Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Google redirecting and TDSS problem [RESOLVED]

Started by MVV , Oct 25 2008 08:03 PM

  • This topic is locked This topic is locked

#16
MVV
Posted 27 October 2008 - 01:56 PM

MVV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
--------------------\\ Lop S&D 4.2.4-8 XP/Vista

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 2.80GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A01
USER : Mike ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
C:\ (Local Disk) - NTFS - Total:70 Go (Free:38 Go)
D:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 27-10-2008|09:15 )
Option : [1] ( Mon 10/27/2008|15:52 )

--------------------\\ Listing folders in APPLIC~1

[09/20/2004|09:49] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Identities
[09/20/2004|10:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Jasc Software Inc
[08/02/2008|03:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Microsoft
[09/20/2004|10:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Sonic
[09/20/2004|10:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Sun
[09/20/2004|10:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Symantec

[03/12/2008|09:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ableton
[07/25/2008|01:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> ACASystems
[06/13/2008|10:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[08/02/2007|11:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe Systems
[06/12/2008|04:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL
[02/10/2007|08:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL Downloads
[12/25/2007|05:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
[12/25/2007|05:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[10/23/2008|08:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> avg8
[07/11/2008|01:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AVS4YOU
[09/20/2004|10:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CyberLink
[06/15/2005|01:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Dell
[05/13/2008|02:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FLEXnet
[06/14/2005|04:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> GTek
[08/02/2008|10:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Kaspersky Lab
[06/14/2008|04:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
[06/13/2008|11:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee
[02/10/2007|08:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee.com
[08/15/2007|04:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[01/17/2008|05:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Motive
[11/19/2004|09:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> MSN6
[07/12/2008|01:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PC Tools
[07/01/2006|03:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> PlayFirst
[09/20/2004|10:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[09/20/2004|09:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SBSI
[06/11/2008|07:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy
[12/19/2007|08:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SUPERAntiSpyware.com
[11/20/2004|11:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[10/26/2008|11:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[02/08/2007|03:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Viewpoint
[09/23/2007|09:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[01/21/2008|09:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> yahoo!
[01/19/2008|09:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo! Companion

[09/20/2004|09:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[09/20/2004|10:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Jasc Software Inc
[09/20/2004|10:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[09/20/2004|10:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Sonic
[09/20/2004|10:14] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Sun
[09/20/2004|10:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Symantec

[03/05/2008|04:55] C:\DOCUME~1\Jen\APPLIC~1\<DIR> Adobe
[12/25/2007|12:31] C:\DOCUME~1\Jen\APPLIC~1\<DIR> AdobeUM
[01/05/2007|04:49] C:\DOCUME~1\Jen\APPLIC~1\<DIR> AOL
[10/03/2008|10:06] C:\DOCUME~1\Jen\APPLIC~1\<DIR> Apple Computer
[08/08/2008|02:59] C:\DOCUME~1\Jen\APPLIC~1\<DIR> AVGTOOLBAR
[03/18/2007|07:56] C:\DOCUME~1\Jen\APPLIC~1\<DIR> Corel
[05/18/2005|06:58] C:\DOCUME~1\Jen\APPLIC~1\<DIR> CyberLink
[07/03/2008|10:55] C:\DOCUME~1\Jen\APPLIC~1\<DIR> DivX
[08/06/2008|04:46] C:\DOCUME~1\Jen\APPLIC~1\<DIR> Gtek
[03/16/2007|09:00] C:\DOCUME~1\Jen\APPLIC~1\<DIR> Help
[09/20/2004|09:49] C:\DOCUME~1\Jen\APPLIC~1\<DIR> Identities
[09/20/2004|10:23] C:\DOCUME~1\Jen\APPLIC~1\<DIR> Jasc Software Inc
[09/25/2004|05:41] C:\DOCUME~1\Jen\APPLIC~1\<DIR> Leadertech
[03/02/2005|05:56] C:\DOCUME~1\Jen\APPLIC~1\<DIR> Macromedia
[01/05/2007|04:48] C:\DOCUME~1\Jen\APPLIC~1\<DIR> McAfee.com Personal Firewall
[08/02/2008|03:56] C:\DOCUME~1\Jen\APPLIC~1\<DIR> Microsoft
[03/05/2008|04:51] C:\DOCUME~1\Jen\APPLIC~1\<DIR> Motive
[11/20/2007|10:06] C:\DOCUME~1\Jen\APPLIC~1\<DIR> Mozilla
[06/11/2007|10:19] C:\DOCUME~1\Jen\APPLIC~1\<DIR> MySpace
[06/06/2007|09:45] C:\DOCUME~1\Jen\APPLIC~1\<DIR> Real
[07/03/2008|11:08] C:\DOCUME~1\Jen\APPLIC~1\<DIR> Snapfish
[09/25/2004|05:41] C:\DOCUME~1\Jen\APPLIC~1\<DIR> Sonic
[09/20/2004|10:14] C:\DOCUME~1\Jen\APPLIC~1\<DIR> Sun
[12/27/2007|04:45] C:\DOCUME~1\Jen\APPLIC~1\<DIR> SUPERAntiSpyware.com
[09/20/2004|10:24] C:\DOCUME~1\Jen\APPLIC~1\<DIR> Symantec
[02/16/2007|01:18] C:\DOCUME~1\Jen\APPLIC~1\<DIR> Viewpoint
[06/05/2007|03:07] C:\DOCUME~1\Jen\APPLIC~1\<DIR> WinRAR
[07/03/2008|11:00] C:\DOCUME~1\Jen\APPLIC~1\<DIR> yahoo!

