Jump to content

fixme

Members
 View Profile  See their activity

  • Posts

    2

  • Joined

  • Last visited

Reputation

0 Neutral
  1. fixme
    I downloaded lastest malawarebytes and ran. It did not find anything. I have the personal security maleware. follwelled instructions and after running GMER Rootkit Scanner froze machine (tryed twice). did not get to the log as it fooze. also when defogger was run it didn't ask to restart machine. Thanks ahead of time. defogger_disable by jpshortstuff (29.01.10.1) Log created at 09:29 on 20/02/2010 (Jerry) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- DDS (Ver_09-12-01.01) - NTFSx86 Run by Jerry at 9:51:41.39 on Sat 02/20/2010 Internet Explorer: 7.0.5730.11 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.300 [GMT -8:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe svchost.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe C:\Program Files\Lenovo\TrackPoint\tp4serv.exe C:\WINDOWS\system32\TpShocks.exe C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\igfxpers.exe C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe C:\WINDOWS\system32\igfxtray.exe C:\Program Files\Lenovo\Zoom\TpScrex.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE svchost.exe C:\Program Files\Lenovo\Client Security Solution\cssauth.exe C:\Program Files\ThinkVantage\AMSG\Amsg.exe C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\AIM6\aim6.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe C:\WINDOWS\System32\TPHDEXLG.exe C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe c:\program files\lenovo\system update\suservice.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe C:\Program Files\Common Files\Lenovo\Logger\logmon.exe C:\Program Files\AIM6\aolsoftware.exe C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\7GRLBOD3\Defogger[1].exe C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\MJQ0LU9D\dds[1].scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com/ uDefault_Page_URL = hxxp://lenovo.live.com mDefault_Page_URL = hxxp://lenovo.live.com mStart Page = hxxp://lenovo.live.com BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll BHO: 1 (0x1) - No File BHO: CPwmIEBrowserHelper Object: {f040e541-a427-4cf7-85d8-75e3e0f476c5} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [TVT Scheduler Proxy] c:\program files\common files\lenovo\scheduler\scheduler_proxy.exe mRun: [TrackPointSrv] c:\program files\lenovo\trackpoint\tp4serv.exe mRun: [TpShocks] TpShocks.exe mRun: [TPHOTKEY] c:\program files\lenovo\hotkey\TPOSDSVC.exe mRun: [TPFNF7] c:\program files\lenovo\npdirect\TPFNF7SP.exe /r mRun: [sunJavaUpdateSched] c:\program files\java\jre1.5.0_06\bin\jusched.exe mRun: [PWRMGRTR] rundll32 c:\progra~1\thinkpad\utilit~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [LPManager] c:\progra~1\thinkv~1\prdctr\LPMGR.exe mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe mRun: [HP Software Update] "c:\program files\hewlett-packard\hp software update\HPWuSchd2.exe" mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe" mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [EZEJMNAP] c:\progra~1\thinkpad\utilit~1\EzEjMnAp.Exe mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE mRun: [DiskeeperSystray] "c:\program files\diskeeper corporation\diskeeper\DkIcon.exe" mRun: [cssauth] "c:\program files\lenovo\client security solution\cssauth.exe" silent mRun: [bLOG] rundll32 c:\progra~1\thinkpad\utilit~1\BatLogEx.DLL,StartBattLog mRun: [AwaySch] c:\program files\lenovo\awaytask\AwaySch.EXE mRun: [AMSG] c:\program files\thinkvantage\amsg\Amsg.exe /startup mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [ACWLIcon] c:\program files\thinkpad\connectutilities\ACWLIcon.exe mRun: [ACTray] c:\program files\thinkpad\connectutilities\ACTray.exe mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {0045D4BC-5189-4b67-969C-83BB1906C421} - {0FE81B52-73FA-425F-8F06-3F32451AC73F} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1240858175948 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll Notify: avgrsstarter - avgrsstx.dll Notify: igfxcui - igfxdev.dll Notify: tpfnf2 - c:\program files\lenovo\hotkey\notifyf2.dll Notify: tphotkey - c:\program files\lenovo\hotkey\tphklock.