Jump to content

Here is my log


Recommended Posts

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:20:00 AM, on 8/9/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16876)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\TightVNC\WinVNC.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://*.mcafee.com

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) -

O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://www.jetsetpoker.com/setup.exe

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: qbpos - {662E7FAE-5C17-491C-AD9D-98C1F66CC6A0} - C:\WINDOWS\system32\QBPOSProtocol.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

O23 - Service: VNC Server (winvnc) - TightVNC Group - C:\Program Files\TightVNC\WinVNC.exe

--

End of file - 7347 bytes

Thanks for your help.

Link to post
Share on other sites

Welcome to Malwarebytes!!!! :(

Please explain your problems in detail. Thanks

My Firefox browser freezes constantly and the explorer won't even open. My Skype freezes as well and is inoperable. I installed Malwarebytes and it found three objects infected and when I delete them they of course show up again on the next scan. Also I had MacAfee but it won't let me update it. I uninstalled it and I cannot reinstall. When I download programs they freeze when they are trying to install and I have to restart and then they seem to be installed. The Malwarebytes will freeze after the scan and won't let me delete the infected items until I restart. I hope you understand my problem. I will try to answer any other questions you have. Thanks for the help it is greatly appreciated.

Link to post
Share on other sites

The scan froze again when I tried to delete the infection. Here is the log of that file.

Malwarebytes' Anti-Malware 1.40

Database version: 2551

Windows 5.1.2600 Service Pack 3

8/9/2009 10:27:44 PM

mbam-log-2009-08-09 (22-27-41).txt

Scan type: Quick Scan

Objects scanned: 96634

Time elapsed: 7 minute(s), 12 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 0

Registry Data Items Infected: 2

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\xpre (Trojan.Downloader) -> No action taken.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Hope this helps solve my problem. Thanks.

Link to post
Share on other sites

We need to see some additional information about what is happening in your machine.

Please perform the following scan:

  • Download DDS by sUBs from one of the following links. Save it to your desktop.

    [*]Double click on the DDS icon, allow it to run.

    [*]A small box will open, with an explanation about the tool.

    [*]When done, DDS will open two (2) logs

    1. DDS.txt

    2. Attach.txt

    [*] Save both reports to your desktop.

    [*] The instructions here ask you to attach the Attach.txt.

    DDS.jpg

    [*]Instead of attaching, please copy/past both logs into your next reply.

    [*]Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.

After downloading the tool, disconnect from the internet and disable all antivirus protection.

Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

Link to post
Share on other sites

DDS (Ver_09-07-30.01) - NTFSx86

Run by Tim Kutach at 21:53:43.64 on Tue 08/11/2009

Internet Explorer: 7.0.5730.13

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1482 [GMT -5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

{17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\TightVNC\WinVNC.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Documents and Settings\Tim Kutach\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com

uDefault_Page_URL = hxxp://www.dell4me.com/mywaybiz

uStart Page = hxxp://www.tvknob.com/

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchMigratedDefaultURL =

hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&

oe=utf8

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = 127.0.0.1;*.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} -

c:\program files\avg\avg8\toolbar\IEToolbar.dll

uURLSearchHooks: H - No File

uURLSearchHooks: H - No File

BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program

files\yahoo!\companion\installs\cpn\yt.dll

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program

files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program

files\adobe\acrobat 7.0\activex\AcroIEHelper.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer:

{3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program

files\real\realplayer\rpbrowserrecordplugin.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program

files\avg\avg8\avgssie.dll

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} -

c:\windows\system32\dla\tfswshx.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program

files\avg\avg8\toolbar\IEToolbar.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program

files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program

files\yahoo!\companion\installs\cpn\yt.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program

files\avg\avg8\toolbar\IEToolbar.dll

EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [intelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe

mRun: [igfxtray] c:\windows\system32\igfxtray.exe

mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe

mRun: [WinVNC] "c:\program files\tightvnc\WinVNC.exe" -servicehelper

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe

mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program

files\hp\digital imaging\bin\hpqtra08.exe

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program

files\pokerstars\PokerStarsUpdate.exe

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

c:\windows\system32\msjava.dll

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} -

c:\windows\system32\Shdocvw.dll

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} -

c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

Trusted Zone: internet

Trusted Zone: mcafee.com

DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}

DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - hxxp://www.jetsetpoker.com/setup.exe

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program

files\avg\avg8\avgpp.dll

Handler: qbpos - {662E7FAE-5C17-491C-AD9D-98C1F66CC6A0} -

c:\windows\system32\QBPOSProtocol.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -

c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: avgrsstarter - avgrsstx.dll

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} -

c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath -

c:\docume~1\timkut~1\applic~1\mozilla\firefox\profiles\pg8qfabg.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.erobertparker.com/

FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll

FF - component: c:\program

files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll

FF - component: c:\program

files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: c:\program

files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: c:\program

files\avg\avg8\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJava11.dll

FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJava12.dll

FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJava13.dll

FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJava14.dll

FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJava32.dll

FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPJPI142_03.dll

FF - plugin: c:\program files\java\j2re1.4.2_03\bin\NPOJI610.dll

FF - plugin: c:\program files\mozilla firefox\plugins\NPAbacheck.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npRLCT4Player.dll

FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll

FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys

[2009-8-8 335240]

R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver

x86;c:\windows\system32\drivers\avgmfx86.sys [2009-8-8 27784]

R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-8-8

108552]

R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-5-13 214024]

R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-8-8 297752]

S2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS

Provider;c:\windows\system32\dllhost.exe [2004-8-10 5120]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-8-9

38160]

S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2007-10-17 79880]

S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2007-10-17 35272]

S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2007-10-17 34248]

S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2007-10-17 40552]

=============== Created Last 30 ================

2009-08-09 11:19 <DIR> --d----- c:\program files\Trend Micro

2009-08-09 03:07 <DIR> --d----- c:\docume~1\timkut~1\applic~1\Malwarebytes

2009-08-09 03:07 38,160 a-------

c:\windows\system32\drivers\mbamswissarmy.sys

2009-08-09 03:07 19,096 a------- c:\windows\system32\drivers\mbam.sys

2009-08-09 03:07 <DIR> --d----- c:\program files\Malwarebytes'

Anti-Malware

2009-08-09 03:07 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes

2009-08-08 21:54 108,552 a------- c:\windows\system32\drivers\avgtdix.sys

2009-08-08 21:54 11,952 a------- c:\windows\system32\avgrsstx.dll

2009-08-08 21:54 335,240 a------- c:\windows\system32\drivers\avgldx86.sys

2009-08-08 21:54 <DIR> --d----- c:\windows\system32\drivers\Avg

2009-08-08 21:53 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AVG Security

Toolbar

2009-08-08 21:53 <DIR> --d----- c:\program files\AVG

2009-08-08 21:42 <DIR> --d----- c:\docume~1\timkut~1\applic~1\AVG8

2009-08-08 01:12 <DIR> --d----- c:\program files\Full Tilt Poker

2009-08-08 01:00 <DIR> --d----- c:\program files\UltimateBet

2009-07-17 09:50 <DIR> --d--r-- c:\program files\Skype

==================== Find3M ====================

2009-07-19 08:33 3,597,824 --------

c:\windows\system32\dllcache\mshtml.dll

2009-07-19 08:32 6,067,200 --------

c:\windows\system32\dllcache\ieframe.dll

2009-06-29 06:07 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe

2009-06-29 06:07 70,656 -------- c:\windows\system32\dllcache\ie4uinit.exe

2009-06-29 03:35 634,632 -------- c:\windows\system32\dllcache\iexplore.exe

2009-06-29 03:33 2,452,872 --------

c:\windows\system32\dllcache\ieapfltr.dat

2009-06-29 03:33 161,792 -------- c:\windows\system32\dllcache\ieakui.dll

2009-06-16 09:36 119,808 a------- c:\windows\system32\t2embed.dll

2009-06-16 09:36 81,920 a------- c:\windows\system32\fontsub.dll

2009-06-16 09:36 119,808 -------- c:\windows\system32\dllcache\t2embed.dll

2009-06-16 09:36 81,920 -------- c:\windows\system32\dllcache\fontsub.dll

2009-06-03 14:09 1,291,264 a------- c:\windows\system32\quartz.dll

2009-06-03 14:09 1,291,264 --------

c:\windows\system32\dllcache\quartz.dll

2006-08-18 11:14 56 ---shr-- c:\windows\system32\05B662BBD7.sys

2006-08-18 11:14 1,682 a--sh--- c:\windows\system32\KGyGaAvL.sys

2008-09-05 13:15 32,768 a--sh---

c:\windows\system32\config\systemprofile\local

settings\history\history.ie5\mshist012008090520080906\index.dat

============= FINISH: 21:54:24.23 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-07-30.01)

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume2

Install Date: 9/14/2005 6:04:31 PM

System Uptime: 8/11/2009 9:38:07 PM (0 hours ago)

Motherboard: Dell Computer Corp. | | 0TC667

Processor: Intel® Celeron® CPU 2.66GHz | Microprocessor | 2660/533mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 34 GiB total, 3.038 GiB free.

