Jump to content

ChiliU

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. please help take off this virus email notifications . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 Run by Administrator at 17:41:00 on 2012-09-19 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.187 [GMT -5:00] . AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ============== Running Processes =============== . C:\WINDOWS\System32\svchost.exe -k Bioscrypt C:\Program Files\Fingerprint Sensor\AtService.exe C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe C:\WINDOWS\system32\svchost -k DcomLaunch C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\ActivIdentity\ActivClient\accoca.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Intel\AMT\LMS.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\Explorer.EXE C:\Program Files\PDF Complete\pdfsvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\Nuance\PaperPort\pptd40nt.exe C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe C:\Program Files\Browny02\Brother\BrStMonW.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\ControlCenter4\BrCtrlCntr.exe C:\Program Files\Browny02\BrYNSvc.exe C:\Program Files\ControlCenter4\BrCcUxSys.exe C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\agent.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\AVG\AVG2012\avgscanx.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\SearchProtocolHost.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll BHO: BHO_Startup Class: {3134413b-49b4-425c-98a5-893c1f195601} - c:\program files\hewlett-packard\file sanitizer\IEBHO.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll BHO: PlusIEEventHelper Class: {551a852f-39a6-44a7-9c13-afbec9185a9d} - c:\program files\nuance\pdf viewer plus\bin\PlusIEContextMenu.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Credential Manager for HP ProtectTools: {df21f1db-80c6-11d3-9483-b03d0ec10000} - c:\program files\hewlett-packard\iam\bin\ItIEAddIn.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll {555d4d79-4bd2-4094-a395-cfc534424a05} uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [iSUSPM] c:\documents and settings\all users\application data\flexnet\connect\11\ISUSPM.exe -scheduler uRun: [Google Update] "c:\documents and settings\administrator\local settings\application data\google\update\GoogleUpdate.exe" /c uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_11_3_300_271_ActiveX.exe -update activex mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe" mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume mRun: [indexSearch] "c:\program files\nuance\paperport\IndexSearch.exe" mRun: [PaperPort PTD] "c:\program files\nuance\paperport\pptd40nt.exe" mRun: [PPort12reminder] "c:\program files\nuance\paperport\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\scansoft\paperport\12\config\ereg\Ereg.ini" mRun: [PDFHook] c:\program files\nuance\pdf viewer plus\pdfpro5hook.exe mRun: [PDF5 Registry Controller] c:\program files\nuance\pdf viewer plus\RegistryController.exe mRun: [ControlCenter4] c:\program files\controlcenter4\BrCcBoot.exe /autorun mRun: [brStsMon00] c:\program files\browny02\brother\BrStMonW.exe /AUTORUN mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [<NO NAME>] StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Open with PDF Viewer Plus - c:\program files\nuance\pdf viewer plus\bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab DPF: {03C0000A-CF6D-4EF4-A2D6-376622318018} - hxxp://192.168.2.71:12088/WatSearCtrl.cab DPF: {2ADE19BB-1E79-4EC4-976E-AC74339ADD76} - hxxp://99.65.132.146/ActiveViewGUI.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1262801905953 DPF: {66F7F252-3FE1-4650-B1E5-94B2A38271C5} - hxxp://99.65.132.146/ActiveView.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CF4A2C45-CB89-4018-94BB-C2CACB83A537} - hxxps://www.attrm.com/att/device/xancamx.ocx DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: Interfaces\{59467DC1-25E3-467E-A3FB-89546FBE8B9B} : NameServer = 192.168.1.99,192.168.2.1 TCP: Interfaces\{C81578D2-ABE3-4C52-84F9-D11A0D59DCEB} : DhcpNameServer = 192.16.242.1 192.16.242.5 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll Notify: ackpbsc - c:\windows\system32\ackpbsc.dll Notify: acunlock - c:\program files\actividentity\activclient\acunlock.dll Notify: DeviceNP - DeviceNP.dll Notify: igfxcui - igfxdev.dll Notify: OneCard - c:\program files\hewlett-packard\iam\bin\ASWLNPkg.dll AppInit_DLLs: APSHook.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll LSA: Notification Packages = scecli ASWLNPkg . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 31952] R0 SafeBoot;SafeBoot;c:\windows\system32\drivers\SafeBoot.sys [2008-10-1 109216] R0 SbAlg;SbAlg;c:\windows\system32\drivers\SbAlg.sys [2008-10-1 51408] R0 SbFsLock;SbFsLock;c:\windows\system32\drivers\SbFsLock.sys [2008-10-1 12960] R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [2008-3-28 24064] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 237408] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 41040] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 301920] R1 RsvLock;RsvLock;c:\windows\system32\drivers\rsvlock.sys [2008-10-1 12528] R2 accoca;ActivClient Middleware Service;c:\program files\actividentity\activclient\accoca.exe [2007-11-27 185896] R2 ASBroker;Logon Session Broker;c:\windows\system32\svchost.exe -k Bioscrypt [2008-4-13 14336] R2 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Bioscrypt [2008-4-13 14336] R2 ATService;AuthenTec Fingerprint Service;c:\program files\fingerprint sensor\AtService.exe [2008-10-3 1185016] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288] R2 HpFkCryptService;Drive Encryption Service;c:\program files\hewlett-packard\drive encryption\HpFkCrypt.exe [2008-10-1 256544] R2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\hewlett-packard\file sanitizer\HPFSService.exe [2009-11-4 77824] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-17 399432] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-9-17 676936] R2 pdfcDispatcher;PDF Document Manager;c:\program files\pdf complete\pdfsvc.exe [2009-11-4 635416] R2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files\nuance\paperport\PDFProFiltSrvPP.exe [2010-3-9 144672] R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032] R2 UNS;Intel® Active Management Technology User Notification Service;c:\program files\common files\intel\privacy icon\uns\UNS.exe [2009-11-4 2054680] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232] R3 BrYNSvc;BrYNSvc;c:\program files\browny02\BrYNSvc.exe [2012-5-14 245760] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-9-17 22856] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-8-13 5167736] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-6-14 250056] S3 DAMDrv;DAMDrv;c:\windows\system32\drivers\DAMDrv.sys [2008-8-6 32256] S3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [2009-11-4 149600] S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [2008-8-6 349432] S3 HP ProtectTools Service;HP ProtectTools Service;c:\program files\hewlett-packard\hp protecttools security manager\PTChangeFilterService.exe [2009-2-12 45056] S3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-12-18 44800] . =============== File Associations =============== . .scr=AutoCADScriptFile . =============== Created Last 30 ================ . 2012-09-17 18:19:22 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes 2012-09-17 18:19:02 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2012-09-17 18:18:59 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-17 18:18:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware . ==================== Find3M ==================== . 2012-08-24 20:43:18 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2012-08-15 03:47:10 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-08-15 03:47:10 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-26 08:21:30 237408 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2012-07-19 20:01:21 110456 ----a-w- c:\documents and settings\administrator\g2ax_customer_downloadhelper_win32_x86.exe 2012-07-10 21:02:02 60304 ----a-w- c:\documents and settings\administrator\g2mdlhlpx.exe 2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll 2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys 2012-07-02 17:49:33 916992 ----a-w- c:\windows\system32\wininet.dll 2012-07-02 17:49:32 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-07-02 17:49:32 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2012-07-02 12:05:43 385024 ----a-w- c:\windows\system32\html.iec 2012-06-25 21:04:24 1394248 ----a-w- c:\windows\system32\msxml4.dll . ============= FINISH: 17:42:07.54 =============== dds.txt attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.