[10/01/2007|11:08] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Help
[12/01/2004|06:49] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Macromedia
[12/29/2006|04:40] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> McAfee.com Personal Firewall
[08/02/2008|03:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft

[05/19/2008|05:40] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> Adobe
[01/20/2006|05:33] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> AdobeUM
[01/01/2007|02:04] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> AOL
[06/14/2006|09:15] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> Apple Computer
[08/29/2008|03:15] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> AVGTOOLBAR
[03/17/2007|08:53] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> Corel
[03/17/2007|08:42] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> CyberLink
[08/06/2008|04:46] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> Gtek
[08/26/2005|08:18] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> Help
[09/20/2004|09:49] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> Identities
[09/20/2004|10:23] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> Jasc Software Inc
[10/28/2005|05:00] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> Leadertech
[08/13/2005|01:25] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> Macromedia
[01/01/2007|02:02] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> McAfee.com Personal Firewall
[08/02/2008|03:56] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> Microsoft
[02/02/2008|04:23] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> Motive
[11/22/2007|11:23] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> Mozilla
[06/15/2007|04:50] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> MySpace
[07/01/2006|03:20] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> PlayFirst
[11/21/2007|03:58] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> Real
[09/20/2004|10:22] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> Sonic
[09/20/2004|10:14] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> Sun
[12/27/2007|04:40] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> SUPERAntiSpyware.com
[09/20/2004|10:24] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> Symantec
[02/14/2007|02:09] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> Viewpoint
[10/27/2007|04:37] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> WinRAR
[02/10/2008|01:04] C:\DOCUME~1\Lucy63\APPLIC~1\<DIR> Yahoo!

