/2008 12:45 PM 49,408 stream.sys
04/13/2008 12:46 PM 15,232 StreamIP.sys
04/13/2008 12:39 PM 4,352 swenum.sys
04/13/2008 12:45 PM 56,576 swmidi.sys
04/13/2008 01:15 PM 60,800 sysaudio.sys
04/13/2008 12:40 PM 14,976 tape.sys
06/20/2008 05:51 AM 361,600 tcpip.sys
06/20/2008 05:08 AM 225,856 tcpip6.sys
04/13/2008 01:00 PM 19,072 tdi.sys
04/13/2008 06:13 PM 12,040 tdpipe.sys
04/13/2008 06:13 PM 21,896 tdtcp.sys
04/13/2008 06:13 PM 40,840 termdd.sys
08/10/2004 08:00 PM 51,712 tosdvd.sys
08/10/2004 08:00 PM 21,376 tsbvcap.sys
04/13/2008 12:56 PM 12,288 tunmp.sys
04/13/2008 12:36 PM 44,672 uagp35.sys
04/13/2008 12:32 PM 66,048 udfs.sys
07/12/2007 09:48 PM UMDF
04/13/2008 12:39 PM 384,768 update.sys
04/13/2008 12:56 PM 12,800 usb8023.sys
04/13/2008 12:56 PM 12,800 usb8023x.sys
07/09/2009 11:16 AM 39,424 usbaapl.sys
04/13/2008 12:45 PM 60,032 usbaudio.sys
04/13/2008 12:45 PM 25,600 usbcamd.sys
04/13/2008 12:45 PM 25,728 usbcamd2.sys
04/13/2008 12:45 PM 32,128 usbccgp.sys
08/10/2004 06:00 AM 4,736 usbd.sys
04/13/2008 12:45 PM 30,208 usbehci.sys
04/13/2008 12:45 PM 59,520 usbhub.sys
04/13/2008 12:45 PM 15,872 usbintel.sys
08/31/2005 05:11 PM 22,396 USBkey.sys
04/13/2008 12:45 PM 17,152 usbohci.sys
04/13/2008 12:45 PM 143,872 usbport.sys
04/13/2008 12:47 PM 25,856 usbprint.sys
04/13/2008 01:45 PM 15,104 usbscan.sys
04/13/2008 12:45 PM 26,368 usbstor.sys
04/13/2008 12:45 PM 20,608 usbuhci.sys
04/13/2008 12:46 PM 121,984 usbvideo.sys
04/13/2008 06:12 PM 11,325 vchnt5.dll
08/10/2004 08:00 PM 58,112 vdmindvd.sys
04/13/2008 12:44 PM 20,992 vga.sys
04/13/2008 12:36 PM 42,240 viaagp.sys
04/13/2008 12:40 PM 5,376 viaide.sys
04/13/2008 12:44 PM 81,664 videoprt.sys
04/13/2008 12:41 PM 52,352 volsnap.sys
04/13/2008 12:43 PM 14,208 wacompen.sys
08/03/2004 09:29 PM 11,807 wadv07nt.sys
08/03/2004 09:29 PM 11,295 wadv08nt.sys
08/03/2004 09:29 PM 11,871 wadv09nt.sys
08/03/2004 09:29 PM 11,935 wadv11nt.sys
04/13/2008 12:57 PM 34,560 wanarp.sys
08/03/2004 09:29 PM 22,271 watv06nt.sys
08/03/2004 09:29 PM 25,471 watv10nt.sys
04/13/2008 01:17 PM 83,072 wdmaud.sys
08/10/2004 06:00 AM 4,352 wmilib.sys
10/18/2006 07:00 PM 38,528 wpdusb.sys
08/10/2004 06:00 AM 12,032 ws2ifsl.sys
04/13/2008 12:46 PM 19,200 WSTCODEC.SYS
09/28/2006 05:55 PM 77,568 WudfPf.sys
09/28/2006 06:00 PM 82,944 WudfRd.sys
03/11/2005 10:02 AM 13,440 ymidusb.sys
07/26/2005 11:13 AM 57,648 z520bus.sys
07/26/2005 11:17 AM 6,176 z520cm.sys
07/26/2005 11:17 AM 6,176 z520cmnt.sys
07/26/2005 11:15 AM 8,336 z520mdfl.sys
07/26/2005 11:15 AM 93,488 z520mdm.sys
07/26/2005 11:16 AM 84,928 z520mgmt.sys
07/26/2005 11:18 AM 82,864 z520obex.sys
07/26/2005 11:13 AM 5,808 z520wh.sys
07/26/2005 11:13 AM 5,808 z520whnt.sys
349 File(s) 35,269,828 bytes

