Jump to content

Greenback

Members
 View Profile  See their activity

  • Posts

    14

  • Joined

  • Last visited

 Content Type 

Everything posted by Greenback

  1. Greenback
    Thanks again for all your help. I've avoided a time consuming format and re-install through your efforts and help. I hope everyone you help appreciates your time and efforts! Regards and Gratitude Greeny
  2. Greenback
    All seems ok now. Thanks very much for your time and efforts AS, very helpful and much appreciated!
  3. Greenback
    Ok i reinstalled AVG using the reair option and it seems to have fixed the issue. I can now scan and email scanner is back online. Maybe some files were infected and deleted or corrupted?
  4. Greenback
    Uninstalled AVG and got errors regarding the .exe files. Re-installed and got these errors: Local machine: installation failed Initialization: Warning: Checking of state of the item file avgcsrvx.exe failed. File opening failed. %FILE% = "" Error 0xe001042c Installation: Error: Action failed for file avgcsrvx.exe: creating file.... Error 0xe001042c Warning: Action failed for file avgcsrvx.exe: creating backup.... Error 0x80070005 %DESTINATION% = "C:\Program Files\AVG\AVG8\avgcsrvx.exe.install_backup", %SOURCE% = "C:\Program Files\AVG\AVG8\avgcsrvx.exe" Rollback: Error: Action failed for file avgcsrvx.exe: restoring from backup.... Error 0x80070002 %DESTINATION% = "C:\Program Files\AVG\AVG8\avgcsrvx.exe", %SOURCE% = "C:\Program Files\AVG\AVG8\avgcsrvx.exe.install_backup"
  5. Greenback
    Also, Hijackthis is giving me the option to "fix" things from its log, is there anything you can see there that I need to delete, ive left Hijackthis open on those options....
  6. Greenback
    I think it must have been disabled as well as the MBAM and spybot but I was too busy trying to get those fixed before I even tried AVG. I've uninstalled Combofix now and still AVG won't do a system scan or give me the option to turn email scans back on. When you mentioned the corrupt video drivers, will the disk scan have sorted those now? I'll try to re-install AVG and see if that solves anything. Thanks for you time up to now.
  7. Greenback
    oooh I just noticed this from the Combofix log: ComboFix 09-08-30.04 - Dunny 31/08/2009 15:50.1.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.1087 [GMT 1:00] Running from: c:\documents and settings\Dunny\Desktop\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} Is this why my AVG isn't able to do a scan now? If so, how do I switch it back on? Also, the email scanner has been disabled and won't turn back on....?
  8. Greenback
    Malwarebytes' Anti-Malware 1.40 Database version: 2738 Windows 5.1.2600 Service Pack 3 04/09/2009 10:35:05 mbam-log-2009-09-04 (10-35-05).txt Scan type: Quick Scan Objects scanned: 82960 Time elapsed: 3 minute(s), 26 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:35:46, on 04/09/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16876) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ATKKBService.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\Brmfrmps.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [setDefPrt] C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Product Registration.lnk = C:\Program Files\Common Files\LogiShared\eReg\SetPoint\eReg.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Product Registration.lnk = C:\Program Files\Common Files\LogiShared\eReg\SetPoint\eReg.exe (User 'Default user') O4 - Startup: Product Registration.lnk = C:\Program Files\Common Files\LogiShared\eReg\SetPoint\eReg.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Status Monitor.lnk.disabled O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo...sreqlab_nvd.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe -- End of file - 6310 bytes
  9. Greenback
    The video driver issue would make sense, im getting a lot of freezing when watching media and also freezing/jerkiness when gaming which I can't resolve with any setting changes.......just waiting for scans to complete and i'll post.
