Jump to content

thetechpros

Members
  • Posts

    9
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Its all of them. (I did do the reset procedure) Any domain I host, the corresponding webmail version says its a phishing site - I can give mine for example. webmail.thetechpros.com.
  2. I checked for updates - none are available. it still appears to be reporting the subsites as phishing / warning. What should I do further. Please advise.
  3. Yes it was seen by a customer then I installed browser gaurd and got the “this is a phishing site warning” too. What can be done?
  4. It appears all of my webmail.customerdomains.com have been blocked and labeled blocked due to phishing?? (about 90 domains). None of my sites are infected or are involved with phishing? I have checked (and do regularly) with mxtoolbox and I employ imunify360 on the server. The servers address is: 198.109.107.11 - I checked that against RBL lists, nothing? Please remove the block or tell me what I need to do the clean this error if there is trouble on my end. Thank you.
  5. it did not work for me, still no internet update. I am going to look for a way to manually download and install the updates to malwarebytes. Let me know if you have more information on how to restore IE / mbam update capablity.
  6. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:41:48 PM, on 3/6/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Dell Network Assistant\hnm_svc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\LaCie\Backup Software\LaCieBackup.exe C:\Program Files\MySpace\IM\MySpaceIM.exe C:\Program Files\CreataCard\Gold\FMRemind.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Java\jre6\bin\javaw.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Alltel\QuickLink Mobile\QuickLink Mobile.exe C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\HP\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O2 - BHO: CommentsBar - MySpace Comments Toolbar - {b2475f4c-9372-46d3-a407-ff155aa1fb91} - C:\Program Files\CommentsBar_-_MySpace_Comments\tbCom1.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O3 - Toolbar: CommentsBar - MySpace Comments Toolbar - {b2475f4c-9372-46d3-a407-ff155aa1fb91} - C:\Program Files\CommentsBar_-_MySpace_Comments\tbCom1.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [HPPQVideo] "C:\Program Files\HP\ScheduledLaunch\HP Color LaserJet CP1510 Series\bin\hppschlnch.exe" -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CP1510_Series -f PQOptimizerVideo.xml -o remindLater O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on O4 - HKLM\..\Run: [hpbdfawep] C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe 1 O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\HP\HP Share-to-Web\hpgs2wnd.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [LaCie Backup] C:\Program Files\LaCie\Backup Software\\LaCieBackup.exe /background O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe O4 - HKUS\S-1-5-21-4180515934-2787429704-966583364-1007\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler (User 'Rog') O4 - HKUS\S-1-5-21-4180515934-2787429704-966583364-1007\..\Run: [DellAutomatedPCTuneUp] "C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe" /startup (User 'Rog') O4 - HKUS\S-1-5-21-4180515934-2787429704-966583364-1007\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Rog') O4 - HKUS\S-1-5-21-4180515934-2787429704-966583364-1007\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Rog') O4 - HKUS\S-1-5-21-4180515934-2787429704-966583364-500\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler (User 'Administrator') O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user') O4 - Startup: MP3 Rocket (Minimized).lnk = C:\Program Files\MP3 Rocket\MP3Rocket.exe O4 - Global Startup: CreataCard Gold 3 Forget Me Not Reminders Tray Icon.lnk = C:\Program Files\CreataCard\Gold\FMRemind.exe O4 - Global Startup: Forget Me Not.lnk = C:\Program Files\Broderbund\AG CreataCard\AGRemind.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: UltimateBet - {10F055B8-F443-4adf-948A-EC551E9DBCE4} - C:\Documents and Settings\Gin\Start Menu\Programs\UltimateBet\UltimateBet.lnk O9 - Extra 'Tools' menuitem: UltimateBet - {10F055B8-F443-4adf-948A-EC551E9DBCE4} - C:\Documents and Settings\Gin\Start Menu\Programs\UltimateBet\UltimateBet.lnk O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Absolute Poker Basic - {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Documents and Settings\Gin\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk (file missing) (HKCU) O9 - Extra 'Tools' menuitem: Absolute Poker Basic - {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Documents and Settings\Gin\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk (file missing) (HKCU) O16 - DPF: {011F473E-0880-43D4-99F3-F490A84128AE} (GenimoWebGames Control) - http://myspace.oberon-media.com/gameshell/...amesControl.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.4.1.cab O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - https://wimpro.cce.hp.com/ChatEntry/downloads/sysinfo.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1234237265359 O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - https://wimpro.cce.hp.com/ChatEntry/downloads/msxml4.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab O16 - DPF: {CBFF31B5-91C0-4361-98BD-4C56D0F9CDAC} (Drag and Drop Uploader Control) - http://www.betterphoto.com/_shared/uploadI...opUploader2.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://games.myspace.com/Gameshell/GameHos...ronGameHost.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{646547F8-6099-4270-9385-9F4BE89C8CFB}: NameServer = 166.102.165.11 166.102.165.13 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: DellAMBrokerService - Unknown owner - C:\Program Files\DellAutomatedPCTuneUp\brkrsvc.exe O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- End of file - 13005 bytes Malwarebytes' Anti-Malware 1.34 Database version: 1818 Windows 5.1.2600 Service Pack 3 3/5/2009 10:36:44 AM mbam-log-2009-03-05 (10-36-44).txt Scan type: Quick Scan Objects scanned: 1 Time elapsed: 0 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  7. I wish I could have gone through this process. I know it would have been easier than the fight I had with the machine, and more effective. I will post my stuff here next time instead of bleeping computer (that post was up for 36 hrs with no response). Why is it that other peoples HJT reports got answered 20 times over but 30 - 70 people looked at (both - malware and bleeping) mine and never offered any help? I had to do something, so I did what I could and the computer is now in service. If I get it back, I will repost. Thank you very much for your support and concern. I hope to hear back from you on why this post attracted attention - but you were the only one to answer? Is it a particularly hard post to decipher? Did I say something wrong in my description of the problem? And most importantly what item(s) do you think I missed? It did run fine on the internet for
  8. DDS (Ver_09-02-01.01) - NTFSx86 MINIMAL Run by Administrator at 10:11:12.06 on Mon 03/02/2009 Internet Explorer: 7.0.5730.13 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1796 [GMT -5:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Administrator\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = about:blank BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: {8ed1ba2d-127b-4453-a186-8e259efbbaf0} - c:\windows\system32\avicap3.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSCONFIG.EXE /auto mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRunOnce: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab DPF: {8ad9c840-044e-11d1-b3e9-00805f499d93} - hxxp://dl8-cdn-01.sun.com/s/ESD7/JSCDL/jdk/6u12-b04/jinstall-6u12-windows-i586-jc.cab?e=1235076538531&h=a055f122ff6391b5fb891774d7b6e061/&filename=jinstall-6u12-windows-i586-jc.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {cafeefac-0016-0000-0012-abcdeffedcba} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab DPF: {cafeefac-ffff-ffff-ffff-abcdeffedcba} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Notify: avgrsstarter - avgrsstx.dll AppInit_DLLs: emqsys.dll ============= SERVICES / DRIVERS =============== R0 bbpfrryn;bbpfrryn;c:\windows\system32\drivers\bbpfrryn.sys [2002-8-29 23424] S1 avgldx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-2-4 325128] S1 avgmfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-2-4 27656] S1 avgtdix;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-4 107272] S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-2-4 298264] S3 getplus® helper;getPlus® Helper; [x] =============== Created Last 30 ================ 2009-03-02 02:39 <DIR> --d----- C:\backup 2009-03-02 02:14 <DIR> --d----- c:\program files\Free Window Registry Repair 2009-03-02 02:13 356 a------- c:\temp\mark.reg 2009-03-02 02:13 795,555 a------- c:\temp\RegpairSetup.exe 2009-03-02 00:56 161,792 a------- c:\windows\SWREG.exe 2009-03-02 00:56 98,816 a------- c:\windows\sed.exe 2009-03-02 00:56 <DIR> --d----- C:\ComboFix 2009-03-02 00:56 <DIR> --d----- c:\docume~1\admini~1\applic~1\Malwarebytes 2009-03-02 00:00 1,361,822 a------- C:\New Bitmap Image.bmp 2009-03-01 22:52 <DIR> --d----- c:\windows\pss 2009-03-01 19:41 578,560 ac------ c:\windows\system32\dllcache\user32.dll 2009-03-01 19:40 <DIR> --d----- c:\windows\ERUNT 2009-03-01 19:39 <DIR> --d----- C:\SDFix 2009-03-01 19:39 1,529,241 a------- c:\temp\SDFix.exe 2009-02-26 11:32 20,992 a------- c:\windows\system32\emqsys.dll 2009-02-19 15:48 410,984 a------- c:\windows\system32\deploytk.dll 2009-02-19 15:48 73,728 a------- c:\windows\system32\javacpl.cpl 2009-02-05 13:44 2,884,516 a----r-- c:\temp\ComboFix.exe 2009-02-05 11:59 <DIR> --d----- c:\program files\Trend Micro 2009-02-05 11:56 <DIR> --d----- c:\temp\ccsetup216 2009-02-05 11:55 922,137 a------- c:\temp\ccsetup216.zip 2009-02-05 11:55 812,344 a------- c:\temp\HJTInstall.exe 2009-02-04 22:13 <DIR> --d----- c:\temp\AVGRTK_remover 2009-02-04 22:12 863 a------- c:\temp\AVGRTK_remover.zip 2009-02-04 21:43 <DIR> a-dshr-- C:\cmdcons 2009-02-04 21:02 459,264 -c------ c:\windows\system32\dllcache\msfeeds.dll 2009-02-04 21:02 52,224 -c------ c:\windows\system32\dllcache\msfeedsbs.dll 2009-02-04 21:02 267,776 -c------ c:\windows\system32\dllcache\iertutil.dll 2009-02-04 21:02 63,488 -c------ c:\windows\system32\dllcache\icardie.dll 2009-02-04 21:02 13,824 -c------ c:\windows\system32\dllcache\ieudinit.exe 2009-02-04 21:02 383,488 -c------ c:\windows\system32\dllcache\ieapfltr.dll 2009-02-04 21:02 2,455,488 -c------ c:\windows\system32\dllcache\ieapfltr.dat 2009-02-04 21:02 991,232 -c------ c:\windows\system32\dllcache\ieframe.dll.mui 2009-02-04 21:02 6,066,688 -c------ c:\windows\system32\dllcache\ieframe.dll 2009-02-04 20:40 712,704 -------- c:\windows\system32\windowscodecs.dll 2009-02-04 20:40 346,112 -------- c:\windows\system32\windowscodecsext.dll 2009-02-04 20:40 276,992 -------- c:\windows\system32\wmphoto.dll 2009-02-04 20:40 69,120 -------- c:\windows\system32\wlanapi.dll 2009-02-04 20:40 53,248 -------- c:\windows\system32\tsgqec.dll 2009-02-04 20:40 50,688 -------- c:\windows\system32\tspkg.dll 2009-02-04 20:40 <DIR> --d----- c:\windows\system32\scripting 2009-02-04 20:40 <DIR> --d----- c:\windows\system32\en 2009-02-04 20:40 <DIR> --d----- c:\windows\l2schemas 2009-02-04 20:40 <DIR> --d----- c:\windows\system32\bits 2009-02-04 20:37 <DIR> --d----- c:\windows\network diagnostic 2009-02-04 20:37 144,384 -------- c:\windows\system32\drivers\hdaudbus.sys 2009-02-04 20:37 10,240 -------- c:\windows\system32\drivers\sffp_mmc.sys 2009-02-04 20:36 19,569 a------- c:\windows\005783_.tmp 2009-02-04 18:29 <DIR> --d-h--- C:\$AVG8.VAULT$ 2009-02-04 18:27 10,520 a------- c:\windows\system32\avgrsstx.dll 2009-02-04 18:27 107,272 a------- c:\windows\system32\drivers\avgtdix.sys 2009-02-04 18:27 325,128 a------- c:\windows\system32\drivers\avgldx86.sys 2009-02-04 18:27 <DIR> --d----- c:\windows\system32\drivers\Avg 2009-02-04 18:15 <DIR> --d----- c:\temp\set_permissions 2009-02-04 18:15 <DIR> --d----- c:\temp\avgfix 2009-02-04 18:14 108,291 a------- c:\temp\set_permissions.zip 2009-02-04 17:34 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Avg8 2009-02-04 00:46 4,497,080 a------- c:\temp\spybotsd_includes.exe 2009-02-04 00:35 <DIR> --d----- c:\program files\Spybot - Search & Destroy 2009-02-04 00:35 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy 2009-02-04 00:34 16,409,960 a------- c:\temp\spybotsd162.exe 2009-02-03 15:32 <DIR> --d----- c:\program files\AVG 2009-02-03 15:31 50,689,960 a------- c:\temp\avg_free_stf_en_8_173a1373.exe 2009-02-03 15:06 59,981,528 a------- c:\temp\avg_free_stf_en_8_233a1415.exe 2009-02-03 12:40 <DIR> --d----- C:\0a7c67e50e3d84cfd74ad1 2009-02-03 12:13 <DIR> --d----- c:\temp\sp3 2009-02-03 11:57 305 a------- c:\windows\system32\MRT.INI 2009-02-03 11:17 15,504 a------- c:\windows\system32\drivers\mbam.sys 2009-02-03 11:17 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-02-03 11:17 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2009-02-03 11:17 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes ==================== Find3M ==================== 2009-02-04 20:43 88,047 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat 2008-12-20 18:15 826,368 a------- c:\windows\system32\wininet.dll ============= FINISH: 10:11:35.14 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.