Directory of C:\Windows\System32\Drivers\disdn

07/01/2005 06:09 PM .
07/01/2005 06:09 PM ..
0 File(s) 0 bytes

Directory of C:\Windows\System32\Drivers\etc

11/24/2009 06:19 PM .
11/24/2009 06:19 PM ..
11/24/2009 06:19 PM 27 hosts
08/03/2007 01:37 PM 375 hosts.ics
08/10/2004 06:00 AM 3,683 lmhosts.sam
08/10/2004 08:00 PM 407 networks
08/10/2004 08:00 PM 799 protocol
08/10/2004 08:00 PM 7,116 services
6 File(s) 12,407 bytes

Directory of C:\Windows\System32\Drivers\UMDF

07/12/2007 09:48 PM .
07/12/2007 09:48 PM ..
10/18/2006 08:47 PM 671,232 wpdmtpdr.dll
1 File(s) 671,232 bytes

Total Files Listed:
356 File(s) 35,953,467 bytes
11 Dir(s) 140,338,745,344 bytes free


***********************Hidden Drivers********************
Volume in drive C is PRESARIO
Volume Serial Number is E809-19D8

Directory of C:\Windows\System32\Drivers

03/07/2006 11:29 PM 1,857 103C_HP_CPC_EL445AA-ABA SR1750NX NA650_YC_0Pres_QCNH548_E61NAemRED1_48_IAmberine M_SASUSTek Computer INC._V1.03_B3.13_T051115_WXP2_L409_M959_J200_7AMD_8Athlon 64_92.19_#060308_N10EC8139_Z11C10620_G10025954.MRK
1 File(s) 1,857 bytes
0 Dir(s) 140,338,757,632 bytes free


*********************Processes*******************


PROCESS PID PRIO PATH
smss.exe 564 Normal C:\WINDOWS\System32\smss.exe
csrss.exe 628 Normal C:\WINDOWS\system32\csrss.exe
winlogon.exe 660 High C:\WINDOWS\system32\winlogon.exe
services.exe 704 Normal C:\WINDOWS\system32\services.exe
lsass.exe 716 Normal C:\WINDOWS\system32\lsass.exe
Ati2evxx.exe 876 Normal C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe 888 Normal C:\WINDOWS\system32\svchost.exe
svchost.exe 968 Normal C:\WINDOWS\system32\svchost.exe
svchost.exe 1036 Normal C:\WINDOWS\System32\svchost.exe
svchost.exe 1084 Normal C:\WINDOWS\system32\svchost.exe
svchost.exe 1136 Normal C:\WINDOWS\system32\svchost.exe
aawservice.exe 1252 Normal C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
Ati2evxx.exe 1424 Normal C:\WINDOWS\system32\Ati2evxx.exe
spoolsv.exe 1792 Normal C:\WINDOWS\system32\spoolsv.exe
svchost.exe 244 Normal C:\WINDOWS\system32\svchost.exe
AppleMobileDeviceService.exe 332 Normal C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
arservice.exe 352 Normal C:\WINDOWS\arservice.exe
2PortalMon.exe 448 Normal C:\Program Files\2Wire\2PortalMon.exe
realsched.exe 460 Normal C:\Program Files\Common Files\Real\Update_OB\realsched.exe
mcagent.exe 480 Normal C:\Program Files\McAfee.com\Agent\mcagent.exe
AAWTray.exe 496 Normal C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
iTunesHelper.exe 552 Normal C:\Program Files\iTunes\iTunesHelper.exe
mDNSResponder.exe 588 Normal C:\Program Files\Bonjour\mDNSResponder.exe
HPWuSchd2.exe 596 Normal C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
ehRecvr.exe 1092 Above Normal C:\WINDOWS\eHome\ehRecvr.exe
ehSched.exe 1396 Normal C:\WINDOWS\eHome\ehSched.exe
msmsgs.exe 1616 Normal C:\Program Files\Messenger\msmsgs.exe
SUPERAntiSpyware.exe 1648 Normal C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
svchost.exe 1672 Normal C:\WINDOWS\system32\svchost.exe
Compaq Connections.exe 1932 Normal C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
hpqtra08.exe 1948 Normal C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
orbitdm.exe 1904 Normal C:\Program Files\Orbitdownloader\orbitdm.exe
SPUVolumeWatcher.exe 1992 Normal C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
jqs.exe 228 Idle C:\Program Files\Java\jre6\bin\jqs.exe
LSSrvc.exe 1188 Normal C:\Program Files\Common Files\LightScribe\LSSrvc.exe
orbitnet.exe 784 Normal C:\Program Files\Orbitdownloader\orbitnet.exe
McSACore.exe 2084 Normal C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
mcmscsvc.exe 2224 Normal C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
mcnasvc.exe 2436 Normal c:\program files\common files\mcafee\mna\mcnasvc.exe
mcproxy.exe 2520 Normal c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
MDM.EXE 2696 Normal C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
MPFSrv.exe 2744 Normal C:\Program Files\McAfee\MPF\MPFSrv.exe
svchost.exe 2784 Normal C:\WINDOWS\System32\svchost.exe
svchost.exe 2956 Normal C:\WINDOWS\System32\svchost.exe
svchost.exe 3152 Normal C:\WINDOWS\system32\svchost.exe
svchost.exe 3232 Normal C:\WINDOWS\system32\svchost.exe
mcrdsvc.exe 3440 Normal C:\WINDOWS\ehome\mcrdsvc.exe
wuauclt.exe 2468 Normal C:\WINDOWS\system32\wuauclt.exe
iPodService.exe 3260 Normal C:\Program Files\iPod\bin\iPodService.exe
dllhost.exe 3772 Normal C:\WINDOWS\system32\dllhost.exe
hpqSTE08.exe 2916 Normal C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
hpqbam08.exe 3884 Normal C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
alg.exe 4028 Normal C:\WINDOWS\System32\alg.exe
hpqgpc01.exe 2352 Normal C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
mcshield.exe 3124 High C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
mcsysmon.exe 2600 Normal C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
explorer.exe 2288 Normal C:\WINDOWS\explorer.exe
ctfmon.exe 3040 Normal C:\WINDOWS\system32\ctfmon.exe
firefox.exe 3592 Normal C:\Program Files\Mozilla Firefox\firefox.exe
cmd.exe 2924 Normal C:\WINDOWS\system32\cmd.exe
processes.exe 2212 Normal C:\Documents and Settings\Compaq_Administrator\Desktop\SpiderKill\SpiderKill\processes.exe


