Jump to content

Quick420

Members
  • Posts

    8
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thanks again for all the help my puter is running perfectly again.I decided to purchase Malwarebytes seeing as how professionally run this website is....cheers m8's
  2. First of all I would like to thank you for all your help,second NONE of the above mentioned files are present.My system has been stable all morning...so far.Do you think it's possible that we nailed em all???
  3. NTlog Service Pack 2 4 23 2009 22:37:43.375 Loaded driver \WINDOWS\system32\ntkrnlpa.exe Loaded driver \WINDOWS\system32\hal.dll Loaded driver \WINDOWS\system32\KDCOM.DLL Loaded driver \WINDOWS\system32\BOOTVID.dll Loaded driver sptd.sys Loaded driver \WINDOWS\System32\Drivers\WMILIB.SYS Loaded driver \WINDOWS\System32\Drivers\SCSIPORT.SYS Loaded driver ACPI.sys Loaded driver pci.sys Loaded driver ohci1394.sys Loaded driver \WINDOWS\system32\DRIVERS\1394BUS.SYS Loaded driver isapnp.sys Loaded driver pciide.sys Loaded driver \WINDOWS\system32\DRIVERS\PCIIDEX.SYS Loaded driver MountMgr.sys Loaded driver ftdisk.sys Loaded driver dmload.sys Loaded driver dmio.sys Loaded driver PartMgr.sys Loaded driver sfsync02.sys Loaded driver VolSnap.sys Loaded driver atapi.sys Loaded driver nvgts.sys Loaded driver disk.sys Loaded driver \WINDOWS\system32\DRIVERS\CLASSPNP.SYS Loaded driver fltMgr.sys Loaded driver SYMEFA.SYS Loaded driver PxHelp20.sys Loaded driver KSecDD.sys Loaded driver Ntfs.sys Loaded driver NDIS.sys Loaded driver speedfan.sys Loaded driver sfvfs02.sys Loaded driver sfhlp02.sys Loaded driver sfdrv01.sys Loaded driver Mup.sys Loaded driver giveio.sys Loaded driver \SystemRoot\system32\DRIVERS\intelppm.sys Loaded driver \SystemRoot\System32\Drivers\a3vy2pgq.SYS Loaded driver \SystemRoot\system32\DRIVERS\nv4_mini.sys Loaded driver \SystemRoot\system32\DRIVERS\fdc.sys Loaded driver \SystemRoot\system32\DRIVERS\serial.sys Loaded driver \SystemRoot\system32\DRIVERS\serenum.sys Loaded driver \SystemRoot\system32\DRIVERS\parport.sys Loaded driver \SystemRoot\system32\DRIVERS\i8042prt.sys Loaded driver \SystemRoot\system32\DRIVERS\L8042Kbd.sys Loaded driver \SystemRoot\system32\DRIVERS\kbdclass.sys Loaded driver \SystemRoot\system32\DRIVERS\usbohci.sys Loaded driver \SystemRoot\system32\DRIVERS\usbehci.sys Loaded driver \SystemRoot\system32\DRIVERS\imapi.sys Loaded driver \SystemRoot\system32\DRIVERS\cdrom.sys Loaded driver \SystemRoot\system32\DRIVERS\redbook.sys Loaded driver \SystemRoot\system32\DRIVERS\ctoss2k.sys Loaded driver \SystemRoot\system32\drivers\ctprxy2k.sys Loaded driver \SystemRoot\system32\drivers\ctaud2k.sys Loaded driver \SystemRoot\system32\DRIVERS\nvnetbus.sys Loaded driver \SystemRoot\system32\DRIVERS\ASACPI.sys Loaded driver \SystemRoot\system32\DRIVERS\audstub.sys Loaded driver \SystemRoot\system32\DRIVERS\rasl2tp.sys Loaded driver \SystemRoot\system32\DRIVERS\ndistapi.sys Loaded driver \SystemRoot\system32\DRIVERS\ndiswan.sys Loaded driver \SystemRoot\system32\DRIVERS\raspppoe.sys Loaded driver \SystemRoot\system32\DRIVERS\raspptp.sys Loaded driver \SystemRoot\system32\DRIVERS\msgpc.sys Loaded driver \SystemRoot\system32\DRIVERS\psched.sys Loaded driver \SystemRoot\system32\DRIVERS\ptilink.sys Loaded driver \SystemRoot\system32\DRIVERS\raspti.sys Loaded driver \SystemRoot\System32\Drivers\pcouffin.sys Loaded driver \SystemRoot\system32\DRIVERS\rdpdr.sys Loaded driver \SystemRoot\system32\DRIVERS\termdd.sys Loaded driver \SystemRoot\system32\DRIVERS\mouclass.sys Loaded driver \SystemRoot\system32\DRIVERS\SymIM.sys Loaded driver \SystemRoot\system32\DRIVERS\swenum.sys Loaded driver \SystemRoot\system32\DRIVERS\update.sys Loaded driver \SystemRoot\system32\DRIVERS\mssmbios.sys Loaded driver \SystemRoot\system32\drivers\WmBEnum.sys Loaded driver \SystemRoot\system32\drivers\WmXlCore.sys Loaded driver \SystemRoot\System32\Drivers\NDProxy.SYS Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS Loaded driver \SystemRoot\system32\DRIVERS\flpydisk.sys Loaded driver \SystemRoot\system32\DRIVERS\NVENETFD.sys Loaded driver \SystemRoot\system32\DRIVERS\usbhub.sys Loaded driver \SystemRoot\system32\drivers\ha20x2k.sys Loaded driver \SystemRoot\system32\drivers\emupia2k.sys Loaded driver \SystemRoot\system32\DRIVERS\ctsfm2k.sys Loaded driver \SystemRoot\system32\drivers\ctac32k.sys Loaded driver \SystemRoot\system32\CTHWIUT.DLL Loaded driver \SystemRoot\system32\CT20XUT.DLL Loaded driver \SystemRoot\system32\CTEXFIFX.DLL Did not load driver \SystemRoot\System32\Drivers\lbrtfdc.SYS Did not load driver \SystemRoot\System32\Drivers\Sfloppy.SYS Did not load driver \SystemRoot\System32\Drivers\i2omgmt.SYS Did not load driver \SystemRoot\System32\Drivers\Changer.SYS Did not load driver \SystemRoot\System32\Drivers\Cdaudio.SYS Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.SYS Loaded driver \SystemRoot\System32\Drivers\Null.SYS Loaded driver \SystemRoot\System32\Drivers\Beep.SYS Did not load driver \SystemRoot\system32\DRIVERS\kbdhid.sys Loaded driver \SystemRoot\System32\drivers\vga.sys Loaded driver \SystemRoot\System32\Drivers\mnmdd.SYS Loaded driver \SystemRoot\System32\DRIVERS\RDPCDD.sys Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS Did not load driver \systemroot\system32\drivers\ovfsthjqpblxmdotkjqpieweycfvymhndukwbn.sys Loaded driver \SystemRoot\system32\DRIVERS\rasacd.sys Loaded driver \SystemRoot\system32\DRIVERS\ipsec.sys Loaded driver \SystemRoot\system32\DRIVERS\tcpip.sys Loaded driver \SystemRoot\system32\DRIVERS\wanarp.sys Loaded driver \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS Loaded driver \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS Loaded driver \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMDNS.SYS Loaded driver \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMNDIS.SYS Loaded driver \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMFW.SYS Loaded driver \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMIDS.SYS Did not load driver Loaded driver \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMTDI.SYS Loaded driver \SystemRoot\system32\DRIVERS\netbt.sys Loaded driver \SystemRoot\System32\drivers\ws2ifsl.sys Loaded driver \SystemRoot\System32\drivers\afd.sys Loaded driver \SystemRoot\system32\DRIVERS\netbios.sys Did not load driver \SystemRoot\System32\Drivers\PCIDump.SYS Loaded driver \SystemRoot\system32\DRIVERS\ssmdrv.sys Loaded driver \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SRTSPX.SYS Loaded driver \SystemRoot\System32\Drivers\SCDEmu.SYS Loaded driver \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys Loaded driver \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS Loaded driver \SystemRoot\system32\DRIVERS\rdbss.sys Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb.sys Loaded driver \SystemRoot\System32\Drivers\Fips.SYS Did not load driver \SystemRoot\System32\drivers\dfa6a238.sys Loaded driver \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\ccHPx86.sys Loaded driver \??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\BHDrvx86.sys Loaded driver \SystemRoot\system32\DRIVERS\avipbb.sys Loaded driver \SystemRoot\system32\DRIVERS\Wdf01000.sys Loaded driver \SystemRoot\System32\Drivers\LUsbFilt.Sys Loaded driver \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys Loaded driver \SystemRoot\system32\DRIVERS\hidusb.sys Loaded driver \SystemRoot\system32\drivers\AsIO.sys Loaded driver \SystemRoot\system32\DRIVERS\LHidFilt.Sys Loaded driver \SystemRoot\system32\DRIVERS\mouhid.sys Loaded driver \SystemRoot\system32\DRIVERS\LMouFilt.Sys Loaded driver \SystemRoot\system32\drivers\WmFilter.sys Loaded driver \SystemRoot\System32\Drivers\Cdfs.SYS Loaded driver \SystemRoot\system32\DRIVERS\avgntflt.sys Did not load driver \SystemRoot\system32\DRIVERS\rdbss.sys Did not load driver \SystemRoot\system32\DRIVERS\mrxsmb.sys Loaded driver \SystemRoot\system32\DRIVERS\mrxdav.sys Loaded driver \SystemRoot\system32\drivers\wdmaud.sys Loaded driver \SystemRoot\system32\drivers\sysaudio.sys Loaded driver \SystemRoot\system32\drivers\splitter.sys Loaded driver \SystemRoot\system32\drivers\aec.sys Loaded driver \SystemRoot\system32\drivers\swmidi.sys Loaded driver \SystemRoot\system32\drivers\DMusic.sys Loaded driver \SystemRoot\system32\drivers\kmixer.sys Loaded driver \SystemRoot\system32\drivers\drmkaud.sys Loaded driver \SystemRoot\System32\Drivers\ParVdm.SYS Loaded driver \SystemRoot\system32\DRIVERS\atksgt.sys Loaded driver \SystemRoot\system32\DRIVERS\lirsgt.sys Did not load driver \SystemRoot\system32\DRIVERS\avgntflt.sys Loaded driver \SystemRoot\system32\DRIVERS\secdrv.sys Loaded driver \SystemRoot\system32\DRIVERS\srv.sys Loaded driver \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl Loaded driver \??\C:\Program Files\EVGA Precision\RTCore32.sys Loaded driver \SystemRoot\System32\Drivers\HTTP.sys Loaded driver \SystemRoot\system32\drivers\kmixer.sys
  4. JavaRa 1.13 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Thu Apr 23 22:12:19 2009 Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\JavaPlugin.150_03 Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510003 ------------------------------------ Finished reporting. Yes at one point I was using Mcaffe,then switched to Norton.I unistalled both through add/remove.They are still running?? I'm using Avira Free and anti-malware right now as Im sure you know
  5. No I didnt do that,thats for sure.As for problems my browsers crash and lock up constantly and almost every time I boot and run a scan I will find some kind of rootkit or malware or trojan,even though I dont surf around at all,just my legit gaming sites Also in msconfig /boot.ini option everything is greyed out I cant even select /safeboot??? DDS (Ver_09-03-16.01) - NTFSx86 Run by Quicksilver at 21:28:54.81 on Thu 04/23/2009 Internet Explorer: 6.0.2900.2180 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2814.2309 [GMT -4:00] AV: AntiVir Desktop *On-access scanning disabled* (Outdated) ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Creative\Shared Files\CTAudSvc.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\SpeedFan\speedfan.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\system32\svchost.exe -k hpdevmgmt C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\Program Files\Opera\opera.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Quicksilver\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.yahoo.ca/ uSearchMigratedDefaultURL = hxxp://www.google.com/ mStart Page = about:blank mWindow Title = Microsoft Internet Explorer BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\16.0.0.125\coIEPlg.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\16.0.0.125\IPSBHO.DLL TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\16.0.0.125\coIEPlg.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [EVGAPrecision] "c:\program files\evga precision\EVGAPrecision.exe" /s mRun: [start WingMan Profiler] c:\program files\logitech\gaming software\LWEMon.exe /noui mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit dRun: [<NO NAME>] c:\windows\temp\hdte39in9.exe dRun: [Windows Resurections] c:\windows\temp\hdte39in9.exe StartupFolder: c:\docume~1\quicks~1\startm~1\programs\startup\speedfan.lnk - c:\program files\speedfan\speedfan.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe uPolicies-explorer: RestrictRun = 0 (0x0) uPolicies-system: NoSecCPL = 0 (0x0) uPolicies-system: NoDevMgrPage = 0 (0x0) uPolicies-system: NoConfigPage = 0 (0x0) uPolicies-system: NoVirtMemPage = 0 (0x0) uPolicies-system: NoFileSysPage = 0 (0x0) uPolicies-system: NoNetSetup = 0 (0x0) uPolicies-system: NoNetSetupIDPage = 0 (0x0) uPolicies-system: NoNetSetupSecurityPage = 0 (0x0) uPolicies-system: NoWorkgroupContents = 0 (0x0) uPolicies-system: NoEntireNetwork = 0 (0x0) uPolicies-system: NoFileSharingControl = 0 (0x0) mPolicies-system: DisableStatusMessages = 1 (0x1) dPolicies-explorer: NoSetActiveDesktop = 1 (0x1) Trusted Zone: aol.com\free DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab TCP: {802F6BFE-9FC6-4354-BA77-8E5A2ED58236} = 206.248.154.22 206.248.154.170 Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll Notify: WBSrv - c:\progra~1\stardock\object~1\window~1\wbsrv.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\quicks~1\applic~1\mozilla\firefox\profiles\4kmu9k1i.default\ FF - prefs.js: browser.search.selectedEngine - Search FF - prefs.js: browser.startup.homepage - www.yahoo.ca FF - prefs.js: network.proxy.type - 2 FF - plugin: c:\program files\google\update\1.2.141.5\npGoogleOneClick7.dll FF - HiddenExtension: XUL Cache: {270A2C17-7614-40B3-A1AB-FD8EF4DF504B} - c:\documents and settings\quicksilver\local settings\application data\{270A2C17-7614-40B3-A1AB-FD8EF4DF504B} ---- FIREFOX POLICIES ---- FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service ============= SERVICES / DRIVERS =============== R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1000000.07d\SymEFA.sys [2009-4-6 309296] R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-4-21 11608] R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nis\1000000.07d\BHDrvx86.sys [2009-4-6 254512] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1000000.07d\ccHPx86.sys [2009-4-6 362544] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2008-5-28 8944] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-5-28 55024] R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\cyberlink\powerdvd8\000.fcl [2008-5-15 61424] R2 ADSLAutoconnect;ADSLAutoconnect;c:\program files\adsl autoconnect\ADSL Autoconnect.exe [2008-8-25 446464] R2 antivirschedulerservice;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-4-21 108289] R2 antivirservice;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-4-21 185089] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-4-21 55640] S1 dfa6a238;dfa6a238;c:\windows\system32\drivers\dfa6a238.sys --> c:\windows\system32\drivers\dfa6a238.sys [?] S1 IDSxpx86;IDSxpx86;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20090331.007\idsxpx86.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20090331.007\IDSxpx86.sys [?] S2 gupdate1c9a501ca94b164;Google Update Service (gupdate1c9a501ca94b164);c:\program files\google\update\GoogleUpdate.exe [2009-3-14 133104] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2009-2-20 79360] S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [2008-10-8 171032] S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [2008-10-8 171032] S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [2008-10-8 1324056] S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [2008-10-8 1324056] S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [2008-10-8 72728] S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [2008-10-8 72728] S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2008-12-8 8704] S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2008-12-8 3072] S3 imhidusb;Immersion's HID USB Driver;c:\windows\system32\drivers\imhidusb.sys --> c:\windows\system32\drivers\imhidusb.sys [?] S3 NAVENG;NAVENG;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090406.003\naveng.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090406.003\NAVENG.SYS [?] S3 NAVEX15;NAVEX15;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090406.003\navex15.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090406.003\NAVEX15.SYS [?] S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2008-5-28 7408] S4 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2008-11-26 603904] =============== Created Last 30 ================ 2009-04-23 20:44 <DIR> --d----- c:\program files\Trend Micro 2009-04-23 19:49 215,465 a------- c:\windows\system32\nvapps.nvb 2009-04-23 19:49 209,540 a------- c:\windows\system32\nvapps.xml 2009-04-23 19:49 19,054 a------- c:\windows\system32\nvdisp.nvu 2009-04-23 19:49 <DIR> --d----- c:\windows\nview 2009-04-21 23:45 55,640 a------- c:\windows\system32\drivers\avgntflt.sys 2009-04-21 23:45 <DIR> --d----- c:\program files\Avira 2009-04-21 23:45 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Avira 2009-04-21 18:28 <DIR> --d----- c:\program files\common files\Logitech 2009-04-21 12:52 <DIR> --d----- c:\program files\JoWooD 2009-04-20 22:03 21,840 a------t c:\windows\system32\SIntfNT.dll 2009-04-20 22:03 17,212 a------t c:\windows\system32\SIntf32.dll 2009-04-20 22:03 12,067 a------t c:\windows\system32\SIntf16.dll 2009-04-20 17:41 15,000 a------- c:\windows\system32\sf87wuijndoio43j.dll 2009-04-15 13:58 <DIR> --d----- c:\program files\MP3 CD Converter Professional 2009-04-13 14:16 279,712 a------- c:\windows\system32\drivers\atksgt.sys 2009-04-13 14:16 25,888 a------- c:\windows\system32\drivers\lirsgt.sys 2009-04-13 14:16 <DIR> --d----- c:\program files\Atari 2009-04-06 17:37 <DIR> --d----- c:\program files\Wolfenstein - Enemy Territory 2009-04-06 15:30 <DIR> --d----- c:\program files\TeaTimer (Spybot - Search & Destroy) 2009-04-06 15:03 35,888 a----r-- c:\windows\system32\drivers\SymIM.sys 2009-04-06 13:28 <DIR> --d----- C:\ComboFix 2009-04-06 13:16 <DIR> --d----- c:\docume~1\quicks~1\applic~1\Malwarebytes 2009-04-04 12:50 <DIR> --d----- c:\program files\Spybot - Search & Destroy 2009-04-04 12:30 15,504 a------- c:\windows\system32\drivers\mbam.sys 2009-04-04 12:30 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-04-04 12:30 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2009-04-04 12:30 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-04-03 11:16 <DIR> --d----- c:\docume~1\quicks~1\applic~1\_2e835c220b523c34adff88b495794be8 2009-04-03 11:05 <DIR> --d----- c:\program files\Nobilis 2009-04-02 11:39 1,502,234 a------- c:\windows\system32\nvdata.bin 2009-04-02 02:16 0 a------- c:\windows\DXTCC.tmp 2009-04-02 02:16 0 a------- c:\windows\DXTCB.tmp 2009-04-02 02:16 0 a------- c:\windows\DXTCA.tmp 2009-04-01 18:59 453,152 a------- c:\windows\system32\nvudisp.exe 2009-04-01 18:59 453,152 a------- c:\windows\system32\NVUNINST.EXE 2009-04-01 18:30 <DIR> --d----- c:\windows\system32\AGEIA 2009-04-01 17:40 <DIR> --d----- C:\NVIDIA 2009-04-01 00:15 53,768 a------- c:\windows\system32\default.tvp 2009-04-01 00:15 33,032 a------- c:\windows\system32\finance.tvp 2009-04-01 00:15 31,186 a------- c:\windows\system32\dcc.tvp 2009-04-01 00:15 29,892 a------- c:\windows\system32\cad.tvp 2009-03-27 12:06 <DIR> --d----- c:\program files\Aspyr 2009-03-26 18:11 177,152 a------- c:\windows\system32\MonkeySource.ax 2009-03-26 18:10 <DIR> --d----- c:\program files\K-Lite Codec Pack 2009-03-26 17:29 32,223,214 -------- c:\windows\wmp12.exe ==================== Find3M ==================== 2009-04-23 20:27 189,496 a------- c:\windows\system32\PnkBstrB.exe 2009-04-23 20:06 139,984 a------- c:\windows\system32\drivers\PnkBstrK.sys 2009-04-06 14:10 124,464 a------- c:\windows\system32\drivers\SYMEVENT.SYS 2009-04-06 14:10 60,808 a------- c:\windows\system32\S32EVNT1.DLL 2009-04-06 14:10 7,386 a------- c:\windows\system32\drivers\SYMEVENT.CAT 2009-04-06 14:10 805 a------- c:\windows\system32\drivers\SYMEVENT.INF 2009-03-22 17:47 75,064 a------- c:\windows\system32\PnkBstrA.exe 2009-03-22 17:10 22,328 a------- c:\docume~1\quicks~1\applic~1\PnkBstrK.sys 2009-03-22 17:10 682,280 a------- c:\windows\system32\pbsvc.exe 2009-03-16 15:18 517,448 a------- c:\windows\system32\XAudio2_4.dll 2009-03-16 15:18 235,352 a------- c:\windows\system32\xactengine3_4.dll 2009-03-16 15:18 69,448 a------- c:\windows\system32\XAPOFX1_3.dll 2009-03-16 15:18 22,360 a------- c:\windows\system32\X3DAudio1_6.dll 2009-03-09 16:27 4,178,264 a------- c:\windows\system32\D3DX9_41.dll 2009-03-09 16:27 1,846,632 a------- c:\windows\system32\D3DCompiler_41.dll 2009-03-09 16:27 453,456 a------- c:\windows\system32\d3dx10_41.dll 2009-02-20 20:34 315,392 a------- c:\windows\HideWin.exe 2009-02-20 17:56 444,952 a------- c:\windows\system32\wrap_oal.dll 2009-02-20 17:56 109,080 a------- c:\windows\system32\OpenAL32.dll 2009-01-26 16:57 129,044 a------- c:\windows\hpiins06.dat 2008-07-26 13:19 47,360 a------- c:\docume~1\quicks~1\applic~1\pcouffin.sys ============= FINISH: 21:29:15.37 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-03-16.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 5/7/2005 11:24:05 AM System Uptime: 4/23/2009 8:29:06 PM (1 hours ago) Motherboard: ASUSTeK Computer INC. | | P5N-D Processor: Intel Pentium III Xeon processor | Socket 775 | 3600/400mhz Processor: Intel Pentium III Xeon processor | Socket 775 | 3600/400mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 298 GiB total, 34.849 GiB free. D: is CDROM () E: is FIXED (NTFS) - 133 GiB total, 19.794 GiB free. F: is CDROM () G: is CDROM () I: is CDROM () J: is FIXED (NTFS) - 101 GiB total, 11.513 GiB free. ==== Disabled Device Manager Items ============= ==== System Restore Points =================== No restore point in system. ==== Installed Programs ======================
  6. Malwarebytes' Anti-Malware 1.36 Database version: 2031 Windows 5.1.2600 Service Pack 2 4/23/2009 9:23:35 PM mbam-log-2009-04-23 (21-23-35).txt Scan type: Quick Scan Objects scanned: 81453 Time elapsed: 3 minute(s), 36 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) HIJACK THIS Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:24:49 PM, on 4/23/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Creative\Shared Files\CTAudSvc.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\SpeedFan\speedfan.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\Program Files\Opera\opera.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.ca/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank O2 - BHO: Adobe PDF Reader Link Helper - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll (file missing) O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\IPSBHO.DLL (file missing) O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll (file missing) O4 - HKLM\..\Run: [EVGAPrecision] "C:\Program Files\EVGA Precision\EVGAPrecision.exe" /s O4 - HKLM\..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [] C:\WINDOWS\TEMP\hdte39in9.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [Windows Resurections] C:\WINDOWS\TEMP\hdte39in9.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [] C:\WINDOWS\TEMP\hdte39in9.exe (User 'Default user') O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{802F6BFE-9FC6-4354-BA77-8E5A2ED58236}: NameServer = 206.248.154.22 206.248.154.170 O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll (file missing) O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe O23 - Service: Avira AntiVir Scheduler (antivirschedulerservice) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (antivirservice) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\ O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe O23 - Service: Google Update Service (gupdate1c9a501ca94b164) (gupdate1c9a501ca94b164) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe -- End of file - 4933 bytes Thnx For Helping
  7. I've run al sorts of virus cleaners and I still end up with problems,could you please help me?? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:46:26 PM, on 4/23/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Creative\Shared Files\CTAudSvc.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\SpeedFan\speedfan.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\Program Files\Opera\opera.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.ca/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank O2 - BHO: Adobe PDF Reader Link Helper - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll (file missing) O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\IPSBHO.DLL (file missing) O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll (file missing) O4 - HKLM\..\Run: [EVGAPrecision] "C:\Program Files\EVGA Precision\EVGAPrecision.exe" /s O4 - HKLM\..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [] C:\WINDOWS\TEMP\hdte39in9.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [Windows Resurections] C:\WINDOWS\TEMP\hdte39in9.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [] C:\WINDOWS\TEMP\hdte39in9.exe (User 'Default user') O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{802F6BFE-9FC6-4354-BA77-8E5A2ED58236}: NameServer = 206.248.154.22 206.248.154.170 O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll (file missing) O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe O23 - Service: Avira AntiVir Scheduler (antivirschedulerservice) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (antivirservice) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\ O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe O23 - Service: Google Update Service (gupdate1c9a501ca94b164) (gupdate1c9a501ca94b164) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe -- End of file - 4933 bytes
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.