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll Hosts: 127.0.0.1 www.spywareinfo.com ============= SERVICES / DRIVERS =============== R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2007-10-16 19504] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-10-1 333192] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-10-1 28424] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-10-1 360584] R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2009-11-27 285392] R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\lenovo\rescue and recovery\rrpservice.exe [2007-2-8 569344] R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-2-16 24652] R3 Tp4Track;PS/2 TrackPoint Driver;c:\windows\system32\drivers\tp4track.sys [2007-5-10 22568] R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2007-5-22 30336] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-27 135664] S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592] =============== Created Last 30 ================ 2010-02-20 17:29:52 0 ----a-w- c:\documents and settings\jerry\defogger_reenable 2010-02-16 06:38:03 181120 ------w- c:\windows\system32\MpSigStub.exe 2010-01-26 08:16:18 0 d-----w- c:\program files\Spybot - Search & Destroy 2010-01-26 08:16:18 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy 2010-01-26 07:43:58 77312 ------w- c:\windows\MBR.exe 2010-01-26 07:43:58 261632 ------w- c:\windows\PEV.exe ==================== Find3M ==================== 2010-01-08 00:07:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-08 00:07:04 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-31 16:50:03 353792 ------w- c:\windows\system32\drivers\srv.sys 2009-12-31 16:50:03 353792 ------w- c:\windows\system32\dllcache\srv.sys 2009-12-31 15:33:06 70656 ------w- c:\windows\system32\dllcache\ie4uinit.exe 2009-12-31 15:33:06 13824 ------w- c:\windows\system32\dllcache\ieudinit.exe 2009-12-18 13:05:43 634648 ------w- c:\windows\system32\dllcache\iexplore.exe 2009-12-18 13:04:09 161792 ------w- c:\windows\system32\dllcache\ieakui.dll 2009-12-16 18:43:27 343040 ------w- c:\windows\system32\mspaint.exe 2009-12-16 18:43:27 343040 ------w- c:\windows\system32\dllcache\mspaint.exe 2009-12-14 07:08:23 33280 ------w- c:\windows\system32\dllcache\csrsrv.dll 2009-12-14 07:08:23 33280 ------w- c:\windows\system32\csrsrv.dll 2009-12-08 19:27:51 2189184 ------w- c:\windows\system32\dllcache\ntoskrnl.exe 2009-12-08 19:26:15 2145280 ------w- c:\windows\system32\ntoskrnl.exe 2009-12-08 19:26:15 2145280 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe 2009-12-08 18:43:51 2023936 ------w- c:\windows\system32\ntkrnlpa.exe 2009-12-08 18:43:51 2023936 ------w- c:\windows\system32\dllcache\ntkrpamp.exe 2009-12-08 18:43:50 2066048 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe 2009-12-08 09:23:28 474112 ------w- c:\windows\system32\SET2EC.tmp 2009-12-08 09:23:28 474112 ------w- c:\windows\system32\dllcache\shlwapi.dll 2009-12-04 18:22:22 455424 ------w- c:\windows\system32\dllcache\mrxsmb.sys 2009-11-28 05:05:39 12464 ------w- c:\windows\system32\avgrsstx.dll 2009-11-27 17:11:44 17920 ------w- c:\windows\system32\msyuv.dll 2009-11-27 17:11:44 17920 ------w- c:\windows\system32\dllcache\msyuv.dll 2009-11-27 17:11:44 1291776 ------w- c:\windows\system32\SET2DF.tmp 2009-11-27 17:11:44 1291776 ------w- c:\windows\system32\quartz.dll 2009-11-27 17:11:44 1291776 ------w- c:\windows\system32\dllcache\quartz.dll 2009-11-27 16:07:35 8704 ------w- c:\windows\system32\tsbyuv.dll 2009-11-27 16:07:35 8704 ------w- c:\windows\system32\dllcache\tsbyuv.dll 2009-11-27 16:07:35 28672 ------w- c:\windows\system32\msvidc32.dll 2009-11-27 16:07:35 28672 ------w- c:\windows\system32\dllcache\msvidc32.dll 2009-11-27 16:07:34 84992 ------w- c:\windows\system32\dllcache\avifil32.dll 2009-11-27 16:07:34 84992 ------w- c:\windows\system32\avifil32.dll 2009-11-27 16:07:34 48128 ------w- c:\windows\system32\iyuv_32.dll 2009-11-27 16:07:34 48128 ------w- c:\windows\system32\dllcache\iyuv_32.dll 2009-11-27 16:07:34 11264 ------w- c:\windows\system32\msrle32.dll 2009-11-27 16:07:34 11264 ------w- c:\windows\system32\dllcache\msrle32.dll 2008-08-18 08:02:08 32768 --sh--w- c:\windows\system32\config\systemprofile\local settings\application data\microsoft\feeds cache\index.dat 2008-10-02 07:16:43 32768 --sh--w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008100220081003\index.dat 2008-11-02 11:30:01 32768 --sh--w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008110220081103\index.dat ============= FINISH: 9:52:29.87 =============== Attach.zip
  2. fixme
    I downloaded lastest malawarebytes and ran. It did not find anything. follwelled instructions and after running GMER Rootkit Scanner froze machine (tryed twice). did not get to the log as it fooze. also when defogger was run it didn't ask to restart machine. Thanks ahead of time. defogger_disable by jpshortstuff (29.01.10.1) Log created at 09:29 on 20/02/2010 (Jerry) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- DDS (Ver_09-12-01.01) - NTFSx86 Run by Jerry at 9:51:41.39 on Sat 02/20/2010 Internet Explorer: 7.0.5730.11 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.300 [GMT -8:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe svchost.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe C:\Program Files\Lenovo\TrackPoint\tp4serv.exe C:\WINDOWS\system32\TpShocks.exe C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\igfxpers.exe C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe C:\WINDOWS\system32\igfxtray.exe C:\Program Files\Lenovo\Zoom\TpScrex.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE svchost.exe C:\Program Files\Lenovo\Client Security Solution\cssauth.exe C:\Program Files\ThinkVantage\AMSG\Amsg.exe C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\AIM6\aim6.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe C:\WINDOWS\System32\TPHDEXLG.exe C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray.exe c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe c:\program files\lenovo\system update\suservice.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe C:\Program Files\Common Files\Lenovo\Logger\logmon.exe C:\Program Files\AIM6\aolsoftware.exe C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\7GRLBOD3\Defogger[1].exe C:\Documents and Settings\Jerry\Local Settings\Temporary Internet Files\Content.IE5\MJQ0LU9D\dds[1].scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com/ uDefault_Page_URL = hxxp://lenovo.live.com mDefault_Page_URL = hxxp://lenovo.live.com mStart Page = hxxp://lenovo.live.com BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll BHO: 1 (0x1) - No File BHO: CPwmIEBrowserHelper Object: {f040e541-a427-4cf7-85d8-75e3e0f476c5} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [TVT Scheduler Proxy] c:\program files\common files\lenovo\scheduler\scheduler_proxy.exe mRun: [TrackPointSrv] c:\program files\lenovo\trackpoint\tp4serv.exe mRun: [TpShocks] TpShocks.exe mRun: [TPHOTKEY] c:\program files\lenovo\hotkey\TPOSDSVC.exe mRun: [TPFNF7] c:\program files\lenovo\npdirect\TPFNF7SP.exe /r mRun: [sunJavaUpdateSched] c:\program files\java\jre1.5.0_06\bin\jusched.exe mRun: [PWRMGRTR] rundll32 c:\progra~1\thinkpad\utilit~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [LPManager] c:\progra~1\thinkv~1\prdctr\LPMGR.exe mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe mRun: [HP Software Update] "c:\program files\hewlett-packard\hp software update\HPWuSchd2.exe" mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe" mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [EZEJMNAP] c:\progra~1\thinkpad\utilit~1\EzEjMnAp.Exe mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE mRun: [DiskeeperSystray] "c:\program files\diskeeper corporation\diskeeper\DkIcon.exe" mRun: [cssauth] "c:\program files\lenovo\client security solution\cssauth.exe" silent mRun: [bLOG] rundll32 c:\progra~1\thinkpad\utilit~1\BatLogEx.DLL,StartBattLog mRun: [AwaySch] c:\program files\lenovo\awaytask\AwaySch.EXE mRun: [AMSG] c:\program files\thinkvantage\amsg\Amsg.exe /startup mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [ACWLIcon] c:\program files\thinkpad\connectutilities\ACWLIcon.exe mRun: [ACTray] c:\program files\thinkpad\connectutilities\ACTray.exe mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {0045D4BC-5189-4b67-969C-83BB1906C421} - {0FE81B52-73FA-425F-8F06-3F32451AC73F} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1240858175948 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll Notify: avgrsstarter - avgrsstx.dll Notify: igfxcui - igfxdev.dll Notify: tpfnf2 - c:\program files\lenovo\hotkey\notifyf2.dll Notify: tphotkey - c:\program files\lenovo\hotkey\tphklock.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll Hosts: 127.0.0.1 www.spywareinfo.com ============= SERVICES / DRIVERS =============== R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2007-10-16 19504] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-10-1 333192] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-10-1 28424] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-10-1 360584] R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2009-11-27 285392] R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\lenovo\rescue and recovery\rrpservice.exe [2007-2-8 569344] R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-2-16 24652] R3 Tp4Track;PS/2 TrackPoint Driver;c:\windows\system32\drivers\tp4track.sys [2007-5-10 22568] R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2007-5-22 30336] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-27 135664] S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592] =============== Created Last 30 ================ 2010-02-20 17:29:52 0 ----a-w- c:\documents and settings\jerry\defogger_reenable 2010-02-16 06:38:03 181120 ------w- c:\windows\system32\MpSigStub.exe 2010-01-26 08:16:18 0 d-----w- c:\program files\Spybot - Search & Destroy 2010-01-26 08:16:18 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy 2010-01-26 07:43:58 77312 ------w- c:\windows\MBR.exe 2010-01-26 07:43:58 261632 ------w- c:\windows\PEV.exe ==================== Find3M ==================== 2010-01-08 00:07:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-08 00:07:04 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-31 16:50:03 353792 ------w- c:\windows\system32\drivers\srv.sys 2009-12-31 16:50:03 353792 ------w- c:\windows\system32\dllcache\srv.sys 2009-12-31 15:33:06 70656 ------w- c:\windows\system32\dllcache\ie4uinit.exe 2009-12-31 15:33:06 13824 ------w- c:\windows\system32\dllcache\ieudinit.exe 2009-12-18 13:05:43 634648 ------w- c:\windows\system32\dllcache\iexplore.exe 2009-12-18 13:04:09 161792 ------w- c:\windows\system32\dllcache\ieakui.dll 2009-12-16 18:43:27 343040 ------w- c:\windows\system32\mspaint.exe 2009-12-16 18:43:27 343040 ------w- c:\windows\system32\dllcache\mspaint.exe 2009-12-14 07:08:23 33280 ------w- c:\windows\system32\dllcache\csrsrv.dll 2009-12-14 07:08:23 33280 ------w- c:\windows\system32\csrsrv.dll 2009-12-08 19:27:51 2189184 ------w- c:\windows\system32\dllcache\ntoskrnl.exe 2009-12-08 19:26:15 2145280 ------w- c:\windows\system32\ntoskrnl.exe 2009-12-08 19:26:15 2145280 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe 2009-12-08 18:43:51 2023936 ------w- c:\windows\system32\ntkrnlpa.exe 2009-12-08 18:43:51 2023936 ------w- c:\windows\system32\dllcache\ntkrpamp.exe 2009-12-08 18:43:50 2066048 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe 2009-12-08 09:23:28 474112 ------w- c:\windows\system32\SET2EC.tmp 2009-12-08 09:23:28 474112 ------w- c:\windows\system32\dllcache\shlwapi.dll 2009-12-04 18:22:22 455424 ------w- c:\windows\system32\dllcache\mrxsmb.sys 2009-11-28 05:05:39 12464 ------w- c:\windows\system32\avgrsstx.dll 2009-11-27 17:11:44 17920 ------w- c:\windows\system32\msyuv.dll 2009-11-27 17:11:44 17920 ------w- c:\windows\system32\dllcache\msyuv.dll 2009-11-27 17:11:44 1291776 ------w- c:\windows\system32\SET2DF.tmp 2009-11-27 17:11:44 1291776 ------w- c:\windows\system32\quartz.dll 2009-11-27 17:11:44 1291776 ------w- c:\windows\system32\dllcache\quartz.dll 2009-11-27 16:07:35 8704 ------w- c:\windows\system32\tsbyuv.dll 2009-11-27 16:07:35 8704 ------w- c:\windows\system32\dllcache\tsbyuv.dll 2009-11-27 16:07:35 28672 ------w- c:\windows\system32\msvidc32.dll 2009-11-27 16:07:35 28672 ------w- c:\windows\system32\dllcache\msvidc32.dll 2009-11-27 16:07:34 84992 ------w- c:\windows\system32\dllcache\avifil32.dll 2009-11-27 16:07:34 84992 ------w- c:\windows\system32\avifil32.dll 2009-11-27 16:07:34 48128 ------w- c:\windows\system32\iyuv_32.dll 2009-11-27 16:07:34 48128 ------w- c:\windows\system32\dllcache\iyuv_32.dll 2009-11-27 16:07:34 11264 ------w- c:\windows\system32\msrle32.dll 2009-11-27 16:07:34 11264 ------w- c:\windows\system32\dllcache\msrle32.dll 2008-08-18 08:02:08 32768 --sh--w- c:\windows\system32\config\systemprofile\local settings\application data\microsoft\feeds cache\index.dat 2008-10-02 07:16:43 32768 --sh--w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008100220081003\index.dat 2008-11-02 11:30:01 32768 --sh--w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008110220081103\index.dat ============= FINISH: 9:52:29.87 =============== Attach.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.