Jump to content

MBAM scan runs for 2-3 seconds and closes... *cries*


Recommended Posts

G-day mate,

I am having problems with my PC.

Whenever I go to web addresses i am getting Google search results instead of the page i am looking for (i am typing the addresses into the address bar, not my search engine bar wink.gif ) and i am also sometimes redirected to random web sites. I am unable to run some programs like Windows Live Messenger (platform error) and My Anti-Virus software (AVG 8.5 professional) will not scan my computer. I also do not have the rights to run or change cleanup programs like 'Hijack This' and your 'Malwarebytes Anti-Malware' programs. Windows defender is no better sad.gif . It has been getting progressively worse over the past week or so.

I am running Windows XP Professional. My Anti-Virus is AVG 8.5 professional.

I have read through the forums for some general advice on similar problems however i am not game enough to try anything on my own as i don't want to make things worse :/ .

I am more than willing to allow remote access to my PC if this will help? it is on almost 24/7 so i don't really need to be here if you want to look at stuff or whatever. I thank you in advance for your assistance.

Kind regards,

Mr. Bojangles

Link to post
Share on other sites

Hi! yes i do still need help :)

thankyou!

here is the win32diag log:

######################################

Running from: C:\Documents and Settings\Mr. Bojangles\My Documents\Downloads\Win32kDiag.exe

Log file at : C:\Documents and Settings\Mr. Bojangles\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...

Found mount point : C:\WINDOWS\$hf_mig$\KB893066\KB893066

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB900725\KB900725

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB908531\KB908531

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB912945\KB912945

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB913446\KB913446

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB920213\KB920213

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB921398\KB921398

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB924270\KB924270

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB925902\KB925902

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB932168\KB932168

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB933729\KB933729

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB943460\KB943460

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB943485\KB943485

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB956844\KB956844

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB971961-IE8\KB971961-IE8

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\addins\addins

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP342.tmp\ZAP342.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP428.tmp\ZAP428.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP648.tmp\ZAP648.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6F8.tmp\ZAP6F8.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7DA.tmp\ZAP7DA.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7FC.tmp\ZAP7FC.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC0.tmp\ZAPC0.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\temp\temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\tmp\tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Config\Config

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Connection Wizard\Connection Wizard

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Help\SBSI\Training\WXPPRO\Cbz\Cbz

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Help\SBSI\Training\WXPPRO\Lib\Lib

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Help\SBSI\Training\WXPPRO\Wave\Wave

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imejp\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imejp98\imejp98

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002105501100000000000000F01FEC\12.0.4518\12.0.4518

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109511090400000000000F01FEC\12.0.4518\12.0.4518

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109711090400000000000F01FEC\12.0.4518\12.0.4518

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109910090400000000000F01FEC\12.0.4518\12.0.4518

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109B10090400000000000F01FEC\12.0.4518\12.0.4518

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109F100A0C00000000000F01FEC\12.0.4518\12.0.4518

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\00002109F100C0400000000000F01FEC\12.0.4518\12.0.4518

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\java\classes\classes

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\java\trustlib\trustlib

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\msapps\msinfo\msinfo

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\msdownld.tmp\msdownld.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\ERRORREP\QHEADLES\QHEADLES

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\ERRORREP\QSIGNOFF\QSIGNOFF

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\BATCH\BATCH

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe

<END>

#########################################################

Link to post
Share on other sites

sorry here is the rest...

########################################################

Cannot access: C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe

[1] 2004-08-04 22:00:00 743936 C:\WINDOWS\$NtServicePackUninstall$\helpsvc.exe (Microsoft Corporation)

[1] 2008-04-14 10:12:21 744448 C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe ()

[1] 2008-04-14 10:12:21 744448 C:\WINDOWS\ServicePackFiles\i386\helpsvc.exe (Microsoft Corporation)

Found mount point : C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoint

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKUs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\System\DFS\DFS

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\System\News\News

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\System_OEM\System_OEM

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\Temp\Temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\PIF\PIF

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Registration\CRMLog\CRMLog

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\SoftwareDistribution\AuthCabs\Downloaded\Downloaded

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\SoftwareDistribution\Download\2a8c07aaf8ec0a2dbcb5ab11c4e40d88\backup\backup

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINDOWS\SoftwareDistribution\Download\c263092dccc247f68a43cfee93ecc72d\update\update.exe

[1] 2004-10-15 04:21:58 654848 C:\WINDOWS\$hf_mig$\KB873339\update\update.exe (Microsoft Corporation)

[1] 2004-12-01 08:29:47 654848 C:\WINDOWS\$hf_mig$\KB885250\update\update.exe (Microsoft Corporation)

[1] 2004-10-15 04:34:52 654848 C:\WINDOWS\$hf_mig$\KB885835\update\update.exe (Microsoft Corporation)

[1] 2004-10-15 04:34:48 654848 C:\WINDOWS\$hf_mig$\KB885836\update\update.exe (Microsoft Corporation)

[1] 2004-07-29 09:15:07 654336 C:\WINDOWS\$hf_mig$\KB885894\update\update.exe (Microsoft Corporation)

[1] 2004-10-15 04:34:52 654848 C:\WINDOWS\$hf_mig$\KB886185\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 11:34:54 654848 C:\WINDOWS\$hf_mig$\KB887472\update\update.exe (Microsoft Corporation)

[1] 2004-10-15 04:34:48 654848 C:\WINDOWS\$hf_mig$\KB888113\update\update.exe (Microsoft Corporation)

[1] 2004-10-15 04:34:48 654848 C:\WINDOWS\$hf_mig$\KB888302\update\update.exe (Microsoft Corporation)

[1] 2005-02-25 13:35:05 718048 C:\WINDOWS\$hf_mig$\KB890046\update\update.exe (Microsoft Corporation)

[1] 2004-12-01 08:46:38 654848 C:\WINDOWS\$hf_mig$\KB890047\update\update.exe (Microsoft Corporation)

[1] 2004-10-15 04:21:58 654848 C:\WINDOWS\$hf_mig$\KB890175\update\update.exe (Microsoft Corporation)

[1] 2005-02-25 13:53:09 718048 C:\WINDOWS\$hf_mig$\KB890859\update\update.exe (Microsoft Corporation)

[1] 2004-10-15 04:21:58 654848 C:\WINDOWS\$hf_mig$\KB891781\update\update.exe (Microsoft Corporation)

[1] 2005-02-25 13:35:05 718048 C:\WINDOWS\$hf_mig$\KB893756\update\update.exe (Microsoft Corporation)

[1] 2005-02-25 13:35:05 718048 C:\WINDOWS\$hf_mig$\KB896358\update\update.exe (Microsoft Corporation)

[1] 2005-02-25 13:35:05 718048 C:\WINDOWS\$hf_mig$\KB896422\update\update.exe (Microsoft Corporation)

[1] 2005-02-25 13:35:05 718048 C:\WINDOWS\$hf_mig$\KB896423\update\update.exe (Microsoft Corporation)

[1] 2005-02-25 13:35:05 718048 C:\WINDOWS\$hf_mig$\KB896424\update\update.exe (Microsoft Corporation)

[1] 2005-02-25 13:35:05 718048 C:\WINDOWS\$hf_mig$\KB896428\update\update.exe (Microsoft Corporation)

[1] 2005-02-25 13:35:05 718048 C:\WINDOWS\$hf_mig$\KB898461\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 20:35:06 718048 C:\WINDOWS\$hf_mig$\KB899587\update\update.exe (Microsoft Corporation)

[1] 2005-02-25 13:35:05 718048 C:\WINDOWS\$hf_mig$\KB899589\update\update.exe (Microsoft Corporation)

[1] 2005-02-25 13:35:05 718048 C:\WINDOWS\$hf_mig$\KB899591\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:29 716000 C:\WINDOWS\$hf_mig$\KB900485\update\update.exe (Microsoft Corporation)

[1] 2005-02-25 13:35:05 718048 C:\WINDOWS\$hf_mig$\KB901017\update\update.exe (Microsoft Corporation)

[1] 2005-02-25 13:35:05 718048 C:\WINDOWS\$hf_mig$\KB901214\update\update.exe (Microsoft Corporation)

[1] 2005-02-25 13:35:05 718048 C:\WINDOWS\$hf_mig$\KB902400\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB904706\update\update.exe (Microsoft Corporation)

[1] 2005-02-25 13:35:05 718048 C:\WINDOWS\$hf_mig$\KB905414\update\update.exe (Microsoft Corporation)