Module information for 'explorer.exe'(2288)
MODULE BASE SIZE PATH
explorer.exe 1000000 1044480 C:\WINDOWS\explorer.exe 6.00.2900.5512 (xpsp.080413-2105) Windows Explorer
ntdll.dll 7c900000 729088 C:\WINDOWS\system32\ntdll.dll 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234) NT Layer DLL
kernel32.dll 7c800000 1007616 C:\WINDOWS\system32\kernel32.dll 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317) Windows NT BASE API Client DLL
ADVAPI32.dll 77dd0000 634880 C:\WINDOWS\system32\ADVAPI32.dll 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234) Advanced Windows 32 Base API
RPCRT4.dll 77e70000 598016 C:\WINDOWS\system32\RPCRT4.dll 5.1.2600.5795 (xpsp_sp3_gdr.090415-1241) Remote Procedure Call Runtime
Secur32.dll 77fe0000 69632 C:\WINDOWS\system32\Secur32.dll 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305) Security Support Provider Interface
BROWSEUI.dll 75f80000 1036288 C:\WINDOWS\system32\BROWSEUI.dll 6.00.2900.5512 (xpsp.080413-2105) Shell Browser UI Library
GDI32.dll 77f10000 299008 C:\WINDOWS\system32\GDI32.dll 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932) GDI Client DLL
USER32.dll 7e410000 593920 C:\WINDOWS\system32\USER32.dll 5.1.2600.5512 (xpsp.080413-2105) Windows XP USER API Client DLL
msvcrt.dll 77c10000 360448 C:\WINDOWS\system32\msvcrt.dll 7.0.2600.5512 (xpsp.080413-2111) Windows NT CRT DLL
ole32.dll 774e0000 1298432 C:\WINDOWS\system32\ole32.dll 5.1.2600.5512 (xpsp.080413-2108) Microsoft OLE for Windows
SHLWAPI.dll 77f60000 483328 C:\WINDOWS\system32\SHLWAPI.dll 6.00.2900.5512 (xpsp.080413-2105) Shell Light-weight Utility Library
OLEAUT32.dll 77120000 569344 C:\WINDOWS\system32\OLEAUT32.dll 5.1.2600.5512 5.1.2600.5512
SHDOCVW.dll 7e290000 1511424 C:\WINDOWS\system32\SHDOCVW.dll 6.00.2900.5694 (xpsp_sp3_gdr.081015-1312) Shell Doc Object and Control Library
CRYPT32.dll 77a80000 610304 C:\WINDOWS\system32\CRYPT32.dll 5.131.2600.5512 (xpsp.080413-2113) Crypto API32
MSASN1.dll 77b20000 73728 C:\WINDOWS\system32\MSASN1.dll 5.1.2600.5875 (xpsp_sp3_gdr.090904-1413) ASN.1 Runtime APIs
CRYPTUI.dll 754d0000 524288 C:\WINDOWS\system32\CRYPTUI.dll 5.131.2600.5512 (xpsp.080413-2113) Microsoft Trust UI Provider
NETAPI32.dll 5b860000 348160 C:\WINDOWS\system32\NETAPI32.dll 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312) Net Win32 API DLL
VERSION.dll 77c00000 32768 C:\WINDOWS\system32\VERSION.dll 5.1.2600.5512 (xpsp.080413-2105) Version Checking and File Installation Libraries
WININET.dll 3d930000 942080 C:\WINDOWS\system32\WININET.dll 8.00.6001.18828 (longhorn_ie8_gdr.090826-1700) Internet Extensions for Win32
Normaliz.dll 400000 36864 C:\WINDOWS\system32\Normaliz.dll 6.0.5441.0 (winmain(wmbla).060628-1735) Unicode Normalization DLL
urlmon.dll 78130000 1253376 C:\WINDOWS\system32\urlmon.dll 8.00.6001.18828 (longhorn_ie8_gdr.090826-1700) OLE32 Extensions for Win32
iertutil.dll 3dfd0000 1998848 C:\WINDOWS\system32\iertutil.dll 8.00.6001.18828 (longhorn_ie8_gdr.090826-1700) Run time utility for Internet Explorer
WINTRUST.dll 76c30000 188416 C:\WINDOWS\system32\WINTRUST.dll 5.131.2600.5512 (xpsp.080413-2113) Microsoft Trust Verification APIs
IMAGEHLP.dll 76c90000 163840 C:\WINDOWS\system32\IMAGEHLP.dll 5.1.2600.5512 (xpsp.080413-2105) Windows NT Image Helper
WLDAP32.dll 76f60000 180224 C:\WINDOWS\system32\WLDAP32.dll 5.1.2600.5512 (xpsp.080413-2113) Win32 LDAP API DLL
SHELL32.dll 7c9c0000 8482816 C:\WINDOWS\system32\SHELL32.dll 6.00.2900.5622 (xpsp_sp3_gdr.080617-1319) Windows Shell Common Dll
UxTheme.dll 5ad70000 229376 C:\WINDOWS\system32\UxTheme.dll 6.00.2900.5512 (xpsp.080413-2105) Microsoft UxTheme Library
ShimEng.dll 5cb70000 155648 C:\WINDOWS\system32\ShimEng.dll 5.1.2600.5512 (xpsp.080413-2105) Shim Engine DLL
AcGenral.DLL 6f880000 1875968 C:\WINDOWS\AppPatch\AcGenral.DLL 5.1.2600.5512 (xpsp.080413-2105) Windows Compatibility DLL
WINMM.dll 76b40000 184320 C:\WINDOWS\system32\WINMM.dll 5.1.2600.5512 (xpsp.080413-0845) MCI API DLL
MSACM32.dll 77be0000 86016 C:\WINDOWS\system32\MSACM32.dll 5.1.2600.5512 (xpsp.080413-0845) Microsoft ACM Audio Filter
USERENV.dll 769c0000 737280 C:\WINDOWS\system32\USERENV.dll 5.1.2600.5512 (xpsp.080413-2113) Userenv
IMM32.DLL 76390000 118784 C:\WINDOWS\system32\IMM32.DLL 5.1.2600.5512 (xpsp.080413-2105) Windows XP IMM32 API Client DLL
comctl32.dll 773d0000 1060864 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll 6.0 (xpsp.080413-2105) User Experience Controls Library
comctl32.dll 5d090000 630784 C:\WINDOWS\system32\comctl32.dll 5.82 (xpsp.080413-2105) Common Controls Library
xgusb.cpl 6d000000 1216512 C:\WINDOWS\system32\xgusb.cpl 2.1.4 MIDI driver for XG-USB
apphelp.dll 77b40000 139264 C:\WINDOWS\system32\apphelp.dll 5.1.2600.5512 (xpsp.080413-2105) Application Compatibility Client Library
msctfime.ime 755c0000 188416 C:\WINDOWS\system32\msctfime.ime 5.1.2600.5512 (xpsp.080413-2105) Microsoft Text Frame Work Service IME
CLBCATQ.DLL 76fd0000 520192 C:\WINDOWS\system32\CLBCATQ.DLL 2001.12.4414.700 2001.12.4414.700
COMRes.dll 77050000 806912 C:\WINDOWS\system32\COMRes.dll 2001.12.4414.700 2001.12.4414.700
cscui.dll 77a20000 344064 C:\WINDOWS\System32\cscui.dll 5.1.2600.5512 (xpsp.080413-2105) Client Side Caching UI
CSCDLL.dll 76600000 118784 C:\WINDOWS\System32\CSCDLL.dll 5.1.2600.5512 (xpsp.080413-2111) Offline Network Agent
themeui.dll 5ba60000 462848 C:\WINDOWS\system32\themeui.dll 6.00.2900.5512 (xpsp.080413-2105) Windows Theme API
MSIMG32.dll 76380000 20480 C:\WINDOWS\system32\MSIMG32.dll 5.1.2600.5512 (xpsp.080413-2105) GDIEXT Client DLL
xpsp2res.dll 1100000 2904064 C:\WINDOWS\system32\xpsp2res.dll 5.1.2600.5512 (xpsp.080413-2113) Service Pack 2 Messages