[03/12/2008|09:02] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Ableton
[07/25/2008|01:35] C:\DOCUME~1\Mike\APPLIC~1\<DIR> ACASystems
[06/29/2007|06:49] C:\DOCUME~1\Mike\APPLIC~1\<DIR> AccurateRip
[06/13/2008|10:22] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Adobe
[07/29/2007|07:28] C:\DOCUME~1\Mike\APPLIC~1\<DIR> AdobeUM
[07/11/2008|08:43] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Any Video Converter Professional
[06/12/2008|04:02] C:\DOCUME~1\Mike\APPLIC~1\<DIR> AOL
[08/28/2008|03:22] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Apple Computer
[08/26/2008|08:56] C:\DOCUME~1\Mike\APPLIC~1\<DIR> AVGTOOLBAR
[07/11/2008|08:38] C:\DOCUME~1\Mike\APPLIC~1\<DIR> avidemux
[07/11/2008|01:57] C:\DOCUME~1\Mike\APPLIC~1\<DIR> AVS4YOU
[11/29/2007|03:04] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Corel
[06/14/2005|04:45] C:\DOCUME~1\Mike\APPLIC~1\<DIR> CyberLink
[06/29/2007|06:52] C:\DOCUME~1\Mike\APPLIC~1\<DIR> dBpoweramp
[09/20/2007|11:29] C:\DOCUME~1\Mike\APPLIC~1\<DIR> DivX
[07/11/2008|05:55] C:\DOCUME~1\Mike\APPLIC~1\<DIR> DVD Flick
[07/11/2008|06:04] C:\DOCUME~1\Mike\APPLIC~1\<DIR> dvdcss
[08/06/2008|04:46] C:\DOCUME~1\Mike\APPLIC~1\<DIR> GTek
[07/11/2008|09:50] C:\DOCUME~1\Mike\APPLIC~1\<DIR> gtk-2.0
[11/19/2004|09:30] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Help
[09/20/2004|09:49] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Identities
[10/04/2005|06:53] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Jasc
[09/20/2004|10:23] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Jasc Software Inc
[11/14/2004|05:29] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Leadertech
[11/13/2004|03:02] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Macromedia
[06/14/2008|04:40] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Malwarebytes
[12/29/2006|04:25] C:\DOCUME~1\Mike\APPLIC~1\<DIR> McAfee
[12/29/2006|04:35] C:\DOCUME~1\Mike\APPLIC~1\<DIR> McAfee.com Personal Firewall
[08/29/2008|05:42] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Microsoft
[10/17/2008|01:03] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Move Networks
[09/30/2007|04:16] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Mozilla
[12/20/2006|06:23] C:\DOCUME~1\Mike\APPLIC~1\<DIR> MSN6
[09/26/2005|05:35] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Musicmatch
[06/12/2007|01:31] C:\DOCUME~1\Mike\APPLIC~1\<DIR> MySpace
[07/28/2006|12:16] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Real
[12/29/2006|04:25] C:\DOCUME~1\Mike\APPLIC~1\<DIR> SiteAdvisor
[11/14/2004|05:29] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Sonic
[07/11/2008|07:11] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Sony
[09/20/2004|10:14] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Sun
[12/19/2007|08:09] C:\DOCUME~1\Mike\APPLIC~1\<DIR> SUPERAntiSpyware.com
[09/20/2004|10:24] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Symantec
[06/12/2008|01:26] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Uniblue
[10/21/2008|12:38] C:\DOCUME~1\Mike\APPLIC~1\<DIR> uTorrent
[02/08/2007|03:22] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Viewpoint
[03/17/2007|09:19] C:\DOCUME~1\Mike\APPLIC~1\<DIR> WinRAR
[07/11/2008|08:18] C:\DOCUME~1\Mike\APPLIC~1\<DIR> Yahoo!

[08/02/2008|03:56] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft

[06/11/2007|10:19] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Microsoft

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[10/14/2008 03:37 PM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[10/27/2008 03:12 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[08/29/2002 04:00 AM][-r-h-----] C:\WINDOWS\tasks\DESKTOP.INI

--------------------\\ Listing Folders in C:\Program Files

[07/27/2007|09:42] C:\Program Files\<DIR> 7-Zip
[09/20/2004|10:17] C:\Program Files\<DIR> ABBYY FineReader 5.0 Sprint
[09/20/2004|10:16] C:\Program Files\<DIR> ABBYY FineReader 6.0
[06/13/2008|10:29] C:\Program Files\<DIR> Adobe
[05/19/2008|06:15] C:\Program Files\<DIR> America Online 9.0
[02/10/2007|08:35] C:\Program Files\<DIR> AOL
[09/20/2004|10:19] C:\Program Files\<DIR> AOL Companion
[08/27/2008|11:04] C:\Program Files\<DIR> Apple Software Update
[08/02/2008|03:57] C:\Program Files\<DIR> AVG
[08/28/2008|12:52] C:\Program Files\<DIR> Bonjour
[06/08/2006|07:09] C:\Program Files\<DIR> BroadJump
[10/27/2008|01:29] C:\Program Files\<DIR> Common Files
[09/20/2004|09:49] C:\Program Files\<DIR> ComPlus Applications
[09/20/2004|10:04] C:\Program Files\<DIR> CONEXANT
[05/18/2007|05:16] C:\Program Files\<DIR> coverXP
[12/01/2006|07:16] C:\Program Files\<DIR> CyberScrub AntiVirus
[06/15/2005|01:39] C:\Program Files\<DIR> Dell
[08/02/2008|10:48] C:\Program Files\<DIR> Dell AIO Printer A920
[09/20/2004|10:23] C:\Program Files\<DIR> Dell Computer
[08/06/2008|04:45] C:\Program Files\<DIR> DellSupport
[09/30/2007|01:55] C:\Program Files\<DIR> Digital Line Detect
[06/11/2008|01:39] C:\Program Files\<DIR> DivX
[07/07/2008|08:43] C:\Program Files\<DIR> doubleTwist
[07/27/2008|08:55] C:\Program Files\<DIR> Enigma Software Group
[11/07/2004|07:14] C:\Program Files\<DIR> EPSON
[02/27/2007|06:07] C:\Program Files\<DIR> fixreg
[03/26/2008|05:38] C:\Program Files\<DIR> Google
[06/11/2007|08:53] C:\Program Files\<DIR> Illustrate
[12/14/2006|08:11] C:\Program Files\<DIR> InstallShield Installation Information
[09/20/2004|10:16] C:\Program Files\<DIR> Intel
[10/14/2008|05:01] C:\Program Files\<DIR> Internet Explorer
[08/28/2008|12:53] C:\Program Files\<DIR> iPod
[08/28/2008|12:54] C:\Program Files\<DIR> iTunes
[09/20/2004|10:23] C:\Program Files\<DIR> Jasc Software Inc
[05/23/2005|06:37] C:\Program Files\<DIR> Java
[09/08/2008|09:20] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[08/13/2008|05:08] C:\Program Files\<DIR> Messenger
[12/20/2006|08:29] C:\Program Files\<DIR> Microsoft
[09/20/2004|10:20] C:\Program Files\<DIR> Microsoft Encarta
[09/20/2004|09:50] C:\Program Files\<DIR> microsoft frontpage
[09/20/2004|10:21] C:\Program Files\<DIR> Microsoft Money
[07/11/2008|07:09] C:\Program Files\<DIR> Microsoft SQL Server
[09/20/2004|10:16] C:\Program Files\<DIR> Modem Helper
[08/15/2007|04:57] C:\Program Files\<DIR> Movie Maker
[10/27/2008|03:22] C:\Program Files\<DIR> Mozilla Firefox
[09/20/2004|09:49] C:\Program Files\<DIR> MSN
[09/20/2004|09:49] C:\Program Files\<DIR> MSN Gaming Zone
[08/17/2007|05:01] C:\Program Files\<DIR> MSXML 4.0
[08/17/2007|05:03] C:\Program Files\<DIR> MSXML 6.0
[09/20/2004|10:26] C:\Program Files\<DIR> MUSICMATCH
[06/14/2008|03:40] C:\Program Files\<DIR> MySpace
[08/15/2007|04:54] C:\Program Files\<DIR> NetMeeting
[09/20/2004|10:16] C:\Program Files\<DIR> NetWaiting
[12/20/2006|05:13] C:\Program Files\<DIR> NetZero
[09/20/2004|10:29] C:\Program Files\<DIR> NetZeroInstallers
[09/20/2004|09:49] C:\Program Files\<DIR> Online Services
[08/17/2007|05:03] C:\Program Files\<DIR> Outlook Express
[07/12/2008|01:49] C:\Program Files\<DIR> PC Tools AntiVirus
[07/11/2008|06:08] C:\Program Files\<DIR> ProjectX_0.90.4.00
[03/28/2006|08:18] C:\Program Files\<DIR> ProjectX_Source_0.90.4
[08/28/2008|12:52] C:\Program Files\<DIR> QuickTime
[09/25/2008|11:55] C:\Program Files\<DIR> ratDVD
[09/20/2004|10:19] C:\Program Files\<DIR> Real
[08/28/2008|12:36] C:\Program Files\<DIR> Safari
[03/23/2008|08:33] C:\Program Files\<DIR> SBC Self Support Tool
[08/16/2008|03:03] C:\Program Files\<DIR> SmitfraudFix
[09/20/2004|10:18] C:\Program Files\<DIR> Sonic
[07/12/2008|12:00] C:\Program Files\<DIR> Sony
[10/25/2008|12:46] C:\Program Files\<DIR> Soulseek
[09/08/2008|09:49] C:\Program Files\<DIR> Spybot - Search & Destroy
[10/23/2008|07:36] C:\Program Files\<DIR> SpywareBlaster
[09/04/2008|05:50] C:\Program Files\<DIR> SUPERAntiSpyware
[09/21/2007|02:00] C:\Program Files\<DIR> Theorica Divx Codecs
[07/28/2008|06:28] C:\Program Files\<DIR> Trend Micro
[07/11/2008|07:10] C:\Program Files\<DIR> Uninstall Information
[08/09/2008|09:21] C:\Program Files\<DIR> uTorrent
[09/20/2004|10:19] C:\Program Files\<DIR> Viewpoint
[09/23/2007|09:47] C:\Program Files\<DIR> Windows Media Connect 2
[10/10/2007|02:25] C:\Program Files\<DIR> Windows Media Player
[08/15/2007|04:54] C:\Program Files\<DIR> Windows NT
[11/13/2004|01:11] C:\Program Files\<DIR> WindowsUpdate
[07/27/2007|09:48] C:\Program Files\<DIR> WinRAR
[09/20/2004|10:28] C:\Program Files\<DIR> WordPerfect Office 12
[09/20/2004|09:49] C:\Program Files\<DIR> XEROX
[01/17/2008|05:20] C:\Program Files\<DIR> Yahoo!
[09/20/2004|10:26] C:\Program Files\<DIR> Your Company Name

--------------------\\ Listing Folders in C:\Program Files\Common Files

[06/13/2008|10:37] C:\Program Files\Common Files\<DIR> Adobe
[08/02/2007|11:41] C:\Program Files\Common Files\<DIR> Adobe Systems Shared
[06/12/2008|04:05] C:\Program Files\Common Files\<DIR> AOL
[09/20/2004|10:19] C:\Program Files\Common Files\<DIR> aolshare
[12/25/2007|05:36] C:\Program Files\Common Files\<DIR> Apple
[07/11/2008|10:24] C:\Program Files\Common Files\<DIR> AVSMedia
[09/20/2004|10:28] C:\Program Files\Common Files\<DIR> Borland Shared
[09/20/2004|10:28] C:\Program Files\Common Files\<DIR> Corel
[06/14/2008|04:40] C:\Program Files\Common Files\<DIR> Download Manager
[09/26/2005|05:34] C:\Program Files\Common Files\<DIR> InstallShield
[09/20/2004|10:14] C:\Program Files\Common Files\<DIR> Java
[12/01/2006|07:16] C:\Program Files\Common Files\<DIR> Kaspersky Lab
[07/07/2008|08:19] C:\Program Files\Common Files\<DIR> Microsoft Shared
[03/23/2008|08:33] C:\Program Files\Common Files\<DIR> Motive
[09/20/2004|09:49] C:\Program Files\Common Files\<DIR> MSSoap
[09/25/2004|06:59] C:\Program Files\Common Files\<DIR> NSV
[09/20/2004|10:19] C:\Program Files\Common Files\<DIR> Nullsoft
[09/20/2004|09:49] C:\Program Files\Common Files\<DIR> ODBC
[07/12/2008|01:44] C:\Program Files\Common Files\<DIR> PC Tools
[07/28/2006|12:11] C:\Program Files\Common Files\<DIR> Real
[09/30/2007|01:54] C:\Program Files\Common Files\<DIR> Scanner
[09/20/2004|09:49] C:\Program Files\Common Files\<DIR> Services
[09/20/2004|10:18] C:\Program Files\Common Files\<DIR> Sonic
[09/20/2004|09:49] C:\Program Files\Common Files\<DIR> SpeechEngines
[04/08/2007|08:35] C:\Program Files\Common Files\<DIR> SWF Studio
[11/20/2004|11:51] C:\Program Files\Common Files\<DIR> Symantec Shared
[08/17/2007|05:03] C:\Program Files\Common Files\<DIR> System
[12/19/2007|08:08] C:\Program Files\Common Files\<DIR> Wise Installation Wizard
[07/28/2006|12:11] C:\Program Files\Common Files\<DIR> xing shared

--------------------\\ Process

( 33 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

No Lop folder found !

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-27 15:53:50
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Mike\My Documents\Ableton\Library\Presets\Audio Effects\Vinyl Distortion\Crack.adv


[F:1][D:1]-> C:\DOCUME~1\Mike\LOCALS~1\Temp
[F:3][D:0]-> C:\DOCUME~1\Mike\Cookies
[F:7][D:2]-> C:\DOCUME~1\Mike\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Mon 10/27/2008|15:55 - Option : [1]

--------------------\\ Scan completed at 15:55:08
  • 0

Advertisements

#17
MVV
Posted 27 October 2008 - 01:58 PM

MVV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
7-Zip 4.44 beta
ABBYY FineReader 5.0 Sprint
Adobe Color Common Settings
Adobe Color Common Settings
Adobe ExtendScript Toolkit 2
Adobe ExtendScript Toolkit 2
Adobe Flash Player 9 ActiveX
Adobe Flash Player Plugin
Adobe Reader 7.0
Adobe Setup
Adobe Setup
Adobe Shockwave Player
AOL Coach Version 1.0(Build:20030807.3)
AOL Uninstaller (Choose which Products to Remove)
Apple Mobile Device Support
Apple Software Update
AT&T Self Support Tool
AT&T Yahoo! Applications
AVG Free 8.0
Bonjour
BroadJump Client Foundation
Conexant D850 56K V.9x DFVc Modem
coverXP (remove only)
DA920EN
dBpoweramp m4a Codec
dBpoweramp Music Converter
dBpoweramp Real Audio (Helix) Encoder
dBpoweramp Windows Media Audio 10 Codec
Dell AIO Printer A920
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Media Experience
Dell Solution Center
DellSupport
Digital Line Detect
DivX Codec
DivX Converter
DivX Player
DivX Web Player
doubleTwist desktop
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
Intel® Extreme Graphics 2 Driver
Intel® PRO Network Adapters and Drivers
Intel® PROSet for Wired Connections
Internet Explorer Default Page
iTunes
Jasc Paint Shop Photo Album
Jasc Paint Shop Pro 8 Dell Edition
Java 2 Runtime Environment, SE v1.4.2_03
Kaspersky Online Scanner
Learn2 Player (Uninstall Only)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Encarta Encyclopedia Standard 2004
Microsoft Money 2004
Microsoft Money 2004 System Pack
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Modem Helper
Move Networks Player for Internet Explorer
Mozilla Firefox (2.0.0.17)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
Musicmatch® Jukebox
NetWaiting
NetZero
NetZeroInstallers
QuickTime
ratDVD 0.78.1444
RealPlayer
Safari
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 8 (KB917734)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB958644)
Shockwave
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
SoulSeek Client 156c
Spybot - Search & Destroy
SpywareBlaster 4.1
SUPERAntiSpyware Free Edition
Theorica Divx ;-) Codecs (remove only)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Update for Windows XP (KB951072-v2)
Viewpoint Media Player
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2
WinRAR archiver
WordPerfect Office 12
XviD MPEG4 Video Codec (remove only)
  • 0

#18
Egwene
Posted 28 October 2008 - 11:03 AM

Egwene

    Member 2k

  • Visiting Consultant
  • 2,141 posts
Hello,

Let's check with Kaspersky online about some files which may be patched.

1) Update Java :

Please download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.
  • Open JavaRa.exe again and select Search For Updates.
  • Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.

2) Run Kaspersky Online :

Please do an online scan with Kaspersky WebScanner

Make sure you are using Internet Explorer for this. Click on Kaspersky Online Scanner and click Accept

You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Regards,
Egwene.
  • 0

#19
MVV
Posted 28 October 2008 - 04:15 PM

MVV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
Kaspersky keeps stalling on me at about 68%.

Edited by MVV, 28 October 2008 - 04:15 PM.

  • 0

#20
Egwene
Posted 28 October 2008 - 04:56 PM

Egwene

    Member 2k

  • Visiting Consultant
  • 2,141 posts
Hello,

Hum... oki dokie :)

I need to do deeper researches to check all are ok on your computer.

I will come back to you tomorrow ( time to go to bed for me :) )

But i guess your computer is running better now... but there is still something to do here :)

Regards,
Egwene.

Edited by Egwene, 28 October 2008 - 04:57 PM.

  • 0

#21
MVV
Posted 28 October 2008 - 04:58 PM

MVV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
It is running a lot better.

I'll try running Kaspersky a few more times to see if it works out.
  • 0

#22
MVV
Posted 29 October 2008 - 12:50 AM

MVV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
I got the Kaspersky to finish, so here it is.


--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Wednesday, October 29, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Wednesday, October 29, 2008 03:24:23
Records in database: 1355093
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\

Scan statistics:
Files scanned: 89524
Threat name: 17
Infected objects: 31
Suspicious objects: 0
Duration of the scan: 01:53:08


File name / Threat name / Threats count
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\A0012169.scr.bac_a02728 Infected: not-a-virus:WebToolbar.Win32.MyWebSearch 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\A0012170.DLL.bac_a02728 Infected: not-a-virus:AdTool.Win32.MyWebSearch.at 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\A0012173.DLL.bac_a02728 Infected: not-a-virus:WebToolbar.Win32.MyWebSearch 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\A0012174.DLL.bac_a02728 Infected: not-a-virus:WebToolbar.Win32.MyWebSearch.af 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\A0012176.SCR.bac_a02728 Infected: not-a-virus:WebToolbar.Win32.MyWebSearch 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\A0012178.DLL.bac_a02728 Infected: not-a-virus:WebToolbar.Win32.MyWebSearch 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\A0012179.EXE.bac_a02728 Infected: not-a-virus:WebToolbar.Win32.MyWebSearch.a 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\A0012182.DLL.bac_a02728 Infected: not-a-virus:WebToolbar.Win32.MyWebSearch 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\A0012184.DLL.bac_a02728 Infected: not-a-virus:WebToolbar.Win32.MyWebSearch.ax 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\A0012188.DLL.bac_a02728 Infected: not-a-virus:WebToolbar.Win32.MyWebSearch 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\A0012189.DLL.bac_a02728 Infected: not-a-virus:WebToolbar.Win32.MyWebSearch.as 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\A0012192.EXE.bac_a02728 Infected: not-a-virus:WebToolbar.Win32.MyWebSearch.au 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\A0012193.EXE.bac_a02728 Infected: not-a-virus:WebToolbar.Win32.MyWebSearch.au 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\A0012194.DLL.bac_a02728 Infected: not-a-virus:WebToolbar.Win32.MyWebSearch.i 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\A0012236.DLL.bac_a02728 Infected: not-a-virus:WebToolbar.Win32.MyWebSearch.as 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\A0012237.DLL.bac_a02728 Infected: not-a-virus:WebToolbar.Win32.MyWebSearch.l 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\A0012241.EXE.bac_a02728 Infected: not-a-virus:WebToolbar.Win32.MyWebSearch 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\A0012243.DLL.bac_a02728 Infected: not-a-virus:WebToolbar.Win32.MyWebSearch 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\A0012261.DLL.bac_a02728 Infected: not-a-virus:AdWare.Win32.FunWeb.e 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\A0014492.exe.bac_a02728 Infected: not-a-virus:AdWare.Win32.Agent.at 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\alwkofox.dll.bac_a02728 Infected: not-a-virus:AdWare.Win32.BHO.v 1
C:\Documents and Settings\Mike\.housecall6.6\Quarantine\byqvgfiv.dll.bac_a02728 Infected: Trojan.Win32.BHO.g 1
C:\Program Files\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1
C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\TDSSbubx.dll.vir Infected: Trojan.Win32.Agent.akki 1
C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\TDSScfgb.dll.vir Infected: Backdoor.Win32.TDSS.asz 1
C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\TDSSfpmp.dll.vir Infected: Backdoor.Win32.TDSS.atb 1
C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\TDSSnrsr.dll.vir Infected: Backdoor.Win32.TDSS.asz 1
C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\TDSSrhym.dll.vir Infected: Trojan.Win32.Agent.akki 1
C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\TDSSriqp.dll.vir Infected: Backdoor.Win32.TDSS.atb 1
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP64\A0008311.dll Infected: Trojan.Win32.Agent.akki 1
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP64\A0008320.dll Infected: Trojan.Win32.Agent.akki 1

The selected area was scanned.
  • 0

#23
Egwene
Posted 29 October 2008 - 11:53 AM

Egwene

    Member 2k

  • Visiting Consultant
  • 2,141 posts
Hello,

Do you have your windows CD ?

Regards,
Egwene.
  • 0

#24
MVV
Posted 29 October 2008 - 12:48 PM

MVV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
I found a CD. It says Operating System - Already Installed on Your Computer - Reinstillation CD - Microsoft Windows XP Home Edition - Including Service Pack 1a. Is that it?

Edited by MVV, 29 October 2008 - 01:14 PM.

  • 0

#25
Egwene
Posted 29 October 2008 - 04:18 PM

Egwene

    Member 2k

  • Visiting Consultant
  • 2,141 posts

I found a CD. It says Operating System - Already Installed on Your Computer - Reinstillation CD - Microsoft Windows XP Home Edition - Including Service Pack 1a. Is that it?


It's ok :)

Please do this :

We are going to run System File Checker, to make sure all of your protected files are not corrupt. The scan will automatically replace any corrupt files that it finds.

Click Start
Select Run
At the prompt type sfc /scannow Please note that there is a single space between sfc and /scannow.

Typing this will start the program, and a box should appear telling you how much longer the process should take.

Sometimes the scan will prompt you for your Windows XP disc upon starting the scan. if this happens please make sure that you can view protected files:
My Computer
Tools
Folder Options
View
"Uncheck" Hide protected operating system files.

Then rerun the scan. If this still asks you to put in your windows XP CD, and you do not have the CD (If you bought it preinstalled) post back for more tips, otherwise enter Windows CD.

Once the scan is complete:

Check your Windows Updates! After using the File Protection Service, you might need to reapply some updates.

Please reboot, and let me know if anything has changed.

Also, please rehide the protected files:
My Computer
Tools
Folder Options
View
"Check" Hide protected operating system files.

Please come back to me with a fresh HijackThis repport and tell me if your issue appers to be resolved.

Regards,
Egwene.
  • 0

Advertisements

#26
MVV
Posted 29 October 2008 - 07:43 PM

MVV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
Should I maybe back anything important things up before I do this?

Edited by MVV, 30 October 2008 - 12:59 PM.

  • 0

#27
Egwene
Posted 30 October 2008 - 02:11 PM

Egwene

    Member 2k

  • Visiting Consultant
  • 2,141 posts

Should I maybe back anything important things up before I do this?


I would say no, but if you have some very important documents that haven't already been saved, please save them before doing this handling.

Regards,
Egwene.
  • 0

#28
MVV
Posted 31 October 2008 - 06:09 PM

MVV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
Sorry it took me so long to update you on this. I did the scan and checked my Windows Updates and all it had on there was an update for Service Pack 3, and I didn't install it. My computer seems to be doing fine, it's working about as good as it did before this whole mess.

Here is my Hijack This log.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:06:02 PM, on 10/31/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxpers.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\HijackThis\Gotcha.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\toolbar.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Yahoo! Pager] 1
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O8 - Extra context menu item: Display All Images with Full Quality - "res://C:\Program Files\NetZero\qsacc\appres.dll/228"
O8 - Extra context menu item: Display Image with Full Quality - "res://C:\Program Files\NetZero\qsacc\appres.dll/227"
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgree...eensActivia.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - https://objects.aol....83/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - https://objects.aol....,20/McGDMgr.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 7206 bytes
  • 0

#29
Egwene
Posted 01 November 2008 - 08:02 AM

Egwene

    Member 2k

  • Visiting Consultant
  • 2,141 posts
Hello,

Great new :)

Your using an old version of Adobe Acrobat Reader, this can leave your pc open to vulnerabilities, you can update it here :
http://www.adobe.com.../readstep2.html

***

Congralutations, your log looks clean :)

1) Uninstall combofix :

Follow these steps to uninstall Combofix and tools used in the removal of malware
  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    Posted Image

2) Run OTcleanIT :

Please Download OTcleanIT (OldTimer) : http://download.blee...r/OTCleanIt.exe

Open it and double-click on the "CleanUp" boutton.

3) Update windows :

Another essential is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats, Microsoft releases security updates that help your computer from becoming vunerable. It is best if you have these set to download automatically.

Automatic Updates for Windows

* Click Start.
* Select Settings and then Control Panel.
* Select Automatic Updates.
* Click Automatic (recommended)
* Choose a day and a time when you know the computer will be on and connected to the internet.
* Click Apply then OK.

4) Prevention/protection :

The following is a list of tools and utilities that I like to suggest to people. This list is full of great tools and utilities to help you understand how you got infected and how to keep from getting infected again.
  • If you haven't a firewall on your computer, I advice you to install one of the following : Kerio / Commodo / ZoneAlarme.
  • Spybot Search & Destroy - Uber powerful tool which can search and annhilate nasties that make it onto your system. Now with an Immunize section that will help prevent future infections.
  • AdAware - Another very powerful tool which searches and kills nasties that infect your system. AdAware and Spybot Search & Destroy compliment each other very well.
  • SpywareBlaster - Great prevention tool to keep nasties from installing on your system.
  • SpywareGuard - Works as a Spyware "Shield" to protect your computer from getting malware in the first place.
  • IE-SpyAd - puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.
  • ATF Cleaner - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.
  • Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  • Google Toolbar - Free google toolbar that allows you to use the powerful Google search engine from the bar, but also blocks pop up windows.
  • Trillian or Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)
  • To reduce re-infection for malware in the future, I strongly recommend installing these free programs:
  • SpywareBlaster protects against bad ActiveX.
  • IE-SPYAD puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all
    Have a look at this tutorial for IE-Spyad here

    Make Internet Explorer more secure
    • Click Start > Run
    • Type Inetcpl.cpl & click OK
    • Click on the Security tab
    • Click Reset all zones to default level
    • Make sure the Internet Zone is selected & Click Custom level
    • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
    • Next Click OK, then Apply button and then OK to exit the Internet Properties page.
  • MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.

  • Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more
    secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop up
    blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from
    Here

Take a good look at the following suggestions for malware prevention by reading Tony Klein’s article 'How Did I Get Infected In The First Place'
Here

Thank you for your patience, and performing all of the procedures requested.

Regards,
Egwene.
  • 0

#30
MVV
Posted 01 November 2008 - 02:46 PM

MVV

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
Thank you very much for your help.

Though I tried downloading MVPS Hosts file, but I can't seem to figure out how to open it.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP