Jump to content
alohaguy53

How to get rid of XP Antivirus?

Recommended Posts

Okay, I will use add/remove programs...will that work?

Yes, give that a try

Share this post


Link to post
Share on other sites

ok, I had to exit IE on my computer to do the uninstall. so am back on my wife's computer. uninstall in in progress.

Share this post


Link to post
Share on other sites

Combofix has been running for 3-4 minutes and there is just one blinking dash in the middle of the screen is it working?

Share this post


Link to post
Share on other sites

In a few minutes if you don't see progressing dots, it's not running.

Delete the combofix you have on the desktop now.

Then lets try this way:

You might want to print these instructions out.

Download ComboFix from one of these locations:

Link 1

Link 2 If using this link, Right Click and select Save As.

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Save it to your Desktop
  • Now physically disconnect from the internet and STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields)
  • Click on your START button and choose Run. Then copy/paste the entire content of the following quotebox (Including the "" marks and the Symbols) into the run box.

    Go to StartBtn.gif -> Run -> copy/paste in the following single line command & click OK

    "%userprofile%\desktop\combofix.exe" /killall


    killall.JPG

  • Click OK and this will start ComboFix in a special way.
  • When finished, it will produce a log. Please save that log to a Notepad File to post in your next reply along with a fresh HJT log.

Note:

Do not mouse-click combofix's window while it is running. That may cause it to stall.

* After you have saved the logs, restart your system to re-enable all the programs that were disabled during the running of ComboFix.

* Reconnect to the internet

* Post the following logs/Reports:

  • ComboFix.txt

Share this post


Link to post
Share on other sites

ok, i downloaded combofix to the desktop. But now I am lost. If I have to turn off all my spyware, that means Spybot and Malwarebytes...I am on the malwarebytes control panel and can't see how to do that. Haven't tried spybot yet. also, where does the "quotebox" come from or show up?

Share this post


Link to post
Share on other sites

Sorry I don't understand...I have tried best I can to follow all your instructions...although I am not a super savvy computer user.

Share this post


Link to post
Share on other sites

MalwareBytes is located down by the time. Just Right Click on tthe M Icon and disable or close.

Don't worry about spybot

Share this post


Link to post
Share on other sites

Okay, malwarebytes in turned off. I clicked on Run and the run box came up...but what I don't understand is where do I find the quote box to get the file name to copy and paste?

Share this post


Link to post
Share on other sites

Click the Start Button StartBtn.gif -> click Run -> copy/paste in the following single line command & click OK

"%userprofile%\desktop\combofix.exe" /killall

killall.JPG

Share this post


Link to post
Share on other sites

copy/paste in the following single line in the open window & click OK

"%userprofile%\desktop\combofix.exe" /killall

Share this post


Link to post
Share on other sites

I manually typed in the file name from your post and clicekd run, but it says windows can't find the file.

Share this post


Link to post
Share on other sites

did you add the space: "%userprofile%\desktop\combofix.exe" (space) /killall

Is combofix on your desktop?

Share this post


Link to post
Share on other sites

si i tried going to the properties tab on the combofix program and copied the Cmd line to the run box. Then clicked run and got that same error message I got before. Clicked ignore a few times and the black box opened up and has the same flashing dash in the middle of it. GOD THIS IS FRUSTRATING!

Share this post


Link to post
Share on other sites

I did not, so I went back and added the space, clicked on ok and got a message that windows can't find the file!

Share this post


Link to post
Share on other sites

It doesn't see it on the desktop then.

Can you check and make sure it's there

Share this post


Link to post
Share on other sites

got the address right finally, clicked ok and the open file box came up...clicekd run and got the same error message...about an illegal instruction. I can click ignore again, but I will get the same black box with the flashing dash in the middle. Are you sure this program actually works?

Share this post


Link to post
Share on other sites

Do you have a Thumb / Flash drive?

Download to the flash drive and try running it from there.

Share this post


Link to post
Share on other sites

okay, i downloaded it to my external hard drive and am running it. There is a blue box this time with text in it! Says it is attempting to create a new system restore point!