actxprxy.dll 71d40000 110592 C:\WINDOWS\system32\actxprxy.dll 6.00.2900.5512 (xpsp.080413-2113) ActiveX Interface Marshaling Library
wmpband.dll 13420000 106496 C:\PROGRA~1\WINDOW~1\wmpband.dll 11.0.5721.5145 (WMP_11.061018-2006) Windows Media Player Deskband
MPR.dll 71b20000 73728 C:\WINDOWS\system32\MPR.dll 5.1.2600.5512 (xpsp.080413-0852) Multiple Provider Router DLL
LINKINFO.dll 76980000 32768 C:\WINDOWS\system32\LINKINFO.dll 5.1.2600.5512 (xpsp.080413-2105) Windows Volume Tracking
ntshrui.dll 76990000 151552 C:\WINDOWS\system32\ntshrui.dll 5.1.2600.5512 (xpsp.080413-2105) Shell extensions for sharing
ATL.DLL 76b20000 69632 C:\WINDOWS\system32\ATL.DLL 3.05.2284 ATL Module for Windows XP (Unicode)
SETUPAPI.dll 77920000 995328 C:\WINDOWS\system32\SETUPAPI.dll 5.1.2600.5512 (xpsp.080413-2111) Windows Setup API
msi.dll 7d1e0000 2867200 C:\WINDOWS\system32\msi.dll 3.1.4001.5512 Windows Installer
NETSHELL.dll 76400000 1724416 C:\WINDOWS\system32\NETSHELL.dll 5.1.2600.5512 (xpsp.080413-0852) Network Connections Shell
credui.dll 76c00000 188416 C:\WINDOWS\system32\credui.dll 5.1.2600.5512 (xpsp.080413-2113) Credential Manager User Interface
dot3api.dll 478c0000 40960 C:\WINDOWS\system32\dot3api.dll 5.1.2600.5512 (xpsp.080413-0852) 802.3 Autoconfiguration API
rtutils.dll 76e80000 57344 C:\WINDOWS\system32\rtutils.dll 5.1.2600.5512 (xpsp.080413-0852) Routing Utilities
dot3dlg.dll 736d0000 24576 C:\WINDOWS\system32\dot3dlg.dll 5.1.2600.5512 (xpsp.080413-0852) 802.3 UI Helper
OneX.DLL 5dca0000 163840 C:\WINDOWS\system32\OneX.DLL 5.1.2600.5512 (xpsp.080413-0852) IEEE 802.1X supplicant library
WTSAPI32.dll 76f50000 32768 C:\WINDOWS\system32\WTSAPI32.dll 5.1.2600.5512 (xpsp.080413-2111) Windows Terminal Server SDK APIs
WINSTA.dll 76360000 65536 C:\WINDOWS\system32\WINSTA.dll 5.1.2600.5512 (xpsp.080413-2111) Winstation Library
eappcfg.dll 745b0000 139264 C:\WINDOWS\system32\eappcfg.dll 5.1.2600.5512 (xpsp.080413-0852) Eap Peer Config
MSVCP60.dll 76080000 413696 C:\WINDOWS\system32\MSVCP60.dll 6.02.3104.0 Microsoft (R) C++ Runtime Library
eappprxy.dll 5dcd0000 57344 C:\WINDOWS\system32\eappprxy.dll 5.1.2600.5512 (xpsp.080413-0852) Microsoft EAPHost Peer Client DLL
iphlpapi.dll 76d60000 102400 C:\WINDOWS\system32\iphlpapi.dll 5.1.2600.5512 (xpsp.080413-0852) IP Helper API
WS2_32.dll 71ab0000 94208 C:\WINDOWS\system32\WS2_32.dll 5.1.2600.5512 (xpsp.080413-0852) Windows Socket 2.0 32-Bit DLL
WS2HELP.dll 71aa0000 32768 C:\WINDOWS\system32\WS2HELP.dll 5.1.2600.5512 (xpsp.080413-0852) Windows Socket 2.0 Helper for Windows NT
ieframe.dll 3e1c0000 11087872 C:\WINDOWS\system32\ieframe.dll 8.00.6001.18828 (longhorn_ie8_gdr.090826-1700) Internet Explorer
webcheck.dll eb0000 249856 C:\WINDOWS\system32\webcheck.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Web Site Monitor
MLANG.dll 75cf0000 593920 C:\WINDOWS\system32\MLANG.dll 6.00.2900.5512 (xpsp.080413-2105) Multi Language Support DLL
stobject.dll 76280000 135168 C:\WINDOWS\system32\stobject.dll 5.1.2600.5512 (xpsp.080413-2105) Systray shell service object
BatMeter.dll 74af0000 40960 C:\WINDOWS\system32\BatMeter.dll 6.00.2900.5512 (xpsp.080413-2105) Battery Meter Helper DLL
POWRPROF.dll 74ad0000 32768 C:\WINDOWS\system32\POWRPROF.dll 6.00.2900.5512 (xpsp.080413-2105) Power Profile Helper DLL
WPDShServiceObj.dll 164a0000 143360 C:\WINDOWS\system32\WPDShServiceObj.dll 5.2.5721.5145 (WMP_11.061018-2006) Windows Portable Device Shell Service Object
WINHTTP.dll 4d4f0000 364544 C:\WINDOWS\system32\WINHTTP.dll 5.1.2600.5727 (xpsp_sp3_gdr.081215-1359) Windows HTTP Services
mydocs.dll 72410000 106496 C:\WINDOWS\system32\mydocs.dll 6.00.2900.5512 (xpsp.080413-2105) My Documents Folder UI
PortableDeviceTypes.dll 109c0000 180224 C:\WINDOWS\system32\PortableDeviceTypes.dll 5.2.5721.5145 (WMP_11.061018-2006) Windows Portable Device (Parameter) Types Component
PortableDeviceApi.dll 10930000 299008 C:\WINDOWS\system32\PortableDeviceApi.dll 5.2.5721.5145 (WMP_11.061018-2006) Windows Portable Device API Components
wdmaud.drv 72d20000 36864 C:\WINDOWS\system32\wdmaud.drv 5.1.2600.5512 (xpsp.080413-2108) WDM Audio driver mapper
msacm32.drv 72d10000 32768 C:\WINDOWS\system32\msacm32.drv 5.1.2600.0 (xpclient.010817-1148) Microsoft Sound Mapper
midimap.dll 77bd0000 28672 C:\WINDOWS\system32\midimap.dll 5.1.2600.5512 (xpsp.080413-0845) Microsoft MIDI Mapper
fxsst.dll 68df0000 577536 C:\WINDOWS\system32\fxsst.dll 5.2.2600.5512 (xpsp.080413-0852) Fax Service
WINSPOOL.DRV 73000000 155648 C:\WINDOWS\system32\WINSPOOL.DRV 5.1.2600.5512 (xpsp.080413-0852) Windows Spooler Driver
FXSAPI.dll 5a980000 466944 C:\WINDOWS\system32\FXSAPI.dll 5.2.2600.5512 (xpsp.080413-0852) Microsoft Fax API Support DLL
NTMARTA.DLL 77690000 135168 C:\WINDOWS\system32\NTMARTA.DLL 5.1.2600.5512 (xpsp.080413-2113) Windows NT MARTA provider
SAMLIB.dll 71bf0000 77824 C:\WINDOWS\system32\SAMLIB.dll 5.1.2600.5512 (xpsp.080413-2113) SAM Library DLL
drprov.dll 75f60000 28672 C:\WINDOWS\System32\drprov.dll 5.1.2600.5512 (xpsp.080413-2111) Microsoft Terminal Server Network Provider
ntlanman.dll 71c10000 57344 C:\WINDOWS\System32\ntlanman.dll 5.1.2600.5512 (xpsp.080413-2108) Microsoft® Lan Manager
NETUI0.dll 71cd0000 94208 C:\WINDOWS\System32\NETUI0.dll 5.1.2600.5512 (xpsp.080413-2108) NT LM UI Common Code - GUI Classes
NETUI1.dll 71c90000 262144 C:\WINDOWS\System32\NETUI1.dll 5.1.2600.5512 (xpsp.080413-2108) NT LM UI Common Code - Networking classes
NETRAP.dll 71c80000 28672 C:\WINDOWS\System32\NETRAP.dll 5.1.2600.5512 (xpsp.080413-2113) Net Remote Admin Protocol DLL
davclnt.dll 75f70000 40960 C:\WINDOWS\System32\davclnt.dll 5.1.2600.5512 (xpsp.080413-2111) Web DAV Client DLL
MSCTF.dll 74720000 311296 C:\WINDOWS\system32\MSCTF.dll 5.1.2600.5512 (xpsp.080413-2105) MSCTF Server DLL
mslbui.dll 605d0000 36864 C:\WINDOWS\system32\mslbui.dll 5.1.2600.5512 (xpsp.080413-2105) LangageBar Add In
SXS.DLL 7e720000 720896 C:\WINDOWS\system32\SXS.DLL 5.1.2600.5512 (xpsp.080413-2111) Fusion 2.5
rsaenh.dll 68000000 221184 C:\WINDOWS\system32\rsaenh.dll 5.1.2600.5507 (xpsp.080318-1711) Microsoft Enhanced Cryptographic Provider
PDFShell.dll 10000000 372736 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll 8.1.0.0 PDF Shell Extension
MSVCR80.dll 29b0000 634880 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll 8.00.50727.3053 Microsoft® C Runtime Library
zipfldr.dll 73380000 356352 C:\WINDOWS\system32\zipfldr.dll 6.00.2900.5512 (xpsp.080413-2105) Compressed (zipped) Folders
SASCTXMN.DLL 1440000 61440 C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL 1, 0, 0, 1004 SUPERAntiSpyware Context Menu Extension
rarext.dll d40000 176128 C:\Program Files\WinRAR\rarext.dll
Trshlex.dll 2510000 516096 C:\PROGRA~1\TROJAN~1\Trshlex.dll 1.1.0.47 Trojan Remover Shell Extension
SHFolder.dll 76780000 36864 C:\WINDOWS\system32\SHFolder.dll 6.00.2900.5512 (xpsp.080413-2105) Shell Folder Service
olepro32.dll 5edd0000 94208 C:\WINDOWS\system32\olepro32.dll 5.1.2600.5512 5.1.2600.5512
mcctxmnu.dll 6c600000 167936 c:\PROGRA~1\mcafee\VIRUSS~1\mcctxmnu.dll 13,15,102,0 McAfee VirusScan - Context Menu
mbamext.dll 2590000 73728 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll 1, 1, 0, 0 Malwarebytes' Anti-Malware
browselc.dll 71600000 73728 C:\WINDOWS\system32\browselc.dll 6.00.2900.5512 (xpsp.080413-2105) Shell Browser UI Library
scriptsn.dll 14490000 77824 C:\Program Files\McAfee\VirusScan\scriptsn.dll VSCORE.14.0.0.435.x86 VSCore script Scanner
Jscript.dll 3d7a0000 737280 C:\WINDOWS\system32\Jscript.dll 5.8.6001.22886 Microsoft (R) Jscript
VBscript.dll 2cd0000 434176 C:\WINDOWS\system32\VBscript.dll 5.8.6001.18702 Microsoft (R) VBscript
DUSER.dll 6c1b0000 315392 C:\WINDOWS\system32\DUSER.dll 5.1.2600.5512 (xpsp.080413-2105) Windows DirectUser Engine
msohev.dll 325c0000 73728 C:\Program Files\Microsoft Office\OFFICE11\msohev.dll 11.0.5510 Microsoft Office 2003 component
shimgvw.dll 5cb00000 450560 C:\WINDOWS\system32\shimgvw.dll 6.00.2900.5512 (xpsp.080413-2105) Windows Picture and Fax Viewer
gdiplus.dll 4ec50000 1748992 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll 5.2.6001.22319 (vistasp1_ldr.081126-1506) Microsoft GDI+
SASSEH.DLL 1530000 81920 C:\Program Files\SUPERAntiSpyware\SASSEH.DLL 1, 0, 0, 1012 ShellExecuteHook
MSISIP.DLL 605f0000 28672 C:\WINDOWS\system32\MSISIP.DLL 3.1.4001.5512 MSI Signature SIP Provider
wshext.dll 7dfa0000 90112 C:\WINDOWS\system32\wshext.dll 5.7.0.18066 Microsoft (R) Shell Extension for Windows script Host
MCPS.DLL 36d30000 110592 C:\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL 11.0.8164 Media Catalog Proxy/Stub



******************************************
EOF

lachatnoir
Intermediate
Intermediate

Posts Posts : 99
Joined Joined : 2009-06-28
Gender Gender : Female
OS OS : Windows 7
Points Points : 28476
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Personal Antivirus Software

Post by Dr Jay on 25th November 2009, 2:37 am

Please run [You must be registered and logged in to see this link.] online scan.

  • Click Scan now.
  • Read and put a Check next to Yes I accept the terms of use.
  • Click the Launching HouseCall>> button.
  • If confirmed that HouseCall can run on your system, under Using Java-based HouseCall kernel click the Starting HouseCall>> button.
  • You may receive a Security Warning about the TrendMicro Java applet, click YES.
  • Under Scan complete computer for malware, grayware, and vulnerabilities click the Next>> button.
  • Please be patient while it installs, updates, and scans your system.
  • Once the scan is complete, it will take you to the summary page.
  • Under Cleanup options, choose clean all detected infections automatically.
  • Click the Clean now>> button.
  • If anything was found you may be prompted to run the scan again, you can just close the browser window.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14317
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 303008
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Personal Antivirus Software

Post by lachatnoir on 25th November 2009, 4:38 am

Nothing was found. THANK YOU SO MUCH FOR YOUR HELP! May God bless you!

lachatnoir
Intermediate
Intermediate

Posts Posts : 99
Joined Joined : 2009-06-28
Gender Gender : Female
OS OS : Windows 7
Points Points : 28476
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Personal Antivirus Software

Post by Dr Jay on 25th November 2009, 4:50 am

Now time to clean up and make sure your computer is secure and fixed.

Download Security Check by screen317 from [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.].
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14317
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 303008
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Personal Antivirus Software

Post by lachatnoir on 25th November 2009, 1:27 pm

I thought I was done Smile
Results of screen317's Security Check version 0.99.0
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
McAfee SecurityCenter
Antivirus up to date!
``````````````````````````````
Anti-malware/Other Utilities Check:

Ad-Aware
SUPERAntiSpyware Free Edition
Trojan Remover 6.7.9
Java(TM) 6 Update 15
Adobe Flash Player 10
Adobe Reader 8.1.0
Out of date Adobe Reader installed!
``````````````````````````````
Process Check:
objlist.exe by Laurent

Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe is disabled!
``````````````````````````````
DNS Vulnerability Check:

GREAT! (Not vulnerable to DNS cache poisoning)

`````````End of Log```````````

lachatnoir
Intermediate
Intermediate

Posts Posts : 99
Joined Joined : 2009-06-28
Gender Gender : Female
OS OS : Windows 7
Points Points : 28476
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Personal Antivirus Software

Post by Dr Jay on 25th November 2009, 8:14 pm

Almost. If you do not have any more questions, the rest is for you to handle. LMBO or ROFL

Please download the newest version of Adobe Acrobat Reader from [You must be registered and logged in to see this link.]

Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs.
Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them.

Once old versions are gone, please install the newest version.

==

Please read the following information that I have provided, which will help you prevent malicious software in the future. Please keep in mind, malware is a continuous danger on the Internet. It is highly important to stay safe while browsing, to prevent re-infection.

Software recommendations

AntiSpyware

  • [You must be registered and logged in to see this link.]
    SpywareBlaster is a program that prevents spyware from installing on your computer. A tutorial on using SpywareBlaster may be found [You must be registered and logged in to see this link.].
  • [You must be registered and logged in to see this link.].
    Spybot - Search & Destroy is a spyware and adware removal program. It also has realtime protection, TeaTimer to help safeguard your computer against spyware. (The link for Spybot - Search & Destroy contains a tutorial that will help you download, install, and begin using Spybot).


NOTE: Please keep ALL of these programs up-to-date and run them whenever you suspect a problem to prevent malware problems.

Resident Protection help
A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall, and scanning anti-spyware program at a time. Passive protectors such as SpywareBlaster can be run with any of them.

Rogue programs help
There are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:
[You must be registered and logged in to see this link.]

Securing your computer

  • [You must be registered and logged in to see this link.] - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  • [You must be registered and logged in to see this link.] replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is your local computer's loopback address, meaning it will be difficult to infect your computer in the future.


Please consider using an alternate browser
Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScript, can make it even more secure. Opera is another good option.

If you are interested:


Thank you for choosing GeekPolice. Please see [You must be registered and logged in to see this link.] if you would like to leave feedback or contribute to our site. Do you have any more questions?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14317
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 303008
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Personal Antivirus Software

Post by lachatnoir on 25th November 2009, 11:26 pm

Thank you so much for all of your help and for the information you provided. Thank You!

lachatnoir
Intermediate
Intermediate

Posts Posts : 99
Joined Joined : 2009-06-28
Gender Gender : Female
OS OS : Windows 7
Points Points : 28476
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Personal Antivirus Software

Post by Dr Jay on 26th November 2009, 5:07 am

You are welcome. Smile


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14317
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 303008
# Likes # Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum