Jump to content

debks

Honorary Members
  • Posts

    41
  • Joined

  • Last visited

Reputation

0 Neutral

Profile Information

  • Location
    Kansas
  1. I found out how to get to fix this from this post, Mauice Naggars post, plus some other good information! Thank you all for your good work! Deb
  2. I forgot to mention that I also ran your adware cleaner and it did not find anything either.
  3. Hello, I got a page in Microsoft Edge with a Windows Defender alert saying there was a threat to access my computer and to call microsoft, I was unable to close it out. I ran my Malwarebytes (premium) and it found nothing. I restarted my computer, but am still getting the same page when I open Edge. I am using IE now with out it coming up. I do have a screen shot of the page also. These are my Threat scan log and Farbar scans Thank you for your help, Deb Threat Scan.txt FRST.txt Addition.txt
  4. Thanks! I appreciate your help. Have a great day!
  5. Not my pc so I am not to worried about it! Ran MBAM and didn't find anything. So do you think it is clean?
  6. Pitstop may have updated since you have used it. Results didn't popup in a seperate window, but on same page with tabs. Not sure you will be able to see them but here is the link, http://www.pcpitstop.com/betapit/sec.asp?conid=24272585. If it doesn't work I will copy the results here. Thank you again for your help!
  7. Seems to be running okay,except for it took forever for it to completely boot up. Here are the logs, ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6425 # api_version=3.0.2 # EOSSerial=42fdcaf8ed4c34429a3b79464c74b08c # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-03-24 01:46:44 # local_time=2011-03-24 08:46:44 (-0600, Central Daylight Time) # country="United States" # lang=9 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=37276 # found=0 # cleaned=0 # scan_time=1918 Results of screen317's Security Check version 0.99.10 Windows XP Service Pack 3 Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! avast! Free Antivirus ESET Online Scanner v3 Antivirus out of date! (On Access scanning disabled!) ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware Java 6 Update 24 Adobe Flash Player Adobe Reader X (10.0.1) ```````````````````````````````` Process Check: objlist.exe by Laurent AVAST Software Avast AvastSvc.exe AVAST Software Avast avastUI.exe ``````````End of Log````````````
  8. Thanks! Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6110 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 3/20/2011 9:17:06 AM mbam-log-2011-03-20 (09-17-06).txt Scan type: Quick scan Objects scanned: 164795 Time elapsed: 14 minute(s), 55 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ComboFix 11-03-19.03 - Nick 03/20/2011 9:30.3.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.446.170 [GMT -5:00] Running from: c:\documents and settings\Nick\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: AVG Anti-Virus Free *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\docume~1\Nick\LOCALS~1\Temp\1.tmp\F_IN_BOX.dll c:\documents and settings\Nick\Local Settings\temp\1.tmp\F_IN_BOX.dll . . ((((((((((((((((((((((((( Files Created from 2011-02-20 to 2011-03-20 ))))))))))))))))))))))))))))))) . . 2011-03-20 14:46 . 2011-03-20 14:46 1893 ----a-w- c:\windows\bcmwltrytmp.reg 2011-03-19 00:24 . 2011-03-19 00:24 -------- d-----w- c:\documents and settings\Nick\Application Data\Malwarebytes 2011-03-19 00:24 . 2010-12-20 23:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-03-19 00:24 . 2011-03-19 00:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-03-19 00:24 . 2011-03-19 00:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-03-19 00:24 . 2010-12-20 23:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-03-14 13:11 . 2011-03-14 13:11 -------- d-----w- c:\documents and settings\All Users\Application Data\TEMP 2011-03-14 13:10 . 2011-03-14 13:20 -------- d-----w- c:\program files\SpywareBlaster 2011-03-02 13:53 . 2011-03-02 13:53 -------- d-----w- c:\documents and settings\Administrator\Application Data\f-secure 2011-03-02 13:29 . 2011-03-02 13:29 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE 2011-03-02 13:29 . 2011-03-02 13:29 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache 2011-03-01 22:24 . 2011-03-01 22:24 -------- d-----w- c:\documents and settings\Nick\Application Data\f-secure 2011-03-01 22:20 . 2011-03-01 22:20 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure 2011-03-01 20:17 . 2010-06-24 00:12 27072 ----a-w- c:\windows\system32\drivers\AFGSp50.sys 2011-03-01 20:17 . 2011-03-01 20:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Affinegy 2011-03-01 20:17 . 2011-03-01 20:17 -------- d-----w- c:\program files\Belkin 2011-03-01 19:56 . 2011-03-01 19:56 -------- d-----w- c:\program files\Common Files\Java 2011-03-01 19:55 . 2011-03-01 19:54 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-03-01 19:55 . 2011-03-01 19:54 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-03-01 19:54 . 2011-03-01 19:54 -------- d-----w- c:\program files\Java 2011-03-01 19:53 . 2011-03-01 19:53 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2011-02-27 19:30 . 2011-02-27 19:30 -------- d-----w- c:\documents and settings\Nick\Application Data\Windows Search 2011-02-27 18:34 . 2011-02-27 18:34 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$ 2011-02-27 17:50 . 2006-03-22 19:53 337320 ----a-w- c:\windows\difxapi.dll 2011-02-27 17:46 . 2011-02-27 17:46 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2011-02-27 17:45 . 2011-02-27 17:45 -------- d-----w- c:\windows\system32\winrm 2011-02-27 17:44 . 2011-02-27 17:44 -------- d-----w- c:\documents and settings\Nick\Local Settings\Application Data\Identities 2011-02-27 17:43 . 2011-02-27 17:43 -------- d-----w- c:\documents and settings\Nick\Application Data\Windows Desktop Search 2011-02-27 17:42 . 2011-02-27 18:34 -------- d-----w- c:\program files\Windows Desktop Search 2011-02-27 17:42 . 2011-02-27 17:42 -------- d-----w- c:\windows\system32\GroupPolicy 2011-02-27 17:39 . 2008-03-07 17:02 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll 2011-02-27 17:39 . 2008-03-07 17:02 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll 2011-02-27 17:39 . 2008-03-07 17:02 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll 2011-02-27 17:38 . 2011-02-27 17:38 -------- d-----w- c:\program files\Windows Media Connect 2 2011-02-27 17:34 . 2011-02-27 17:36 -------- d-----w- c:\windows\system32\drivers\UMDF 2011-02-27 17:33 . 2010-10-18 11:10 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll 2011-02-27 17:17 . 2011-02-27 17:17 -------- d-----w- c:\program files\Microsoft.NET 2011-02-27 17:09 . 2011-02-27 17:09 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2011-02-27 16:16 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys 2011-02-27 16:15 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2011-02-27 16:13 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll 2011-02-27 16:13 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll 2011-02-27 16:12 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll 2011-02-27 16:01 . 2011-02-27 16:01 -------- d-sh--w- c:\documents and settings\Nick\PrivacIE 2011-02-27 15:22 . 2011-02-27 15:22 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2011-02-27 14:51 . 2011-02-27 14:51 -------- d-----w- c:\windows\system32\scripting 2011-02-27 14:51 . 2011-02-27 14:51 -------- d-----w- c:\windows\l2schemas 2011-02-27 14:51 . 2011-02-27 14:51 -------- d-----w- c:\windows\system32\en 2011-02-27 14:51 . 2011-02-27 14:51 -------- d-----w- c:\windows\system32\bits 2011-02-27 14:20 . 2011-02-27 14:20 -------- d-sh--w- c:\documents and settings\Nick\IETldCache 2011-02-27 14:14 . 2010-12-20 23:59 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2011-02-27 14:14 . 2010-12-20 23:59 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2011-02-27 14:14 . 2010-12-20 23:59 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2011-02-27 14:10 . 2011-02-27 14:14 -------- dc-h--w- c:\windows\ie8 2011-02-26 02:31 . 2011-02-23 14:54 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-02-26 02:31 . 2011-02-23 14:56 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-02-26 02:31 . 2011-02-23 14:55 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-02-26 02:31 . 2011-02-23 14:55 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-02-26 02:31 . 2011-02-23 14:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-02-26 02:31 . 2011-02-23 14:55 102232 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2011-02-26 02:31 . 2011-02-23 14:55 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys 2011-02-26 02:31 . 2011-02-23 14:54 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-02-26 02:31 . 2011-02-23 15:04 40648 ----a-w- c:\windows\avastSS.scr 2011-02-26 02:31 . 2011-02-23 15:04 190016 ----a-w- c:\windows\system32\aswBoot.exe 2011-02-26 02:30 . 2011-02-26 02:30 -------- d-----w- c:\program files\AVAST Software 2011-02-26 02:30 . 2011-02-26 02:30 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-02-09 13:53 . 2004-08-04 12:00 270848 ----a-w- c:\windows\system32\sbe.dll 2011-02-09 13:53 . 2004-08-04 12:00 186880 ----a-w- c:\windows\system32\encdec.dll 2011-02-02 07:58 . 2008-01-11 19:54 2067456 ----a-w- c:\windows\system32\mstscax.dll 2011-01-27 11:57 . 2008-01-11 19:54 677888 ----a-w- c:\windows\system32\mstsc.exe 2011-01-21 14:44 . 2004-08-04 12:00 439296 ----a-w- c:\windows\system32\shimgvw.dll 2011-01-07 14:09 . 2004-08-04 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll 2010-12-31 13:10 . 2004-08-04 12:00 1854976 ----a-w- c:\windows\system32\win32k.sys 2010-12-22 12:34 . 2004-08-04 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll 2010-12-20 23:59 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-12-20 23:59 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-12-20 23:59 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2010-12-20 17:26 . 2004-08-04 12:00 730112 ----a-w- c:\windows\system32\lsasrv.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-02-23 15:04 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY" [X] "LManager"="c:\program files\Launch Manager\QtZgAcer.EXE" [2005-02-23 315392] "AGRSMMSG"="AGRSMMSG.exe" [2004-10-08 88363] "SiSPower"="SiSPower.dll" [2005-02-26 49152] "SiS Windows KeyHook"="c:\windows\system32\keyhook.exe" [2005-03-04 32768] "SoundMan"="SOUNDMAN.EXE" [2006-03-01 577536] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288] "InstaLAN"="c:\program files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2010-07-28 1485208] . c:\documents and settings\Nick\Start Menu\Programs\Startup\ RollerCoaster Tycoon 3 Registration.lnk - c:\documents and settings\Nick\Local Settings\Temp\{436F4EEB-8717-42B7-A45D-3CDC4E93DA48}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe [N/A] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2004-5-25 565309] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] Utility Tray.lnk - c:\windows\system32\sistray.exe [2008-1-11 331776] Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Documents and Settings\\Nick\\Local Settings\\Apps\\2.0\\M2J9MLC8.J9T\\QBY1K613.OEL\\curs..tion_eee711038731a406_0004.0000_172b37d8269e5e48\\CurseClient.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2/25/2011 9:31 PM 371544] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2/25/2011 9:31 PM 301528] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2/25/2011 9:31 PM 19544] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 2:16 PM 130384] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [8/21/2008 11:49 PM 18688] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [8/21/2008 11:49 PM 8320] S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [6/18/2007 8:18 PM 23680] S3 PAC207;CIF USB Camera;c:\windows\system32\DRIVERS\PFC027.SYS --> c:\windows\system32\DRIVERS\PFC027.SYS [?] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [8/4/2004 7:00 AM 14336] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 2:16 PM 753504] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WINRM REG_MULTI_SZ WINRM . . ------- Supplementary Scan ------- . uStart Page = hxxp://comicbookmovie.com/ uInternet Settings,ProxyOverride = <local> IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-03-20 09:46 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . . C:\## aswSnx private storage . scan completed successfully hidden files: 1 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(728) c:\windows\System32\BCMLogon.dll . - - - - - - - > 'explorer.exe'(3552) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\System32\wltrysvc.exe c:\windows\System32\bcmwltry.exe c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files\Belkin\Router Setup and Monitor\BelkinService.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\WLTRAY.exe c:\windows\system32\HPZipm12.exe c:\windows\AGRSMMSG.exe c:\windows\system32\Rundll32.exe c:\windows\SOUNDMAN.EXE c:\docume~1\Nick\LOCALS~1\Temp\RtkBtMnt.EXE c:\windows\system32\SearchIndexer.exe c:\program files\Belkin\Router Setup and Monitor\BelkinSetup.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Completion time: 2011-03-20 09:52:50 - machine was rebooted ComboFix-quarantined-files.txt 2011-03-20 14:52 . Pre-Run: 45,758,615,552 bytes free Post-Run: 46,477,365,248 bytes free . - - End Of File - - 3C8F01B2B09DEB5B45BD987B2EC95807 . DDS (Ver_11-03-05.01) - NTFSx86 Run by Nick at 9:57:38.06 on Sun 03/20/2011 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.446.112 [GMT -5:00] . AV: AVG Anti-Virus Free *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\WLTRAY.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\keyhook.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe C:\DOCUME~1\Nick\LOCALS~1\Temp\RtkBtMnt.EXE C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\WINDOWS\system32\sistray.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Nick\Desktop\dds.scr . ============== Pseudo HJT Report =============== . uStart Page = hxxp://comicbookmovie.com/ uInternet Settings,ProxyOverride = <local> BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY mRun: [LManager] c:\program files\launch manager\QtZgAcer.EXE mRun: [AGRSMMSG] AGRSMMSG.exe mRun: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent mRun: [siS Windows KeyHook] c:\windows\system32\keyhook.exe mRun: [soundMan] SOUNDMAN.EXE mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [instaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup StartupFolder: c:\docume~1\nick\startm~1\programs\startup\roller~1.lnk - c:\documents and settings\nick\local settings\temp\{436f4eeb-8717-42b7-a45d-3cdc4e93da48}\{907b4640-266b-4a21-92fb-cd1a86cd0f63}\ATR1.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\bttray.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\utilit~1.lnk - c:\windows\system32\sistray.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000 IE: Send To &Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL Handler: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - c:\windows\system32\BTXPPanel.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-2-25 371544] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-2-25 301528] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-2-25 19544] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-2-25 42184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2008-8-21 18688] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2008-8-21 8320] S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [2007-6-18 23680] S3 PAC207;CIF USB Camera;c:\windows\system32\drivers\pfc027.sys --> c:\windows\system32\drivers\PFC027.SYS [?] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2011-03-20 14:27:31 98816 ----a-w- c:\windows\sed.exe 2011-03-20 14:27:31 89088 ----a-w- c:\windows\MBR.exe 2011-03-20 14:27:31 256512 ----a-w- c:\windows\PEV.exe 2011-03-20 14:27:31 161792 ----a-w- c:\windows\SWREG.exe 2011-03-19 00:24:41 -------- d-----w- c:\docume~1\nick\applic~1\Malwarebytes 2011-03-19 00:24:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-03-19 00:24:26 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2011-03-19 00:24:21 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-03-19 00:24:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-03-14 13:10:40 -------- d-----w- c:\program files\SpywareBlaster 2011-03-01 22:24:22 -------- d-----w- c:\docume~1\nick\applic~1\f-secure 2011-03-01 22:20:59 -------- d-----w- c:\docume~1\alluse~1\applic~1\F-Secure 2011-03-01 20:17:26 27072 ----a-w- c:\windows\system32\drivers\AFGSp50.sys 2011-03-01 20:17:09 -------- d-----w- c:\program files\Belkin 2011-03-01 20:17:09 -------- d-----w- c:\docume~1\alluse~1\applic~1\Affinegy 2011-03-01 19:55:17 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-03-01 19:55:16 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-02-27 19:30:36 -------- d-----w- c:\docume~1\nick\applic~1\Windows Search 2011-02-27 18:34:34 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$ 2011-02-27 17:50:33 337320 ----a-w- c:\windows\difxapi.dll 2011-02-27 17:45:52 -------- d-----w- c:\windows\system32\winrm 2011-02-27 17:44:11 -------- d-----w- c:\docume~1\nick\locals~1\applic~1\Identities 2011-02-27 17:43:49 -------- d-----w- c:\docume~1\nick\applic~1\Windows Desktop Search 2011-02-27 17:42:38 -------- d-----w- c:\windows\system32\GroupPolicy 2011-02-27 17:42:38 -------- d-----w- c:\program files\Windows Desktop Search 2011-02-27 17:39:44 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll 2011-02-27 17:39:44 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll 2011-02-27 17:39:44 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll 2011-02-27 17:38:23 -------- d-----w- c:\program files\Windows Media Connect 2 2011-02-27 17:33:01 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll 2011-02-27 16:16:16 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys 2011-02-27 16:15:21 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2011-02-27 16:13:12 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll 2011-02-27 16:13:11 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll 2011-02-27 16:12:17 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll 2011-02-27 16:01:19 -------- d-sh--w- c:\documents and settings\nick\PrivacIE 2011-02-27 14:51:40 -------- d-----w- c:\windows\system32\scripting 2011-02-27 14:51:39 -------- d-----w- c:\windows\l2schemas 2011-02-27 14:51:38 -------- d-----w- c:\windows\system32\en 2011-02-27 14:51:37 -------- d-----w- c:\windows\system32\bits 2011-02-27 14:20:16 -------- d-sh--w- c:\documents and settings\nick\IETldCache 2011-02-27 14:16:27 -------- d-----w- c:\windows\ie8updates 2011-02-27 14:14:31 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2011-02-27 14:14:29 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2011-02-27 14:14:28 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2011-02-27 14:10:59 -------- dc-h--w- c:\windows\ie8 2011-02-26 02:31:44 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-02-26 02:31:04 40648 ----a-w- c:\windows\avastSS.scr 2011-02-26 02:30:40 -------- d-----w- c:\program files\AVAST Software 2011-02-26 02:30:40 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVAST Software 2011-02-23 15:51:24 -------- d-sha-r- C:\cmdcons . ==================== Find3M ==================== . 2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll 2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll 2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll 2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe 2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll 2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll 2010-12-31 13:10:33 1854976 ----a-w- c:\windows\system32\win32k.sys 2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll 2010-12-20 23:59:20 916480 ----a-w- c:\windows\system32\wininet.dll 2010-12-20 23:59:19 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-12-20 23:59:19 1469440 ------w- c:\windows\system32\inetcpl.cpl 2010-12-20 17:26:00 730112 ----a-w- c:\windows\system32\lsasrv.dll . ============= FINISH: 10:00:25.12 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_11-03-05.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 1/11/2008 2:13:19 PM System Uptime: 3/20/2011 9:43:14 AM (1 hours ago) . Motherboard: Acer, Inc. | | Lugano M Processor: Mobile AMD Sempron Processor 2800+ | Socket A | 1600/400mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 56 GiB total, 43.306 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP1: 3/18/2011 6:13:02 PM - System Checkpoint RP2: 3/20/2011 9:28:10 AM - ComboFix created restore point . ==== Installed Programs ====================== . Acrobat.com Adobe AIR Adobe ExtendScript Toolkit 2 Adobe Flash Player 10 ActiveX Adobe Reader X (10.0.1) Adobe Setup Agere Systems AC'97 Modem avast! Free Antivirus Belkin Setup and Router Monitor Broadcom 802.11 Network Adapter Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB915800-v4) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) Java Auto Updater Java 6 Update 24 Launch Manager Malwarebytes' Anti-Malware Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2416447) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Microsoft National Language Support Downlevel APIs Microsoft Office XP Professional with FrontPage Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6 Service Pack 2 (KB973686) Realtek AC'97 Audio Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 7 (KB972260) Security Update for Windows Internet Explorer 7 (KB974455) Security Update for Windows Internet Explorer 7 (KB982381) Security Update for Windows Internet Explorer 8 (KB2482017) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player (KB979402) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows Media Player 9 (KB936782) Security Update for Windows Search 4 - KB963093 Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371-v2) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981349) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) SiS 900 PCI Fast Ethernet Adapter Driver SiS VGA Utilities SiSAGP driver SpywareBlaster 4.4 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Windows (KB971513) Update for Windows Internet Explorer 7 (KB976749) Update for Windows Internet Explorer 7 (KB980182) Update for Windows Internet Explorer 8 (KB2447568) Update for Windows Internet Explorer 8 (KB976662) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) WebFldrs XP WIDCOMM Bluetooth Software Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Imaging Component Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Management Framework Core Windows Media Format 11 runtime Windows Media Player 11 Windows Search 4.0 Windows XP Service Pack 3 . ==== Event Viewer Messages From Past Week ======== . 3/20/2011 9:30:25 AM, error: Service Control Manager [7034] - The Broadcom Wireless LAN Tray Service service terminated unexpectedly. It has done this 1 time(s). 3/18/2011 9:36:13 PM, error: F-Secure Standalone Minifilter [1] - 3/18/2011 6:04:51 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} 3/18/2011 6:01:58 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 AFD AmdPPM aswRdr aswSnx aswSP aswTdi Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip 3/18/2011 6:01:58 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning. 3/18/2011 6:01:58 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning. 3/18/2011 6:01:58 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning. 3/18/2011 6:01:58 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning. 3/18/2011 6:01:01 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 3/18/2011 6:00:56 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E} . ==== End Of File ===========================
  9. Screen317 helped me cleanup my sons pc. I was doing some basic maintenance, defrag ect, so he could have it back. Tried to run mbam and got a error so did a clean install. When I ran the scan it found another trojan. I also ran a f-secure scan it found 1 file, but couldn't delete it. Stealth_file (virus) C:\## ASWSNX PRIVATE STORAGE\SNX_RHIVE (Not cleaned & Submitted) Here is the mbam log and the dds logs Screen317 requested Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6102 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 3/18/2011 7:41:28 PM mbam-log-2011-03-18 (19-41-28).txt Scan type: Quick scan Objects scanned: 163271 Time elapsed: 11 minute(s), 26 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 4 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\B60JHDGR6V (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\ineufbr1v (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\JP595IR86O (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (PUM.Bad.Proxy) -> Value: ProxyServer -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) . DDS (Ver_11-03-05.01) - NTFSx86 Run by Nick at 8:16:52.42 on Sat 03/19/2011 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.446.188 [GMT -5:00] . AV: AVG Anti-Virus Free *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\WLTRAY.exe C:\Program Files\Launch Manager\QtZgAcer.EXE C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\keyhook.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\DOCUME~1\Nick\LOCALS~1\Temp\RtkBtMnt.EXE C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\WINDOWS\system32\sistray.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe C:\Documents and Settings\Nick\Desktop\dds.scr . ============== Pseudo HJT Report =============== . uStart Page = hxxp://comicbookmovie.com/ uInternet Settings,ProxyOverride = <local> BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY mRun: [LManager] c:\program files\launch manager\QtZgAcer.EXE mRun: [AGRSMMSG] AGRSMMSG.exe mRun: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent mRun: [siS Windows KeyHook] c:\windows\system32\keyhook.exe mRun: [soundMan] SOUNDMAN.EXE mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [instaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent StartupFolder: c:\docume~1\nick\startm~1\programs\startup\roller~1.lnk - c:\documents and settings\nick\local settings\temp\{436f4eeb-8717-42b7-a45d-3cdc4e93da48}\{907b4640-266b-4a21-92fb-cd1a86cd0f63}\ATR1.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\bttray.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\utilit~1.lnk - c:\windows\system32\sistray.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000 IE: Send To &Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL Handler: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - c:\windows\system32\BTXPPanel.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-2-25 371544] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-2-25 301528] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-2-25 19544] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-2-25 42184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2008-8-21 18688] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2008-8-21 8320] S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [2007-6-18 23680] S3 PAC207;CIF USB Camera;c:\windows\system32\drivers\pfc027.sys --> c:\windows\system32\drivers\PFC027.SYS [?] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2011-03-19 00:24:41 -------- d-----w- c:\docume~1\nick\applic~1\Malwarebytes 2011-03-19 00:24:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-03-19 00:24:26 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2011-03-19 00:24:21 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-03-19 00:24:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-03-14 13:10:40 -------- d-----w- c:\program files\SpywareBlaster 2011-03-01 22:24:22 -------- d-----w- c:\docume~1\nick\applic~1\f-secure 2011-03-01 22:20:59 -------- d-----w- c:\docume~1\alluse~1\applic~1\F-Secure 2011-03-01 20:17:26 27072 ----a-w- c:\windows\system32\drivers\AFGSp50.sys 2011-03-01 20:17:09 -------- d-----w- c:\program files\Belkin 2011-03-01 20:17:09 -------- d-----w- c:\docume~1\alluse~1\applic~1\Affinegy 2011-03-01 19:55:17 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-03-01 19:55:16 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-02-27 19:30:36 -------- d-----w- c:\docume~1\nick\applic~1\Windows Search 2011-02-27 18:34:34 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$ 2011-02-27 17:50:33 337320 ----a-w- c:\windows\difxapi.dll 2011-02-27 17:45:52 -------- d-----w- c:\windows\system32\winrm 2011-02-27 17:44:11 -------- d-----w- c:\docume~1\nick\locals~1\applic~1\Identities 2011-02-27 17:43:49 -------- d-----w- c:\docume~1\nick\applic~1\Windows Desktop Search 2011-02-27 17:42:38 -------- d-----w- c:\windows\system32\GroupPolicy 2011-02-27 17:42:38 -------- d-----w- c:\program files\Windows Desktop Search 2011-02-27 17:39:44 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll 2011-02-27 17:39:44 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll 2011-02-27 17:39:44 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll 2011-02-27 17:38:23 -------- d-----w- c:\program files\Windows Media Connect 2 2011-02-27 17:33:01 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll 2011-02-27 16:16:16 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys 2011-02-27 16:15:21 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2011-02-27 16:13:12 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll 2011-02-27 16:13:11 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll 2011-02-27 16:12:17 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll 2011-02-27 16:01:19 -------- d-sh--w- c:\documents and settings\nick\PrivacIE 2011-02-27 14:51:40 -------- d-----w- c:\windows\system32\scripting 2011-02-27 14:51:39 -------- d-----w- c:\windows\l2schemas 2011-02-27 14:51:38 -------- d-----w- c:\windows\system32\en 2011-02-27 14:51:37 -------- d-----w- c:\windows\system32\bits 2011-02-27 14:20:16 -------- d-sh--w- c:\documents and settings\nick\IETldCache 2011-02-27 14:16:27 -------- d-----w- c:\windows\ie8updates 2011-02-27 14:14:31 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2011-02-27 14:14:29 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2011-02-27 14:14:28 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2011-02-27 14:10:59 -------- dc-h--w- c:\windows\ie8 2011-02-26 02:31:44 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-02-26 02:31:04 40648 ----a-w- c:\windows\avastSS.scr 2011-02-26 02:30:40 -------- d-----w- c:\program files\AVAST Software 2011-02-26 02:30:40 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVAST Software 2011-02-23 15:51:24 -------- d-sha-r- C:\cmdcons . ==================== Find3M ==================== . 2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll 2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll 2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll 2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe 2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll 2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll 2010-12-31 13:10:33 1854976 ----a-w- c:\windows\system32\win32k.sys 2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll 2010-12-20 23:59:20 916480 ----a-w- c:\windows\system32\wininet.dll 2010-12-20 23:59:19 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-12-20 23:59:19 1469440 ------w- c:\windows\system32\inetcpl.cpl 2010-12-20 17:26:00 730112 ----a-w- c:\windows\system32\lsasrv.dll 2010-12-20 12:55:26 385024 ----a-w- c:\windows\system32\html.iec . ============= FINISH: 8:20:22.85 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_11-03-05.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 1/11/2008 2:13:19 PM System Uptime: 3/18/2011 6:24:50 PM (14 hours ago) . Motherboard: Acer, Inc. | | Lugano M Processor: Mobile AMD Sempron Processor 2800+ | Socket A | 1600/400mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 56 GiB total, 42.744 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP1: 3/18/2011 6:13:02 PM - System Checkpoint . ==== Installed Programs ====================== . Acrobat.com Adobe AIR Adobe ExtendScript Toolkit 2 Adobe Flash Player 10 ActiveX Adobe Reader X (10.0.1) Adobe Setup Agere Systems AC'97 Modem avast! Free Antivirus Belkin Setup and Router Monitor Broadcom 802.11 Network Adapter Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB915800-v4) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) Java Auto Updater Java 6 Update 24 Launch Manager Malwarebytes' Anti-Malware Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2416447) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Microsoft National Language Support Downlevel APIs Microsoft Office XP Professional with FrontPage Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6 Service Pack 2 (KB973686) Realtek AC'97 Audio Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 7 (KB972260) Security Update for Windows Internet Explorer 7 (KB974455) Security Update for Windows Internet Explorer 7 (KB982381) Security Update for Windows Internet Explorer 8 (KB2482017) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player (KB979402) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows Media Player 9 (KB936782) Security Update for Windows Search 4 - KB963093 Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371-v2) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981349) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) SiS 900 PCI Fast Ethernet Adapter Driver SiS VGA Utilities SiSAGP driver SpywareBlaster 4.4 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Windows (KB971513) Update for Windows Internet Explorer 7 (KB976749) Update for Windows Internet Explorer 7 (KB980182) Update for Windows Internet Explorer 8 (KB2447568) Update for Windows Internet Explorer 8 (KB976662) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) WebFldrs XP WIDCOMM Bluetooth Software Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Imaging Component Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Management Framework Core Windows Media Format 11 runtime Windows Media Player 11 Windows Search 4.0 Windows XP Service Pack 3 . ==== Event Viewer Messages From Past Week ======== . 3/18/2011 9:36:13 PM, error: F-Secure Standalone Minifilter [1] - 3/18/2011 6:04:51 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} 3/18/2011 6:01:58 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 AFD AmdPPM aswRdr aswSnx aswSP aswTdi Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip 3/18/2011 6:01:58 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning. 3/18/2011 6:01:58 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning. 3/18/2011 6:01:58 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning. 3/18/2011 6:01:58 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning. 3/18/2011 6:01:01 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 3/18/2011 6:00:56 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E} . ==== End Of File ===========================
  10. Thank you very much for your help, I really appreciate your time. Will get those items installed, and also put them on my others sons pc. Have a great weekend! Deb
  11. Seems to be running fine. Haven't had any issues come up. Both windows and avast were up to date.
  12. Sorry for the delay. I d/l CCleaner from filehippo, the one you link to you have to pay for. Also it now offers google toolbar not yahoo. And at options>advanced the option is temp folders older than 24 hours, not 48. Here is the Security Check log Results of screen317's Security Check version 0.99.9 Windows XP Service Pack 3 Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! avast! Free Antivirus ESET Online Scanner v3 Antivirus out of date! (On Access scanning disabled!) ``````````````````````````````` Anti-malware/Other Utilities Check: CCleaner Java 6 Update 24 Adobe Flash Player Adobe Reader X (10.0.1) ```````````````````````````````` Process Check: objlist.exe by Laurent AVAST Software Avast AvastSvc.exe AVAST Software Avast avastUI.exe ``````````End of Log````````````
  13. My son thought it was funny also! Had to run in safemode as got an error saying I didn't have sufficient rights to delete what was found. Scanning Report Wednesday, March 2, 2011 07:53:05 - 08:46:56 Computer name: ADMIN-FDC1B5A5C Scanning type: Scan system for malware, spyware and rootkits Target: C:\ -------------------------------------------------------------------------------- 17 malware found TrackingCookie.Questionmarket (spyware) System (Disinfected) TrackingCookie.2o7 (spyware) System (Disinfected) TrackingCookie.Advertising (spyware) System (Disinfected) TrackingCookie.Atdmt (spyware) System (Disinfected) TrackingCookie.Adtech (spyware) System (Disinfected) TrackingCookie.Doubleclick (spyware) System (Disinfected) TrackingCookie.Revsci (spyware) System (Disinfected) TrackingCookie.WebTrendsLive (spyware) System (Disinfected) TrackingCookie.Fastclick (spyware) System (Disinfected) TrackingCookie.Adbrite (spyware) System (Disinfected) TrackingCookie.Xiti (spyware) System (Disinfected) TrackingCookie.Webtrends (spyware) System (Disinfected) TrackingCookie.Mediaplex (spyware) System (Disinfected) TrackingCookie.Statcounter (spyware) System (Disinfected) TrackingCookie.Atwola (spyware) System (Disinfected) TrackingCookie.Yieldmanager (spyware) System (Disinfected) Exploit:Java/Cve-2010-0094.FNR (virus) C:\DOCUMENTS AND SETTINGS\NICK\APPLICATION DATA\SUN\JAVA\DEPLOYMENT\CACHE\6.0\21\2AD5FE55-241E81C8 (Renamed & Submitted) -------------------------------------------------------------------------------- Statistics Scanned: Files: 32513 System: 3051 Not scanned: 8 Actions: Disinfected: 16 Renamed: 1 Deleted: 0 Not cleaned: 0 Submitted: 1 Files not scanned: C:\PAGEFILE.SYS C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT C:\WINDOWS\SYSTEM32\CONFIG\SECURITY C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM C:\WINDOWS\SYSTEM32\CONFIG\SAM C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\B12DCC97B1C6D296A9C4FCE07E1714FB_747FD2EC-EBCC-4315-8331-C19AC1BBD682 C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\HSPERFDATA_ADMINISTRATOR\1496 -------------------------------------------------------------------------------- Options Scanning engines: Scanning options: Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML XXX ANI AVB BAT CMD JOB LSP MAP MHT MIF PHP POT SWF WMF NWS TAR Use advanced heuristics -------------------------------------------------------------------------------- Copyright
  14. Since mentioned that, which I never thought of it was probably me! I am not use to laptop, this is the first time I have actually used one! It has not done it again since I moved my hand. Was there another online scan you wanted me to use since Kaspersky is down for upgrades?
  15. I was able to get it to connect after installing the software, thank you. I didn't want to install any thing before it was cleaned. Updated java and adobe. Uninstalled combofix and deleted securitycheck. Curser is still jumping around as I type but not as bad, same for words being selected as if doubled clicked.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.