Share this post


Link to post
Share on other sites

ComboFix 11-04-13.01 - Administrator2 04/13/2011 15:51:41.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.1422 [GMT -7:00]

Running from: E:\ComboFix.exe

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files\SelectRebates

c:\program files\SelectRebates\FFToolbar\chrome.manifest

c:\program files\SelectRebates\FFToolbar\chrome\sahtoolbar.jar

c:\program files\SelectRebates\FFToolbar\defaults\preferences\sahtoolbar.js

c:\program files\SelectRebates\FFToolbar\install.rdf

c:\program files\SelectRebates\SahImages\alert.png

c:\program files\SelectRebates\SahImages\check.png

c:\program files\SelectRebates\SahImages\close.png

c:\program files\SelectRebates\SelectAlerts.dat

c:\program files\SelectRebates\SelectRebates.exe

c:\program files\SelectRebates\SelectRebates.ini

c:\program files\SelectRebates\SelectRebatesA.dat

c:\program files\SelectRebates\SelectRebatesApi.exe

c:\program files\SelectRebates\SelectRebatesB.dat

c:\program files\SelectRebates\SelectRebatesBT.dat

c:\program files\SelectRebates\SelectRebatesDownload.exe

c:\program files\SelectRebates\SelectRebatesH.dat

c:\program files\SelectRebates\SelectRebatesUninstall.exe

c:\program files\SelectRebates\SRebates.dll

c:\program files\SelectRebates\SRFF3.dll

c:\program files\SelectRebates\Toolbar\AddtoList.bmp

c:\program files\SelectRebates\Toolbar\basis.xml

c:\program files\SelectRebates\Toolbar\Basis.xml.dym

c:\program files\SelectRebates\Toolbar\Blank.bmp

c:\program files\SelectRebates\Toolbar\CashBack.bmp

c:\program files\SelectRebates\Toolbar\Coupons.bmp

c:\program files\SelectRebates\Toolbar\GroceryCoupon.bmp

c:\program files\SelectRebates\Toolbar\i_magnifying.bmp

c:\program files\SelectRebates\Toolbar\icons.bmp

c:\program files\SelectRebates\Toolbar\logo.bmp

c:\program files\SelectRebates\Toolbar\logo_24.bmp

c:\program files\SelectRebates\Toolbar\logo_HotSpots.bmp

c:\program files\SelectRebates\Toolbar\ReviewSite.bmp

c:\program files\SelectRebates\Toolbar\RightControls.dym

c:\program files\SelectRebates\Toolbar\sahtb-alert.bmp

c:\program files\SelectRebates\Toolbar\sahtb-go.bmp

c:\program files\SelectRebates\Toolbar\sahtb-grocerycoupons.bmp

c:\program files\SelectRebates\Toolbar\sahtb-icons.bmp

c:\program files\SelectRebates\Toolbar\sahtb-restaurant.bmp

c:\program files\SelectRebates\Toolbar\sahtb-wishlist.bmp

c:\program files\SelectRebates\Toolbar\Scissors.bmp

c:\program files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll

c:\windows\system32\bszip.dll

E:\autorun.inf

.

.

((((((((((((((((((((((((( Files Created from 2011-03-13 to 2011-04-13 )))))))))))))))))))))))))))))))

.

.

2011-04-13 20:45 . 2011-04-13 20:45 -------- d-----w- c:\program files\ESET

2011-04-13 18:29 . 2011-04-13 18:29 -------- d--h--w- c:\windows\PIF

2011-04-11 23:08 . 2011-04-11 23:08 -------- d-----w- c:\windows\system32\wbem\Repository

2011-03-26 05:56 . 2011-03-26 05:56 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple Computer

2011-03-26 05:56 . 2011-03-26 05:56 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Apple Computer

2011-03-26 05:20 . 2010-12-21 01:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-03-26 05:20 . 2011-04-12 19:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-03-26 05:20 . 2010-12-21 01:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-03-26 05:18 . 2011-03-26 04:48 7734208 ----a-w- C:\mbam-setup-1.50.1.1100.exe

2011-03-26 05:17 . 2011-03-26 05:15 1006778 ----a-w- C:\rkill.com

2011-03-26 04:20 . 2011-04-13 21:53 -------- d-----w- c:\documents and settings\Administrator

2011-03-16 14:13 . 2011-03-16 14:13 -------- d-----w- c:\program files\KingsIsle Entertainment

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-02-09 13:53 . 2004-08-04 12:00 270848 ----a-w- c:\windows\system32\sbe.dll

2011-02-09 13:53 . 2004-08-04 12:00 186880 ----a-w- c:\windows\system32\encdec.dll

2011-02-02 07:58 . 2010-06-12 15:12 2067456 ----a-w- c:\windows\system32\mstscax.dll

2011-01-27 11:57 . 2010-06-12 15:12 677888 ----a-w- c:\windows\system32\mstsc.exe

2011-01-21 14:44 . 2004-08-04 12:00 439296 ----a-w- c:\windows\system32\shimgvw.dll

2011-01-16 22:14 . 2011-01-16 22:14 349393 ----a-w- c:\program files\7-Zip.exe

2010-12-06 21:17 . 2010-12-06 21:17 4502416 ----a-w- c:\program files\avg_free_stb_all_2011_1170_upgrade.exe

2010-11-27 04:58 . 2010-11-27 04:58 4886870 ----a-w- c:\program files\HandBrake-0.9.4-Win_GUI.exe

2010-10-29 05:12 . 2010-10-29 05:19 1068544 ----a-w- c:\program files\couponprinter.exe

2010-10-19 06:09 . 2010-10-19 06:10 17873152 ----a-w- c:\program files\PDFCreator-1_0_2_setup.exe

2010-06-29 20:29 . 2010-06-29 20:28 563040 ----a-w- c:\program files\googleupdatesetup.exe

2010-06-19 04:17 . 2010-06-19 04:17 6153352 ----a-w- c:\program files\mbam-setup-1.46.exe

2010-06-19 03:38 . 2010-06-19 03:38 3387040 ----a-w- c:\program files\ccsetup232.exe

2010-06-17 23:44 . 2010-06-17 23:08 97364760 ----a-w- c:\program files\Ad-AwareInstaller.exe

2010-06-17 19:09 . 2010-06-17 19:09 16409960 ----a-w- c:\program files\spybotsd162.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]

"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]

"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-20 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-20 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-20 137752]

"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-06 872448]

"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]

"AccelerometerSysTrayApplet"="c:\windows\system32\AccelerometerSt.exe" [2007-01-24 124928]

"acevents"="c:\program files\ActivIdentity\ActivClient\acevents.exe" [2009-06-03 153640]

"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2009-06-03 400936]

"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]

"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-04-27 122941]

"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184]

"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-23 17920]

"IFXSPMGT"="c:\windows\system32\ifxspmgt.exe" [2007-07-24 677144]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]

"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2004-12-09 184320]

"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-15 644696]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-04 1603152]

"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]

"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]

"WrtMon.exe"="c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 20480]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-20 221184]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-12-21 443728]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"AvgUninstallURL"="start http:" [X]

.

c:\documents and settings\Kevin\Start Menu\Programs\Startup\

DING!.lnk - c:\program files\Southwest Airlines\Ding\Ding.exe [2006-6-22 462848]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-6-14 113664]

DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2010-6-13 184320]

Forget Me Not.lnk - c:\program files\Broderbund\AG CreataCard\agremind.exe [2010-6-19 331776]

QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2005-12-8 811008]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ackpbsc]

2009-06-03 23:14 113152 ----a-w- c:\program files\ActivIdentity\ActivClient\ackpbsc.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\acunlock]

2009-06-03 23:13 299520 ----a-w- c:\program files\ActivIdentity\ActivClient\acunlock.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]

2007-06-08 16:04 49152 ----a-r- c:\windows\system32\DeviceNP.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]

2007-03-14 13:03 74752 ----a-r- c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\system32\APSHook.dll

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"DisableNotifications"= 1 (0x1)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Intuit\\QuickBooks 2006\\QBDBMgrN.exe"=

"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

.

R0 SafeBoot;SafeBoot;c:\windows\system32\drivers\SafeBoot.sys [8/14/2007 5:59 PM 101167]

R0 SbAlg;SbAlg;c:\windows\system32\drivers\SbAlg.sys [10/9/2006 1:31 PM 44720]

R0 SbFsLock;SbFsLock;c:\windows\system32\drivers\SbFsLock.sys [6/14/2007 4:22 PM 13184]

R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [7/24/2007 8:21 AM 38816]

R1 RsvLock;RsvLock;c:\windows\system32\drivers\rsvlock.sys [8/14/2007 5:59 PM 5840]

R2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [6/3/2009 4:16 PM 207400]

R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [8/4/2004 5:00 AM 14336]

R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [8/4/2004 5:00 AM 14336]

R2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [9/6/2007 1:26 PM 221184]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [3/25/2011 10:20 PM 363344]

R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [7/24/2007 8:21 AM 41216]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [3/25/2011 10:20 PM 20952]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [6/14/2010 8:12 PM 136176]

S3 DAMDrv;DAMDrv;c:\windows\system32\drivers\DAMDrv.sys [6/13/2010 9:20 AM 30008]

S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [6/8/2007 9:06 AM 172131]

S3 HP24X;HP PC Card Smart Card Reader;c:\windows\system32\drivers\HP24X.sys [6/12/2010 1:12 PM 33024]

S4 Httervitiip;Httervitiip;c:\windows\system32\drivers\ati1ttxx.sys [6/12/2010 2:55 PM 21343]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

Cognizance REG_MULTI_SZ ASBroker ASChannel

.

Contents of the 'Scheduled Tasks' folder

.

2011-04-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-15 03:12]

.

2011-04-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-15 03:12]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.yahoo.com/

uInternet Connection Wizard,ShellNext = "c:\program files\Outlook Express\msimn.exe"

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

HKLM-Run-SelectRebates - c:\program files\SelectRebates\SelectRebates.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-04-13 16:00

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(904)

c:\program files\ActivIdentity\ActivClient\ackpbsc.dll

c:\program files\ActivIdentity\ActivClient\aclog.dll

c:\program files\ActivIdentity\ActivClient\accrypto.dll

c:\program files\ActivIdentity\ActivClient\ACLIBEAY.dll

c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll

c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll

c:\program files\Hewlett-Packard\IAM\Bin\TrayIcon.dll

c:\program files\Hewlett-Packard\IAM\bin\HPBrand.dll

c:\program files\Hewlett-Packard\IAM\Bin\ASChnl.dll

c:\program files\Hewlett-Packard\IAM\Bin\ItDAC.dll

c:\program files\Hewlett-Packard\IAM\Bin\ItReports.DLL

c:\windows\SbHpNp.DLL

c:\program files\ActivIdentity\ActivClient\acunlock.dll

c:\program files\ActivIdentity\ActivClient\aipingui.dll

c:\program files\ActivIdentity\ActivClient\acevtsub.dll

c:\program files\ActivIdentity\ActivClient\asphat32.dll

c:\program files\ActivIdentity\ActivClient\acerrmes.dll

c:\program files\ActivIdentity\ActivClient\aiwinext.dll

c:\program files\ActivIdentity\ActivClient\aspcom.dll

c:\program files\ActivIdentity\ActivClient\aicext.dll

c:\program files\ActivIdentity\ActivClient\Resources\acerrmrc.dll

c:\program files\ActivIdentity\ActivClient\Resources\asphatrc.dll

c:\program files\ActivIdentity\ActivClient\Resources\aipinguirc.dll

c:\program files\ActivIdentity\ActivClient\resources\acCobAPIrc.dll

c:\program files\ActivIdentity\ActivClient\resources\acCobAPIlrc.dll

c:\program files\ActivIdentity\ActivClient\Resources\acunlockrc.dll

c:\windows\system32\DeviceNP.dll

c:\program files\Hewlett-Packard\IAM\Bin\BioAuth.dll

c:\program files\Hewlett-Packard\IAM\Bin\ittal.dll

c:\program files\Hewlett-Packard\IAM\Bin\STEngine.dll

.

- - - - - - - > 'explorer.exe'(3176)

c:\windows\system32\WININET.dll

c:\windows\system32\APSHook.dll

c:\program files\ScanSoft\OmniPageSE4\OpHookSE4.dll

c:\windows\system32\ieframe.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\System32\SCardSvr.exe

c:\program files\Hewlett-Packard\IAM\bin\asghost.exe

c:\windows\system32\igfxsrvc.exe

c:\windows\system32\spool\drivers\w32x86\3\WrtProc.exe

c:\program files\LSI SoftModem\agrsmsvc.exe

c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\windows\system32\IFXTCS.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\windows\system32\IfxPsdSv.exe

c:\windows\system32\wdfmgr.exe

c:\program files\Canon\CAL\CALMAIN.exe

c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe

c:\windows\system32\wscntfy.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\Hewlett-Packard\Embedded Security Software\PSDrt.exe

c:\program files\Hewlett-Packard\Shared\HpqToaster.exe

.

**************************************************************************

.

Completion time: 2011-04-13 16:05:52 - machine was rebooted

ComboFix-quarantined-files.txt 2011-04-13 23:05

.

Pre-Run: 82,232,070,144 bytes free

Post-Run: 86,679,982,080 bytes free

.

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

.

- - End Of File - - F537D04E7849D158A785354CF1630CBF

Share this post


Link to post
Share on other sites

It will take me awhile to go through this.

Try your account and see if it works now

Share this post


Link to post
Share on other sites

I am downloading AVG again so my computer is secure. As soon as it is done, I will check my account. BTW, thanks for all your help these last two days!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.