Jump to content

sharpie

Members
  • Posts

    2
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I have tried every suggestion, have ran the Malware Bytes Removal Tool. Added Avira Anti-Virus, completed boot up scans and full system scans and it is not picking up the virus. I've attached waht was requested from forum 9573. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26 Run by Compaq_Owner at 17:11:44 on 2011-09-22 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.101 [GMT -4:00] . AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe C:\WINDOWS\Explorer.EXE svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe svchost.exe C:\Program Files\LSI SoftModem\agrsmsvc.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\WINDOWS\system32\wscntfy.exe C:\windows\system\hpsysdrv.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Upromise\dca-ua.exe C:\Program Files\Upromise\UpromiseTray.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\NETGEAR\WG111v3\WG111v3.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Upromise\UpromiseGlobalCache.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZSzed001KXUS_ZS&fl=0&ptb=bALCu9lFwrXALeCQNZzhNA&url=http://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms} uInternet Settings,ProxyServer = 192.168.1.100:80 uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s mSearchAssistant = hxxp://www.google.com/ie BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: DCA BHO: {b49699fc-1665-4414-a1cb-c4a2a4a13eec} - c:\program files\upromise\dca-bho.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: Upromise TurboSaver: {edc0f17f-f4b7-47e4-b73e-887faeb376fa} - c:\program files\upromise\upromisetoolbar.dll TB: Upromise TurboSaver: {06e58e5e-f8cb-4049-991e-a41c03bd419e} - c:\program files\upromise\upromisetoolbar.dll TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File TB: &Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - TB: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [MSKAGENTEXE] c:\progra~1\mcafee\spamki~1\MSKAgent.exe uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [upromise Update] c:\program files\upromise\dca-ua.exe uRun: [upromise Tray] c:\program files\upromise\UpromiseTray.exe uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe mRun: [updateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [VTTimer] VTTimer.exe mRun: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent mRun: [AGRSMMSG] AGRSMMSG.exe mRun: [AlcxMonitor] ALCXMNTR.EXE mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup mRun: [PS2] c:\windows\system32\ps2.exe mRun: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe mRun: [iPHSend] c:\program files\common files\aol\iphsend\IPHSend.exe mRun: [userFaultCheck] %systemroot%\system32\dumprep 0 -u mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min StartupFolder: c:\documents and settings\compaq_owner\start menu\programs\startup\PowerReg Scheduler V3.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\compaq~1.lnk - c:\program files\compaq connections\6750491\program\Compaq Connections.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg111v3\WG111v3.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\nkbmon~1.lnk - c:\program files\nikon\pictureproject\NkbMonitor.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ymetray.lnk - c:\program files\yahoo!\yahoo! music jukebox\ymetray.exe IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {06E58E5E-F8CB-4049-991E-A41C03BD419E} - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - c:\program files\upromise\upromisetoolbar.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: {16F67783-7E72-4C39-99C4-4780A8335484} - hxxp://www.syncmyride.com/Own/Modules/UpdateCenter/applets/sync.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {A084A130-28AE-4B32-B51A-1C8CE164BC88} - hxxp://www.convergysworkathome.com/AppHardT.CAB DPF: {A8683C98-5341-421B-B23C-8514C05354F1} - hxxp://www.corddigitalhighway.com/upload/FujifilmUploadClient.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} - hxxp://www.cvsphoto.com/upload/activex/v3_0_0_2/PhotoCenter_ActiveX_Control.cab DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} - hxxp://cvs.pnimedia.com/upload/activex/v2_0_0_10/PCAXSetupv2.0.0.10.cab? TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 209.18.47.61 209.18.47.62 TCP: Interfaces\{65B4B3E6-BB27-4254-98A1-235DCD72204A} : DhcpNameServer = 209.18.47.61 209.18.47.62 209.18.47.61 209.18.47.62 Notify: igfxcui - igfxsrvc.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\compaq_owner\application data\mozilla\firefox\profiles\semkmwh3.default\ FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us&tb_uuid=100000000000000002&tb_oid=17-05-2010&tb_mrud=17-05-2010 FF - prefs.js: browser.startup.homepage - www.google.com FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&tb_uuid=100000000000000002&tb_oid=17-05-2010&tb_mrud=17-05-2010&query= FF - plugin: c:\documents and settings\compaq_owner\application data\facebook\npfbplugin_1_0_3.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\browser\nppdf32(2).dll FF - plugin: c:\program files\common files\oberon media\ncadapter\1.0.0.7\npapicomadapter.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false ============= SERVICES / DRIVERS =============== . R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2011-9-19 11608] R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2006-5-15 213768] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-9-19 136360] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-9-19 269480] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-9-19 66616] R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2007-10-9 38144] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-19 366152] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-9-19 22216] S2 gupdate1c9a74829064832;Google Update Service (gupdate1c9a74829064832);c:\program files\google\update\GoogleUpdate.exe [2009-3-17 133104] S2 mrtRate;mrtRate; [x] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-3-17 133104] S3 MfeAVFK;McAfee Inc. MfeAVFK;c:\windows\system32\drivers\MfeAVFK.sys [2006-5-15 79880] S3 MfeBOPK;McAfee Inc. MfeBOPK;c:\windows\system32\drivers\MfeBOPK.sys [2006-5-15 35272] S3 MfeRKDK;McAfee Inc. MfeRKDK;c:\windows\system32\drivers\MfeRKDK.sys [2008-2-8 34216] S3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [2009-7-31 341504] . =============== Created Last 30 ================ . 2011-09-20 00:48:52 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-09-20 00:48:49 -------- d-----w- c:\program files\Avira 2011-09-20 00:48:49 -------- d-----w- c:\documents and settings\all users\application data\Avira 2011-09-19 21:17:17 -------- d-----w- c:\documents and settings\compaq_owner\application data\Malwarebytes 2011-09-19 21:17:08 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2011-09-19 21:17:04 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-09-19 21:17:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-09-19 01:58:22 14820296 ----a-w- C:\windows-kb890830-x64-v4.0.exe 2011-09-17 21:46:09 -------- d-----w- C:\Qui101.tmp 2011-09-17 21:39:26 -------- d-----w- c:\program files\common files\AnswerWorks 5.0 2011-09-17 21:37:29 -------- d-----w- c:\documents and settings\compaq_owner\application data\Intuit 2011-09-17 21:36:25 -------- d-----w- c:\documents and settings\all users\application data\Intuit 2011-09-17 14:37:19 -------- d-----w- c:\windows\system32\wbem\repository\FS 2011-09-17 14:37:19 -------- d-----w- c:\windows\system32\wbem\Repository 2011-09-05 17:04:56 183696 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll 2011-09-05 17:04:56 183696 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll 2011-08-24 02:38:37 -------- d-----w- c:\program files\Spybot - Search & Destroy . ==================== Find3M ==================== . 2011-08-27 16:40:21 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl . ============= FINISH: 17:13:28.78 =============== attach.zipark.zip
  2. protection-log-2011-09-19.txtprotection-log-2011-09-22.txtI am posting my logs and files as requested. Please help. I have tried every step and this bugger evades them all, yet I still cannot update my Windows or turn on automatic updates. Here you go: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26 Run by Compaq_Owner at 17:11:44 on 2011-09-22 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.101 [GMT -4:00] . AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe C:\WINDOWS\Explorer.EXE svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe svchost.exe C:\Program Files\LSI SoftModem\agrsmsvc.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\WINDOWS\system32\wscntfy.exe C:\windows\system\hpsysdrv.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Upromise\dca-ua.exe C:\Program Files\Upromise\UpromiseTray.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\NETGEAR\WG111v3\WG111v3.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Upromise\UpromiseGlobalCache.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZSzed001KXUS_ZS&fl=0&ptb=bALCu9lFwrXALeCQNZzhNA&url=http://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms} uInternet Settings,ProxyServer = 192.168.1.100:80 uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s mSearchAssistant = hxxp://www.google.com/ie BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: DCA BHO: {b49699fc-1665-4414-a1cb-c4a2a4a13eec} - c:\program files\upromise\dca-bho.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: Upromise TurboSaver: {edc0f17f-f4b7-47e4-b73e-887faeb376fa} - c:\program files\upromise\upromisetoolbar.dll TB: Upromise TurboSaver: {06e58e5e-f8cb-4049-991e-a41c03bd419e} - c:\program files\upromise\upromisetoolbar.dll TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File TB: &Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - TB: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [MSKAGENTEXE] c:\progra~1\mcafee\spamki~1\MSKAgent.exe uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [upromise Update] c:\program files\upromise\dca-ua.exe uRun: [upromise Tray] c:\program files\upromise\UpromiseTray.exe uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe mRun: [updateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [VTTimer] VTTimer.exe mRun: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent mRun: [AGRSMMSG] AGRSMMSG.exe mRun: [AlcxMonitor] ALCXMNTR.EXE mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup mRun: [PS2] c:\windows\system32\ps2.exe mRun: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe mRun: [iPHSend] c:\program files\common files\aol\iphsend\IPHSend.exe mRun: [userFaultCheck] %systemroot%\system32\dumprep 0 -u mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min StartupFolder: c:\documents and settings\compaq_owner\start menu\programs\startup\PowerReg Scheduler V3.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\compaq~1.lnk - c:\program files\compaq connections\6750491\program\Compaq Connections.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg111v3\WG111v3.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\nkbmon~1.lnk - c:\program files\nikon\pictureproject\NkbMonitor.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ymetray.lnk - c:\program files\yahoo!\yahoo! music jukebox\ymetray.exe IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {06E58E5E-F8CB-4049-991E-A41C03BD419E} - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - c:\program files\upromise\upromisetoolbar.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: {16F67783-7E72-4C39-99C4-4780A8335484} - hxxp://www.syncmyride.com/Own/Modules/UpdateCenter/applets/sync.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {A084A130-28AE-4B32-B51A-1C8CE164BC88} - hxxp://www.convergysworkathome.com/AppHardT.CAB DPF: {A8683C98-5341-421B-B23C-8514C05354F1} - hxxp://www.corddigitalhighway.com/upload/FujifilmUploadClient.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F} - hxxp://www.cvsphoto.com/upload/activex/v3_0_0_2/PhotoCenter_ActiveX_Control.cab DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} - hxxp://cvs.pnimedia.com/upload/activex/v2_0_0_10/PCAXSetupv2.0.0.10.cab? TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 209.18.47.61 209.18.47.62 TCP: Interfaces\{65B4B3E6-BB27-4254-98A1-235DCD72204A} : DhcpNameServer = 209.18.47.61 209.18.47.62 209.18.47.61 209.18.47.62 Notify: igfxcui - igfxsrvc.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\compaq_owner\application data\mozilla\firefox\profiles\semkmwh3.default\ FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us&tb_uuid=100000000000000002&tb_oid=17-05-2010&tb_mrud=17-05-2010 FF - prefs.js: browser.startup.homepage - www.google.com FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&tb_uuid=100000000000000002&tb_oid=17-05-2010&tb_mrud=17-05-2010&query= FF - plugin: c:\documents and settings\compaq_owner\application data\facebook\npfbplugin_1_0_3.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\browser\nppdf32(2).dll FF - plugin: c:\program files\common files\oberon media\ncadapter\1.0.0.7\npapicomadapter.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false ============= SERVICES / DRIVERS =============== . R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2011-9-19 11608] R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2006-5-15 213768] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-9-19 136360] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-9-19 269480] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-9-19 66616] R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2007-10-9 38144] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-19 366152] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-9-19 22216] S2 gupdate1c9a74829064832;Google Update Service (gupdate1c9a74829064832);c:\program files\google\update\GoogleUpdate.exe [2009-3-17 133104] S2 mrtRate;mrtRate; [x] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-3-17 133104] S3 MfeAVFK;McAfee Inc. MfeAVFK;c:\windows\system32\drivers\MfeAVFK.sys [2006-5-15 79880] S3 MfeBOPK;McAfee Inc. MfeBOPK;c:\windows\system32\drivers\MfeBOPK.sys [2006-5-15 35272] S3 MfeRKDK;McAfee Inc. MfeRKDK;c:\windows\system32\drivers\MfeRKDK.sys [2008-2-8 34216] S3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [2009-7-31 341504] . =============== Created Last 30 ================ . 2011-09-20 00:48:52 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-09-20 00:48:49 -------- d-----w- c:\program files\Avira 2011-09-20 00:48:49 -------- d-----w- c:\documents and settings\all users\application data\Avira 2011-09-19 21:17:17 -------- d-----w- c:\documents and settings\compaq_owner\application data\Malwarebytes 2011-09-19 21:17:08 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2011-09-19 21:17:04 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-09-19 21:17:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-09-19 01:58:22 14820296 ----a-w- C:\windows-kb890830-x64-v4.0.exe 2011-09-17 21:46:09 -------- d-----w- C:\Qui101.tmp 2011-09-17 21:39:26 -------- d-----w- c:\program files\common files\AnswerWorks 5.0 2011-09-17 21:37:29 -------- d-----w- c:\documents and settings\compaq_owner\application data\Intuit 2011-09-17 21:36:25 -------- d-----w- c:\documents and settings\all users\application data\Intuit 2011-09-17 14:37:19 -------- d-----w- c:\windows\system32\wbem\repository\FS 2011-09-17 14:37:19 -------- d-----w- c:\windows\system32\wbem\Repository 2011-09-05 17:04:56 183696 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll 2011-09-05 17:04:56 183696 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll 2011-08-24 02:38:37 -------- d-----w- c:\program files\Spybot - Search & Destroy . ==================== Find3M ==================== . 2011-08-27 16:40:21 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl . ============= FINISH: 17:13:28.78 =============== attach.zipark.zipmbam-log-2011-09-19 (17-25-07).txtmbam-log-2011-09-19 (19-49-05).txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.