[1] 2005-02-25 13:35:05 718048 C:\WINDOWS\$hf_mig$\KB905749\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB905915\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB908519\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB910437\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:29 716000 C:\WINDOWS\$hf_mig$\KB911280\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB911562\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB911567\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB911927\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB912919\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:29 716000 C:\WINDOWS\$hf_mig$\KB913580\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB914388\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:29 716000 C:\WINDOWS\$hf_mig$\KB914389\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB915865\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:16:51 716000 C:\WINDOWS\$hf_mig$\KB916595\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB917159\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB917344\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB917422\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:29 716000 C:\WINDOWS\$hf_mig$\KB918118\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB918439\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB920214\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB920670\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB920683\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:29 716000 C:\WINDOWS\$hf_mig$\KB920685\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:29 716000 C:\WINDOWS\$hf_mig$\KB920872\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB921883\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB922582\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB922616\update\update.exe (Microsoft Corporation)

[1] 2008-11-16 03:18:04 755576 C:\WINDOWS\$hf_mig$\KB923561\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:16:51 716000 C:\WINDOWS\$hf_mig$\KB923980\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:29 716000 C:\WINDOWS\$hf_mig$\KB926255\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:16:51 716000 C:\WINDOWS\$hf_mig$\KB926436\update\update.exe (Microsoft Corporation)

[1] 2006-01-20 05:29:19 716000 C:\WINDOWS\$hf_mig$\KB927779\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:29 716000 C:\WINDOWS\$hf_mig$\KB927802\update\update.exe (Microsoft Corporation)

[1] 2006-01-20 05:29:19 716000 C:\WINDOWS\$hf_mig$\KB927891\update\update.exe (Microsoft Corporation)

[1] 2006-01-20 05:29:19 716000 C:\WINDOWS\$hf_mig$\KB928255\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB928388\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:29 716000 C:\WINDOWS\$hf_mig$\KB928843\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:28 716000 C:\WINDOWS\$hf_mig$\KB929120\update\update.exe (Microsoft Corporation)

[1] 2006-01-20 05:29:19 716000 C:\WINDOWS\$hf_mig$\KB929123\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:29 716000 C:\WINDOWS\$hf_mig$\KB930178\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:29 716000 C:\WINDOWS\$hf_mig$\KB930916\update\update.exe (Microsoft Corporation)

[1] 2006-01-20 05:29:19 716000 C:\WINDOWS\$hf_mig$\KB931261\update\update.exe (Microsoft Corporation)

[1] 2007-03-06 11:22:59 716000 C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:29 716000 C:\WINDOWS\$hf_mig$\KB935839\update\update.exe (Microsoft Corporation)

[1] 2006-01-20 05:29:19 716000 C:\WINDOWS\$hf_mig$\KB935840\update\update.exe (Microsoft Corporation)

[1] 2006-01-20 05:29:19 716000 C:\WINDOWS\$hf_mig$\KB936357\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:29 716000 C:\WINDOWS\$hf_mig$\KB937894\update\update.exe (Microsoft Corporation)

[1] 2007-03-06 11:22:59 716000 C:\WINDOWS\$hf_mig$\KB938127-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-03-06 11:22:56 716000 C:\WINDOWS\$hf_mig$\KB938127-v2-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 21:20:44 755576 C:\WINDOWS\$hf_mig$\KB938464\update\update.exe (Microsoft Corporation)

[1] 2005-10-13 09:12:29 716000 C:\WINDOWS\$hf_mig$\KB938828\update\update.exe (Microsoft Corporation)

[1] 2007-03-06 11:22:59 716000 C:\WINDOWS\$hf_mig$\KB943055\update\update.exe (Microsoft Corporation)

[1] 2007-03-06 11:22:59 716000 C:\WINDOWS\$hf_mig$\KB944653\update\update.exe (Microsoft Corporation)

[1] 2007-03-06 11:22:59 716000 C:\WINDOWS\$hf_mig$\KB945553\update\update.exe (Microsoft Corporation)

[1] 2007-03-06 11:22:59 716000 C:\WINDOWS\$hf_mig$\KB946026\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 21:20:44 755576 C:\WINDOWS\$hf_mig$\KB946648\update\update.exe (Microsoft Corporation)

[1] 2007-03-06 11:22:59 716000 C:\WINDOWS\$hf_mig$\KB950749\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 22:39:22 755576 C:\WINDOWS\$hf_mig$\KB950762\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 22:39:18 755576 C:\WINDOWS\$hf_mig$\KB950974\update\update.exe (Microsoft Corporation)

[1] 2007-12-04 01:25:31 755576 C:\WINDOWS\$hf_mig$\KB951066\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 21:18:51 755576 C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 22:39:22 755576 C:\WINDOWS\$hf_mig$\KB951698\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 22:39:18 755576 C:\WINDOWS\$hf_mig$\KB951748\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 22:39:18 755576 C:\WINDOWS\$hf_mig$\KB951978\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 22:39:22 755576 C:\WINDOWS\$hf_mig$\KB952004\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 21:18:51 755576 C:\WINDOWS\$hf_mig$\KB952287\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 22:39:22 755576 C:\WINDOWS\$hf_mig$\KB952954\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 17:38:29 755576 C:\WINDOWS\$hf_mig$\KB954211\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 21:18:51 755576 C:\WINDOWS\$hf_mig$\KB954600\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 21:18:51 755576 C:\WINDOWS\$hf_mig$\KB955069\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 22:39:22 755576 C:\WINDOWS\$hf_mig$\KB955839\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 22:39:22 755576 C:\WINDOWS\$hf_mig$\KB956391\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 17:38:29 755576 C:\WINDOWS\$hf_mig$\KB956572\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 21:40:52 755576 C:\WINDOWS\$hf_mig$\KB956744\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 17:38:29 755576 C:\WINDOWS\$hf_mig$\KB956802\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 21:18:51 755576 C:\WINDOWS\$hf_mig$\KB956803\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 21:18:51 755576 C:\WINDOWS\$hf_mig$\KB956841\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 21:18:51 755576 C:\WINDOWS\$hf_mig$\KB957095\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 23:02:04 755576 C:\WINDOWS\$hf_mig$\KB957097\update\update.exe (Microsoft Corporation)

[1] 2007-03-06 11:22:56 716000 C:\WINDOWS\$hf_mig$\KB958215-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 21:18:51 755576 C:\WINDOWS\$hf_mig$\KB958644\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 21:18:51 755576 C:\WINDOWS\$hf_mig$\KB958687\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 17:38:29 755576 C:\WINDOWS\$hf_mig$\KB958690\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 17:38:29 755576 C:\WINDOWS\$hf_mig$\KB959426\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 21:18:51 755576 C:\WINDOWS\$hf_mig$\KB960225\update\update.exe (Microsoft Corporation)

[1] 2007-03-06 11:22:56 716000 C:\WINDOWS\$hf_mig$\KB960714-IE7\update\update.exe (Microsoft Corporation)

[1] 2008-11-16 03:18:04 755576 C:\WINDOWS\$hf_mig$\KB960715\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 21:18:51 755576 C:\WINDOWS\$hf_mig$\KB960803\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 21:40:52 755576 C:\WINDOWS\$hf_mig$\KB960859\update\update.exe (Microsoft Corporation)

[1] 2007-03-06 11:22:59 716000 C:\WINDOWS\$hf_mig$\KB961260-IE7\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 23:02:04 755576 C:\WINDOWS\$hf_mig$\KB961371\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 22:39:22 755576 C:\WINDOWS\$hf_mig$\KB961373\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 23:02:04 755576 C:\WINDOWS\$hf_mig$\KB961501\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 22:39:22 755576 C:\WINDOWS\$hf_mig$\KB961503\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 23:02:04 755576 C:\WINDOWS\$hf_mig$\KB963027-IE7\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 17:38:29 755576 C:\WINDOWS\$hf_mig$\KB967715\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 21:40:52 755576 C:\WINDOWS\$hf_mig$\KB968389\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 17:38:29 755576 C:\WINDOWS\$hf_mig$\KB968537\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 17:38:29 755576 C:\WINDOWS\$hf_mig$\KB969897-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 22:39:22 755576 C:\WINDOWS\$hf_mig$\KB969897-IE8\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 22:39:22 755576 C:\WINDOWS\$hf_mig$\KB969898\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 22:39:22 755576 C:\WINDOWS\$hf_mig$\KB970238\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 21:40:52 755576 C:\WINDOWS\$hf_mig$\KB971557\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 23:02:04 755576 C:\WINDOWS\$hf_mig$\KB971633\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 21:40:52 755576 C:\WINDOWS\$hf_mig$\KB971657\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 23:02:04 755576 C:\WINDOWS\$hf_mig$\KB971930-IE8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 21:40:52 755576 C:\WINDOWS\$hf_mig$\KB972260-IE8\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 23:02:04 755576 C:\WINDOWS\$hf_mig$\KB973346\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 21:40:52 755576 C:\WINDOWS\$hf_mig$\KB973354\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 21:40:52 755576 C:\WINDOWS\$hf_mig$\KB973507\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 21:40:52 755576 C:\WINDOWS\$hf_mig$\KB973815\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 23:02:04 755576 C:\WINDOWS\$hf_mig$\KB973869\update\update.exe (Microsoft Corporation)

[1] 2007-05-29 01:06:48 155417 C:\WINDOWS\BricoPacks\Vista Inspirat 2\Update.exe ()

############################################################################

Link to post
Share on other sites

1. Please download The Avenger2 by Swandog46 to your Desktop.

  • Right click on the Avenger.zip folder and select "Extract All..."
  • Follow the prompts and extract the avenger folder to your desktop

2. Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+C):

Files to move:
C:\WINDOWS\system32\logevent.dll | C:\WINDOWS\system32\eventlog.dll

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, open the avenger folder and start The Avenger program by clicking on its icon.

  • Right click on the window under Input script here:, and select Paste.
  • You can also Paste the text copied to the clipboard into this window by pressing (Ctrl+V), or click on the third button under the menu to paste it from the clipboard.
  • Click on Execute
  • Answer "Yes" twice when prompted.

4. The Avenger will automatically do the following:

[*]It will Restart your computer. ( In cases where the code to execute contains "Drivers to Delete" or "Drivers to Disable", The Avenger will actually restart your system twice.)

[*]On reboot, it will briefly open a black command window on your desktop, this is normal.

[*]After the restart, it creates a log file that should open with the results of Avenger

Link to post
Share on other sites

Here are the log files:

Avenger:

Logfile of The Avenger Version 2.0, © by Swandog46

http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.

Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.

No rootkits found!

File move operation "C:\WINDOWS\system32\logevent.dll|C:\WINDOWS\system32\eventlog.dll" completed successfully.

Completed script processing.

*******************

Finished! Terminate.

________________________________________________________________________________

_______________________

Combofix:

ComboFix 09-09-25.01 - Mr. Bojangles 09/28/2009 5:00.1.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1419 [GMT 10:00]

Running from: c:\documents and settings\Mr. Bojangles\Desktop\Combo-Fix.exe

AV: AVG Internet Security *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\recycler\S-1-5-21-1716803336-3326182553-3633396690-500

c:\windows\Installer\17987e84.msi

c:\windows\system\update.exe

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226ED}

-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226EE}

((((((((((((((((((((((((( Files Created from 2009-08-27 to 2009-09-27 )))))))))))))))))))))))))))))))

.

2009-09-23 09:02 . 2009-09-23 09:02 -------- d-----w- c:\program files\Trend Micro

2009-09-23 08:48 . 2009-09-24 13:47 -------- d--h--w- c:\windows\PIF

2009-09-23 08:38 . 2009-09-23 08:38 -------- d-----w- c:\documents and settings\Mr. Bojangles\Application Data\Malwarebytes

2009-09-23 08:38 . 2009-09-10 04:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-09-23 08:38 . 2009-09-23 08:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-09-23 08:38 . 2009-09-23 08:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2009-09-23 08:38 . 2009-09-10 04:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-09-23 08:12 . 2009-09-23 08:12 -------- d-----w- c:\program files\Windows Defender

2009-09-23 07:47 . 2009-09-23 07:47 -------- d-----w- c:\documents and settings\All Users\Application Data\RegCure

2009-09-23 07:47 . 2009-09-23 07:53 -------- d-----w- c:\program files\RegCure

2009-09-15 04:23 . 2009-09-15 04:23 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP

2009-09-12 05:12 . 2009-09-25 06:26 -------- d-----w- c:\documents and settings\Mr. Bojangles\Application Data\vlc

2009-09-12 05:11 . 2009-09-12 05:11 -------- d-----w- c:\program files\VideoLAN

2009-09-09 07:35 . 2009-09-09 07:35 -------- d-----w- c:\windows\Time Stopper

2009-09-09 07:35 . 2009-09-09 07:35 -------- d-----w- c:\program files\Time Stopper

2009-09-09 02:00 . 2009-09-09 02:00 -------- d-----w- C:\_SMA

2009-09-08 15:40 . 2009-09-08 15:40 -------- d-----w- c:\program files\Enigma Software Group

2009-09-08 15:25 . 2009-09-08 15:25 20 ----a-w- c:\windows\system32\drivers\WIN32K.SYS

2009-09-08 05:24 . 2009-09-08 05:24 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet

2009-09-08 05:24 . 2009-09-08 05:24 -------- d-----w- c:\program files\Common Files\Macrovision Shared

2009-09-08 05:23 . 2008-04-06 19:38 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll

2009-09-08 05:23 . 2008-04-06 19:38 45392 ----a-r- c:\windows\system32\AdobePDF.dll

2009-09-08 04:14 . 2009-09-08 04:21 -------- d-----w- c:\documents and settings\Mr. Bojangles\Application Data\Download Manager

2009-09-08 04:08 . 2009-09-08 04:08 -------- d-----w- c:\documents and settings\Mr. Bojangles\Application Data\Downloaded Installations

2009-09-05 05:14 . 2009-09-05 05:14 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache

2009-08-31 03:40 . 2009-08-31 03:40 -------- d-----w- c:\documents and settings\Mr. Bojangles\Application Data\Office Genuine Advantage

2009-08-30 06:02 . 2009-08-30 06:02 -------- d-----w- c:\documents and settings\Mr. Bojangles\Local Settings\Application Data\BVRP Software

2009-08-30 06:01 . 2008-04-13 18:45 26112 ----a-w- c:\windows\system32\drivers\usbser.sys

2009-08-30 06:01 . 2008-04-13 18:45 26112 ----a-w- c:\windows\system32\dllcache\usbser.sys

2009-08-30 06:00 . 2009-08-30 06:00 -------- d-----w- c:\program files\Common Files\Motorola Shared

2009-08-30 06:00 . 2009-09-02 05:48 -------- d-----w- c:\documents and settings\All Users\Application Data\BVRP Software

2009-08-30 06:00 . 2009-08-30 06:01 -------- d-----w- c:\program files\Motorola Phone Tools

2009-08-30 05:59 . 2009-08-30 05:59 -------- d-----w- c:\documents and settings\Mr. Bojangles\Application Data\InstallShield

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-09-27 19:08 . 2009-01-08 20:24 3216 ----a-w- c:\windows\system32\encobject.dat

2009-09-26 14:00 . 2009-01-08 04:47 5427 ----a-w- c:\windows\system32\EGATHDRV.SYS

2009-09-25 18:54 . 2009-01-08 22:02 -------- d-----w- c:\program files\Steam

2009-09-24 03:30 . 2009-01-08 21:53 -------- d-----w- c:\documents and settings\Mr. Bojangles\Application Data\uTorrent

2009-09-23 07:29 . 2009-01-08 21:22 -------- d-----w- c:\documents and settings\Mr. Bojangles\Application Data\MSNShell

2009-09-17 12:28 . 2009-04-16 15:40 -------- d---a-w- c:\documents and settings\All Users\Application Data\Microsoft Help

2009-09-09 07:59 . 2009-08-14 01:59 -------- d-----w- c:\program files\AVG

2009-09-08 17:56 . 2009-01-08 21:52 -------- d-----w- c:\program files\Alarm

2009-09-08 05:24 . 2009-02-02 02:58 -------- d-----w- c:\program files\Common Files\Adobe

2009-08-30 06:00 . 2009-01-08 04:31 -------- d--h--w- c:\program files\InstallShield Installation Information

2009-08-29 15:13 . 2009-06-26 02:50 -------- d-----w- c:\program files\Weatherzone Tracker

2009-08-25 12:20 . 2009-03-19 14:12 -------- d-----w- c:\documents and settings\Mr. Bojangles\Application Data\U3

2009-08-23 18:49 . 2009-08-23 18:49 -------- d-----w- c:\program files\MSECache

2009-08-23 11:08 . 2009-07-07 04:53 -------- d-----w- c:\documents and settings\Mr. Bojangles\Application Data\GetRightToGo

2009-08-16 03:46 . 2009-08-16 03:46 -------- d-----w- c:\program files\eMule

2009-08-14 02:00 . 2009-08-14 02:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations

2009-08-14 02:00 . 2009-08-14 02:00 11952 ----a-w- c:\windows\system32\avgrsstx.dll

2009-08-14 02:00 . 2009-08-14 02:00 12552 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

2009-08-14 02:00 . 2009-08-14 02:00 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2009-08-14 02:00 . 2009-08-14 02:00 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2009-08-14 02:00 . 2009-08-14 02:00 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2009-08-14 01:59 . 2009-08-14 01:59 50968 ----a-w- c:\windows\system32\avgfwdx.dll

2009-08-14 01:59 . 2009-08-14 01:59 29208 ----a-w- c:\windows\system32\drivers\avgfwdx.sys

2009-08-14 01:59 . 2009-08-14 01:59 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8

2009-08-14 01:52 . 2009-08-14 01:52 -------- d-----w- c:\documents and settings\Mr. Bojangles\Application Data\AVG8

2009-08-10 06:13 . 2009-06-01 17:12 664 ----a-w- c:\windows\system32\d3d9caps.dat

2009-08-06 17:02 . 2009-08-06 17:02 -------- d-----w- c:\program files\MSBuild

2009-08-06 17:02 . 2009-08-06 17:02 -------- d-----w- c:\program files\Reference Assemblies

2009-08-05 09:01 . 2006-04-30 06:55 204800 ------w- c:\windows\system32\mswebdvd.dll

2009-08-04 13:01 . 2009-01-08 22:00 -------- d-----w- c:\program files\Smallvideosoft

2009-08-04 12:36 . 2009-01-08 21:58 -------- d-----w- c:\program files\PokerStars

2009-08-03 05:07 . 2009-08-03 05:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll

2009-08-03 05:07 . 2009-08-03 05:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll

2009-08-03 05:07 . 2009-08-03 05:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe

2009-07-30 16:37 . 2009-01-08 04:41 -------- d-----w- c:\program files\Symantec Client Security

2009-07-30 12:58 . 2009-07-30 12:58 -------- d-----w- c:\documents and settings\Mr. Bojangles\Application Data\Sonic

2009-07-30 12:39 . 2009-07-30 12:39 -------- d-----w- c:\documents and settings\Mr. Bojangles\Application Data\DivX

2009-07-30 12:21 . 2009-01-08 04:42 -------- d-----w- c:\program files\Symantec

2009-07-30 12:21 . 2009-01-08 04:41 -------- d-----w- c:\program files\Common Files\Symantec Shared

2009-07-30 12:21 . 2009-01-08 04:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec

2009-07-30 12:20 . 2009-01-08 04:42 40 ----a-w- c:\windows\system32\profile.dat

2009-07-30 12:19 . 2009-06-02 12:31 -------- d-----w- c:\program files\Soldier of Fortune II - Double Helix GOLD

2009-07-30 12:17 . 2009-05-11 02:43 -------- d-----w- c:\program files\Common Files\Apple

2009-07-30 12:16 . 2009-07-11 03:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft

2009-07-30 06:50 . 2009-07-30 06:50 -------- d-----w- c:\program files\DivX

2009-07-30 06:50 . 2009-07-30 06:50 -------- d-----w- c:\program files\Common Files\DivX Shared

2009-07-30 06:45 . 2009-07-30 06:34 -------- d-----w- c:\program files\Xvid

2009-07-26 06:44 . 2009-07-26 06:44 48448 ----a-w- c:\windows\system32\sirenacm.dll

2009-07-22 07:23 . 2009-07-22 07:23 74760 ----a-w- c:\windows\system32\drivers\UniversalDD.sys

2009-07-22 07:23 . 2009-07-22 07:23 25608 ----a-w- c:\windows\system32\drivers\AVGIDSErHr.sys

2009-07-17 19:01 . 2006-04-30 06:55 58880 ----a-w- c:\windows\system32\atl.dll

2009-07-13 13:43 . 2006-04-30 06:56 286208 ------w- c:\windows\system32\wmpdxm.dll

2009-07-03 17:09 . 2006-04-30 06:56 915456 ----a-w- c:\windows\system32\wininet.dll

2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll

2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFre0.dll" [2009-07-22 2215960]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

2009-07-22 04:22 2215960 ----a-w- c:\program files\Freecorder\tbFre0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\tbFre0.dll" [2009-07-22 2215960]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:\program files\Freecorder\tbFre0.dll" [2009-07-22 2215960]

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Weather Tracker3"="c:\program files\Weatherzone Tracker\weather_tracker.exe" [2009-07-17 2888403]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-12-12 143360]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-12-12 143360]

"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-09-18 2022680]

"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-28 221184]

"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-02-27 38768]

"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-02-27 640376]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]

"Mouse Suite 98 Daemon"="ICO.EXE" - c:\windows\system32\ico.exe [2005-04-13 49152]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AwayNotify]

2006-06-18 17:06 49152 ------w- c:\program files\Lenovo\AwayTask\AwayNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-08-14 02:00 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk

backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Mr. Bojangles^Start Menu^Programs^Startup^Y'z Shadow.lnk]

path=c:\documents and settings\Mr. Bojangles\Start Menu\Programs\Startup\Y'z Shadow.lnk

backup=c:\windows\pss\Y'z Shadow.lnkStartup

[HKLM\~\startupfolder\^NTUSER.DAT]

path=\NTUSER.DAT

backup=c:\windows\pss\NTUSER.DATCommon Startup

[HKLM\~\startupfolder\^ntuser.dat.LOG]

path=\ntuser.dat.LOG

backup=c:\windows\pss\ntuser.dat.LOGCommon Startup

[HKLM\~\startupfolder\^ntuser.ini]

path=\ntuser.ini

backup=c:\windows\pss\ntuser.iniCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"iPod Service"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\MSNShell\\Bin\\engie.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

"c:\\Program Files\\Steam\\steamapps\\nikmikalishen\\counter-strike source\\hl2.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgam.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgdiag.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgdiagex.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [8/14/2009 12:00 PM 12552]

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [8/14/2009 12:00 PM 335240]

R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [8/14/2009 12:00 PM 108552]

R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [8/14/2009 11:59 AM 297752]

R2 avgfws8;AVG8 Firewall;c:\progra~1\AVG\AVG8\avgfws8.exe [8/14/2009 12:00 PM 1370488]

R2 PrivateDisk;PrivateDisk;c:\program files\Lenovo\SafeGuard PrivateDisk\privatediskm.sys [3/14/2006 10:05 AM 58368]

R2 smi2;smi2;c:\program files\SMI2\smi2.sys [7/15/2006 9:55 AM 3968]

R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [8/14/2009 11:59 AM 29208]

R3 pelmouse;Mouse Suite Driver;c:\windows\system32\drivers\PELMOUSE.SYS [1/8/2009 2:31 PM 16384]

R3 pelusblf;USB Mouse Low Filter Driver;c:\windows\system32\drivers\pelusblf.sys [1/8/2009 2:31 PM 9216]

S2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [1/12/2008 11:50 AM 30312]

S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]

S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [8/14/2009 11:59 AM 29208]

S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [12/18/2008 4:25 AM 29181272]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

.

Contents of the 'Scheduled Tasks' folder

2009-09-27 c:\windows\Tasks\RegCure Program Check.job

- c:\program files\RegCure\RegCure.exe [2009-06-10 22:28]

2009-09-27 c:\windows\Tasks\RegCure Startup.job

- c:\program files\RegCure\RegCure.exe [2009-06-10 22:28]

2009-09-27 c:\windows\Tasks\RegCure.job

- c:\program files\RegCure\RegCure.exe [2009-06-10 22:28]

2009-01-08 c:\windows\Tasks\Symantec NetDetect.job

- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2009-01-08 01:32]

2009-09-27 c:\windows\Tasks\User_Feed_Synchronization-{B0CC9A6F-834D-47FF-9C2A-B9379DCECD3B}.job

- c:\windows\system32\msfeedssync.exe [2006-10-17 18:31]

2009-09-27 c:\windows\Tasks\WGASetup.job

- c:\windows\system32\KB905474\wgasetup.exe [2009-04-09 12:18]

.

.

------- Supplementary Scan -------

.

uStart Page = www.google.com/

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = *.local

IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Set As Messenger Live Display Picture - c:\program files\MSNShell\Bin\SetMSNDP.htm

FF - ProfilePath - c:\documents and settings\Mr. Bojangles\Application Data\Mozilla\Firefox\Profiles\64w0fp13.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

.

- - - - ORPHANS REMOVED - - - -

HKCU-Run-Windows

Link to post
Share on other sites

My system is running ok now i think... thank you so much for your help!

is there anything more that needs to be done?

here is the malwarebytes log:

Malwarebytes' Anti-Malware 1.41

Database version: 2866

Windows 5.1.2600 Service Pack 3

9/28/2009 6:53:23 PM

mbam-log-2009-09-28 (18-53-23).txt

Scan type: Quick Scan

Objects scanned: 94283

Time elapsed: 5 minute(s), 40 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.