Jump to content

Jasonsan

Honorary Members
 View Profile  See their activity

  • Posts

    35

  • Joined

  • Last visited

 Content Type 

Everything posted by Jasonsan

  1. Jasonsan
    It didn't find anything and I wasn't able to see anything that showed a log. Why am I getting these errors when I try to install programs though and how do I fix them?
  2. Jasonsan
    RogueKiller V8.4.3 [Jan 10 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Jason [Admin rights] Mode : Scan -- Date : 01/13/2013 22:36:18 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] d1987b2cca300e618102e168802274f0 [bSP] ca9b1000797f7a27af4471da4ae228af : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 305234 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[1]_S_01132013_02d2236.txt >> RKreport[1]_S_01132013_02d2236.txt
  3. Jasonsan
    Results of screen317's Security Check version 0.99.57 Windows XP Service Pack 3 x86 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Internet Security Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.70.0.1100 CCleaner ````````Process Check: objlist.exe by Laurent```````` system32 AvastSvc.exe -?- system32 AvastUI.exe -?- `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 12% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````
  4. Jasonsan
    Hi, I disabled my Avast Internet Security but when I got to Step 4 but wasn't able to go any further. As I tried to run RSIT.exe I got an error stating: "AutoIT Error Line 8055 (C:\documents and settings\Jason\desktop\RSIT.exe) Error: Variable used without being declared." So I cannot post any logs for that. Should I continue going on this? Rkill 2.4.5 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2013 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 01/13/2013 04:46:36 PM in x86 mode. Windows Version: Microsoft Windows XP Service Pack 3 Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * C:\WINDOWS\system32\CTHELPER.EXE (PID: 748) [WD-HEUR] * C:\WINDOWS\system32\LVCOMSX.EXE (PID: 776) [WD-HEUR] 2 proccesses terminated! Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * No issues found. Checking Windows Service Integrity: * No issues found. Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * HOSTS file entries found: 127.0.0.1 localhost Program finished at: 01/13/2013 04:47:14 PM Execution time: 0 hours(s), 0 minute(s), and 37 seconds(s)
  5. Jasonsan
    Yes this is related to the .exe file post but I figured the problem went away. When I saw that I couldn't install latest version of malwarebytes I figured that something still seems to be wrong. Top part of DDS that I was missing was this: DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 Run by Jason at 18:19:59 on 2013-01-12 Also when I tried to install ERUNT I got the same error I got in the other installations "Cocreate instance failed; code 0x80040154". Does this matter or should I still continue all of the steps until the end?
  6. Jasonsan
    I cannot install the latest version of Malwarebytes 1.70. I tried running the setup and get the following error which pops up 6 times at the very end of the installation "CoCreateInstance failed; code 0x80040154. Class not registered." Then when it finishes and tries to run malwarebytes it says "Run time error '372.' Failed to load control 'WebBrowser' from ieframe.dll. Your version of ieframe may be outdated. Make sure you are using the version of this control that was provided with the application. Any help with this? Thanks . ============== Running Processes ================ . C:\Program Files\AVAST Software\Avast\afwServ.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\AIM\aim.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Creative Professional\E-MU PatchMix DSP\EmuPMixDSP.exe C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\WINDOWS\System32\alg.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned> BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [setDefaultMIDI] MIDIDef.exe uRun: [Google Update] "c:\documents and settings\jason\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet uRun: [Aim] "c:\program files\aim\aim.exe" /d locale=en-US uRun: [LogitechSoftwareUpdate] "c:\program files\logitech\video\ManifestEngine.exe" boot mRun: [ASUS Update Checker] c:\program files\asus\asusupdate\updatechecker\UpdateChecker.exe mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe mRun: [CTHelper] CTHELPER.EXE mRun: [CTxfiHlp] CTXFIHLP.EXE mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [LVCOMSX] c:\windows\system32\LVCOMSX.EXE mRun: [LogitechVideoRepair] c:\program files\logitech\video\ISStart.exe mRun: [LogitechVideoTray] c:\program files\logitech\video\LogiTray.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRunOnce: [WIAWizardMenu] RUNDLL32.EXE c:\windows\system32\sti_ci.dll,WiaCreateWizardMenu mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{C5D0F081-380F-4021-99D1-795B709BBACD} : DHCPNameServer = 192.168.1.1 . ============= SERVICES / DRIVERS =============== . R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86 R? COMMONFX;COMMONFX R? CT20XUT.SYS;CT20XUT.SYS R? CT20XUT;CT20XUT R? CTAUDFX.SYS;CTAUDFX.SYS R? CTAUDFX;CTAUDFX R? CTEAPSFX.SYS;CTEAPSFX.SYS R? CTEAPSFX;CTEAPSFX R? CTEDSPFX.SYS;CTEDSPFX.SYS R? CTEDSPFX;CTEDSPFX R? CTEDSPIO;CTEDSPIO R? CTEDSPSY;CTEDSPSY R? CTERFXFX.SYS;CTERFXFX.SYS R? CTERFXFX;CTERFXFX R? CTEXFIFX.SYS;CTEXFIFX.SYS R? CTEXFIFX;CTEXFIFX R? CTHWIUT.SYS;CTHWIUT.SYS R? CTHWIUT;CTHWIUT R? CTSBLFX.SYS;CTSBLFX.SYS R? CTSBLFX;CTSBLFX R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0 S? AsUpIO;AsUpIO S? aswFsBlk;aswFsBlk S? aswFW;avast! TDI Firewall driver S? aswKbd;aswKbd S? aswNdis;avast! Firewall NDIS Filter Service S? aswNdis2;avast! Firewall Core Firewall Service S? aswSnx;aswSnx S? aswSP;aswSP S? avast! Antivirus;avast! Antivirus S? avast! Firewall;avast! Firewall S? COMMONFX.SYS;COMMONFX.SYS S? CTEDSPIO.SYS;CTEDSPIO.SYS S? CTEDSPSY.SYS;CTEDSPSY.SYS S? MBAMSwissArmy;MBAMSwissArmy S? MotoHelper;MotoHelper Service . =============== File Associations =============== . ShellExec: QSync.exe: Open="c:\program files\logitech\video\QSync.exe" . =============== Created Last 30 ================ . 2013-01-12 22:52:34 21104 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-01-12 22:52:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-01-12 22:39:38 15616 ----a-w- c:\windows\system32\drivers\TrueSight.sys 2013-01-12 22:38:12 -------- d-----w- c:\documents and settings\jason\application data\QuickScan 2013-01-12 22:37:46 -------- d-s---w- c:\documents and settings\jason\IECompatCache 2013-01-12 21:53:34 -------- d--h--w- c:\windows\PIF 2013-01-12 20:14:49 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys . ==================== Find3M ==================== . 2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll 2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys 2012-11-06 02:01:39 1371648 ----a-w- c:\windows\system32\msxml6.dll 2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll 2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll 2012-11-01 12:17:54 43520 ------w- c:\windows\system32\licmgr10.dll 2012-11-01 12:17:54 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-11-01 00:35:34 385024 ------w- c:\windows\system32\html.iec 2012-10-30 23:51:58 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-10-30 23:51:58 199320 ----a-w- c:\windows\system32\drivers\aswNdis2.sys 2012-10-30 23:51:56 20624 ----a-w- c:\windows\system32\drivers\aswKbd.sys 2012-10-30 23:51:56 106560 ----a-w- c:\windows\system32\drivers\aswFW.sys 2012-10-30 23:51:07 41224 ----a-w- c:\windows\avastSS.scr . ============= FINISH: 18:20:19.87 =============== . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX AIM 7 AMD Processor Driver Apple Application Support Apple Software Update ASUSUpdate avast! Internet Security CCleaner Download Updater (AOL LLC) Dual-Core Optimizer E-MU Audio Drivers E-muPatchMix DSP ERUNT 1.1j Google Chrome Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB2756822) Hotfix for Windows XP (KB2779562) Hotfix for Windows XP (KB952287) Logitech QuickCam Software Logitech® Camera Driver Malwarebytes Anti-Malware version 1.70.0.1100 Microsoft .NET Framework 4 Client Profile Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MotoHelper 2.1.32 Driver 5.4.0 MotoHelper MergeModules Motorola Mobile Drivers Installation 5.4.0 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Musicnotes Software Suite 1.7.0 NVIDIA Control Panel 295.73 NVIDIA Drivers NVIDIA Graphics Driver 295.73 NVIDIA Install Application NVIDIA nView 136.18 NVIDIA nView Desktop Manager NVIDIA Update 1.7.11 NVIDIA Update Components Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2530548) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2559049) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB2675157) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Internet Explorer 8 (KB2722913) Security Update for Windows Internet Explorer 8 (KB2744842) Security Update for Windows Internet Explorer 8 (KB2761465) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2510581) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2530548) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2544521) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2709162) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135) Security Update for Windows XP (KB2724197) Security Update for Windows XP (KB2727528) Security Update for Windows XP (KB2731847) Security Update for Windows XP (KB2753842-v2) Security Update for Windows XP (KB2753842) Security Update for Windows XP (KB2757638) Security Update for Windows XP (KB2758857) Security Update for Windows XP (KB2761226) Security Update for Windows XP (KB2770660) Security Update for Windows XP (KB2779030) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982665) Update for Windows Internet Explorer 8 (KB2447568) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) Update for Windows XP (KB2641690) Update for Windows XP (KB2661254-v2) Update for Windows XP (KB2718704) Update for Windows XP (KB2736233) Update for Windows XP (KB2749655) Update for Windows XP (KB898461) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Internet Explorer 8 Yahoo! Messenger Yahoo! Software Update . ==== End Of File ===========================
  7. Jasonsan
    Hi, I must've browsed into something bad because I currently cannot open any .exe files yet I can open whatever is on my system tray. I also tried doing the basic registry fix that Microsoft recommends when you can't open exe files under HHKEY_CLASSES_ROOT\exe and HHKEY_CLASSES_ROOT\exefile... but those appeared to be normal. I ran Malwarebytes and all it found was some PUP.BundleOffers.IIQ files which I had malwarebytes remove and I am pasting below. I restarted and ran Malwarebytes again and it didn't detect anything yet I still cannot open .exe files. I will probably end up buying the malwarebytes pro version at this point as my current anti-virus did not pick anything up. Thanks! Malwarebytes Anti-Malware (Trial) 1.65.1.1000 www.malwarebytes.org Database version: v2012.11.16.01 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Jason :: JASON-33450E334 [administrator] Protection: Enabled 11/15/2012 11:40:34 PM mbam-log-2012-11-16 (08-26-44).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 266312 Time elapsed: 31 minute(s), 29 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 4 C:\System Volume Information\_restore{E74E2C52-9F18-48D0-A30E-2D1652DE08A2}\RP457\A0067857.exe (PUP.BundleOffers.IIQ) -> No action taken. C:\System Volume Information\_restore{E74E2C52-9F18-48D0-A30E-2D1652DE08A2}\RP457\A0067858.exe (PUP.BundleOffers.IIQ) -> No action taken. C:\System Volume Information\_restore{E74E2C52-9F18-48D0-A30E-2D1652DE08A2}\RP457\A0067859.exe (PUP.BundleOffers.IIQ) -> No action taken. C:\System Volume Information\_restore{E74E2C52-9F18-48D0-A30E-2D1652DE08A2}\RP457\A0067860.exe (PUP.BundleOffers.IIQ) -> No action taken. . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX AIM 7 AMD Processor Driver Apple Application Support Apple Software Update ASUSUpdate avast! Internet Security CCleaner Download Updater (AOL LLC) Dual-Core Optimizer E-MU Audio Drivers E-muPatchMix DSP Google Chrome Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB2756822) Hotfix for Windows XP (KB952287) Logitech QuickCam Software Logitech® Camera Driver Malwarebytes Anti-Malware version 1.65.1.1000 Microsoft .NET Framework 4 Client Profile Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MotoHelper 2.1.32 Driver 5.4.0 MotoHelper MergeModules Motorola Mobile Drivers Installation 5.4.0 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Musicnotes Software Suite 1.7.0 NVIDIA Control Panel 295.73 NVIDIA Drivers NVIDIA Graphics Driver 295.73 NVIDIA Install Application NVIDIA nView 136.18 NVIDIA nView Desktop Manager NVIDIA Update 1.7.11 NVIDIA Update Components Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2530548) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2559049) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB2675157) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Internet Explorer 8 (KB2722913) Security Update for Windows Internet Explorer 8 (KB2744842) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2510581) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2530548) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2544521) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2709162) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135) Security Update for Windows XP (KB2724197) Security Update for Windows XP (KB2727528) Security Update for Windows XP (KB2731847) Security Update for Windows XP (KB2761226) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982665) Update for Windows Internet Explorer 8 (KB2447568) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) Update for Windows XP (KB2641690) Update for Windows XP (KB2661254-v2) Update for Windows XP (KB2718704) Update for Windows XP (KB2736233) Update for Windows XP (KB2749655) Update for Windows XP (KB898461) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Internet Explorer 8 Yahoo! Messenger Yahoo! Software Update . ==== End Of File =========================== DDS (Ver_2012-11-07.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 Run by Jason at 17:48:06 on 2012-11-17 . ============== Running Processes ================ . C:\Program Files\AVAST Software\Avast\afwServ.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\AIM\aim.exe C:\Program Files\Creative Professional\E-MU PatchMix DSP\EmuPMixDSP.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\WINDOWS\System32\alg.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned> BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [setDefaultMIDI] MIDIDef.exe uRun: [Google Update] "c:\documents and settings\jason\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet uRun: [Aim] "c:\program files\aim\aim.exe" /d locale=en-US uRun: [LogitechSoftwareUpdate] "c:\program files\logitech\video\ManifestEngine.exe" boot mRun: [ASUS Update Checker] c:\program files\asus\asusupdate\updatechecker\UpdateChecker.exe mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe mRun: [CTHelper] CTHELPER.EXE mRun: [CTxfiHlp] CTXFIHLP.EXE mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [LVCOMSX] c:\windows\system32\LVCOMSX.EXE mRun: [LogitechVideoRepair] c:\program files\logitech\video\ISStart.exe mRun: [LogitechVideoTray] c:\program files\logitech\video\LogiTray.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe TCP: NameServer = 192.168.1.1 TCP: Interfaces\{C5D0F081-380F-4021-99D1-795B709BBACD} : DHCPNameServer = 192.168.1.1 . ============= SERVICES / DRIVERS =============== . R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86 R? COMMONFX;COMMONFX R? CT20XUT.SYS;CT20XUT.SYS R? CT20XUT;CT20XUT R? CTAUDFX.SYS;CTAUDFX.SYS R? CTAUDFX;CTAUDFX R? CTEAPSFX.SYS;CTEAPSFX.SYS R? CTEAPSFX;CTEAPSFX R? CTEDSPFX.SYS;CTEDSPFX.SYS R? CTEDSPFX;CTEDSPFX R? CTEDSPIO;CTEDSPIO R? CTEDSPSY;CTEDSPSY R? CTERFXFX.SYS;CTERFXFX.SYS R? CTERFXFX;CTERFXFX R? CTEXFIFX.SYS;CTEXFIFX.SYS R? CTEXFIFX;CTEXFIFX R? CTHWIUT.SYS;CTHWIUT.SYS R? CTHWIUT;CTHWIUT R? CTSBLFX.SYS;CTSBLFX.SYS R? CTSBLFX;CTSBLFX R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0 S? AsUpIO;AsUpIO S? aswFsBlk;aswFsBlk S? aswFW;avast! TDI Firewall driver S? aswKbd;aswKbd S? aswNdis;avast! Firewall NDIS Filter Service S? aswNdis2;avast! Firewall Core Firewall Service S? aswSnx;aswSnx S? aswSP;aswSP S? avast! Antivirus;avast! Antivirus S? avast! Firewall;avast! Firewall S? COMMONFX.SYS;COMMONFX.SYS S? CTEDSPIO.SYS;CTEDSPIO.SYS S? CTEDSPSY.SYS;CTEDSPSY.SYS S? MBAMProtector;MBAMProtector S? MBAMScheduler;MBAMScheduler S? MBAMService;MBAMService S? MotoHelper;MotoHelper Service . =============== File Associations =============== . ShellExec: QSync.exe: Open="c:\program files\logitech\video\QSync.exe" . =============== Created Last 30 ================ . 2012-11-17 03:03:24 146432 ----a-w- c:\windows\regedit.com 2012-11-16 03:27:49 -------- d-----w- c:\documents and settings\jason\application data\Malwarebytes 2012-11-16 03:27:02 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2012-11-16 03:27:01 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-11-16 03:27:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-11-15 05:21:19 -------- d-----w- c:\documents and settings\jason\local settings\application data\Apple . ==================== Find3M ==================== . 2012-10-30 23:51:58 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-10-30 23:51:58 199320 ----a-w- c:\windows\system32\drivers\aswNdis2.sys 2012-10-30 23:51:56 20624 ----a-w- c:\windows\system32\drivers\aswKbd.sys 2012-10-30 23:51:56 106560 ----a-w- c:\windows\system32\drivers\aswFW.sys 2012-10-30 23:51:07 41224 ----a-w- c:\windows\avastSS.scr 2012-10-22 08:37:31 1866368 ----a-w- c:\windows\system32\win32k.sys 2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll 2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:14:53 43520 ------w- c:\windows\system32\licmgr10.dll 2012-08-28 15:14:52 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07:15 385024 ------w- c:\windows\system32\html.iec 2012-08-25 01:28:46 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-08-25 01:28:46 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-24 13:53:22 177664 ----a-w- c:\windows\system32\wintrust.dll 2012-08-21 13:33:26 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-21 12:58:09 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe . ============= FINISH: 17:48:30.79 ===============
  8. Jasonsan
    Hi guys, I must've browsed something bad because I currently cannot open any .exe files yet I can open whatever is on my system tray. I also tried doing the basic registry fix that Microsoft recommends when you can't open exe files under HHKEY_CLASSES_ROOT\exe and HHKEY_CLASSES_ROOT\exefile... but those appeared to be normal. I am also an Avast customer but unfortunately it did not detect anything so I may have to start using Malwarebytes instead. I ran Malwarebytes and all it found was some PUP.BundleOffers.IIQ files which I had malwarebytes remove and I am pasting below. I restarted and ran Malwarebytes again and it didn't detect anything yet I still cannot open .exe files. Thanks Malwarebytes Anti-Malware (Trial) 1.65.1.1000 www.malwarebytes.org Database version: v2012.11.16.01 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Jason :: JASON-33450E334 [administrator] Protection: Enabled 11/15/2012 11:40:34 PM mbam-log-2012-11-16 (08-26-44).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 266312 Time elapsed: 31 minute(s), 29 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 4 C:\System Volume Information\_restore{E74E2C52-9F18-48D0-A30E-2D1652DE08A2}\RP457\A0067857.exe (PUP.BundleOffers.IIQ) -> No action taken. C:\System Volume Information\_restore{E74E2C52-9F18-48D0-A30E-2D1652DE08A2}\RP457\A0067858.exe (PUP.BundleOffers.IIQ) -> No action taken. C:\System Volume Information\_restore{E74E2C52-9F18-48D0-A30E-2D1652DE08A2}\RP457\A0067859.exe (PUP.BundleOffers.IIQ) -> No action taken. C:\System Volume Information\_restore{E74E2C52-9F18-48D0-A30E-2D1652DE08A2}\RP457\A0067860.exe (PUP.BundleOffers.IIQ) -> No action taken. (end) Also Hijack this log: (Note I have an external soundcard E-MU which started having static but now works normally after malwarebytes removed the PUP.BundleOffers.IIQ files shown above) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:49:40 PM, on 11/15/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVAST Software\Avast\afwServ.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\WINDOWS\system32\RunDLL32.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Creative Professional\E-MU PatchMix DSP\EmuPMixDSP.exe C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\system32\SNDVOL32.EXE C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Jason\My Documents\Downloads\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R3 - URLSearchHook: (no name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [ASUS Update Checker] C:\Program Files\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [setDefaultMIDI] MIDIDef.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [Aim] "C:\Program Files\AIM\aim.exe" /d locale=en-US O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKUS\S-1-5-21-57989841-220523388-1801674531-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-21-57989841-220523388-1801674531-1003\..\Run: [setDefaultMIDI] MIDIDef.exe (User '?') O4 - HKUS\S-1-5-21-57989841-220523388-1801674531-1003\..\Run: [Google Update] "C:\Documents and Settings\Jason\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (User '?') O4 - HKUS\S-1-5-21-57989841-220523388-1801674531-1003\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet (User '?') O4 - HKUS\S-1-5-21-57989841-220523388-1801674531-1003\..\Run: [Aim] "C:\Program Files\AIM\aim.exe" /d locale=en-US (User '?') O4 - HKUS\S-1-5-21-57989841-220523388-1801674531-1003\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot (User '?') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 7120 bytes
  9. Jasonsan
    Any help on this? Thanks
  10. Jasonsan
    Originally thought the virus was the google redirect virus since I was running IE and it keep redirecting IE to random websites. However it also prevents any type of antivirus from running including Malwarebytes. Seems like it has changed my permissions as I can't view hidden files or delete certain files or running programs (had some running processes called msa.exe and b.exe which are probably the culprits) Here is the results of Hijack this log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:56:11 PM, on 9/1/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe" O4 - HKLM\..\RunOnce: [AskPBar Uninstall] rundll32 C:\PROGRA~1\UNINST~1.DLL,O -2 O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [setDefaultMIDI] MIDIDef.exe O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1251400045796 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: M-Audio Series II MIDI Installer (MA_CMIDI_InstallerService) - Unknown owner - C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 5533 bytes
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.