  10. Greenback
    DDS log: DDS (Ver_09-07-30.01) - NTFSx86 Run by Dunny at 9:33:37.98 on 04/09/2009 Internet Explorer: 7.0.5730.13 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.1103 [GMT 1:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\brss01a.exe svchost.exe C:\WINDOWS\ATKKBService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\Brmfrmps.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\internet explorer\iexplore.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Documents and Settings\Dunny\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.co.uk/ uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [setDefPrt] c:\program files\brother\brmfl04a\BrStDvPt.exe mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE mRun: [nwiz] nwiz.exe /install mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\dunny\startm~1\programs\startup\produc~1.lnk - c:\program files\common files\logishared\ereg\setpoint\eReg.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe StartupFolder: c:\documents and settings\all users\start menu\programs\startup\Status Monitor.lnk.disabled IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Notify: avgrsstarter - avgrsstx.dll Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll LSA: Authentication Packages = msv1_0 nwprovau ============= SERVICES / DRIVERS =============== R0 ivicd;Ivi CDVD Filter Driver;c:\windows\system32\drivers\ivicd.sys [2009-3-15 38784] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-3-15 335240] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-3-15 27784] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-3-15 108552] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-3-15 297752] S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-3-15 908056] S3 getPlus® Helper;getPlus® Helper;c:\program files\nos\bin\getPlus_HelperSvc.exe [2009-3-15 33176] S3 iviudf;iviudf;c:\windows\system32\drivers\IviUdf.sys [2009-3-15 116224] =============== Created Last 30 ================ 2009-09-01 10:27 664 a------- c:\windows\system32\d3d9caps.dat 2009-08-31 16:11 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-08-31 16:11 19,096 a------- c:\windows\system32\drivers\mbam.sys 2009-08-31 16:11 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2009-08-31 15:57 <DIR> -cd----- c:\windows\system32\dllcache\cache 2009-08-31 15:49 <DIR> a-dshr-- C:\cmdcons 2009-08-31 15:46 229,376 a------- c:\windows\PEV.exe 2009-08-31 15:46 161,792 a------- c:\windows\SWREG.exe 2009-08-31 15:46 98,816 a------- c:\windows\sed.exe 2009-08-31 14:24 <DIR> --d----- c:\program files\Spybot - Search & Destroy 2009-08-31 13:05 <DIR> --d----- c:\docume~1\dunny\applic~1\Malwarebytes 2009-08-31 13:05 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-08-13 02:32 <DIR> --d----- c:\docume~1\alluse~1\applic~1\NVIDIA Corporation 2009-08-11 20:54 189,104 a------- c:\windows\system32\PnkBstrB.xtr 2009-08-10 23:01 209,608 a------- c:\windows\system32\tabctl32.ocx 2009-08-10 23:01 109,248 a------- c:\windows\system32\mswinsck.ocx 2009-08-10 23:01 2,271,152 a------- c:\windows\system32\Codejock.CommandBars.Unicode.v12.1.1.ocx 2009-08-10 23:01 132,880 a------- c:\windows\system32\MSINET.OCX 2009-08-10 23:01 1,779,632 a------- c:\windows\system32\Codejock.Controls.v12.1.1.ocx 2009-08-10 23:01 <DIR> --d----- c:\program files\CoD RconTool 2009-08-10 22:10 319 a------- c:\windows\game.ini 2009-08-10 21:47 <DIR> --d----- c:\program files\Activision 2009-08-06 21:23 <DIR> --d----- c:\windows\system32\wbem\Repository 2009-08-06 20:43 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy ==================== Find3M ==================== 2009-09-03 01:08 189,104 a------- c:\windows\system32\PnkBstrB.exe 2009-09-02 21:42 139,584 a------- c:\windows\system32\drivers\PnkBstrK.sys 2009-08-24 09:40 335,240 a------- c:\windows\system32\drivers\avgldx86.sys 2009-08-24 09:40 11,952 a------- c:\windows\system32\avgrsstx.dll 2009-08-11 20:53 75,064 a------- c:\windows\system32\PnkBstrA.exe 2009-08-10 22:11 22,328 a------- c:\docume~1\dunny\applic~1\PnkBstrK.sys 2009-08-05 10:01 204,800 a------- c:\windows\system32\mswebdvd.dll 2009-07-17 20:01 58,880 a------- c:\windows\system32\atl.dll 2009-07-14 19:54 2,189,856 a------- c:\windows\system32\nvcuvid.dll 2009-07-14 19:54 2,002,944 a------- c:\windows\system32\nvcuda.dll 2009-07-14 19:54 1,706,528 a------- c:\windows\system32\nvcuvenc.dll 2009-07-14 19:54 1,597,690 a------- c:\windows\system32\nvdata.bin 2009-07-14 19:54 868,352 a------- c:\windows\system32\nvapi.dll 2009-07-14 19:54 485,920 a------- c:\windows\system32\nvudisp.exe 2009-07-14 13:35 2,173,472 a------- c:\windows\system32\nvcplui.exe 2009-07-14 13:35 4,026,368 a------- c:\windows\system32\nvvitvs.dll 2009-07-14 13:35 3,170,304 a------- c:\windows\system32\nvwss.dll 2009-07-14 13:34 4,923,392 a------- c:\windows\system32\nvdisps.dll 2009-07-14 13:34 3,547,136 a------- c:\windows\system32\nvgames.dll 2009-07-14 13:34 1,286,144 a------- c:\windows\system32\nvmobls.dll 2009-07-14 13:34 188,416 a------- c:\windows\system32\nvmccss.dll 2009-07-14 13:34 143,360 a------- c:\windows\system32\nvcolor.exe 2009-07-14 13:34 229,376 a------- c:\windows\system32\nvmccs.dll 2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll 2009-07-10 07:01 485,920 a------- c:\windows\system32\NVUNINST.EXE 2009-06-29 17:12 827,392 -------- c:\windows\system32\wininet.dll 2009-06-29 17:12 78,336 a------- c:\windows\system32\ieencode.dll 2009-06-29 17:12 17,408 a------- c:\windows\system32\corpol.dll 2009-06-25 09:25 730,112 a------- c:\windows\system32\lsasrv.dll 2009-06-25 09:25 301,568 a------- c:\windows\system32\kerberos.dll 2009-06-25 09:25 147,456 a------- c:\windows\system32\schannel.dll 2009-06-25 09:25 136,192 a------- c:\windows\system32\msv1_0.dll 2009-06-25 09:25 56,832 a------- c:\windows\system32\secur32.dll 2009-06-25 09:25 54,272 a------- c:\windows\system32\wdigest.dll 2009-06-16 15:36 119,808 a------- c:\windows\system32\t2embed.dll 2009-06-16 15:36 81,920 a------- c:\windows\system32\fontsub.dll 2009-06-12 13:31 80,896 a------- c:\windows\system32\tlntsess.exe 2009-06-12 13:31 76,288 a------- c:\windows\system32\telnet.exe 2009-06-10 15:13 84,992 a------- c:\windows\system32\avifil32.dll 2009-06-10 09:19 2,066,432 a------- c:\windows\system32\mstscax.dll 2009-06-10 07:14 132,096 a------- c:\windows\system32\wkssvc.dll 2009-03-25 10:45 47,360 a------- c:\docume~1\dunny\applic~1\pcouffin.sys 2009-03-15 19:25 65 a------- c:\program files\common files\appop.log ============= FINISH: 9:33:53.98 =============== ATTACH.txt log: UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-07-30.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 15/03/2009 02:36:10 System Uptime: 09/04/2009 09:22:06 (3552 hours ago) Motherboard: ASUSTeK Computer INC. | | A8N-SLI DELUXE Processor: AMD Athlon 64 Processor 3000+ | Socket 939 | 1809/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 149 GiB total, 36.67 GiB free. D: is CDROM () E: is CDROM () F: is CDROM () ==== Disabled Device Manager Items ============= Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: 1394 Net Adapter Device ID: V1394\NIC1394\6BF3A111D800 Manufacturer: Microsoft Name: 1394 Net Adapter PNP Device ID: V1394\NIC1394\6BF3A111D800 Service: NIC1394 Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: NVIDIA nForce Networking Controller Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV0057\4&1F09082D&0&01 Manufacturer: NVIDIA Name: NVIDIA nForce Networking Controller PNP Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV0057\4&1F09082D&0&01 Service: NVENETFD ==== System Restore Points =================== RP1: 31/08/2009 15:50:13 - System Checkpoint RP2: 31/08/2009 18:58:24 - System Checkpoint RP3: 01/09/2009 18:59:20 - System Checkpoint RP4: 03/09/2009 06:21:18 - System Checkpoint ==== Installed Programs ====================== 3114 SATARAID5 Acrobat.com Adobe AIR Adobe Flash Player 10 ActiveX Adobe Reader 9.1.3 Apple Mobile Device Support Apple Software Update Ashampoo Burning Studio 8.04 ASUS Enhanced Display Driver ASUS nVIDIA Driver ASUSDVD Athlon 64 Processor Driver AVG 8.5 Belarc Advisor 8.1 Bonjour Brother MFL-Pro Suite Call of Duty - United Offensive Call of Duty Game of the Year Edition Call of Duty® 4 - Modern Warfare Call of Duty® 4 - Modern Warfare 1.6 Patch Call of Duty® 4 - Modern Warfare 1.7 Patch CCleaner (remove only) CDDRV_Installer Choice Guard CoD RconTool ConvertXtoDVD 3.5.2.137 Critical Update for Windows Media Player 11 (KB959772) eMule getPlus® for Adobe Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB970653-v3) InterVideo Launcher iTunes Java 2 Runtime Environment, SE v1.4.2_04 Java 6 Update 11 Junk Mail filter update K-Lite Codec Pack 4.7.0 (Full) KhalInstallWrapper Logitech QuickCam Logitech QuickCam Driver Package Logitech Registration Logitech SetPoint Malwarebytes' Anti-Malware Marvell Miniport Driver Microsoft Application Error Reporting Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Microsoft National Language Support Downlevel APIs Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable MSVCRT NVIDIA Drivers NVIDIA ForceWare Network Access Manager NVIDIA nTune NVIDIA nView Desktop Manager PowerDirector PunkBuster Services QuickTime Realtek AC'97 Audio Security Update for CAPICOM (KB931906) Security Update for Windows Internet Explorer 7 (KB938127-v2) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 7 (KB972260) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958215) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960714) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Segoe UI System Requirements Lab TeamSpeak 2 RC2 Update for Windows XP (KB898461) Update for Windows XP (KB951978) Update for Windows XP (KB955839) Update for Windows XP (KB961503) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB973815) Virtual Cable Tester VLC media player 0.9.8a WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Sign-in Assistant Windows Live Upload Tool Windows Media Format 11 runtime Windows Media Player 11 WinRAR archiver ==== Event Viewer Messages From Past Week ======== 31/08/2009 17:18:48, error: Service Control Manager [7034] - The Brother Popup Suspend service for Resource manager service terminated unexpectedly. It has done this 1 time(s). 31/08/2009 17:18:12, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s). 31/08/2009 15:57:49, error: Service Control Manager [7016] - The BrSplService service has reported an invalid current state 0. 31/08/2009 15:56:12, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the PEVSystemStart service to connect. 31/08/2009 15:56:10, error: Service Control Manager [7034] - The Process Monitor service terminated unexpectedly. It has done this 1 time(s). 31/08/2009 15:50:13, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000000D' while processing the file 'KB915865' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. 02/09/2009 21:46:23, error: Service Control Manager [7034] - The BrSplService service terminated unexpectedly. It has done this 1 time(s). 01/09/2009 21:17:50, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s). ==== End Of File =========================== I don't have Hijackthis, is this a spyware programme?
  11. Greenback
    This was the MBAM log I managed to run after Combofix: Malwarebytes' Anti-Malware 1.40 Database version: 2721 Windows 5.1.2600 Service Pack 3 31/08/2009 16:36:00 mbam-log-2009-08-31 (16-36-00).txt Scan type: Full Scan (C:\|) Objects scanned: 123518 Time elapsed: 22 minute(s), 29 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ------------------------------------------ I had thought everything was clean after Combofix but I still can't run a scan with AVG?
  12. Greenback
    I am, sorry, i saw my post deleted from the other thread and didnt notice this new one, apologies I will post an update asap.
  13. Greenback
    After I ran Combofix, i've reinstalled malwarebytes and its letting it perform a scan whereas before it would just vanish after starting and wouldn't give me permission to start it up again so "fingers crossed" If an expert can advise me of any other problems obvious in the log above I would be very appreciative!
  14. Greenback
    Hi all, I have the same issue as above with the permission errors on Malwarebytes and Spybot, even MSN Messenger crashes (not sure its linked?) Should I start a new thread or can I jump on the tails of this one? I ran the Combofix and it gave me the following log, can anyone help: ComboFix 09-08-30.04 - Dunny 31/08/2009 15:50.1.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.1087 [GMT 1:00] Running from: c:\documents and settings\Dunny\Desktop\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Dunny\Application Data\inst.exe c:\windows\HMD.exe c:\windows\HWS.exe Infected copy of c:\windows\system32\eventlog.dll was found and disinfected Restored copy from - c:\windows\system32\dllcache\eventlog.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_NWCWORKSTATION -------\Legacy_UACd.sys -------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226ED} -------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226EE} -------\Service_NWCWorkstation -------\Service_UACd.sys ((((((((((((((((((((((((( Files Created from 2009-07-28 to 2009-08-31 ))))))))))))))))))))))))))))))) . 2009-08-31 14:18 . 2009-08-03 12:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-08-31 14:18 . 2009-08-31 14:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-08-31 14:18 . 2009-08-03 12:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-08-31 13:48 . 2009-08-31 14:08 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-08-31 13:24 . 2009-08-31 14:17 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-08-31 12:05 . 2009-08-31 12:05 -------- d-----w- c:\documents and settings\Dunny\Application Data\Malwarebytes 2009-08-31 12:05 . 2009-08-31 12:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-08-13 01:32 . 2009-08-13 01:32 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation 2009-08-11 19:53 . 2009-08-11 19:53 -------- d-----w- c:\documents and settings\Dunny\Local Settings\Application Data\PunkBuster 2009-08-10 22:01 . 2009-08-29 12:24 -------- d-----w- c:\program files\CoD RconTool 2009-08-10 20:47 . 2009-08-10 20:47 -------- d-----w- c:\program files\Activision 2009-08-06 20:23 . 2009-08-06 20:23 -------- d-----w- c:\windows\system32\wbem\Repository 2009-08-06 19:43 . 2009-08-31 14:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-31 10:59 . 2009-03-25 09:45 -------- d-----w- c:\documents and settings\Dunny\Application Data\Vso 2009-08-29 12:24 . 2009-03-31 20:33 189104 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-08-29 10:51 . 2009-03-31 20:34 139584 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-08-24 08:40 . 2009-03-15 11:12 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-08-24 08:40 . 2009-03-15 11:12 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-08-24 08:40 . 2009-03-15 11:12 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-08-16 18:36 . 2009-03-15 15:34 -------- d-----w- c:\program files\Call of Duty Game of the Year Edition 2009-08-15 15:04 . 2009-07-15 00:37 -------- d-----w- c:\documents and settings\Dunny\Application Data\vlc 2009-08-13 01:32 . 2009-03-15 11:25 -------- d-----w- c:\program files\NVIDIA Corporation 2009-08-11 19:53 . 2009-03-31 20:33 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-08-10 22:52 . 2009-03-15 11:26 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-08-10 21:11 . 2009-03-31 20:34 22328 ----a-w- c:\documents and settings\Dunny\Application Data\PnkBstrK.sys 2009-08-10 21:11 . 2009-03-31 20:34 22328 ----a-w- c:\documents and settings\Dunny\Application Data\PnkBstrK.sys 2009-08-06 19:32 . 2009-03-15 11:12 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8 2009-08-05 09:01 . 2008-04-14 03:42 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-07-26 18:27 . 2009-07-26 18:27 -------- d-----w- c:\program files\COD problem mods 2009-07-18 10:55 . 2009-07-18 10:55 -------- d-----w- c:\program files\Belarc 2009-07-17 19:01 . 2008-04-14 03:41 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-14 18:54 . 2009-04-30 21:02 868352 ----a-w- c:\windows\system32\nvapi.dll 2009-07-14 18:54 . 2009-04-30 21:02 2189856 ----a-w- c:\windows\system32\nvcuvid.dll 2009-07-14 18:54 . 2009-04-30 21:02 2002944 ----a-w- c:\windows\system32\nvcuda.dll 2009-07-14 18:54 . 2009-04-30 21:02 1706528 ----a-w- c:\windows\system32\nvcuvenc.dll 2009-07-14 18:54 . 2009-04-30 21:02 1597690 ----a-w- c:\windows\system32\nvdata.bin 2009-07-14 18:54 . 2009-03-15 11:37 485920 ----a-w- c:\windows\system32\nvudisp.exe 2009-07-14 12:35 . 2009-07-14 12:35 2173472 ----a-w- c:\windows\system32\nvcplui.exe 2009-07-14 12:35 . 2009-07-14 12:35 4026368 ----a-w- c:\windows\system32\nvvitvs.dll 2009-07-14 12:35 . 2009-07-14 12:35 3170304 ----a-w- c:\windows\system32\nvwss.dll 2009-07-14 12:34 . 2009-07-14 12:34 4923392 ----a-w- c:\windows\system32\nvdisps.dll 2009-07-14 12:34 . 2009-07-14 12:34 3547136 ----a-w- c:\windows\system32\nvgames.dll 2009-07-14 12:34 . 2009-07-14 12:34 188416 ----a-w- c:\windows\system32\nvmccss.dll 2009-07-14 12:34 . 2009-07-14 12:34 143360 ----a-w- c:\windows\system32\nvcolor.exe 2009-07-14 12:34 . 2009-07-14 12:34 1286144 ----a-w- c:\windows\system32\nvmobls.dll 2009-07-14 12:34 . 2009-07-14 12:34 229376 ----a-w- c:\windows\system32\nvmccs.dll 2009-07-13 22:43 . 2008-04-14 03:42 286208 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-10 06:01 . 2009-03-15 11:23 485920 ----a-w- c:\windows\system32\NVUNINST.EXE 2009-06-29 16:12 . 2008-04-14 03:42 827392 ----a-w- c:\windows\system32\wininet.dll 2009-06-29 16:12 . 2008-04-14 03:41 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-06-29 16:12 . 2008-04-14 03:41 17408 ----a-w- c:\windows\system32\corpol.dll 2009-06-25 08:25 . 2008-04-14 03:42 54272 ----a-w- c:\windows\system32\wdigest.dll 2009-06-25 08:25 . 2008-04-14 03:42 56832 ----a-w- c:\windows\system32\secur32.dll 2009-06-25 08:25 . 2008-04-14 03:42 147456 ----a-w- c:\windows\system32\schannel.dll 2009-06-25 08:25 . 2008-04-14 03:42 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-06-25 08:25 . 2008-04-14 03:41 730112 ----a-w- c:\windows\system32\lsasrv.dll 2009-06-25 08:25 . 2008-04-14 03:41 301568 ----a-w- c:\windows\system32\kerberos.dll 2009-06-24 11:18 . 2008-04-13 22:01 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2009-06-16 14:36 . 2008-04-14 03:42 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-06-16 14:36 . 2008-04-14 03:41 81920 ----a-w- c:\windows\system32\fontsub.dll 2009-06-12 12:31 . 2008-04-14 03:42 80896 ----a-w- c:\windows\system32\tlntsess.exe 2009-06-12 12:31 . 2008-04-14 03:42 76288 ----a-w- c:\windows\system32\telnet.exe 2009-06-10 14:13 . 2008-04-14 03:41 84992 ----a-w- c:\windows\system32\avifil32.dll 2009-06-10 08:19 . 2009-03-15 02:30 2066432 ----a-w- c:\windows\system32\mstscax.dll 2009-06-10 06:14 . 2008-04-14 03:42 132096 ----a-w- c:\windows\system32\wkssvc.dll 2009-06-04 19:37 . 2009-06-04 19:37 10134 ----a-r- c:\documents and settings\Dunny\Application Data\Microsoft\Installer\{3101CB58-3482-4D21-AF1A-7057FC935355}\ARPPRODUCTICON.exe 2009-06-03 19:09 . 2008-04-14 03:42 1291264 ----a-w- c:\windows\system32\quartz.dll 2009-03-15 18:25 . 2009-03-15 18:25 65 ----a-w- c:\program files\Common Files\appop.log . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-08-24 2007832] "SetDefPrt"="c:\program files\Brother\Brmfl04a\BrStDvPt.exe" [2004-05-25 49152] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-07-20 7110656] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-07-20 86016] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2008-12-18 76304] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2005-07-20 1519616] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-5-2 809488] Status Monitor.lnk.disabled [2009-3-15 1730] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2009-02-18 23:30 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-08-24 08:40 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Call of Duty Game of the Year Edition\\CoDUOMP.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"= "c:\\Program Files\\CoD RconTool\\Profiles\\Standard\\Chat\\pbucon.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "2442:TCP"= 2442:TCP:emule2 R0 ivicd;Ivi CDVD Filter Driver;c:\windows\system32\drivers\ivicd.sys [15/03/2009 19:24 38784] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [15/03/2009 12:12 335240] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [15/03/2009 12:12 108552] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [15/03/2009 11:53 297752] S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [15/03/2009 12:12 908056] S3 getPlus® Helper;getPlus® Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [15/03/2009 12:27 33176] S3 iviudf;iviudf;c:\windows\system32\drivers\IviUdf.sys [15/03/2009 19:24 116224] --- Other Services/Drivers In Memory --- *Deregistered* - udffsrec . Contents of the 'Scheduled Tasks' folder 2009-08-31 c:\windows\Tasks\WGASetup.job - c:\windows\system32\KB905474\wgasetup.exe [2009-04-29 21:18] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.co.uk/ uInternet Settings,ProxyOverride = *.local DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-08-31 15:56 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(700) c:\program files\common files\logitech\bluetooth\LBTWlgn.dll c:\program files\common files\logitech\bluetooth\LBTServ.dll - - - - - - - > 'explorer.exe'(1492) c:\windows\system32\WININET.dll c:\program files\Logitech\SetPoint\lgscroll.dll c:\windows\system32\ieframe.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvsvc32.exe c:\windows\system32\brss01a.exe c:\windows\ATKKBService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\Brmfrmps.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\PnkBstrB.exe c:\program files\AVG\AVG8\avgrsx.exe c:\progra~1\AVG\AVG8\avgnsx.exe c:\program files\Common Files\LogiShrd\KHAL2\KHALMNPR.exe c:\program files\iPod\bin\iPodService.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Completion time: 2009-08-31 15:58 - machine was rebooted ComboFix-quarantined-files.txt 2009-08-31 14:58 Pre-Run: 45,352,366,080 bytes free Post-Run: 45,292,965,888 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 214 --- E O F --- 2009-08-25 20:05
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.