Jump to content

ausworkshop

Members
 View Profile  See their activity

  • Posts

    6

  • Joined

  • Last visited

Reputation

0 Neutral

About ausworkshop

  • Birthday 04/04/1975

Profile Information

  • Location
    Australia
  • Interests
    Woodwork, Electronics, Tinkering, Small Business, Inventions
  1. ausworkshop
    Thanks for your help. I thought AVG would update to 2011 automatically when I click 'update' but it hasn't so I've uninstalled it and installed the 2011 version. My pc seems to be running better now although I can't check it for outgoing IP's without the full version of Malwarebytes. I had a trial for a few weeks but its expired now. Hopefully all will be ok. Sometimes when watching a youtube video it will crash when I go from small screen to full screen mode but this is probably a separate problem. Thanks so much for your time helping me with all this.
  2. ausworkshop
    Sorry for the delay. I tried to download and run eset online scanner in Explorer as requested. When I clicked yes to accept terms of use the explorer asked to click here to allow Active X control but when I tried to click it explorer stopped responding. After reading some info and trying a few things it still wouldn't work so I tried downloading it using Firefox and it worked by using a 'smart installer' so I have attached the results of this scan and the checkup text below, I hope this is ok. ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6528 # api_version=3.0.2 # EOSSerial=42da200e8bda8c44b2bcbec56c237e9b # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-08-27 04:31:35 # local_time=2011-08-27 02:31:35 (+1000, AUS Eastern Standard Time) # country="Australia" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=1029 16777189 100 91 0 48491398 0 0 # compatibility_mode=4864 16777215 100 0 80987459 80987459 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=190410 # found=2 # cleaned=2 # scan_time=3988 H:\Documents and Settings\All Users\Application Data\SpeedBit\DAP\Offers\speedupmypc.exe Win32/SpeedUpMyPC application (deleted - quarantined) 00000000000000000000000000000000 C H:\System Volume Information\_restore{6DD0277A-5759-4FD7-8A97-2A22CAE790E9}\RP1067\A0143434.exe Win32/SpeedUpMyPC application (deleted - quarantined) 00000000000000000000000000000000 C Results of screen317's Security Check version 0.99.18 Windows XP Service Pack 3 Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: AVG 9.0 ESET Online Scanner v3 McAfee Security Scan Plus Antivirus up to date! ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware CCleaner Java 6 Update 26 Adobe Flash Player 10.3.183.5 Adobe Reader X (10.1.0) ```````````````````````````````` Process Check: objlist.exe by Laurent Malwarebytes' Anti-Malware mbamservice.exe Malwarebytes' Anti-Malware mbamgui.exe AVG avgwdsvc.exe AVG avgtray.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe ``````````End of Log```````````` My pc seems to be running better now although my Malwarebytes trial period expired so I am unable to check if its still detecting outgoing IP's as it was before. Please let me know if there is anything else I need to do and thank you so much for your time spent helping me.
  3. ausworkshop
    Hi, Thanks for your help, here are the requested logs. Regards Andrew Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Database version: 7534 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 22/08/2011 11:34:45 PM mbam-log-2011-08-22 (23-34-45).txt Scan type: Quick scan Objects scanned: 201653 Time elapsed: 8 minute(s), 9 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ComboFix 11-08-22.03 - Andrew 23/08/2011 0:26.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1023.364 [GMT 10:00] Running from: h:\documents and settings\Andrew\Desktop\ComboFix.exe AV: AVG Internet Security *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . h:\documents and settings\Andrew\Application Data\PriceGong h:\documents and settings\Andrew\Application Data\PriceGong\Data\1.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\a.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\b.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\c.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\d.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\e.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\f.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\g.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\h.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\i.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\J.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\k.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\l.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\m.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\mru.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\n.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\o.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\p.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\q.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\r.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\s.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\t.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\u.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\v.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\w.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\x.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\y.xml h:\documents and settings\Andrew\Application Data\PriceGong\Data\z.xml h:\documents and settings\Andrew\My Documents\981.JPG h:\documents and settings\Andrew\System h:\documents and settings\Andrew\System\win_qs8.jqx h:\documents and settings\Andrew\WINDOWS h:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll h:\program files\SpeedBit Video Downloader\Toolbar\tbhelper.dll h:\windows\start.exe h:\windows\system32\Thumbs.db h:\windows\Web\default.htt . . ((((((((((((((((((((((((( Files Created from 2011-07-22 to 2011-08-22 ))))))))))))))))))))))))))))))) . . 2011-08-11 06:22 . 2011-08-11 06:22 -------- d-----w- h:\program files\Apple Software Update 2011-08-10 15:08 . 2011-08-10 15:08 -------- d-sh--w- h:\documents and settings\Default User\IETldCache 2011-08-10 01:06 . 2011-06-24 14:10 139656 -c----w- h:\windows\system32\dllcache\rdpwd.sys 2011-08-10 01:05 . 2011-07-08 14:02 10496 -c----w- h:\windows\system32\dllcache\ndistapi.sys 2011-08-05 04:23 . 2011-07-06 09:52 41272 ----a-w- h:\windows\system32\drivers\mbamswissarmy.sys 2011-08-05 04:23 . 2011-08-05 04:23 -------- d-----w- h:\program files\Malwarebytes' Anti-Malware 2011-08-05 04:23 . 2011-07-06 09:52 22712 ----a-w- h:\windows\system32\drivers\mbam.sys 2011-08-04 15:38 . 2011-08-05 00:50 -------- d-----w- h:\documents and settings\Administrator . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-15 07:08 . 2011-05-14 02:54 404640 ----a-w- h:\windows\system32\FlashPlayerCPLApp.cpl 2011-07-15 13:29 . 2004-08-04 12:00 456320 ----a-w- h:\windows\system32\drivers\mrxsmb.sys 2011-07-14 15:31 . 2011-07-13 07:17 416 ----a-w- h:\documents and settings\All Users\Application Data\Microsoft\MSDN\9.0\1033\ResourceCache.dll 2011-07-13 07:19 . 2011-07-13 07:19 348256 ----a-w- h:\documents and settings\All Users\Application Data\Microsoft\VSTAHost\CorelPHOTOPAINT\9.0\1033\ResourceCache.dll 2011-07-13 07:19 . 2011-07-13 07:19 348256 ----a-w- h:\documents and settings\All Users\Application Data\Microsoft\VSTAHost\CorelDRAW\9.0\1033\ResourceCache.dll 2011-07-08 14:02 . 2004-08-04 12:00 10496 ----a-w- h:\windows\system32\drivers\ndistapi.sys 2011-06-24 14:10 . 2008-12-27 00:18 139656 ----a-w- h:\windows\system32\drivers\rdpwd.sys 2011-06-23 18:36 . 2004-08-04 12:00 916480 ----a-w- h:\windows\system32\wininet.dll 2011-06-23 18:36 . 2004-08-04 12:00 43520 ----a-w- h:\windows\system32\licmgr10.dll 2011-06-23 18:36 . 2004-08-04 12:00 1469440 ------w- h:\windows\system32\inetcpl.cpl 2011-06-23 12:05 . 2004-08-04 12:00 385024 ----a-w- h:\windows\system32\html.iec 2011-06-22 10:43 . 2011-06-22 10:45 1126851 ----a-w- h:\windows\wallhalla_saver_f.scr 2011-06-20 17:44 . 2004-08-04 12:00 293376 ----a-w- h:\windows\system32\winsrv.dll 2011-06-02 14:02 . 2004-08-04 12:00 1858944 ----a-w- h:\windows\system32\win32k.sys 2011-01-21 00:41 . 2011-01-21 00:36 19985265 ----a-w- h:\program files\vlc-1.1.5-win32.exe 2005-07-30 07:10 . 2005-07-30 07:09 556704 ----a-w- h:\program files\GoogleToolbarInstaller.exe 2005-07-26 03:16 . 2005-07-26 03:16 6285024 ----a-w- h:\program files\emssetup122.exe 2005-07-26 01:49 . 2005-07-26 01:45 20798256 ----a-w- h:\program files\AdbeRdr70_enu_full.exe 2005-07-26 01:45 . 2005-07-26 01:44 6811904 ----a-w- h:\program files\psa2011se_us.exe 2009-01-27 01:34 . 2009-01-27 01:34 1044480 ----a-w- h:\program files\mozilla firefox\plugins\libdivx.dll 2009-01-27 01:34 . 2009-01-27 01:34 200704 ----a-w- h:\program files\mozilla firefox\plugins\ssldivx.dll 2011-08-18 02:11 . 2011-05-12 10:03 134104 ----a-w- h:\program files\mozilla firefox\components\browsercomps.dll 2011-07-03 01:43 . 2011-07-03 01:43 119808 ----a-w- h:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "h:\program files\uTorrentBar\tbuTo1.dll" [2011-01-01 3911776] . [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 2011-01-01 07:53 3911776 ----a-w- h:\program files\ConduitEngine\ConduitEngin0.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2011-07-26 00:15 2532680 ----a-w- h:\program files\AVG\AVG9\Toolbar\IEToolbar.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] 2011-01-01 07:53 3911776 ----a-w- h:\program files\uTorrentBar\tbuTo1.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "h:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2011-07-26 2532680] "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "h:\program files\uTorrentBar\tbuTo1.dll" [2011-01-01 3911776] "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "h:\program files\ConduitEngine\ConduitEngin0.dll" [2011-01-01 3911776] . [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] . [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] . [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "h:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2011-07-26 2532680] "{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "h:\program files\uTorrentBar\tbuTo1.dll" [2011-01-01 3911776] . [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] . [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SlowFile Icon Overlay] @="{7D688A77-C613-11D0-999B-00C04FD655E1}" [HKEY_CLASSES_ROOT\CLSID\{7D688A77-C613-11D0-999B-00C04FD655E1}] 2011-01-21 14:44 8462336 ----a-w- h:\windows\system32\shell32.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "H/PC Connection Agent"="h:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000] "swg"="h:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-29 68856] "SpybotSD TeaTimer"="h:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nwiz"="nwiz.exe" [2007-12-04 1626112] "AVG9_TRAY"="h:\progra~1\AVG\AVG9\avgtray.exe" [2011-03-14 2071904] "CanonMyPrinter"="h:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-03-24 1983816] "CanonSolutionMenu"="h:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312] "TkBellExe"="h:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-08-20 198160] "ISUSPM Startup"="h:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608] "ISUSScheduler"="h:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-12 69632] "QuickTime Task"="h:\program files\QuickTime\qttask.exe" [2010-11-29 421888] "Adobe ARM"="h:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "Google Desktop Search"="h:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-07-03 30192] "SunJavaUpdateSched"="h:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "Malwarebytes' Anti-Malware"="h:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584] "NvCplDaemon"="h:\windows\system32\NvCpl.dll" [2007-12-04 8523776] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="h:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . h:\documents and settings\Andrew\Start Menu\Programs\Startup\ PowerMenu.lnk - h:\program files\PowerMenu\PowerMenu.exe [2002-12-20 57344] . h:\documents and settings\All Users\Start Menu\Programs\Startup\ forteManager.lnk - h:\program files\LG Soft India\forteManager\bin\Monitor.exe [2010-9-18 1687552] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2010-06-24 01:44 12536 ----a-w- h:\windows\system32\avgrsstx.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PFW] 2007-06-06 05:46 79368 ----a-w- h:\windows\system32\UmxWNP.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] @="Service" . [HKLM\~\startupfolder\H:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk] path=h:\documents and settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk backup=h:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup . [HKLM\~\startupfolder\H:^Documents and Settings^Andrew^Start Menu^Programs^Startup^Easy HDTV DVR.lnk] path=h:\documents and settings\Andrew\Start Menu\Programs\Startup\Easy HDTV DVR.lnk backup=h:\windows\pss\Easy HDTV DVR.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] 2011-04-20 02:48 58656 ----a-w- h:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ask and Record FLV Service] 2009-03-10 02:29 156672 ----a-w- h:\program files\Ask & Record Toolbar\FLVSrvc.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck] 2008-04-10 03:36 29757440 ----a-r- h:\program files\VIA\VIAudioi\HDADeck\HDeck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-06-07 07:51 421160 ----a-w- h:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 00:12 1695232 ------w- h:\program files\Messenger\msmsgs.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2007-12-04 17:41 8523776 ----a-w- h:\windows\system32\nvcpl.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2007-12-04 17:41 81920 ----a-w- h:\windows\system32\nvmctray.dll . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] 2010-12-21 00:53 1483264 ----a-w- h:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray] 2010-08-20 07:29 214536 ----a-w- h:\program files\Real\RealPlayer\realplay.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive] 2009-06-17 11:44 85160 ----a-w- h:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager] 2007-03-27 04:22 4670968 ----a-w- h:\program files\Yahoo!\Messenger\YahooMessenger.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys] "HotKeysCmds"=h:\windows\system32\hkcmd.exe "IgfxTray"=h:\windows\system32\igfxtray.exe "LoadPowerProfile"=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme "Tweak UI"=RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "h:\\Program Files\\Spearit\\Move Me\\MoveMe.exe"= "h:\program files\Microsoft ActiveSync\rapimgr.exe"= h:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "h:\program files\Microsoft ActiveSync\wcescomm.exe"= h:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "h:\program files\Microsoft ActiveSync\WCESMgr.exe"= h:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "h:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "h:\\Program Files\\Participatory Culture Foundation\\Miro\\Miro_Downloader.exe"= "h:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "h:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "h:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "h:\\Program Files\\AVG\\AVG9\\avgam.exe"= "h:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"= "h:\\Program Files\\AVG\\AVG9\\avgnsx.exe"= "h:\\Program Files\\AVG\\AVG9\\avgupd.exe"= "h:\\Program Files\\uTorrent\\uTorrent.exe"= "h:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "h:\\Program Files\\Sprite Software\\Sprite Backup\\spriteservice.exe"= "h:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel Protection Server\\WinNT\\spnsrvnt.exe"= "h:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel Keys Server\\sntlkeyssrvr.exe"= "h:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"= "h:\\Program Files\\Bonjour\\mDNSResponder.exe"= "h:\\Program Files\\iTunes\\iTunes.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service . R0 AvgRkx86;avgrkx86.sys;h:\windows\system32\drivers\avgrkx86.sys [2/02/2010 3:35 PM 52872] R0 KmxStart;KmxStart;h:\windows\system32\drivers\KmxStart.sys [8/06/2009 10:02 AM 107000] R1 AvgLdx86;AVG AVI Loader Driver x86;h:\windows\system32\drivers\avgldx86.sys [2/02/2010 3:35 PM 216400] R1 AvgTdiX;AVG Network Redirector;h:\windows\system32\drivers\avgtdix.sys [2/02/2010 3:35 PM 243152] R1 KmxAgent;KmxAgent;h:\windows\system32\drivers\KmxAgent.sys [30/09/2009 4:51 PM 72184] R2 avg9wd;AVG WatchDog;h:\program files\AVG\AVG9\avgwdsvc.exe [24/06/2010 11:43 AM 308136] R2 MBAMService;MBAMService;h:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [5/08/2011 2:23 PM 366640] R2 SentinelKeysServer;Sentinel Keys Server;h:\program files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [27/04/2007 12:00 AM 316992] R2 UmxAgent;HIPS Event Manager;h:\program files\CA\SharedComponents\HIPSEngine\UmxAgent.exe [4/08/2009 10:42 AM 1141240] R2 UmxCfg;HIPS Configuration Interpreter;h:\program files\CA\SharedComponents\HIPSEngine\UmxCfg.exe [13/07/2009 10:39 AM 801272] R2 UmxPol;HIPS Policy Manager;h:\program files\CA\SharedComponents\HIPSEngine\UmxPol.exe [27/07/2009 3:40 PM 289272] R2 VideoAcceleratorService;VideoAcceleratorService;h:\progra~1\SPEEDB~2\VideoAcceleratorService.exe -start -scm --> h:\progra~1\SPEEDB~2\VideoAcceleratorService.exe -start -scm [?] R3 KmxCfg;KmxCfg;h:\windows\system32\drivers\KmxCfg.sys [30/09/2009 4:51 PM 203768] R3 LGDDCDevice;LGDDCDevice;h:\program files\LG Soft India\forteManager\bin\I2CDriver.sys [18/09/2010 3:56 PM 14336] R3 Mach3;Mach3 Pulseing Service;h:\windows\system32\drivers\Mach3.sys [29/03/2010 1:30 PM 103040] R3 MBAMProtector;MBAMProtector;h:\windows\system32\drivers\mbam.sys [5/08/2011 2:23 PM 22712] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;h:\windows\system32\drivers\viahduaa.sys [27/12/2008 4:26 PM 222976] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;h:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 1:16 PM 130384] S2 gupdate;Google Update Service (gupdate);h:\program files\Google\Update\GoogleUpdate.exe [15/02/2010 3:43 PM 135664] S3 AVG Security Toolbar Service;AVG Security Toolbar Service;h:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [27/10/2010 9:14 AM 1025352] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;h:\program files\Google\Google Desktop Search\GoogleDesktop.exe [3/07/2011 11:43 AM 30192] S3 gupdatem;Google Update Service (gupdatem);h:\program files\Google\Update\GoogleUpdate.exe [15/02/2010 3:43 PM 135664] S3 LGII2CDevice;LGII2CDevice;h:\program files\LG Soft India\forteManager\bin\PII2CDriver.sys [18/09/2010 3:56 PM 18432] S3 McComponentHostService;McAfee Security Scan Component Host Service;h:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15/01/2010 10:49 PM 227232] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;h:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 1:16 PM 753504] . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] 2008-04-14 00:12 73216 ----a-w- h:\progra~1\OUTLOO~1\setup50.exe . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] 2008-04-14 00:12 73216 ----a-w- h:\progra~1\OUTLOO~1\setup50.exe . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}] 2008-04-14 00:12 73216 ----a-w- h:\progra~1\OUTLOO~1\setup50.exe . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}] 2008-04-14 00:12 73216 ----a-w- h:\progra~1\OUTLOO~1\setup50.exe . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}] 2001-03-23 05:17 7168 ----a-w- h:\windows\system32\updcrl.exe . Contents of the 'Scheduled Tasks' folder . 2011-08-16 h:\windows\Tasks\AppleSoftwareUpdate.job - h:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 07:57] . 2011-08-22 h:\windows\Tasks\GoogleUpdateTaskMachineCore.job - h:\program files\Google\Update\GoogleUpdate.exe [2010-02-15 05:43] . 2011-08-22 h:\windows\Tasks\GoogleUpdateTaskMachineUA.job - h:\program files\Google\Update\GoogleUpdate.exe [2010-02-15 05:43] . 2011-08-14 h:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-2025429265-725345543-1003Core.job - h:\documents and settings\Andrew\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-06 04:22] . 2011-08-22 h:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-2025429265-725345543-1003UA.job - h:\documents and settings\Andrew\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-06 04:22] . 2011-08-22 h:\windows\Tasks\User_Feed_Synchronization-{F9D3AA91-4906-4EE2-896B-5EBD33F422DB}.job - h:\windows\system32\msfeedssync.exe [2007-08-14 18:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: &Clean Traces - h:\program files\DAP\Privacy Package\dapcleanerie.htm IE: &Download with &DAP - h:\program files\DAP\dapextie.htm IE: Add to Google Photos Screensa&ver - h:\windows\system32\GPhotos.scr/200 IE: Download &all with DAP - h:\program files\DAP\dapextie2.htm IE: Google Sidewiki... - h:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html LSP: h:\program files\SpeedBit Video Accelerator\LSP3.2.2.4\SBLSP.dll TCP: DhcpNameServer = 192.168.0.1 Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - h:\program files\AVG\AVG9\Toolbar\IEToolbar.dll DPF: DirectAnimation Java Classes - file://h:\windows\SYSTEM\dajava.cab DPF: Internet Explorer Classes for Java - file://h:\windows\SYSTEM\iejava.cab DPF: Microsoft XML Parser for Java - file://h:\windows\Java\classes\xmldso.cab FF - ProfilePath - h:\documents and settings\Andrew\Application Data\Mozilla\Firefox\Profiles\zsuktr8w.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Yahoo! Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/ FF - prefs.js: keyword.URL - hxxp://au.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_au&p= . - - - - ORPHANS REMOVED - - - - . BHO-{3017FB3E-9A77-4396-88C5-0EC9548FB42F} - h:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll BHO-{31B27F2D-6BC6-451B-B3D2-4EAB36B2FC3B} - h:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll Toolbar-Locked - (no file) WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) MSConfigStartUp-Adobe Reader Speed Launcher - h:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe MSConfigStartUp-TomTomHOME - h:\program files\TomTom HOME 2\TomTomHOMERunner.exe HKLM_ActiveSetup-{44BBA851-CC51-11CF-AAFA-00AA00B6015C} - rundll32.exeadvpack.dll AddRemove-Canon Digital Camera USB Driver - h:\program files\Canon\Digital Camera USB Driver\Uninst.isu AddRemove-Canon PhotoStitch 3.1 - h:\program files\Canon\PhotoStitch\Uninst.isu AddRemove-Canon Utilities RAW Image Converter - h:\program files\Canon\RAW Image Converter\Uninst.isu AddRemove-PhotoRecord - h:\program files\Canon\PhotoRecord\Uninst.isu AddRemove-RemoteCapture - h:\program files\Canon\RemoteCapture\Uninst.isu AddRemove-SigmaTel AC97 Audio Drivers - h:\program files\SigmaTel\SigmaTel AC97 Audio Drivers\Uninst.isu AddRemove-ZoomBrowserEXDeInstall - h:\program files\Canon\ZoomBrowser EX\Uninst.isu . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-08-23 00:40 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(748) h:\windows\system32\UmxWnp.Dll . - - - - - - - > 'lsass.exe'(804) h:\program files\SpeedBit Video Accelerator\LSP3.2.2.4\SBLSP.dll h:\program files\SpeedBit Video Accelerator\DLL3.2.2.6\ConfigDB.dll . - - - - - - - > 'explorer.exe'(4068) h:\windows\system32\WININET.dll h:\program files\PowerMenu\PowerMenuHook.dll h:\windows\system32\ieframe.dll h:\windows\system32\webcheck.dll h:\windows\system32\WPDShServiceObj.dll h:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll h:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL h:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll h:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr h:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr h:\windows\system32\PortableDeviceTypes.dll h:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . h:\program files\AVG\AVG9\avgchsvx.exe h:\program files\AVG\AVG9\avgrsx.exe h:\program files\AVG\AVG9\avgcsrvx.exe h:\windows\System32\SCardSvr.exe h:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe h:\program files\Bonjour\mDNSResponder.exe h:\program files\Canon\IJPLM\IJPLMSVC.EXE h:\program files\Java\jre6\bin\jqs.exe h:\program files\AVG\AVG9\avgam.exe h:\program files\AVG\AVG9\avgnsx.exe h:\program files\CDBurnerXP\NMSAccessU.exe h:\windows\system32\nvsvc32.exe h:\program files\Common Files\Protexis\License Service\PsiService_2.exe h:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe h:\program files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe h:\progra~1\SPEEDB~2\VideoAcceleratorService.exe h:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe h:\program files\Canon\CAL\CALMAIN.exe h:\windows\system32\wscntfy.exe h:\program files\AVG\AVG9\avgcsrvx.exe h:\progra~1\MICROS~2\rapimgr.exe . ************************************************************************** . Completion time: 2011-08-23 00:45:02 - machine was rebooted ComboFix-quarantined-files.txt 2011-08-22 14:44 . Pre-Run: 34,918,535,168 bytes free Post-Run: 38,545,018,880 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 79D6ED891FB921A029C28A04BD88B5BA . DDS (Ver_2011-06-23.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26 Run by Andrew at 0:52:21 on 2011-08-23 Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1023.306 [GMT 10:00] . AV: AVG Internet Security *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ============== Running Processes =============== . H:\WINDOWS\system32\svchost.exe -k DcomLaunch svchost.exe H:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe H:\Program Files\AVG\AVG9\avgchsvx.exe H:\Program Files\AVG\AVG9\avgrsx.exe svchost.exe H:\Program Files\AVG\AVG9\avgcsrvx.exe H:\WINDOWS\system32\spoolsv.exe H:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe H:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe H:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe svchost.exe H:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe H:\Program Files\AVG\AVG9\avgwdsvc.exe H:\Program Files\Bonjour\mDNSResponder.exe H:\Program Files\Canon\IJPLM\IJPLMSVC.EXE H:\Program Files\Java\jre6\bin\jqs.exe H:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe H:\Program Files\AVG\AVG9\avgam.exe H:\Program Files\AVG\AVG9\avgnsx.exe H:\Program Files\CDBurnerXP\NMSAccessU.exe H:\WINDOWS\system32\nvsvc32.exe h:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe H:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe H:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe H:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe H:\WINDOWS\system32\svchost.exe -k imgsvc H:\PROGRA~1\SPEEDB~2\VideoAcceleratorService.exe H:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe H:\Program Files\Canon\CAL\CALMAIN.exe H:\Program Files\AVG\AVG9\avgcsrvx.exe H:\PROGRA~1\AVG\AVG9\avgtray.exe H:\WINDOWS\System32\svchost.exe -k HTTPFilter H:\Program Files\Common Files\Real\Update_OB\realsched.exe H:\Program Files\Common Files\InstallShield\UpdateService\issch.exe H:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe H:\Program Files\Common Files\Java\Java Update\jusched.exe H:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe H:\Program Files\Microsoft ActiveSync\wcescomm.exe H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe H:\PROGRA~1\MICROS~2\rapimgr.exe H:\Program Files\LG Soft India\forteManager\bin\Monitor.exe H:\Program Files\PowerMenu\PowerMenu.exe H:\WINDOWS\explorer.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - h:\program files\utorrentbar\tbuTo1.dll mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - h:\program files\avg\avg9\toolbar\IEToolbar.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - h:\program files\yahoo!\companion\installs\cpn3\yt.dll BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - h:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - h:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - h:\program files\real\realplayer\rpbrowserrecordplugin.dll BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - h:\program files\conduitengine\ConduitEngin0.dll BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - h:\program files\canon\easy-webprint ex\ewpexbho.dll BHO: SearchPredictObj Class: {389943b0-c3a2-4e69-82cb-8596a84cb3dc} - h:\progra~1\search~1\SEARCH~1.DLL BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - h:\program files\avg\avg9\avgssie.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - h:\progra~1\spybot~1\SDHelper.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - h:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - h:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - h:\program files\avg\avg9\toolbar\IEToolbar.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - h:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - h:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - h:\program files\utorrentbar\tbuTo1.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - h:\program files\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - h:\program files\windows live\toolbar\wltcore.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - h:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - h:\program files\yahoo!\companion\installs\cpn3\YTSingleInstance.dll BHO: DAPIELoader Class: {ff6c3cf0-4b15-11d1-abed-709549c10000} - h:\progra~1\dap\DAPIEL~1.DLL BHO: GrabberObj Class: {ff7c3cf0-4b15-11d1-abed-709549c10000} - h:\progra~1\speedb~1\toolbar\grabber.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - h:\program files\yahoo!\companion\installs\cpn3\yt.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - h:\program files\windows live\toolbar\wltcore.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - h:\program files\avg\avg9\toolbar\IEToolbar.dll TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - h:\program files\canon\easy-webprint ex\ewpexhlp.dll TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - h:\program files\utorrentbar\tbuTo1.dll TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - h:\program files\conduitengine\ConduitEngin0.dll TB: SpeedBit Video Downloader: {0329e7d6-6f54-462d-93f6-f5c3118badf2} - h:\program files\speedbit video downloader\toolbar\tbcore3.