WINPC

View previous topic View next topic Go down

WINPC

Post by HELPMEDAMMIT on Tue May 19, 2009 5:58 pm

Im in serious trouble...ive got this winpc antivirus rubbish
I need my laptop working soon, ive done everything every website has said.
Im not that computer literate, i just want this thing off my machine.
The program suggest on this forum doesnt work, malwarebytes or whatever!
i'm in dire need of HELP!

HELPMEDAMMIT
Novice
Novice

Posts Posts : 10
Joined Joined : 2009-05-19
OS OS : Vista
Points Points : 27582
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WINPC

Post by Belahzur on Tue May 19, 2009 6:02 pm


  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
  • Double click DDS.scr to run.
  • When complete, two logs will open. Save both of the report to your Desktop.
  • Copy and paste DDS.txt back here, I don't need to see attach.txt.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: WINPC

Post by HELPMEDAMMIT on Wed May 20, 2009 1:42 pm

DDS (Ver_09-05-14.01) - NTFSx86
Run by Jaswinder at 14:33:07.04 on 20/05/2009
Internet Explorer: 7.0.6000.16830
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.44.1033.18.2039.787 [GMT 1:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Norton Internet Security *On-access scanning enabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Norton Internet Security *enabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\ATK Hotkey\ASLDRSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\FixCamera.exe
C:\Windows\tsnp2std.exe
C:\Windows\vsnp2std.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kontiki\KHost.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\SpyNoMore\SNM.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Windows\System32\DrvMon.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Jaswinder\AppData\Roaming\winav.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\PDFCreator\PDFCreator.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Jaswinder\Desktop\dds.scr

HELPMEDAMMIT
Novice
Novice

Posts Posts : 10
Joined Joined : 2009-05-19
OS OS : Vista
Points Points : 27582
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WINPC

Post by HELPMEDAMMIT on Wed May 20, 2009 1:43 pm

============== Pseudo HJT Report ===============

uStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {1e8a6170-7264-4d0f-beae-d42a53123c75} - c:\program files\common files\symantec shared\coshared\browser\1.5\NppBho.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: WinInet Class: {39fc2065-c9c7-49cd-8942-44cc2dedc844} - c:\windows\ieocx.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: PDFCreator Toolbar Helper: {c451c08a-ec37-45df-aaad-18b51ab5e837} - c:\program files\pdfcreator toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
TB: Show Norton Toolbar: {90222687-f593-4738-b738-fbee9c7b26df} - c:\program files\common files\symantec shared\coshared\browser\1.5\UIBHO.dll
TB: PDFCreator Toolbar: {31cf9ebe-5755-4a1d-ac25-2834d952d9b4} - c:\program files\pdfcreator toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [TOSCDSPD] TOSCDSPD.EXE
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\HOMERunner.exe"
uRun: [AdobeUpdater] c:\program files\common files\adobe\updater5\AdobeUpdater.exe
uRun: [kdx] c:\program files\kontiki\KHost.exe -all
uRun: [DrvMon.exe] c:\windows\system32\DrvMon.exe
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [AVScan] c:\users\jaswinder\appdata\roaming\winav.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [topi] c:\program files\toshiba\toshiba online product information\topi.exe -startup
mRun: [Desktop SMS] c:\program files\idm\desktop sms\DesktopSMS.exe /auto
mRun: [Toshiba Registration] c:\program files\toshiba\registration\ToshibaRegistration.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [FixCamera] c:\windows\FixCamera.exe
mRun: [tsnp2std] c:\windows\tsnp2std.exe
mRun: [snp2std] c:\windows\vsnp2std.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [4oD] "c:\program files\kontiki\KHost.exe" -all
mRun: [MSConfig] "c:\windows\system32\msconfig.exe" /auto
mRun: [SNM] c:\program files\spynomore\SNM.exe /startup
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\reader 8.0\reader\reader_sl.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adober~2.lnk - c:\program files\adobe\reader 8.0\reader\AdobeCollabSync.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\pdfcre~1.lnk - c:\program files\pdfcreator\PDFCreator.exe
uPolicies-explorer: NoViewOnDrive = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - [You must be registered and logged in to see this link.]
IE: {8A918C1D-E123-4E36-B562-5C1519E434CE} - [You must be registered and logged in to see this link.]
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\programs\partygaming\partypoker\RunApp.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\npjpi160.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - [You must be registered and logged in to see this link.]
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - [You must be registered and logged in to see this link.]
DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - [You must be registered and logged in to see this link.]
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - [You must be registered and logged in to see this link.]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - [You must be registered and logged in to see this link.]
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [You must be registered and logged in to see this link.]
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - [You must be registered and logged in to see this link.]
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: avgrsstx.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\jaswin~1\appdata\roaming\mozilla\firefox\profiles\gkpagn6a.default\
FF - component: c:\users\jaswinder\appdata\roaming\mozilla\firefox\profiles\gkpagn6a.default\extensions\piclens@cooliris.com\components\piclensstub.dll
FF - plugin: c:\program files\java\jre1.6.0\bin\npjava11.dll
FF - plugin: c:\program files\java\jre1.6.0\bin\npjava12.dll
FF - plugin: c:\program files\java\jre1.6.0\bin\npjava13.dll
FF - plugin: c:\program files\java\jre1.6.0\bin\npjava14.dll
FF - plugin: c:\program files\java\jre1.6.0\bin\npjava32.dll
FF - plugin: c:\program files\java\jre1.6.0\bin\npjpi160.dll
FF - plugin: c:\program files\java\jre1.6.0\bin\npoji610.dll