D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1439: 8/7/2009 5:08:19 PM - System Checkpoint

RP1440: 8/8/2009 1:12:21 AM - Installed Full Tilt Poker

RP1441: 8/8/2009 10:50:46 AM - System Checkpoint

RP1442: 8/8/2009 4:13:57 PM - Removed Norton Ghost.

RP1443: 8/8/2009 9:23:33 PM - Removed WD Diagnostics

RP1444: 8/8/2009 9:53:40 PM - Installed AVG Free 8.5

RP1445: 8/9/2009 12:16:01 AM - Removed MSXML 4.0 SP2 (KB954430)

RP1446: 8/9/2009 12:17:13 AM - Removed MSXML 4.0 SP2 (KB936181)

RP1447: 8/10/2009 3:13:24 AM - System Checkpoint

RP1448: 8/11/2009 1:01:59 AM - Avg8 Update

==== Installed Programs ======================

32 Bit HP CIO Components Installer

Abacast Client

Adobe Acrobat 4.0

Adobe Anchor Service CS3

Adobe Asset Services CS3

Adobe Bridge CS3

Adobe Bridge Start Meeting

Adobe Camera Raw 4.0

Adobe CMaps

Adobe Default Language CS3

Adobe Device Central CS3

Adobe Dreamweaver CS3

Adobe ExtendScript Toolkit 2

Adobe Extension Manager CS3

Adobe Flash Player 10 Plugin

Adobe Flash Player ActiveX

Adobe Help Viewer CS3

Adobe PDF Library Files

Adobe Reader 7.0.9

Adobe Setup

Adobe Type Support

Adobe Update Manager CS3

Adobe Version Cue CS3 Client

Advanced Audio FX Engine

Advanced Video FX Engine

AVG Free 8.5

BufferChm

C5500

C5500_Help

Cards_Calendar_OrderGift_DoMorePlugout

Clover DVR

Critical Update for Windows Media Player 11 (KB959772)

CustomerResearchQFolder

Dell Digital Jukebox Driver

Dell Driver Reset Tool

Dell System Restore

Destination Component

DeviceDiscovery

DeviceManagementQFolder

DivX Codec

eSupportQFolder

Full Tilt Poker

GPBaseService

HijackThis 2.0.2

Hotfix for Windows XP (KB952287)

HP Customer Participation Program 11.0

HP Imaging Device Functions 11.0

HP Photosmart C5500 All-In-One Driver Software 11.0 Rel .4

HP Photosmart Essential 2.5

HP Photosmart Essential 3.0

HP Smart Web Printing

HP Solution Center 11.0

HP Update

HPPhotoSmartDiscLabel_PaperLabel

HPPhotoSmartDiscLabel_PrintOnDisc

HPPhotoSmartDiscLabelContent1

hpphotosmartdisclabelplugin

HPPhotoSmartPhotobookWebPack1

HPProductAssistant

Intel® 537EP V9x DF PCI Modem

Intel® Extreme Graphics 2 Driver

Intel® PRO Network Adapters and Drivers

Intel® PROSet for Wired Connections

Internet Explorer Default Page

Java 2 Runtime Environment, SE v1.4.2_03

Macromedia Flash Player

Malwarebytes' Anti-Malware

MarketResearch

McAfee Virtual Technician

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Hotfix (KB928366)

Microsoft .NET Framework 2.0

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft LifeChat

Microsoft National Language Support Downlevel APIs

Microsoft Office 2000 Disc 2

Microsoft Office 2000 Professional

Microsoft Plus! Digital Media Edition Installer

Microsoft Plus! Photo Story 2 LE

Microsoft Silverlight

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Modem Event Monitor

Modem Helper

Modem On Hold

Mozilla Firefox (3.0.13)

MSXML 4.0 SP2 (KB927978)

PanoStandAlone

Picasa 3

PokerStars

PS_AIO_04_C5500_ProductContext

PS_AIO_04_C5500_Software

PS_AIO_04_C5500_Software_Min

PSSWCORE

QuickBooks Point of Sale 7.0 Trial

QuickTime

Quicktime Browser Plug-In

RealPlayer

Scan

Security Update for Microsoft .NET Framework 2.0 (KB928365)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB950759)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 7 (KB969897)

Security Update for Windows Internet Explorer 7 (KB972260)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950759)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB973346)

Skype

Link to post
Share on other sites

The following need to be removed via Add/Remove Programs. A couple will be re-installed because they are old versions.

Adobe Reader 7.0.9

Internet Explorer Default Page

Java 2 Runtime Environment, SE v1.4.2_03

Viewpoint Media Player

Please reboot your computer....

What problems did you have uninstalling mcafee?

Link to post
Share on other sites

The following need to be removed via Add/Remove Programs. A couple will be re-installed because they are old versions.

Adobe Reader 7.0.9

Internet Explorer Default Page

Java 2 Runtime Environment, SE v1.4.2_03

Viewpoint Media Player

Please reboot your computer....

What problems did you have uninstalling mcafee?

I have removed the programs you recommended, but I do not see the Internet Explorer Default Page.

My computer is saying I am running out of disk space. What is happening that is causing this? I have loaded no new programs to fill disk space, so something is not right. Thanks for all your help.

Link to post
Share on other sites

In today's world 30gb hard drive is nothing. What do you use Abacast Client for?

I guess I was concerned that the trojan was loading stuff that was taking up space on my drive. The Abcast Client was for listening to a local radio station. Maybe that is not necessary any longer, should I delete it? I could probably delete most of the programs on my drive that are rarely used, but I don't even know what most of them are, LOL!

I did a scan and still have the same trojan downloader on my computer. The MacAfee wouldn't download, so was it because i didn't have enough space. I now have 1.84 G available. So what do you suggest as my next course of action. Thanks for your help and I am sorry but you are dealing with a 52 year old computer novice. Thanks for all your time.

Link to post
Share on other sites

Please post that last Malwarebytes log.

Malwarebytes' Anti-Malware 1.40

Database version: 2551

Windows 5.1.2600 Service Pack 3

8/14/2009 12:09:32 AM

mbam-log-2009-08-14 (00-09-32).txt

Scan type: Quick Scan

Objects scanned: 96233

Time elapsed: 7 minute(s), 41 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 0

Registry Data Items Infected: 2

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\xpre (Trojan.Downloader) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

Is the trojan gone? If so thanks so much. Is there anyway I can donate funds?

Malwarebytes' Anti-Malware 1.40

Database version: 2632

Windows 5.1.2600 Service Pack 3

8/15/2009 9:11:52 PM

mbam-log-2009-08-15 (21-11-52).txt

Scan type: Quick Scan

Objects scanned: 97197

Time elapsed: 13 minute(s), 32 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

Okay lets go ahead and finish thing up then.

javaicon.gif Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems

Ugrading Java:

  • Download the latest version of Java Runtime Environment (JRE) 6u16.
  • Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.

Download the update for Adobe Acrobat Reader Here

As for donation, My help is free, but purchasing a one time subscription of Malwarebytes Anti-Malware would help the site. Good luck and safe surfing.

Link to post
Share on other sites

I removed all my Java components earlier and I am not able to run or download the Java program. Not sure what I am doing wrong or if I am missing some program from Microsoft that I might have mistakenly deleted when I was trying to create more hard drive space. Sorry probably my bad, but I would appreciate more help. Thanks.

Link to post
Share on other sites

Right-click on My Computer icon.

Click on Properties

Click on the SystemRestore

How much space do you allocated for system restore?

Run an online virus scan called Kaspersky from HERE.

  • 1. At the main page. Press on "Accept". After reading the contents.
    2. At the next window Select Update. Allow the Database to update.
    Note: If prompted to run or update your Java, then follow the prompts to do so. Kaspersky requires Java to run.
    3. Once the Database has finished, under the Scan icon Select My Computer to start the scan. The scan may take a few minutes to complete.
    4. Select Scan Report.
    5. If any threats were found they will appear in the report
    6. Select "Save error report as"
    Then in the file name just type in kaspersky
    Under "save as type" select text .txt
    Save it to your Desktop.
    Copy and post the results of the Kaspersky Online scan. If no threats were found then report that as well.

Link to post
Share on other sites

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.