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - h:\program files\google\google toolbar\GoogleToolbar_32.dll EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - h:\program files\canon\easy-webprint ex\ewpexhlp.dll EB: {B0DE3308-5D5A-470D-81B9-634FC078393B} - No File uRun: [H/PC Connection Agent] "h:\program files\microsoft activesync\wcescomm.exe" uRun: [swg] "h:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [spybotSD TeaTimer] h:\program files\spybot - search & destroy\TeaTimer.exe mRun: [nwiz] nwiz.exe /install mRun: [AVG9_TRAY] h:\progra~1\avg\avg9\avgtray.exe mRun: [CanonMyPrinter] h:\program files\canon\myprinter\BJMyPrt.exe /logon mRun: [CanonSolutionMenu] h:\program files\canon\solutionmenu\CNSLMAIN.exe /logon mRun: [TkBellExe] "h:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [iSUSPM Startup] h:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup mRun: [iSUSScheduler] "h:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [QuickTime Task] "h:\program files\quicktime\qttask.exe" -atboottime mRun: [Adobe ARM] "h:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [Google Desktop Search] "h:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [sunJavaUpdateSched] "h:\program files\common files\java\java update\jusched.exe" mRun: [Malwarebytes' Anti-Malware] "h:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [NvCplDaemon] RUNDLL32.EXE h:\windows\system32\NvCpl.dll,NvStartup dRun: [CTFMON.EXE] h:\windows\system32\CTFMON.EXE StartupFolder: h:\docume~1\andrew\startm~1\programs\startup\powerm~1.lnk - h:\program files\powermenu\PowerMenu.exe StartupFolder: h:\docume~1\alluse~1\startm~1\programs\startup\fortem~1.lnk - h:\program files\lg soft india\fortemanager\bin\Monitor.exe IE: &Clean Traces - h:\program files\dap\privacy package\dapcleanerie.htm IE: &Download with &DAP - h:\program files\dap\dapextie.htm IE: Add to Google Photos Screensa&ver - h:\windows\system32\GPhotos.scr/200 IE: Download &all with DAP - h:\program files\dap\dapextie2.htm IE: Google Sidewiki... - h:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - h:\program files\paltalk messenger\Paltalk.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - h:\program files\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - h:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - h:\progra~1\micros~2\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - h:\progra~1\micros~2\INetRepl.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - h:\progra~1\mi1933~1\office11\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - h:\progra~1\spybot~1\SDHelper.dll LSP: h:\program files\speedbit video accelerator\lsp3.2.2.4\SBLSP.dll DPF: DirectAnimation Java Classes - file://h:\windows\system\dajava.cab DPF: Internet Explorer Classes for Java - file://h:\windows\system\iejava.cab DPF: Microsoft XML Parser for Java - file://h:\windows\java\classes\xmldso.cab DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - h:\program files\yahoo!\common\Yinsthelper200711281.dll DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc2.cab DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - hxxps://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://by108fd.bay108.hotmail.msn.com/resources/MsnPUpld.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1230361826875 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38096.7684259259 DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - hxxp://messenger.msn.com/download/MsnMessengerSetupDownloader.cab DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} - hxxp://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?326 DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - hxxp://fdl.msn.com/public/chat/msnchat45.cab TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{577A338A-A6AF-475F-AAAB-69028292F41D} : DhcpNameServer = 192.168.0.1 Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - h:\program files\avg\avg9\toolbar\IEToolbar.dll Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - h:\program files\belarc\advisor\system\BAVoilaX.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - h:\program files\avg\avg9\avgpp.dll Notify: avgrsstarter - avgrsstx.dll Notify: PFW - UmxWnp.Dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - h:\windows\system32\WPDShServiceObj.dll mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "h:\progra~1\outloo~1\setup50.exe" /APP:OE /CALLER:WIN9X /user /install mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "h:\progra~1\outloo~1\setup50.exe" /app:oe /caller:win9x /user /install - "h:\progra~1\outloo~1\setup50.exe" /APP:OE /CALLER:IE50 /user /install mASetup: {7790769C-0471-11d2-AF11-00C04FA35D02} - "h:\progra~1\outloo~1\setup50.exe" /APP:WAB /CALLER:WIN9X /user /install mASetup: {7790769C-0471-11d2-AF11-00C04FA35D02} - "h:\progra~1\outloo~1\setup50.exe" /app:wab /caller:win9x /user /install - "h:\progra~1\outloo~1\setup50.exe" /APP:WAB /CALLER:IE50 /user /install mASetup: {9EF0045A-CDD9-438e-95E6-02B9AFEC8E11} - h:\windows\system32\updcrl.exe -e -u h:\windows\system\verisignpub1.crl mASetup: >IEPerUser - RUNDLL32.EXE IEDKCS32.DLL,BrandIE4 SIGNUP . ================= FIREFOX =================== . FF - ProfilePath - h:\documents and settings\andrew\application data\mozilla\firefox\profiles\zsuktr8w.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Yahoo! Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/ FF - prefs.js: keyword.URL - hxxp://au.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_au&p= FF - plugin: h:\documents and settings\andrew\local settings\application data\google\update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: h:\progra~1\yahoo!\common\npyaxmpb.dll FF - plugin: h:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: h:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL FF - plugin: h:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: h:\program files\google\picasa3\npPicasa3.dll FF - plugin: h:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: h:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: h:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll FF - plugin: h:\program files\microsoft\office live\npOLW.dll FF - plugin: h:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: h:\program files\windows live\photo gallery\NPWLPG.dll . ============= SERVICES / DRIVERS =============== . R0 AvgRkx86;avgrkx86.sys;h:\windows\system32\drivers\avgrkx86.sys [2010-2-2 52872] R0 KmxStart;KmxStart;h:\windows\system32\drivers\KmxStart.sys [2009-6-8 107000] R1 AvgLdx86;AVG AVI Loader Driver x86;h:\windows\system32\drivers\avgldx86.sys [2010-2-2 216400] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;h:\windows\system32\drivers\avgmfx86.sys [2010-2-2 29584] R1 AvgTdiX;AVG Network Redirector;h:\windows\system32\drivers\avgtdix.sys [2010-2-2 243152] R1 KmxAgent;KmxAgent;h:\windows\system32\drivers\KmxAgent.sys [2009-9-30 72184] R2 avg9wd;AVG WatchDog;h:\program files\avg\avg9\avgwdsvc.exe [2010-6-24 308136] R2 MBAMService;MBAMService;h:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-8-5 366640] R2 SentinelKeysServer;Sentinel Keys Server;h:\program files\common files\safenet sentinel\sentinel keys server\sntlkeyssrvr.exe [2007-4-27 316992] R2 UmxAgent;HIPS Event Manager;h:\program files\ca\sharedcomponents\hipsengine\UmxAgent.exe [2009-8-4 1141240] R2 UmxCfg;HIPS Configuration Interpreter;h:\program files\ca\sharedcomponents\hipsengine\UmxCfg.exe [2009-7-13 801272] R2 UmxPol;HIPS Policy Manager;h:\program files\ca\sharedcomponents\hipsengine\UmxPol.exe [2009-7-27 289272] R2 VideoAcceleratorService;VideoAcceleratorService;h:\progra~1\speedb~2\videoacceleratorservice.exe -start -scm --> h:\progra~1\speedb~2\VideoAcceleratorService.exe -start -scm [?] R3 KmxCfg;KmxCfg;h:\windows\system32\drivers\KmxCfg.sys [2009-9-30 203768] R3 LGDDCDevice;LGDDCDevice;h:\program files\lg soft india\fortemanager\bin\I2CDriver.sys [2010-9-18 14336] R3 Mach3;Mach3 Pulseing Service;h:\windows\system32\drivers\Mach3.sys [2010-3-29 103040] R3 MBAMProtector;MBAMProtector;h:\windows\system32\drivers\mbam.sys [2011-8-5 22712] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;h:\windows\system32\drivers\viahduaa.sys [2008-12-27 222976] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;h:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);h:\program files\google\update\GoogleUpdate.exe [2010-2-15 135664] S3 aawservice;Lavasoft Ad-Aware Service;h:\program files\lavasoft\ad-aware\aawservice.exe [2008-9-11 611664] S3 AVG Security Toolbar Service;AVG Security Toolbar Service;h:\program files\avg\avg9\toolbar\ToolbarBroker.exe [2010-10-27 1025352] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;h:\program files\google\google desktop search\GoogleDesktop.exe [2011-7-3 30192] S3 gupdatem;Google Update Service (gupdatem);h:\program files\google\update\GoogleUpdate.exe [2010-2-15 135664] S3 LGII2CDevice;LGII2CDevice;h:\program files\lg soft india\fortemanager\bin\PII2CDriver.sys [2010-9-18 18432] S3 McComponentHostService;McAfee Security Scan Component Host Service;h:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;h:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2011-08-22 14:23:43 -------- d-sha-r- H:\cmdcons 2011-08-22 14:19:50 98816 ----a-w- h:\windows\sed.exe 2011-08-22 14:19:50 518144 ----a-w- h:\windows\SWREG.exe 2011-08-22 14:19:50 256000 ----a-w- h:\windows\PEV.exe 2011-08-22 14:19:50 208896 ----a-w- h:\windows\MBR.exe 2011-08-10 01:06:39 139656 -c----w- h:\windows\system32\dllcache\rdpwd.sys 2011-08-10 01:05:00 10496 -c----w- h:\windows\system32\dllcache\ndistapi.sys 2011-08-05 04:23:50 41272 ----a-w- h:\windows\system32\drivers\mbamswissarmy.sys 2011-08-05 04:23:47 22712 ----a-w- h:\windows\system32\drivers\mbam.sys 2011-08-05 04:23:47 -------- d-----w- h:\program files\Malwarebytes' Anti-Malware . ==================== Find3M ==================== . 2011-08-15 07:08:01 404640 ----a-w- h:\windows\system32\FlashPlayerCPLApp.cpl 2011-07-15 13:29:31 456320 ----a-w- h:\windows\system32\drivers\mrxsmb.sys 2011-07-08 14:02:00 10496 ----a-w- h:\windows\system32\drivers\ndistapi.sys 2011-06-24 14:10:36 139656 ----a-w- h:\windows\system32\drivers\rdpwd.sys 2011-06-23 18:36:30 916480 ----a-w- h:\windows\system32\wininet.dll 2011-06-23 18:36:30 43520 ----a-w- h:\windows\system32\licmgr10.dll 2011-06-23 18:36:30 1469440 ------w- h:\windows\system32\inetcpl.cpl 2011-06-23 12:05:13 385024 ----a-w- h:\windows\system32\html.iec 2011-06-22 10:43:49 1126851 ----a-w- h:\windows\wallhalla_saver_f.scr 2011-06-20 17:44:52 293376 ----a-w- h:\windows\system32\winsrv.dll 2011-06-02 14:02:05 1858944 ----a-w- h:\windows\system32\win32k.sys 2011-01-21 00:41:49 19985265 ----a-w- h:\program files\vlc-1.1.5-win32.exe 2005-07-30 07:10:00 556704 ----a-w- h:\program files\GoogleToolbarInstaller.exe 2005-07-26 03:16:40 6285024 ----a-w- h:\program files\emssetup122.exe 2005-07-26 01:49:30 20798256 ----a-w- h:\program files\AdbeRdr70_enu_full.exe 2005-07-26 01:45:56 6811904 ----a-w- h:\program files\psa2011se_us.exe . ============= FINISH: 0:53:08.70 ===============
  4. ausworkshop
    I managed to get it working (not sure how) and have been running the trial version of MB. Its been picking up threats and outgoing IP's over the past few weeks. My computer is still running slow and I have posted a new post with all the required log files attached. I'm hoping to get a reply soon, it seems my first post has had many views but no reply. It is a home machine, I am a one man business and I run my business from home. I have another computer out in the workshop and its running fine at the moment, its a very old machine and it runs faster than this one and this one cost 4 times as much so I'm hoping to get it secure and up to speed again. Please read my 2 newer posts if you can help me. It would be a great help if you could. I've spent hours trying to fix this thing and don't really want to have to start all over again with corporate support unless I have to, what do you mean by reference #? Thanks for your time.
  5. ausworkshop
    Please help me clean my PC, its been running slow for a while now, I've run Malwarebytes a few times and although its not always picking up threats I am still getting the baloon that says its blocking outgoing IP's. I've read the instructions on what to do here http://forums.malwarebytes.org/index.php?showtopic=69723 I've attached the log files from MB quick scan and a previous full scan as well as the DDS GMER thingies. Please let me know if I'm infected & if there's anything else you will need? Thankyou for your time its much appreciated. . DDS (Ver_2011-06-23.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26 Run by Andrew at 22:56:12 on 2011-08-17 Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1023.214 [GMT 10:00] . AV: AVG Internet Security *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ============== Running Processes =============== . H:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe H:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe H:\Program Files\AVG\AVG9\avgchsvx.exe H:\Program Files\AVG\AVG9\avgrsx.exe svchost.exe H:\Program Files\AVG\AVG9\avgcsrvx.exe H:\WINDOWS\system32\spoolsv.exe H:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe H:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe H:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe svchost.exe H:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe H:\Program Files\AVG\AVG9\avgwdsvc.exe H:\Program Files\Bonjour\mDNSResponder.exe H:\Program Files\Canon\IJPLM\IJPLMSVC.EXE H:\Program Files\Java\jre6\bin\jqs.exe H:\Program Files\AVG\AVG9\avgam.exe H:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe H:\Program Files\AVG\AVG9\avgnsx.exe H:\Program Files\CDBurnerXP\NMSAccessU.exe H:\WINDOWS\system32\nvsvc32.exe h:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe H:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe H:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe H:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe H:\WINDOWS\system32\svchost.exe -k imgsvc H:\PROGRA~1\SPEEDB~2\VideoAcceleratorService.exe H:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe H:\Program Files\Canon\CAL\CALMAIN.exe H:\WINDOWS\Explorer.EXE H:\Program Files\AVG\AVG9\avgcsrvx.exe H:\PROGRA~1\AVG\AVG9\avgtray.exe H:\WINDOWS\System32\svchost.exe -k HTTPFilter H:\Program Files\Common Files\Real\Update_OB\realsched.exe H:\Program Files\Common Files\InstallShield\UpdateService\issch.exe H:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe H:\Program Files\Common Files\Java\Java Update\jusched.exe H:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe H:\WINDOWS\system32\ctfmon.exe H:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe H:\Program Files\Microsoft ActiveSync\wcescomm.exe H:\PROGRA~1\MICROS~2\rapimgr.exe H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe H:\Program Files\Spybot - Search & Destroy\TeaTimer.exe H:\Program Files\LG Soft India\forteManager\bin\Monitor.exe H:\Program Files\PowerMenu\PowerMenu.exe H:\Program Files\Mozilla Firefox\firefox.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s mSearchAssistant = hxxp://www.google.com/ie uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - h:\program files\utorrentbar\tbuTo1.dll mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - h:\program files\avg\avg9\toolbar\IEToolbar.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - h:\program files\yahoo!\companion\installs\cpn3\yt.dll BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - h:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - h:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: SBCONVERT Class: {3017fb3e-9a77-4396-88c5-0ec9548fb42f} - h:\program files\speedbit video downloader\toolbar\tbcore3.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - h:\program files\real\realplayer\rpbrowserrecordplugin.dll BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - h:\program files\conduitengine\ConduitEngin0.dll BHO: SBCONVERT Class: {31b27f2d-6bc6-451b-b3d2-4eab36b2fc3b} - h:\program files\speedbit video downloader\toolbar\tbcore3.dll BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - h:\program files\canon\easy-webprint ex\ewpexbho.dll BHO: SearchPredictObj Class: {389943b0-c3a2-4e69-82cb-8596a84cb3dc} - h:\progra~1\search~1\SEARCH~1.DLL BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - h:\program files\avg\avg9\avgssie.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - h:\progra~1\spybot~1\SDHelper.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - h:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - h:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - h:\program files\avg\avg9\toolbar\IEToolbar.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - h:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - h:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - h:\program files\utorrentbar\tbuTo1.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - h:\program files\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - h:\program files\windows live\toolbar\wltcore.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - h:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - h:\program files\yahoo!\companion\installs\cpn3\YTSingleInstance.dll BHO: DAPIELoader Class: {ff6c3cf0-4b15-11d1-abed-709549c10000} - h:\progra~1\dap\DAPIEL~1.DLL BHO: GrabberObj Class: {ff7c3cf0-4b15-11d1-abed-709549c10000} - h:\progra~1\speedb~1\toolbar\grabber.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - h:\program files\yahoo!\companion\installs\cpn3\yt.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - h:\program files\windows live\toolbar\wltcore.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - h:\program files\avg\avg9\toolbar\IEToolbar.dll TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - h:\program files\canon\easy-webprint ex\ewpexhlp.dll TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - h:\program files\utorrentbar\tbuTo1.dll TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - h:\program files\conduitengine\ConduitEngin0.dll TB: SpeedBit Video Downloader: {0329e7d6-6f54-462d-93f6-f5c3118badf2} - h:\program files\speedbit video downloader\toolbar\tbcore3.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - h:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No File TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - h:\program files\canon\easy-webprint ex\ewpexhlp.dll EB: {B0DE3308-5D5A-470D-81B9-634FC078393B} - No File uRun: [CTFMON.EXE] h:\windows\system32\ctfmon.exe uRun: [H/PC Connection Agent] "h:\program files\microsoft activesync\wcescomm.exe" uRun: [swg] "h:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [Google Update] "h:\documents and settings\andrew\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [spybotSD TeaTimer] h:\program files\spybot - search & destroy\TeaTimer.exe mRun: [nwiz] nwiz.exe /install mRun: [AVG9_TRAY] h:\progra~1\avg\avg9\avgtray.exe mRun: [CanonMyPrinter] h:\program files\canon\myprinter\BJMyPrt.exe /logon mRun: [CanonSolutionMenu] h:\program files\canon\solutionmenu\CNSLMAIN.exe /logon mRun: [TkBellExe] "h:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [iSUSPM Startup] h:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup mRun: [iSUSScheduler] "h:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [QuickTime Task] "h:\program files\quicktime\qttask.exe" -atboottime mRun: [Adobe ARM] "h:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [Google Desktop Search] "h:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [sunJavaUpdateSched] "h:\program files\common files\java\java update\jusched.exe" mRun: [Malwarebytes' Anti-Malware] "h:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [NvCplDaemon] RUNDLL32.EXE h:\windows\system32\NvCpl.dll,NvStartup dRun: [CTFMON.EXE] h:\windows\system32\CTFMON.EXE StartupFolder: h:\docume~1\andrew\startm~1\programs\startup\powerm~1.lnk - h:\program files\powermenu\PowerMenu.exe StartupFolder: h:\docume~1\alluse~1\startm~1\programs\startup\fortem~1.lnk - h:\program files\lg soft india\fortemanager\bin\Monitor.exe IE: &Clean Traces - h:\program files\dap\privacy package\dapcleanerie.htm IE: &Download with &DAP - h:\program files\dap\dapextie.htm IE: Add to Google Photos Screensa&ver - h:\windows\system32\GPhotos.scr/200 IE: Download &all with DAP - h:\program files\dap\dapextie2.htm IE: Google Sidewiki... - h:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - h:\program files\paltalk messenger\Paltalk.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - h:\program files\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - h:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - h:\progra~1\micros~2\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - h:\progra~1\micros~2\INetRepl.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - h:\progra~1\mi1933~1\office11\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - h:\progra~1\spybot~1\SDHelper.dll LSP: h:\program files\speedbit video accelerator\lsp3.2.2.4\SBLSP.dll DPF: DirectAnimation Java Classes - file://h:\windows\system\dajava.cab DPF: Internet Explorer Classes for Java - file://h:\windows\system\iejava.cab DPF: Microsoft XML Parser for Java - file://h:\windows\java\classes\xmldso.cab DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - h:\program files\yahoo!\common\Yinsthelper200711281.dll DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc2.cab DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - hxxps://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://by108fd.bay108.hotmail.msn.com/resources/MsnPUpld.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1230361826875 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38096.7684259259 DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - hxxp://messenger.msn.com/download/MsnMessengerSetupDownloader.cab DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} - hxxp://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?326 DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - hxxp://fdl.msn.com/public/chat/msnchat45.cab TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{577A338A-A6AF-475F-AAAB-69028292F41D} : DhcpNameServer = 192.168.0.1 Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - h:\program files\avg\avg9\toolbar\IEToolbar.dll Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - h:\program files\belarc\advisor\system\BAVoilaX.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - h:\program files\avg\avg9\avgpp.dll Notify: avgrsstarter - avgrsstx.dll Notify: PFW - UmxWnp.Dll AppInit_DLLs: h:\progra~1\google\go333c~1\GOEC62~1.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - h:\windows\system32\WPDShServiceObj.dll mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "h:\progra~1\outloo~1\setup50.exe" /APP:OE /CALLER:WIN9X /user /install mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "h:\progra~1\outloo~1\setup50.exe" /app:oe /caller:win9x /user /install - "h:\progra~1\outloo~1\setup50.exe" /APP:OE /CALLER:IE50 /user /install mASetup: {44BBA851-CC51-11CF-AAFA-00AA00B6015C} - rundll32.exeadvpack.dll mASetup: {7790769C-0471-11d2-AF11-00C04FA35D02} - "h:\progra~1\outloo~1\setup50.exe" /APP:WAB /CALLER:WIN9X /user /install mASetup: {7790769C-0471-11d2-AF11-00C04FA35D02} - "h:\progra~1\outloo~1\setup50.exe" /app:wab /caller:win9x /user /install - "h:\progra~1\outloo~1\setup50.exe" /APP:WAB /CALLER:IE50 /user /install mASetup: {9EF0045A-CDD9-438e-95E6-02B9AFEC8E11} - h:\windows\system32\updcrl.exe -e -u h:\windows\system\verisignpub1.crl mASetup: >IEPerUser - RUNDLL32.EXE IEDKCS32.DLL,BrandIE4 SIGNUP Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - h:\documents and settings\andrew\application data\mozilla\firefox\profiles\zsuktr8w.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.search.selectedEngine - Yahoo! Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/ FF - prefs.js: keyword.URL - hxxp://au.yhs.search.yahoo.com/avg/search?fr=yhs-avgb&type=yahoo_avg_hs2-tb-web_au&p= FF - component: h:\documents and settings\andrew\application data\mozilla\firefox\profiles\zsuktr8w.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll FF - component: h:\documents and settings\andrew\application data\mozilla\firefox\profiles\zsuktr8w.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll FF - component: h:\program files\dap\dapfirefox\components\DAPFireFox.dll FF - component: h:\program files\speedbit video downloader\spfirefox\components\Engine.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32.dll FF - plugin: h:\documents and settings\andrew\local settings\application data\google\update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: h:\progra~1\yahoo!\common\npyaxmpb.dll FF - plugin: h:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: h:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL FF - plugin: h:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: h:\program files\google\picasa3\npPicasa3.dll FF - plugin: h:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: h:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: h:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: h:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll FF - plugin: h:\program files\microsoft\office live\npOLW.dll FF - plugin: h:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: h:\program files\windows live\photo gallery\NPWLPG.dll . ============= SERVICES / DRIVERS =============== . R0 AvgRkx86;avgrkx86.sys;h:\windows\system32\drivers\avgrkx86.sys [2010-2-2 52872] R0 KmxStart;KmxStart;h:\windows\system32\drivers\KmxStart.sys [2009-6-8 107000] R1 AvgLdx86;AVG AVI Loader Driver x86;h:\windows\system32\drivers\avgldx86.sys [2010-2-2 216400] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;h:\windows\system32\drivers\avgmfx86.sys [2010-2-2 29584] R1 AvgTdiX;AVG Network Redirector;h:\windows\system32\drivers\avgtdix.sys [2010-2-2 243152] R1 KmxAgent;KmxAgent;h:\windows\system32\drivers\KmxAgent.sys [2009-9-30 72184] R2 avg9wd;AVG WatchDog;h:\program files\avg\avg9\avgwdsvc.exe [2010-6-24 308136] R2 MBAMService;MBAMService;h:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-8-5 366640] R2 SentinelKeysServer;Sentinel Keys Server;h:\program files\common files\safenet sentinel\sentinel keys server\sntlkeyssrvr.exe [2007-4-27 316992] R2 UmxAgent;HIPS Event Manager;h:\program files\ca\sharedcomponents\hipsengine\UmxAgent.exe [2009-8-4 1141240] R2 UmxCfg;HIPS Configuration Interpreter;h:\program files\ca\sharedcomponents\hipsengine\UmxCfg.exe [2009-7-13 801272] R2 UmxPol;HIPS Policy Manager;h:\program files\ca\sharedcomponents\hipsengine\UmxPol.exe [2009-7-27 289272] R2 VideoAcceleratorService;VideoAcceleratorService;h:\progra~1\speedb~2\videoacceleratorservice.exe -start -scm --> h:\progra~1\speedb~2\VideoAcceleratorService.exe -start -scm [?] R3 KmxCfg;KmxCfg;h:\windows\system32\drivers\KmxCfg.sys [2009-9-30 203768] R3 LGDDCDevice;LGDDCDevice;h:\program files\lg soft india\fortemanager\bin\I2CDriver.sys [2010-9-18 14336] R3 Mach3;Mach3 Pulseing Service;h:\windows\system32\drivers\Mach3.sys [2010-3-29 103040] R3 MBAMProtector;MBAMProtector;h:\windows\system32\drivers\mbam.sys [2011-8-5 22712] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;h:\windows\system32\drivers\viahduaa.sys [2008-12-27 222976] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;h:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);h:\program files\google\update\GoogleUpdate.exe [2010-2-15 135664] S3 aawservice;Lavasoft Ad-Aware Service;h:\program files\lavasoft\ad-aware\aawservice.exe [2008-9-11 611664] S3 AVG Security Toolbar Service;AVG Security Toolbar Service;h:\program files\avg\avg9\toolbar\ToolbarBroker.exe [2010-10-27 1025352] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;h:\program files\google\google desktop search\GoogleDesktop.exe [2011-7-3 30192] S3 gupdatem;Google Update Service (gupdatem);h:\program files\google\update\GoogleUpdate.exe [2010-2-15 135664] S3 LGII2CDevice;LGII2CDevice;h:\program files\lg soft india\fortemanager\bin\PII2CDriver.sys [2010-9-18 18432] S3 McComponentHostService;McAfee Security Scan Component Host Service;h:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;h:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2011-08-10 01:06:39 139656 -c----w- h:\windows\system32\dllcache\rdpwd.sys 2011-08-10 01:05:00 10496 -c----w- h:\windows\system32\dllcache\ndistapi.sys 2011-08-05 04:23:50 41272 ----a-w- h:\windows\system32\drivers\mbamswissarmy.sys 2011-08-05 04:23:47 22712 ----a-w- h:\windows\system32\drivers\mbam.sys 2011-08-05 04:23:47 -------- d-----w- h:\program files\Malwarebytes' Anti-Malware . ==================== Find3M ==================== . 2011-08-15 07:08:01 404640 ----a-w- h:\windows\system32\FlashPlayerCPLApp.cpl 2011-07-15 13:29:31 456320 ----a-w- h:\windows\system32\drivers\mrxsmb.sys 2011-07-08 14:02:00 10496 ----a-w- h:\windows\system32\drivers\ndistapi.sys 2011-06-24 14:10:36 139656 ----a-w- h:\windows\system32\drivers\rdpwd.sys 2011-06-23 18:36:30 916480 ----a-w- h:\windows\system32\wininet.dll 2011-06-23 18:36:30 43520 ----a-w- h:\windows\system32\licmgr10.dll 2011-06-23 18:36:30 1469440 ------w- h:\windows\system32\inetcpl.cpl 2011-06-23 12:05:13 385024 ----a-w- h:\windows\system32\html.iec 2011-06-22 10:43:49 1126851 ----a-w- h:\windows\wallhalla_saver_f.scr 2011-06-20 17:44:52 293376 ----a-w- h:\windows\system32\winsrv.dll 2011-06-02 14:02:05 1858944 ----a-w- h:\windows\system32\win32k.sys 2011-01-21 00:41:49 19985265 ----a-w- h:\program files\vlc-1.1.5-win32.exe 2005-07-30 07:10:00 556704 ----a-w- h:\program files\GoogleToolbarInstaller.exe 2005-07-26 03:16:40 6285024 ----a-w- h:\program files\emssetup122.exe 2005-07-26 01:49:30 20798256 ----a-w- h:\program files\AdbeRdr70_enu_full.exe 2005-07-26 01:45:56 6811904 ----a-w- h:\program files\psa2011se_us.exe . ============= FINISH: 22:57:15.17 =============== attach.zip mbam-log-2011-05-18 (11-18-48).txt mbam-log-2011-05-18 (13-55-48).txt
  6. ausworkshop
    Hello, I can't run malwarebytes. I've spent hours trying to fix (almost a whole day) tried all the things in the FAQ section including re installing and renaming the setup and .exe file. I've tried setting up a new user and doing a run as. I've run my AVG anti virus and it picked nothing up. I've run windows malicious software removal scan thingy and it picked nothing up. I really want to run Malwarebytes to find out why my computer is so slow but can't run it at all even after trying all the most common fixes. If anyone can help me fix it so it runs I would be very grateful, I need to get back to running my business, I've spent hours trying to run it. Thanks Andrew
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.