HELPMEDAMMIT
Novice
Novice

Posts Posts : 10
Joined Joined : 2009-05-19
OS OS : Vista
Points Points : 27582
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WINPC

Post by HELPMEDAMMIT on Wed May 20, 2009 1:43 pm

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-5-19 325896]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2008-6-2 109616]

=============== Created Last 30 ================

2009-05-19 18:48 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-05-19 18:48 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-19 18:48 --d----- c:\programdata\Malwarebytes
2009-05-19 18:48 --d----- c:\program files\Malwarebytes' Anti-Malware
2009-05-19 18:48 --d----- c:\progra~2\Malwarebytes
2009-05-19 16:30 --d-h--- C:\$AVG8.VAULT$
2009-05-19 16:29 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-19 16:28 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-05-19 16:28 --d----- c:\windows\system32\drivers\Avg
2009-05-19 16:28 --d----- c:\programdata\avg8
2009-05-19 16:28 --d----- c:\program files\AVG
2009-05-19 16:28 --d----- c:\progra~2\avg8
2009-05-18 17:29 1,152 a------- c:\windows\system32\windrv.sys
2009-05-18 17:29 --d----- c:\program files\SpyNoMore
2009-05-18 17:28 --d----- c:\users\jaswin~1\appdata\roaming\GetRightToGo
2009-05-18 16:12 176 a------- c:\users\jaswin~1\appdata\roaming\asd.bat
2009-05-18 16:11 28,672 a------- c:\windows\ieocx.dll
2009-05-17 21:01 1,095,680 a------- c:\users\jaswin~1\appdata\roaming\winav.exe

==================== Find3M ====================

2009-04-13 18:30 86,016 a------- c:\windows\inf\infstrng.dat
2009-04-13 18:30 86,016 a------- c:\windows\inf\infstor.dat
2009-04-13 18:30 51,200 a------- c:\windows\inf\infpub.dat
2009-03-17 04:16 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-17 04:16 14,848 a------- c:\windows\system32\apilogen.dll
2009-03-17 04:16 25,600 a------- c:\windows\system32\amxread.dll
2009-03-03 05:24 3,503,584 a------- c:\windows\system32\ntkrnlpa.exe
2009-03-03 05:24 3,469,280 a------- c:\windows\system32\ntoskrnl.exe
2009-03-03 05:20 826,368 a------- c:\windows\system32\wininet.dll
2009-03-03 05:19 158,720 a------- c:\windows\system32\sdohlp.dll
2009-03-03 05:19 549,888 a------- c:\windows\system32\rpcss.dll
2009-03-03 05:19 24,576 a------- c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 05:16 56,320 a------- c:\windows\system32\iesetup.dll
2009-03-03 05:16 97,280 a------- c:\windows\system32\iasrecst.dll
2009-03-03 05:16 78,336 a------- c:\windows\system32\ieencode.dll
2009-03-03 05:16 53,248 a------- c:\windows\system32\iasads.dll
2009-03-03 05:16 52,736 a------- c:\windows\apppatch\iebrshim.dll
2009-03-03 05:16 37,888 a------- c:\windows\system32\iasdatastore.dll
2009-03-03 05:15 72,704 a------- c:\windows\system32\admparse.dll
2009-03-03 03:40 654,336 a------- c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 03:08 26,624 a------- c:\windows\system32\ieUnatt.exe
2009-03-03 01:44 48,128 a------- c:\windows\system32\mshtmler.dll
2009-02-13 13:38 81,648 a------- c:\users\jaswin~1\appdata\roaming\GDIPFONTCACHEV1.DAT
2008-12-13 16:58 174 a--sh--- c:\program files\desktop.ini
2008-07-20 11:30 604 a---h--- c:\program files\STLL Notifier
2008-06-11 17:40 665,600 a------- c:\windows\inf\drvindex.dat
2006-11-02 13:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 13:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 13:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 13:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 10:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2008-10-05 08:23 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2008-10-05 08:23 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2008-10-05 08:23 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat

============= FINISH: 14:38:35.34 ===============

HELPMEDAMMIT
Novice
Novice

Posts Posts : 10
Joined Joined : 2009-05-19
OS OS : Vista
Points Points : 27582
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WINPC

Post by Belahzur on Wed May 20, 2009 1:50 pm

Hello.

  • Open HijackThis.
  • When Hijack This opens, click "Open the Misc Tools section"
  • Then select "Open Uninstall Manager"
  • Click on "Save List..." (generates uninstall_list.txt)
  • Click Save, copy and paste the results in your next post.

Please download the [You must be registered and logged in to see this link.].

  • Save it to your desktop.
  • Please double-click OTMoveIt3.exe to run it.
  • Copy the bolded text below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose CopyCrying


    :files
    c:\windows\ieocx.dll
    c:\users\jaswin~1\appdata\roaming\asd.bat
    c:\users\jaswin~1\appdata\roaming\winav.exe

    :reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39fc2065-c9c7-49cd-8942-44cc2dedc844]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AVScan"=-
    [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]


  • Return to OTMoveIt3, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt3
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log and uninstall log, use more than one post if you need to.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: WINPC

Post by HELPMEDAMMIT on Wed May 20, 2009 2:00 pm

4oD
Accessibility
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Reader 8
Adobe Shockwave Player 11
AppCore
Apple Mobile Device Support
Apple Software Update
ATK Hotkey
AV
AVG Free 8.5
AVS Update Manager 1.0
AVS Video Converter 6
AVS4YOU Software Navigator 1.3
Bonjour
ccCommon
CD/DVD Drive Acoustic Silencer
Choice Guard
Colin McRae Rally 04
Desktop SMS
DVD MovieFactory for TOSHIBA
Google Earth
Heinemann Solutionbank Core C3
HijackThis 2.0.2
Intel(R) Graphics Media Accelerator Driver
Intel(R) Matrix Storage Manager
iTunes
Java(TM) SE Runtime Environment 6
LG MC USB Modem driver
LG PC Suite II
LG USB Modem driver
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Malwarebytes' Anti-Malware
Messenger Plus! Live
Microsoft Office XP Professional with FrontPage
Microsoft Visual C++ 2005 Redistributable
MobileMe Control Panel
Mozilla Firefox (3.0.10)
MSRedist
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
myphotobook 3.1
Norton AntiVirus
Norton Confidential Browser Component
Norton Confidential Web Protection Component
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton Protection Center
PartyPoker
PDFCreator
PDFCreator Toolbar
QuickTime
Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
Realtek High Definition Audio Driver
REALTEK USB Wireless LAN Driver
RICOH R5C83x/84x Media Driver Vista x86 Ver.3.33.03
Security Update for Windows Media Encoder (KB954156)
Shockwave
Sibelius 5
Sibelius Scorch (ActiveX Only)
Sibelius Scorch Plugin 5.2.5.30
Skype™ 3.8
SPBBC 32bit
Spotify
SpyNoMore 2.67
Steinberg Cubase SE
Symantec Real Time Storage Protection Component
SymNet
Synaptics Pointing Device Driver
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Manuals
Toshiba Online Product Information
TOSHIBA SD Memory Utilities
TOSHIBA Software Modem
Unreal Tournament 2004
USB PC Camera-268
VC_MergeModuleToMSI
VLC media player 0.9.2
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series
Windows Media Player Firefox Plugin
WinPcap 4.1 beta2
WinRAR archiver
XBC 5.1

HELPMEDAMMIT
Novice
Novice

Posts Posts : 10
Joined Joined : 2009-05-19
OS OS : Vista
Points Points : 27582
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WINPC

Post by HELPMEDAMMIT on Wed May 20, 2009 2:03 pm

========== FILES ==========
c:\windows\ieocx.dll unregistered successfully.
c:\windows\ieocx.dll moved successfully.
c:\users\jaswin~1\appdata\roaming\asd.bat moved successfully.
c:\users\jaswin~1\appdata\roaming\winav.exe moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39fc2065-c9c7-49cd-8942-44cc2dedc844\\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AVScan deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ deleted successfully.

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05202009_150246

HELPMEDAMMIT
Novice
Novice

Posts Posts : 10
Joined Joined : 2009-05-19
OS OS : Vista
Points Points : 27582
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WINPC

Post by Belahzur on Wed May 20, 2009 2:05 pm

Hello.

You are running two antivirus', I see from the uninstall list you have Norton/Symantec installed, along with AVG. This is a bad idea as they can conflict and cause more problems. I would recommend that you remove Symantec to avoid conflict and other future problems.

Completely Uninstall Norton software using:

Instructions

  1. Please download and save SymNRT.exe to your desktop.
  2. Close all programs and double click on the tool.
  3. Follow the on-screen instructions.
  4. Restart the computer if asked.
  5. Then delete the SymNRT.exe tool from your desktop.
  6. Open the Program Files folder on your local disk ( normally C: )
  7. Find and delete the following folders (if present):
    [list]
  8. Norton AntiVirus
  9. Norton Internet Security
  10. Norton SystemWorks
  11. Norton Personal Firewall


Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

    Java(TM) SE Runtime Environment 6
    SpyNoMore 2.67

Download and install [You must be registered and logged in to see this link.]
When installing, it will ask if you want to uninstall the old version first before it can install the new version, so please select yes and allow it to install.

Once you have done that, I need you to repeat the instructions for getting an uninstall list, so we have an up to date log.

How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: WINPC

Post by HELPMEDAMMIT on Wed May 20, 2009 2:45 pm

OMG ITS GONE. THANKYOU
But there's still a red shield in my system tray that came with the program posing to be a fake alert?

4oD
Accessibility
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Reader 8
Adobe Shockwave Player 11
Apple Mobile Device Support
Apple Software Update
ATK Hotkey
AVG Free 8.5
AVS Update Manager 1.0
AVS Video Converter 6
AVS4YOU Software Navigator 1.3
Bonjour
CD/DVD Drive Acoustic Silencer
Choice Guard
Colin McRae Rally 04
Desktop SMS
DVD MovieFactory for TOSHIBA
Google Earth
Heinemann Solutionbank Core C3
HijackThis 2.0.2
Intel(R) Graphics Media Accelerator Driver
Intel(R) Matrix Storage Manager
iTunes
LG MC USB Modem driver
LG PC Suite II
LG USB Modem driver
Malwarebytes' Anti-Malware
Messenger Plus! Live
Microsoft Office XP Professional with FrontPage
Microsoft Visual C++ 2005 Redistributable
MobileMe Control Panel
Mozilla Firefox (3.0.10)
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
myphotobook 3.1
PartyPoker
PDFCreator
PDFCreator Toolbar
QuickTime
Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
Realtek High Definition Audio Driver
REALTEK USB Wireless LAN Driver
RICOH R5C83x/84x Media Driver Vista x86 Ver.3.33.03
Security Update for Windows Media Encoder (KB954156)
Shockwave
Sibelius 5
Sibelius Scorch (ActiveX Only)
Sibelius Scorch Plugin 5.2.5.30
Skype™ 3.8
Spotify
Steinberg Cubase SE
Synaptics Pointing Device Driver
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Manuals
Toshiba Online Product Information
TOSHIBA SD Memory Utilities
TOSHIBA Software Modem
Unreal Tournament 2004
USB PC Camera-268
VC_MergeModuleToMSI
VLC media player 0.9.2
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series
Windows Media Player Firefox Plugin
WinPcap 4.1 beta2
WinRAR archiver
XBC 5.1

HELPMEDAMMIT
Novice
Novice

Posts Posts : 10
Joined Joined : 2009-05-19
OS OS : Vista
Points Points : 27582
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WINPC

Post by HELPMEDAMMIT on Wed May 20, 2009 2:45 pm

And the VLC link doesnt work!

HELPMEDAMMIT
Novice
Novice

Posts Posts : 10
Joined Joined : 2009-05-19
OS OS : Vista
Points Points : 27582
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WINPC

Post by Belahzur on Wed May 20, 2009 2:51 pm

Direct link:
[You must be registered and logged in to see this link.]


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: WINPC

Post by HELPMEDAMMIT on Wed May 20, 2009 2:56 pm

Not working either.....
And what about the thing in the system tray?
youve helped so much Smile

HELPMEDAMMIT
Novice
Novice

Posts Posts : 10
Joined Joined : 2009-05-19
OS OS : Vista
Points Points : 27582
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WINPC

Post by Belahzur on Wed May 20, 2009 2:57 pm

Probably doesn't realize AVG is installed because we removed Norton.
Right click the AVG icon in the tray and update it.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

Re: WINPC

Post by HELPMEDAMMIT on Wed May 20, 2009 2:59 pm

bingo.
you are a god.

HELPMEDAMMIT
Novice
Novice

Posts Posts : 10
Joined Joined : 2009-05-19
OS OS : Vista
Points Points : 27582
# Likes # Likes : 0

View user profile

Back to top Go down

Re: WINPC

Post by Belahzur on Wed May 20, 2009 3:01 pm

We need to make a new restore point.

To turn off System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (or the Turn off System Restore on all drives check box), and then click OK.
4. Click Yes when you receive the prompt to the turn off System Restore.

Now we need to make a new restore point.
To turn on System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (To turn on System Restore), and then click OK.

Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems. As happy as we are to help you, for your sake we would rather not have repeat customers. Goofy

1) Please navigate to [You must be registered and logged in to see this link.] and download all the "critical updates" for Windows. This can patch many of the security holes through which attackers can gain access to your computer.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates , or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

2) In order to protect yourself against spyware, you should consider installing and running the following free programs:

[You must be registered and logged in to see this link.]
A tutorial on using Ad-Aware to remove spyware from your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]
A tutorial on using Spybot to remove spyware from your computer may be found [You must be registered and logged in to see this link.]. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

[You must be registered and logged in to see this link.]
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found [You must be registered and logged in to see this link.].

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

3) Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
[You must be registered and logged in to see this link.]
I also recommand the following add-ons for Firefox, they will help keep you safe from malicious scripts or activeX exploits.
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.

To help you keep your software updated, please considering using this free software program that will check for program updates.
[You must be registered and logged in to see this link.]

5) Finally, consider maintaining a firewall. Some good free firewalls are [You must be registered and logged in to see this link.], or
[You must be registered and logged in to see this link.]
A tutorial on understanding and using firewalls may be found [You must be registered and logged in to see this link.].

Please also read Tony Klein's excellent article: [You must be registered and logged in to see this link.]

If you would take a moment to fill out our feedback form, we would appreciate it.
The link can be found [You must be registered and logged in to see this link.].

Hopefully this should take care of your problems! Good luck. Big Grin


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245059
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum