JAM88x Posted October 25, 2011 ID:488763 Share Posted October 25, 2011 Recently my browsers have been opening random spam pages when I click links and also sporadically so I tried to run MBAM. I have had what seems to be a common problem of MBAM downloading but closing shortly after the scan begins. I am then unable to open the file again.I think I've followed the correct procedure here and have attached the two .txt files. Any help would be appreciated thanks.dds.txtattach.txt Link to post Share on other sites More sharing options...
Staff screen317 Posted October 29, 2011 Staff ID:489863 Share Posted October 29, 2011 Hi and welcome to Malwarebytes.Please don't attach logs unless otherwise noted.Download the file TDSSKiller.zip and extract it into a folder on the infected PC.Execute the file TDSSKiller.exe by double-clicking on it.Wait for the scan and disinfection process to be over.When its work is over, the utility prompts for a reboot to complete the disinfection.By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).The log is like UtilityName.Version_Date_Time_log.txt.for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.Please post that log here.Please update MBAM, run a Quick Scan, and post its log.Next, please visit this webpage for instructions for running ComboFix: http://www.bleepingcomputer.com/combofix/how-to-use-combofixWhen the tool is finished, it will produce a report for you.Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.-screen317 Link to post Share on other sites More sharing options...
JAM88x Posted October 29, 2011 Author ID:489989 Share Posted October 29, 2011 I have run TDSSKiller and attached the log. However, I am still unable to run an MBAM scan effectively as it closes a minute into the scan and I am then unable to open the file again. I'm not sure which step to take now.TDSSKiller.2.6.14.0_29.10.2011_17.06.29_log.txt Link to post Share on other sites More sharing options...
JAM88x Posted October 29, 2011 Author ID:489993 Share Posted October 29, 2011 I have read the thread involving the member kta1234 and I have the same symptoms. I have recently used my debit card online and am now worried that passwords etc. may have been stolen, should I be looking to follow a similar procedure of creating a new restore point? Link to post Share on other sites More sharing options...
Staff screen317 Posted November 3, 2011 Staff ID:491491 Share Posted November 3, 2011 Did you see my instructions for running ComboFix?? Link to post Share on other sites More sharing options...
JAM88x Posted November 3, 2011 Author ID:491567 Share Posted November 3, 2011 Ran ComboFix, heres the log.ComboFix 11-11-03.03 - James 03/11/2011 20:53:08.1.2 - x86Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1014.521 [GMT 0:00]Running from: c:\documents and settings\James\Desktop\ComboFix.exe * Created a new restore point..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..C:\cleansweep.exec:\cleansweep.exe\cleansweep.exec:\cleansweep.exe\config.binc:\documents and settings\Administrator\WINDOWSc:\documents and settings\Default User\WINDOWSc:\documents and settings\James\Application Data\UPd.exec:\documents and settings\James\Local Settings\Application Data\f31f805dc:\documents and settings\James\Local Settings\Application Data\f31f805d\@c:\documents and settings\James\Local Settings\Application Data\f31f805d\U\80000000.@c:\documents and settings\James\Local Settings\Application Data\f31f805d\U\800000cb.@c:\documents and settings\James\Local Settings\Application Data\f31f805d\Xc:\documents and settings\James\WINDOWSc:\windows\ c:\windows\$NtUninstallKB36029$\1402405832c:\windows\$NtUninstallKB36029$\4078927965\@c:\windows\$NtUninstallKB36029$\4078927965\L\bguemkzfc:\windows\$NtUninstallKB36029$\4078927965\loader.tlbc:\windows\$NtUninstallKB36029$\4078927965\U\@00000001c:\windows\$NtUninstallKB36029$\4078927965\U\@000000c0c:\windows\$NtUninstallKB36029$\4078927965\U\@000000cbc:\windows\$NtUninstallKB36029$\4078927965\U\@000000cfc:\windows\$NtUninstallKB36029$\4078927965\U\@80000000c:\windows\$NtUninstallKB36029$\4078927965\U\@800000c0c:\windows\$NtUninstallKB36029$\4078927965\U\@800000cbc:\windows\$NtUninstallKB36029$\4078927965\U\@800000cfc:\windows\{2521BB91-29B1-4d7e-9137-AC9875D77735}c:\windows\1568677875c:\windows\assembly\GAC_MSIL\desktop.inic:\windows\kb913800.exec:\windows\system32\ c:\windows\system32\config\systemprofile\WINDOWSc:\windows\system32\d3d9caps.datc:\windows\system32\muzapp.exec:\windows\system32\system32c:\windows\system32\system32\3DAudio.axc:\windows\system32\system32\avrt.dllc:\windows\system32\system32\cis-2.4.dllc:\windows\system32\system32\issacapi_bs-2.3.dllc:\windows\system32\system32\issacapi_pe-2.3.dllc:\windows\system32\system32\issacapi_se-2.3.dllc:\windows\system32\system32\MACXMLProto.dllc:\windows\system32\system32\MaDRM.dllc:\windows\system32\system32\MaJGUILib.dllc:\windows\system32\system32\MAMACExtract.dllc:\windows\system32\system32\MASetupCleaner.exec:\windows\system32\system32\MaXMLProto.dllc:\windows\system32\system32\mfplat.dllc:\windows\system32\system32\MK_Lyric.dllc:\windows\system32\system32\MSCLib.dllc:\windows\system32\system32\MSFLib.dllc:\windows\system32\system32\MSLUR71.dllc:\windows\system32\system32\msvcp60.dllc:\windows\system32\system32\MTTELECHIP.dllc:\windows\system32\system32\MTXSYNCICON.dllc:\windows\system32\system32\muzaf1.dllc:\windows\system32\system32\muzapp.dllc:\windows\system32\system32\muzapp.exec:\windows\system32\system32\muzdecode.axc:\windows\system32\system32\muzeffect.axc:\windows\system32\system32\muzmp4sp.axc:\windows\system32\system32\muzmpgsp.axc:\windows\system32\system32\muzoggsp.axc:\windows\system32\system32\muzwmts.dllc:\windows\system32\system32\psapi.dllc:\windows\$NtUninstallKB36029$ . . . . Failed to delete..((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))..-------\Service_f31f805d..((((((((((((((((((((((((( Files Created from 2011-10-03 to 2011-11-03 )))))))))))))))))))))))))))))))..2011-10-31 16:10 . 2011-08-31 17:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys2011-10-29 16:25 . 2011-10-29 16:25 -------- d-----w- C:\TDSSKiller_Quarantine2011-10-24 22:59 . 2011-10-24 22:59 -------- d--h--w- c:\windows\PIF2011-10-24 10:43 . 2011-10-31 16:11 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2011-10-24 10:42 . 2011-10-24 10:42 -------- d-----w- c:\documents and settings\James\Application Data\Malwarebytes2011-10-24 10:42 . 2011-10-24 10:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes2011-10-24 10:42 . 2011-11-01 17:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2011-10-20 22:07 . 2011-10-20 22:07 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE2011-10-20 22:06 . 2011-10-20 22:06 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache2011-10-20 19:47 . 2011-10-20 19:47 -------- d-----w- c:\documents and settings\LocalService\Application Data\Apple Computer2011-10-20 19:45 . 2011-10-20 19:45 -------- d-----w- c:\program files\Bonjour2011-10-17 22:28 . 2011-10-17 22:28 -------- d-----w- c:\documents and settings\James\Application Data\AVG20122011-10-17 22:26 . 2011-10-17 22:46 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2012...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2011-10-17 11:05 . 2011-05-17 18:17 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2011-09-26 10:41 . 2008-07-29 18:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll2011-09-26 10:41 . 2006-08-24 20:55 220160 ----a-w- c:\windows\system32\oleacc.dll2011-09-26 10:41 . 2006-08-24 20:55 20480 ----a-w- c:\windows\system32\oleaccrc.dll2011-09-13 05:30 . 2010-09-07 02:48 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys2011-09-09 09:12 . 2006-08-24 20:53 599040 ----a-w- c:\windows\system32\crypt32.dll2011-09-06 13:20 . 2005-09-16 19:27 1858944 ----a-w- c:\windows\system32\win32k.sys2011-08-30 22:05 . 2011-08-30 22:05 83816 ----a-w- c:\windows\system32\dns-sd.exe2011-08-30 22:05 . 2011-08-30 22:05 73064 ----a-w- c:\windows\system32\dnssd.dll2011-08-22 23:48 . 2005-09-16 19:27 916480 ----a-w- c:\windows\system32\wininet.dll2011-08-22 23:48 . 2006-08-24 20:54 43520 ----a-w- c:\windows\system32\licmgr10.dll2011-08-22 23:48 . 2006-08-24 20:54 1469440 ------w- c:\windows\system32\inetcpl.cpl2011-08-22 11:56 . 2006-08-24 20:54 385024 ----a-w- c:\windows\system32\html.iec2011-08-17 13:49 . 2006-08-24 20:52 138496 ----a-w- c:\windows\system32\drivers\afd.sys2011-08-08 05:08 . 2010-09-07 02:48 40016 ----a-w- c:\windows\system32\drivers\avgmfx86.sys2003-08-27 21:19 . 2005-09-16 21:54 36963 ----a-r- c:\program files\Common Files\SM1updtr.dll2011-10-01 12:01 . 2011-08-30 14:49 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Steam"="c:\program files\Steam\Steam.exe" [2011-08-02 1242448]"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]"BitComet"="c:\program files\BitComet\BitComet.exe" [2009-01-20 2523960]"Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192]"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-08-01 958352]"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-08-01 3507088]"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-08-01 20880]"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-13 212992]"NapsterShell"="c:\program files\Napster\napster.exe" [2006-06-29 319488]"AOL_Demo"="c:\applications\Tool\AOL Demo\DSGDemo.exe" [2006-03-01 177178]"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]"SMSERIAL"="sm56hlpr.exe" [2006-01-20 544768]"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 16270848]"AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2007-12-07 71008]"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2008-10-26 26112]"AOL Spyware Protection"="c:\progra~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" [2004-10-18 79448]"HostManager"="c:\program files\Common Files\AOL\1225112753\ee\AOLSoftware.exe" [2006-09-26 50736]"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-04-13 47392]"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-08-05 647520]"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-09-23 2404704]"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-10-09 421736]"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360].c:\documents and settings\James\Start Menu\Programs\Startup\Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]Shrink Pic.lnk - c:\program files\Shrink Pic\shrink_pic.exe [2009-5-4 2528256].c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]AOL 9.0 Tray Icon.lnk - c:\program files\AOL 9.0\aoltray.exe [2008-10-26 156784]AOL Companion.lnk - c:\program files\AOL Companion\companion.exe [2008-10-26 250992].[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart.[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Messenger\\msmsgs.exe"="c:\\Program Files\\LimeWire\\LimeWire.exe"="c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="c:\\Program Files\\AOL 9.0\\waol.exe"="c:\\Program Files\\Common Files\\AOL\\1225112753\\ee\\aolsoftware.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\Program Files\\BitComet\\BitComet.exe"="c:\\Program Files\\Steam\\SteamApps\\common\\football manager 2009\\fm.exe"="c:\\Program Files\\Mozilla Firefox\\firefox.exe"="c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"="%windir%\\system32\\drivers\\svchost.exe"="c:\\WINDOWS\\system32\\rtcshare.exe"="c:\\Program Files\\NetMeeting\\conf.exe"="c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"="c:\\Program Files\\SopCast\\SopCast.exe"="c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"="c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"="c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"="c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"="c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="c:\\Program Files\\Samsung\\Kies\\KiesTrayAgent.exe"="c:\\Program Files\\Samsung\\Kies\\KiesHelper.exe"="c:\\Program Files\\Common Files\\Java\\Java Update\\jucheck.exe"="c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"="c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"="c:\\Program Files\\Bonjour\\mDNSResponder.exe"="c:\\Program Files\\iTunes\\iTunes.exe"="c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"="c:\\Program Files\\Google\\Update\\GoogleUpdate.exe"="c:\\Program Files\\Xvid\\autoupdate-windows.exe"="c:\\Program Files\\Real\\RealPlayer\\realplay.exe"="c:\\Program Files\\Steam\\Steam.exe"="c:\\Program Files\\Java\\jre6\\bin\\java.exe"="c:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AcroRd32.exe"="c:\\Program Files\\Malwarebytes' Anti-Malware\\explorer.exe.exe"="c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"="c:\\Program Files\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe"="c:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe"="c:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE"="c:\\Documents and Settings\\James\\My Documents\\Downloads\\tdsskiller\\TDSSKiller.exe"="c:\\Program Files\\Last.fm\\LastFM.exe"="c:\\Program Files\\Microsoft\\Office Live\\OfficeLiveSignIn.exe"=.[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"18461:TCP"= 18461:TCP:BitComet 18461 TCP"18461:UDP"= 18461:UDP:BitComet 18461 UDP"5353:TCP"= 5353:TCP:Adobe CSI CS4"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service.R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [13/09/2010 15:27 23120]R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [07/09/2010 02:48 32592]R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [08/11/2006 13:40 34880]R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [07/09/2010 02:48 229840]R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [07/09/2010 02:49 295248]R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [19/08/2010 20:42 134608]R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [19/08/2010 20:42 24272]R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [19/08/2010 20:42 16720]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [31/10/2011 16:10 22216]S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [12/09/2011 05:23 5265248]S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [02/08/2011 05:09 192776]S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [09/09/2011 16:13 136176]S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [31/10/2011 16:10 366152]S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [14/05/2011 11:39 66112]S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [09/09/2011 16:13 136176]S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [05/09/2006 13:03 176128]S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [14/05/2011 11:39 180672]S3 VNUWL5B;VIA Networking Technologies USB Wireless LAN Adapter Driver Service;c:\windows\system32\drivers\VNUWL5B.SYS [05/09/2006 13:03 134656].Contents of the 'Scheduled Tasks' folder.2011-06-13 c:\windows\Tasks\AppleSoftwareUpdate.job- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57].2011-11-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-09 16:11].2011-11-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-09 16:11]..------- Supplementary Scan -------.uStart Page = hxxp://google.atcomet.com/b/uInternet Settings,ProxyOverride = *.localuSearchURL,(Default) = hxxp://search.aol.co.uk/web?isinit=true&query=%sIE: &AOL Toolbar search - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTMLIE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htmIE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htmIE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htmIE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000IE: Free YouTube to Mp3 Converter - c:\documents and settings\James\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htmTCP: DhcpNameServer = 192.168.0.1FF - ProfilePath - c:\documents and settings\James\Application Data\Mozilla\Firefox\Profiles\au82lx48.default\FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=FF - prefs.js: browser.search.selectedEngine - GoogleFF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/firefoxFF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&btnI=745&q=FF - user.js: yahoo.homepage.dontask - true.- - - - ORPHANS REMOVED - - - -.Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)HKCU-Run-Power2GoExpress - (no file)SafeBoot-40330103.sysSafeBoot-41413781.sysAddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exeAddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exeAddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exeAddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exeAddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exeAddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exeAddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exeAddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exeAddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exeAddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exeAddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exeAddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exeAddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exeAddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exeAddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exeAddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exeAddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exeAddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exeAddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe...**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2011-11-03 21:25Windows 5.1.2600 Service Pack 3 NTFS.scanning hidden processes ... .scanning hidden autostart entries ... .scanning hidden files ... .scan completed successfullyhidden files: 0.**************************************************************************.--------------------- DLLs Loaded Under Running Processes ---------------------.- - - - - - - > 'winlogon.exe'(1012)c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll.- - - - - - - > 'explorer.exe'(3368)c:\windows\system32\WININET.dllc:\program files\Shrink Pic\shrinkpici.dllc:\windows\system32\ieframe.dllc:\windows\system32\webcheck.dllc:\windows\system32\WPDShServiceObj.dllc:\windows\system32\PortableDeviceTypes.dllc:\windows\system32\PortableDeviceApi.dllc:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll.------------------------ Other Running Processes ------------------------.c:\progra~1\AVG\AVG2012\avgrsx.exec:\program files\AVG\AVG2012\avgcsrvx.exec:\program files\Bonjour\mDNSResponder.exec:\windows\eHome\ehRecvr.exec:\windows\sm56hlpr.exec:\windows\RTHDCPL.EXEc:\windows\eHome\ehSched.exec:\progra~1\MI3AA1~1\rapimgr.exec:\windows\ehome\mcrdsvc.exec:\windows\system32\wscntfy.exec:\windows\eHome\ehmsas.exec:\windows\system32\dllhost.exec:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exec:\program files\Common Files\Java\Java Update\jucheck.exe.**************************************************************************.Completion time: 2011-11-03 21:32:26 - machine was rebootedComboFix-quarantined-files.txt 2011-11-03 21:32.Pre-Run: 5,303,541,760 bytes freePost-Run: 9,286,500,352 bytes free.WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsUnsupportedDebug="do not select this" /debugmulti(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect.- - End Of File - - 47FED770C086C8C63B2E1F31F9362CD7awaiting your next instructions. Link to post Share on other sites More sharing options...
JAM88x Posted November 3, 2011 Author ID:491569 Share Posted November 3, 2011 DDS log:.DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26Run by James at 21:53:47 on 2011-11-03Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1014.236 [GMT 0:00]..============== Running Processes ===============.C:\PROGRA~1\AVG\AVG2012\avgrsx.exeC:\Program Files\AVG\AVG2012\avgcsrvx.exeC:\WINDOWS\system32\svchost.exe -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupsvchost.exesvchost.exesvchost.exeC:\WINDOWS\ehome\ehtray.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Napster\napster.exeC:\WINDOWS\system32\igfxtray.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\system32\igfxpers.exeC:\WINDOWS\sm56hlpr.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\Real\RealPlayer\RealPlay.exeC:\Program Files\Common Files\AOL\1225112753\ee\AOLSoftware.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\Microsoft ActiveSync\wcescomm.exeC:\Program Files\BitComet\BitComet.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Samsung\Kies\KiesTrayAgent.exeC:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exesvchost.exeC:\Program Files\AOL 9.0\aoltray.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\Program Files\Shrink Pic\shrink_pic.exeC:\Program Files\AOL Companion\companion.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\eHome\ehmsas.exeC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\System32\svchost.exe -k HTTPFilterC:\Program Files\Common Files\Java\Java Update\jucheck.exeC:\WINDOWS\system32\notepad.exeC:\WINDOWS\explorer.exeC:\Program Files\Mozilla Firefox\firefox.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://google.atcomet.com/b/uInternet Settings,ProxyOverride = *.localuSearchURL,(Default) = hxxp://search.aol.co.uk/web?isinit=true&query=%smURLSearchHooks: H - No FileBHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dllBHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.3.1.15.dllBHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dllBHO: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - c:\program files\windows live\family safety\fssbho.dllBHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No FileBHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dllBHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dllBHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllTB: AOL Toolbar: {4982d40a-c53b-4615-b15b-b5b5e98d167c} - c:\program files\aol toolbar\toolbar.dllTB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dlluRun: [steam] "c:\program files\steam\Steam.exe" -silentuRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"uRun: [bitComet] "c:\program files\bitcomet\BitComet.exe" /trayuRun: [Xvid] c:\program files\xvid\CheckUpdate.exeuRun: [KiesHelper] c:\program files\samsung\kies\KiesHelper.exe /suRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exeuRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exemRun: [ehTray] c:\windows\ehome\ehtray.exemRun: [Recguard] c:\windows\sminst\RECGUARD.EXEmRun: [NapsterShell] c:\program files\napster\napster.exe /systraymRun: [AOL_Demo] c:\applications\tool\aol demo\DSGDemo.exemRun: [High Definition Audio Property Page Shortcut] HDAShCut.exemRun: [igfxtray] c:\windows\system32\igfxtray.exemRun: [igfxhkcmd] c:\windows\system32\hkcmd.exemRun: [igfxpers] c:\windows\system32\igfxpers.exemRun: [sMSERIAL] sm56hlpr.exemRun: [skyTel] SkyTel.EXEmRun: [RTHDCPL] RTHDCPL.EXEmRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exemRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYERmRun: [AOL Spyware Protection] "c:\progra~1\common~1\aol\aolspy~1\AOLSP Scheduler.exe"mRun: [HostManager] c:\program files\common files\aol\1225112753\ee\AOLSoftware.exemRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exemRun: [fssui] "c:\program files\windows live\family safety\fsui.exe" -autorunmRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbyloginmRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttraydRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXEStartupFolder: c:\docume~1\james\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exeStartupFolder: c:\docume~1\james\startm~1\programs\startup\shrink~1.lnk - c:\program files\shrink pic\shrink_pic.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\aol90t~1.lnk - c:\program files\aol 9.0\aoltray.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\aolcom~1.lnk - c:\program files\aol companion\companion.exeIE: &AOL Toolbar search - c:\program files\aol toolbar\toolbar.dll/SEARCH.HTMLIE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htmIE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htmIE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htmIE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000IE: Free YouTube to Mp3 Converter - c:\documents and settings\james\application data\dvdvideosoftiehelpers\freeyoutubetomp3converter.htmIE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.3.1.15.dll/206IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dllIE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dllIE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dllIE: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - c:\program files\aol toolbar\toolbar.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLLIE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dllDPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CABDPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cabDPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cabDPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabTCP: DhcpNameServer = 192.168.0.1TCP: Interfaces\{A176F9FA-9AE3-4B94-A494-A2CDF58432DC} : DhcpNameServer = 192.168.0.1Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dllNotify: igfxcui - igfxdev.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll.================= FIREFOX ===================.FF - ProfilePath - c:\documents and settings\james\application data\mozilla\firefox\profiles\au82lx48.default\FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=FF - prefs.js: browser.search.selectedEngine - GoogleFF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/firefoxFF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&btnI=745&q=FF - plugin: c:\program files\ace mega codecs pack\systems\realmedia\browser\plugins\nppl3260.dllFF - plugin: c:\program files\ace mega codecs pack\systems\realmedia\browser\plugins\nprpjplug.dllFF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dllFF - plugin: c:\program files\microsoft\office live\npOLW.dllFF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dllFF - plugin: c:\program files\veetle\player\npvlc.dllFF - plugin: c:\program files\veetle\plugins\npVeetle.dllFF - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dllFF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dllFF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll.---- FIREFOX POLICIES ----FF - user.js: yahoo.homepage.dontask - true.============= SERVICES / DRIVERS ===============.R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 23120]R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 32592]R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2006-11-8 34880]R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 229840]R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 40016]R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 295248]R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-1-10 54752]R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 134608]R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 24272]R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 16720]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-10-31 22216]S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-9-12 5265248]S2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-9-9 136176]S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-31 366152]S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2011-5-14 66112]S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-9-9 136176]S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [2006-9-5 176128]S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2011-5-14 180672]S3 VNUWL5B;VIA Networking Technologies USB Wireless LAN Adapter Driver Service;c:\windows\system32\drivers\VNUWL5B.SYS [2006-9-5 134656].=============== Created Last 30 ================.2011-11-03 20:40:14 -------- d-sha-r- C:\cmdcons2011-11-03 20:37:17 98816 ----a-w- c:\windows\sed.exe2011-11-03 20:37:17 518144 ----a-w- c:\windows\SWREG.exe2011-11-03 20:37:17 256000 ----a-w- c:\windows\PEV.exe2011-11-03 20:37:17 208896 ----a-w- c:\windows\MBR.exe2011-10-31 16:10:45 22216 ----a-w- c:\windows\system32\drivers\mbam.sys2011-10-29 16:25:53 -------- d-----w- C:\TDSSKiller_Quarantine2011-10-24 22:59:56 -------- d--h--w- c:\windows\PIF2011-10-24 22:48:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware22011-10-24 10:43:15 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2011-10-24 10:42:55 -------- d-----w- c:\documents and settings\james\application data\Malwarebytes2011-10-24 10:42:36 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes2011-10-24 10:42:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2011-10-20 19:45:56 -------- d-----w- c:\program files\Bonjour2011-10-17 22:28:41 -------- d-----w- c:\documents and settings\james\application data\AVG20122011-10-17 22:26:04 -------- d-----w- c:\documents and settings\all users\application data\AVG2012.==================== Find3M ====================.2011-10-17 11:05:06 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2011-09-26 10:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll2011-09-26 10:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll2011-09-26 10:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll2011-09-13 05:30:10 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys2011-08-30 22:05:04 83816 ----a-w- c:\windows\system32\dns-sd.exe2011-08-30 22:05:04 73064 ----a-w- c:\windows\system32\dnssd.dll2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll2011-08-22 23:48:54 43520 ----a-w- c:\windows\system32\licmgr10.dll2011-08-22 23:48:54 1469440 ------w- c:\windows\system32\inetcpl.cpl2011-08-22 11:56:39 385024 ----a-w- c:\windows\system32\html.iec2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys2003-08-27 21:19:18 36963 ----a-r- c:\program files\common files\SM1updtr.dll.============= FINISH: 21:54:45.75 =============== Link to post Share on other sites More sharing options...
Staff screen317 Posted November 8, 2011 Staff ID:492722 Share Posted November 8, 2011 Hi, Next, please run a free online scan with the ESET Online Scanner Note: You will need to use Internet Explorer for this scan.Tick the box next to YES, I accept the Terms of Use.Click StartWhen asked, allow the ActiveX control to installClick StartMake sure that the options Remove found threats and the option Scan unwanted applications is checkedClick Scan Wait for the scan to finishUse Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txtCopy and paste that log as a reply to this topic Next, download my Security Check from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document. Let me know how things are running now and what issues remain. Link to post Share on other sites More sharing options...
Staff screen317 Posted November 21, 2011 Staff ID:496600 Share Posted November 21, 2011 Are you still with us? This topic will be closed in a few days if we do not hear back from you. Link to post Share on other sites More sharing options...
Staff screen317 Posted December 6, 2011 Staff ID:501802 Share Posted December 6, 2011 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts