Jump to content

riverrunner06

Members
 View Profile  See their activity

  • Posts

    13

  • Joined

  • Last visited

Reputation

0 Neutral

Profile Information

  • Location
    92392
  1. riverrunner06
    Toshiba Satellite Lap Top...
  2. riverrunner06
    I knew that! Yeah it has been a few months since it has been cleaned.... this machine has 2 cooling fans, it sits on the kitchen island and doesn't move much, the battery is in the drawer. Not thinking the power supply is at fault though. So parking heads is not something to be concerned with? OK. Thanks for the input!
  3. riverrunner06
    Hi, I got some great help from Maniac removing a nasty bug, Thanks again Maniac! Yet I have a lingering shut down issue. My machine will shut down (turn off) all on its own. Sometimes it is while running a scan (MBAM or other program) and sometimes while it is just idle like over night or during the day. I get no infection repoerts from MBAM and from other programs just the usual cookies and temp files. Could some other setting be corrupt? I have also had a problem with another machine that the hard drive became ubreadable a few days ago. I had replaced it a few months ago and it just froze up, then would not boot. When I went into Set Up and tried a disc check it would get to line 7 and fail. A coworker told me I need to set the drive to "park" the heads when it shuts down. Any info on this topic would be apreciated. Thanks again to Maniac and everyone here for creating and helping those who are not quite in the know...
  4. riverrunner06
    It happened just after I sent the last response as well... then later last night I ran Spy Bot before going to bed and this morning all was up with a completed scan. Have ran the corrections from Spy Bot , CCleaner and now running Reg Healer. Not sure why it was happenning. That was part of what was the problem before, the machine would shut down when I ran a scan. Right now everything is functioning normaly...
  5. riverrunner06
    Uninstalled, rebooted, updated, started scan and PC shut off after about 5 minutes... any suggestions?
  6. riverrunner06
    Will do...
  7. riverrunner06
    Will do. One thing is still happening, when I run Spy Bot S&D my PC shuts down. Could this be something in Spy Bot?
  8. riverrunner06
    Looks like all is back to normal. Thank you again! No redirecting, processing is back to normal speed, the bug seems to be gone! happy campers here...
  9. riverrunner06
    Borislav, Thank you for your help! I am very greatful! So far things seem to be back to normal... will run it now as we normaly do in our daily routine. Will report back tomorrow to give further feedback. Should you ever need help with you automobile please send a note, I will be happy to help!
  10. riverrunner06
    OK, Ran the scan and followed the prompts... All processes killed ========== FILES ========== C:\Documents and Settings\All Users\Application Data\PILQKTXSCIS folder moved successfully. C:\Documents and Settings\All Users\Application Data\259061\Quarantine Items folder moved successfully. C:\Documents and Settings\All Users\Application Data\259061\PISSys folder moved successfully. C:\Documents and Settings\All Users\Application Data\259061 folder moved successfully. C:\WINDOWS\System32\CONFIG.TMP moved successfully. C:\WINDOWS\System32\SET28A.tmp moved successfully. C:\WINDOWS\System32\SET28E.tmp moved successfully. C:\WINDOWS\System32\SET296.tmp moved successfully. C:\WINDOWS\System32\SET2E0.tmp moved successfully. C:\WINDOWS\002492_.tmp moved successfully. C:\Documents and Settings\5150\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_03 folder moved successfully. C:\Documents and Settings\5150\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_02 folder moved successfully. C:\Documents and Settings\5150\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_01 folder moved successfully. C:\Documents and Settings\5150\Application Data\Viewpoint\Viewpoint Experience Technology\Resources\ResourceFolder_00 folder moved successfully. C:\Documents and Settings\5150\Application Data\Viewpoint\Viewpoint Experience Technology\Resources folder moved successfully. C:\Documents and Settings\5150\Application Data\Viewpoint\Viewpoint Experience Technology folder moved successfully. C:\Documents and Settings\5150\Application Data\Viewpoint folder moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: 5150 ->Temp folder emptied: 5772458 bytes ->Temporary Internet Files folder emptied: 280950026 bytes ->Java cache emptied: 3528636 bytes ->Flash cache emptied: 18740 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: kodak ->Temp folder emptied: 32768 bytes ->Temporary Internet Files folder emptied: 42187 bytes User: LocalService ->Temp folder emptied: 2045592 bytes ->Temporary Internet Files folder emptied: 59678 bytes User: NetworkService ->Temp folder emptied: 1985560 bytes ->Temporary Internet Files folder emptied: 125465236 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 78980033 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 46422960 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 520.00 mb [EMPTYFLASH] User: 5150 ->Flash cache emptied: 0 bytes User: All Users User: Default User User: kodak User: LocalService User: NetworkService Total Flash Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.2.20.6 log created on 01292011_073433 Files\Folders moved on Reboot... C:\Documents and Settings\5150\Local Settings\Temp\~DF8833.tmp moved successfully. C:\WINDOWS\temp\NM_SDV1.DB moved successfully. C:\WINDOWS\temp\NM_SDV2.DB moved successfully. C:\WINDOWS\temp\NM_SDV3.DB moved successfully. C:\WINDOWS\temp\NM_SDV4.DB moved successfully. C:\WINDOWS\temp\NM_SDV5.DB moved successfully. C:\WINDOWS\temp\SEC_SDV1.DB moved successfully. C:\WINDOWS\temp\SEC_SDV2.DB moved successfully. C:\WINDOWS\temp\SEC_SDV3.DB moved successfully. C:\WINDOWS\temp\SEC_SDV4.DB moved successfully. C:\WINDOWS\temp\SEC_SDV5.DB moved successfully. File\Folder C:\WINDOWS\temp\ZLT04c04.TMP not found! Registry entries deleted on Reboot...
  11. riverrunner06
    This scan ran without a glitch... OTL logfile created on: 1/28/2011 7:20:46 AM - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\5150\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 56.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 74.00% Paging File free Paging file location(s): C:\pagefile.sys 672 1344 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 93.16 Gb Total Space | 51.18 Gb Free Space | 54.93% Space Free | Partition Type: NTFS Computer Name: SOCKETMAN2 | User Name: 5150 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\5150\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Max Spyware Detector\MaxSDTray.exe (Max Secure Software) PRC - C:\Program Files\Max Spyware Detector\MaxWatchDogService.exe (Max Secure Software) PRC - C:\Program Files\Max Spyware Detector\MaxUSBProc.exe (Max Secure Software) PRC - C:\Program Files\Max Spyware Detector\MaxDSrv.exe (Max Secure Software) PRC - C:\Program Files\Max Spyware Detector\MaxActMon.exe (Max Secure Software) PRC - C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) PRC - C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) PRC - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Pure Networks, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\acs.exe () PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\5150\Desktop\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (MaxWatchDogService) -- C:\Program Files\Max Spyware Detector\MaxWatchDogService.exe (Max Secure Software) SRV - (MaxDSrv) -- C:\Program Files\Max Spyware Detector\MaxDSrv.exe (Max Secure Software) SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft) SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (avg9emc) -- C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (vsmon) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) SRV - (nmraapache) -- C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe (Pure Networks, Inc.) SRV - (nmservice) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Pure Networks, Inc.) SRV - (KodakDigitalDisplayService) -- C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe (Orb Networks) SRV - (CCALib8) -- C:\Program Files\Canon\CAL\CALMAIN.exe (Canon Inc.) SRV - (ACS) -- C:\WINDOWS\system32\acs.exe () SRV - (CFSvcs) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION) SRV - (Swupdtmr) -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe () SRV - (DVD-RAM_Service) -- C:\WINDOWS\system32\DVDRAMSV.exe (Matsushita Electric Industrial Co., Ltd.) ========== Driver Services (SafeList) ========== DRV - (SDActMon) -- C:\Program Files\Max Spyware Detector\SDActMon.sys (Max Secure Software) DRV - (MaxProtector32) -- C:\Program Files\Max Spyware Detector\MaxProtector32.sys (Max Secure Software) DRV - (SDManager) -- c:\Program Files\Max Spyware Detector\SDManager.sys (Max Secure Software) DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB) DRV - (Lavasoft Kernexplorer) -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys () DRV - (AvgTdiX) -- C:\WINDOWS\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgLdx86) -- C:\WINDOWS\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgMfx86) -- C:\WINDOWS\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Check Point Software Technologies LTD) DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.) DRV - (pnarp) -- C:\WINDOWS\system32\drivers\pnarp.sys (Pure Networks, Inc.) DRV - (purendis) -- C:\WINDOWS\system32\drivers\purendis.sys (Pure Networks, Inc.) DRV - (Cdralw2k) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Sonic Solutions) DRV - (Cdr4_xp) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Sonic Solutions) DRV - (SEM43XX) -- C:\WINDOWS\system32\drivers\semwl5.SYS (Broadcom Corporation) DRV - (SEMWModem) -- C:\WINDOWS\system32\drivers\GCXX.sys (Broadcom Corporation) DRV - (SEMWWNIC) -- C:\WINDOWS\system32\drivers\GCXXNet.sys (Broadcom Corporation) DRV - (AR5211) -- C:\WINDOWS\system32\drivers\ar5211.sys (Atheros Communications, Inc.) DRV - (Sony_EricssonWWSC) -- C:\WINDOWS\system32\drivers\GCXXSC.sys (Broadcom Corporation) DRV - (PCTINDIS5) -- C:\WINDOWS\system32\PCTINDIS5.sys (PCTEL Inc.) DRV - (TPwSav) -- C:\WINDOWS\System32\DRIVERS\TPwSav.sys (TOSHIBA ) DRV - (MDC8021X) AEGIS Protocol (IEEE 802.1x) -- C:\WINDOWS\system32\drivers\mdc8021x.sys (Meetinghouse Data Communications) DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation) DRV - (TCtrlIO) -- C:\WINDOWS\system32\drivers\TCtrlIO.sys (TOSHIBA ) DRV - (SrvcSSIOMngr) -- C:\WINDOWS\system32\drivers\SSIOMngr.sys (COMPAL ELECTRONIC INC.) DRV - (SrvcTPIOMngr) -- C:\WINDOWS\system32\drivers\TPIOMngr.sys (COMPAL ELECTRONIC INC.) DRV - (SrvcEKIOMngr) -- C:\WINDOWS\system32\drivers\EKIOMngr.sys (COMPAL ELECTRONIC INC.) DRV - (SerTVOutCtlr) -- C:\WINDOWS\system32\drivers\EPIOMngr.sys (COMPAL ELECTRONIC INC.) DRV - (sscdbhk5) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys (Sonic Solutions) DRV - (ssrtln) -- C:\WINDOWS\system32\drivers\ssrtln.sys (Sonic Solutions) DRV - (drvnddm) -- C:\WINDOWS\system32\drivers\drvnddm.sys (Sonic Solutions) DRV - (tfsnudfa) -- C:\WINDOWS\system32\dla\tfsnudfa.sys (Sonic Solutions) DRV - (tfsnudf) -- C:\WINDOWS\system32\dla\tfsnudf.sys (Sonic Solutions) DRV - (tfsnifs) -- C:\WINDOWS\system32\dla\tfsnifs.sys (Sonic Solutions) DRV - (tfsncofs) -- C:\WINDOWS\system32\dla\tfsncofs.sys (Sonic Solutions) DRV - (tfsnboio) -- C:\WINDOWS\system32\dla\tfsnboio.sys (Sonic Solutions) DRV - (tfsnopio) -- C:\WINDOWS\system32\dla\tfsnopio.sys (Sonic Solutions) DRV - (tfsnpool) -- C:\WINDOWS\system32\dla\tfsnpool.sys (Sonic Solutions) DRV - (tfsndrct) -- C:\WINDOWS\system32\dla\tfsndrct.sys (Sonic Solutions) DRV - (tfsndres) -- C:\WINDOWS\system32\dla\tfsndres.sys (Sonic Solutions) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (ESMCR) -- C:\WINDOWS\system32\drivers\ESM7SK.sys (ENE Technology Inc.) DRV - (ESDCR) -- C:\WINDOWS\system32\drivers\ESD7SK.sys (ENE Technology Inc.) DRV - (EMSCR) -- C:\WINDOWS\system32\drivers\EMS7SK.sys (ENE Technology Inc.) DRV - (drvmcdb) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions) DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura) DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems) DRV - (meiudf) -- C:\WINDOWS\system32\drivers\meiudf.sys (Matsushita Electric Industrial Co.,Ltd.) DRV - (caboagp) -- C:\WINDOWS\system32\DRIVERS\atisgkaf.sys (ATI Technologies Inc.) DRV - (Pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.) DRV - (RTL8023) -- C:\WINDOWS\system32\drivers\Rtlnic51.sys (Realtek Semiconductor Corporation ) DRV - (UdfReadr_xp) -- C:\WINDOWS\System32\drivers\UdfReadr_xp.sys (Roxio) DRV - (DVDVRRdr_xp) -- C:\WINDOWS\System32\drivers\DVDVRRdr_xp.sys (Roxio) DRV - (cdudf_xp) -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys (Roxio) DRV - (pwd_2k) -- C:\WINDOWS\System32\drivers\pwd_2K.sys (Roxio) DRV - (mmc_2K) -- C:\WINDOWS\System32\drivers\Mmc_2k.sys (Roxio) DRV - (dvd_2K) -- C:\WINDOWS\System32\drivers\Dvd_2k.sys (Roxio) DRV - (TBiosDrv) -- C:\WINDOWS\system32\drivers\tbiosdrv.sys () DRV - (Netdevio) -- C:\WINDOWS\system32\drivers\Netdevio.sys (TOSHIBA Corporation.) DRV - (SMCIRDA) -- C:\WINDOWS\system32\drivers\smcirda.sys (SMC) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.startsearcher.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.startsearcher.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = c:\WINDOWS\pchealth\helpctr\System\panels\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.startsearcher.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.startsearcher.com IE - HKCU\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZon1.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/02/24 22:20:12 | 000,000,000 | ---D | M] O1 HOSTS File: ([2011/01/15 09:25:04 | 000,428,979 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 14782 more lines... O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx () O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZon1.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [MaxUSBProc] C:\Program Files\Max Spyware Detector\MaxUSBProc.exe (Max Secure Software) O4 - HKLM..\Run: [sDActiveMonitor] C:\Program Files\Max Spyware Detector\MaxSDTray.exe (Max Secure Software) O4 - HKLM..\Run: [sDAutoScan] File not found O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\npjpi160_04.dll (Sun Microsystems, Inc.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation) O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.) O15 - HKCU\..Trusted Domains: internet ([]about in Internet) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftu...b?1277178508153 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_04) O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Java Plug-in 1.4.2_05) O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_04) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_04) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Pure Networks, Inc.) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation) O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation) O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) O24 - Desktop Components:0 () - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\5150\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\5150\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O27 - HKLM IFEO\OLT.exe: Debugger - svchost.exe (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{6f9b2765-c9e9-11df-9166-000fb0656037}\Shell - "" = AutoRun O33 - MountPoints2\{6f9b2765-c9e9-11df-9166-000fb0656037}\Shell\AutoRun - "" = Auto&Play O34 - HKLM BootExecute: (SDEarlyDelete) - File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/01/28 07:18:13 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\5150\Desktop\OTL.exe [2011/01/16 19:59:10 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\5150\Recent [2011/01/15 21:21:35 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group [2011/01/15 21:21:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\5150\Start Menu\Programs\Revo Uninstaller [2011/01/15 21:08:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner [2011/01/15 21:08:22 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011/01/14 22:06:03 | 000,000,000 | ---D | C] -- C:\a016658004ccf241a6 [2011/01/13 16:54:25 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\PILQKTXSCIS [2011/01/13 16:51:50 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\259061 [2011/01/05 14:03:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SupportSoft [2011/01/05 14:03:13 | 000,000,000 | ---D | C] -- C:\Program Files\Verizon [2010/02/19 23:20:16 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\IMPLODE.DLL [2004/07/10 21:11:42 | 000,131,072 | ---- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/01/28 07:18:16 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\5150\Desktop\OTL.exe [2011/01/28 07:13:01 | 000,002,048 | ---- | M] () -- C:\WINDOWS\bootstat.dat [2011/01/27 20:33:33 | 070,535,791 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2011/01/27 07:31:32 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2011/01/26 22:29:44 | 000,004,567 | ---- | M] () -- C:\Documents and Settings\5150\Desktop\Attach.zip [2011/01/26 21:36:03 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\5150\Desktop\lizye0m0.exe [2011/01/26 21:31:13 | 000,624,128 | ---- | M] () -- C:\Documents and Settings\5150\Desktop\dds.scr [2011/01/26 21:30:04 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\5150\defogger_reenable [2011/01/26 21:29:22 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\5150\Desktop\Defogger.exe [2011/01/24 21:00:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2011/01/17 09:04:33 | 000,000,683 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Max Spyware Detector.lnk [2011/01/15 21:48:07 | 009,366,016 | ---- | M] () -- C:\Documents and Settings\5150\My Documents\Killing Malicious Processes and Removing Harmful Files.wps [2011/01/15 21:21:36 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\5150\Desktop\Revo Uninstaller.lnk [2011/01/15 21:08:24 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk [2011/01/15 09:25:04 | 000,428,979 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2011/01/15 09:25:03 | 000,429,310 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110115-092504.backup [2011/01/14 22:06:31 | 000,000,211 | ---- | M] () -- C:\boot.ini [2011/01/14 22:01:25 | 000,429,445 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\host_new [2011/01/14 21:57:45 | 000,429,445 | RHS- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110115-092503.backup [2011/01/14 08:26:39 | 000,429,445 | RHS- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-191844.backup [2011/01/14 08:26:39 | 000,429,445 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-191858.backup [2011/01/14 08:26:39 | 000,429,445 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-191857.backup [2011/01/14 08:26:39 | 000,429,445 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-191856.backup [2011/01/14 08:26:39 | 000,429,445 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-191855.backup [2011/01/14 08:26:39 | 000,429,445 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-191854.backup [2011/01/14 08:26:39 | 000,429,445 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-191853.backup [2011/01/14 08:26:39 | 000,429,445 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-191852.backup [2011/01/14 08:26:39 | 000,429,445 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-191851.backup [2011/01/13 20:21:12 | 000,429,398 | RHS- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110113-202753.backup [2011/01/13 20:21:12 | 000,429,398 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-074700.backup [2011/01/13 20:21:12 | 000,429,398 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-074659.backup [2011/01/13 20:21:12 | 000,429,398 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-074658.backup [2011/01/13 20:21:12 | 000,429,398 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-074657.backup [2011/01/13 20:21:12 | 000,429,398 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-074652.backup [2011/01/13 20:21:12 | 000,429,398 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-062010.backup [2011/01/13 20:21:12 | 000,429,398 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-062008.backup [2011/01/13 20:21:12 | 000,429,398 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-062007.backup [2011/01/13 20:21:12 | 000,429,398 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-062006.backup [2011/01/13 20:21:12 | 000,429,398 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-062005.backup [2011/01/13 20:21:12 | 000,429,398 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-062004.backup [2011/01/13 20:21:12 | 000,429,398 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-062003.backup [2011/01/13 20:21:12 | 000,429,398 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-061954.backup [2011/01/13 20:21:12 | 000,429,398 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-061948.backup [2011/01/13 20:21:12 | 000,429,398 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110114-061928.backup [2011/01/13 20:21:12 | 000,429,398 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110113-202807.backup [2011/01/13 20:21:12 | 000,429,398 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110113-202806.backup [2011/01/13 20:21:12 | 000,429,398 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110113-202805.backup [2011/01/13 20:21:12 | 000,429,398 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110113-202804.backup [2011/01/13 20:21:12 | 000,429,398 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110113-202801.backup [2011/01/07 21:30:46 | 001,348,096 | ---- | M] (Max Secure Software) -- C:\WINDOWS\System32\CheckDll.dll [2011/01/05 13:56:30 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/01/26 22:29:44 | 000,004,567 | ---- | C] () -- C:\Documents and Settings\5150\Desktop\Attach.zip [2011/01/26 21:36:07 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\5150\Desktop\lizye0m0.exe [2011/01/26 21:31:12 | 000,624,128 | ---- | C] () -- C:\Documents and Settings\5150\Desktop\dds.scr [2011/01/26 21:30:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\5150\defogger_reenable [2011/01/26 21:29:22 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\5150\Desktop\Defogger.exe [2011/01/15 21:48:02 | 009,366,016 | ---- | C] () -- C:\Documents and Settings\5150\My Documents\Killing Malicious Processes and Removing Harmful Files.wps [2011/01/15 21:21:36 | 000,000,917 | ---- | C] () -- C:\Documents and Settings\5150\Desktop\Revo Uninstaller.lnk [2011/01/15 21:08:24 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk [2011/01/05 14:13:03 | 008,724,992 | ---- | C] () -- C:\WINDOWS\VzInHomeAgentInstaller.msi [2011/01/05 14:03:42 | 009,836,032 | ---- | C] () -- C:\WINDOWS\VerizonDM.msi [2010/10/16 06:10:29 | 000,000,422 | ---- | C] () -- C:\WINDOWS\videoimp.ini [2010/10/16 06:10:28 | 000,002,193 | ---- | C] () -- C:\WINDOWS\photoimpression.ini [2010/10/16 06:10:11 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll [2010/09/27 19:34:43 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\hpgt53.dll [2010/02/19 23:20:55 | 000,098,816 | ---- | C] () -- C:\WINDOWS\System32\Pbtrvd32.dll [2010/02/19 23:20:55 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\Sbtrv32.dll [2010/02/19 23:20:55 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\Swcomp32.dll [2010/02/19 23:20:54 | 000,092,160 | ---- | C] () -- C:\WINDOWS\System32\Pedtconv.dll [2010/02/19 23:20:51 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\Vamngr32.dll [2010/02/19 23:20:18 | 000,054,272 | ---- | C] () -- C:\WINDOWS\System32\P2IRDAO.DLL [2010/02/19 23:20:17 | 000,050,176 | ---- | C] () -- C:\WINDOWS\System32\P2CTDAO.DLL [2010/02/19 23:20:17 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\P2BBND.DLL [2010/02/19 23:20:16 | 000,748,160 | ---- | C] () -- C:\WINDOWS\System32\CO2C40EN.DLL [2009/01/24 07:43:57 | 000,000,104 | ---- | C] () -- C:\WINDOWS\System32\ProxySettings.ini [2009/01/02 10:39:52 | 000,000,000 | R--- | C] () -- C:\WINDOWS\System32\RCCustomSetup.ini [2008/11/19 22:06:14 | 000,008,704 | ---- | C] () -- C:\Documents and Settings\5150\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/11/10 23:47:16 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\sh33w32.dll [2008/09/10 13:33:29 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini [2008/09/10 13:15:04 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006/02/09 14:46:30 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\VSHP1020.DLL [2004/09/16 16:58:56 | 000,010,739 | ---- | C] () -- C:\WINDOWS\wininit.ini [2004/09/16 16:58:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TPTray.INI [2004/09/16 16:58:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CeEKey.INI [2004/08/16 08:49:44 | 000,000,895 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI [2004/08/16 08:27:42 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2004/08/16 08:27:42 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2004/08/16 08:27:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2004/08/16 08:27:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2004/08/16 08:27:42 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2004/08/16 08:27:42 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2004/08/12 13:23:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI [2004/08/12 13:21:10 | 000,006,867 | ---- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys [2004/08/12 13:17:15 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini [2004/08/12 13:17:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll [2004/08/12 13:17:15 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini [2004/08/12 13:17:15 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini [2004/08/12 13:14:27 | 000,356,352 | ---- | C] () -- C:\WINDOWS\System32\EMCRI.dll [2004/08/12 12:56:22 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2004/08/12 11:54:51 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2004/08/12 11:50:40 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini [2004/08/12 11:43:36 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2004/08/12 10:34:05 | 000,000,384 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2004/08/12 04:39:11 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2004/07/12 22:18:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2004/07/10 20:35:18 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll ========== LOP Check ========== [2010/10/16 06:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\5150\Application Data\Canon [2010/07/26 06:50:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\5150\Application Data\CheckPoint [2004/08/16 08:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\5150\Application Data\InterTrust [2004/08/16 09:12:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\5150\Application Data\InterVideo [2008/09/17 12:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\5150\Application Data\MSNInstaller [2011/01/28 07:18:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\5150\Application Data\MxBoost [2008/09/17 13:27:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\5150\Application Data\T-Mobile [2008/09/17 11:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\5150\Application Data\Template [2004/08/16 07:57:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\5150\Application Data\toshiba [2009/01/27 17:14:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\5150\Application Data\Viewpoint [2011/01/16 08:36:25 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\259061 [2010/05/21 18:49:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9 [2010/07/05 08:17:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KEDDS [2010/02/03 07:27:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Max Secure [2008/09/10 14:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster [2010/07/05 08:17:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OrbNetworks [2010/03/03 21:46:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters [2011/01/13 16:54:25 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\PILQKTXSCIS [2009/01/02 10:40:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\T-Mobile [2010/12/14 19:01:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{2162CCC0-3A5F-4887-B51F-CE5F195B3620} [2010/09/01 10:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2010/02/07 08:55:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9} [2011/01/27 07:31:32 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job ========== Purity Check ========== < End of report >
  12. riverrunner06
    Thank you for the quick response! I was able to run the scans though it took a few tries to get DDS to finish a scan. Hope this will be of help... This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish. Rkill was run on 01/27/2011 at 7:41:34. Operating System: Microsoft Windows XP Processes terminated by Rkill or while it was running: Rkill completed on 01/27/2011 at 7:41:49. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5618 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 1/27/2011 8:28:17 AM mbam-log-2011-01-27 (08-28-17).txt Scan type: Quick scan Objects scanned: 172456 Time elapsed: 41 minute(s), 41 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) DDS (Ver_10-12-12.02) - NTFSx86 Run by 5150 at 20:24:22.29 on Thu 01/27/2011 Internet Explorer: 7.0.5730.13 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1407.821 [GMT -8:00] AV: Personal Internet Security 2011 *Enabled/Updated* {A9AC25CD-99A7-4312-9087-F98EEC05F959} AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33} AV: Personal Internet Security 2011 *Enabled/Updated* {5D4C6705-7015-49DD-A35A-EBBECCEE1B78} FW: Personal Internet Security 2011 *Enabled* FW: ZoneAlarm Firewall *Enabled* FW: Personal Internet Security 2011 *Enabled* ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\ACS.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe svchost.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\Max Spyware Detector\MaxWatchDogService.exe C:\Program Files\Max Spyware Detector\MaxActMon.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\AVG\AVG9\avgemc.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Max Spyware Detector\MaxSDTray.exe C:\Program Files\Max Spyware Detector\MaxUSBProc.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\Max Spyware Detector\MaxDSrv.exe C:\Documents and Settings\5150\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.startsearcher.com uSearch Bar = hxxp://www.toshiba.com/search uLocal Page = c:\windows\pchealth\helpctr\system\panels\blank.htm mStart Page = hxxp://www.startsearcher.com uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch uInternet Settings,ProxyOverride = *.local uURLSearchHooks: ZoneAlarm Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - c:\program files\zonealarm\tbZon1.dll mWinlogon: Userinit=c:\windows\system32\userinit.exe BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_04\bin\ssv.dll TB: ZoneAlarm Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - c:\program files\zonealarm\tbZon1.dll TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe" mRun: [sDActiveMonitor] c:\program files\max spyware detector\MaxSDTray.exe -AUTO mRun: [MaxUSBProc] c:\program files\max spyware detector\MaxUSBProc.exe mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe mRun: [sDAutoScan] IE: &AOL Toolbar search IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_04\bin\ssv.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1277178508153 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll Notify: avgrsstarter - avgrsstx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll IFEO: OLT.exe - svchost.exe Hosts: 127.0.0.1 www.spywareinfo.com Hosts: 65.98.95.68 www.google.com Hosts: 65.98.95.68 google.com Hosts: 65.98.95.68 google.com.au Hosts: 65.98.95.68 www.google.com.au Note: multiple HOSTS entries found. Please refer to Attach.txt ============= SERVICES / DRIVERS =============== R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-2-19 64288] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-5-21 216400] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-5-21 29584] R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-5-21 243024] R1 MaxProtector32;MaxProtector32;c:\program files\max spyware detector\MaxProtector32.sys [2011-1-7 40592] R1 SDManager;SDManager;c:\program files\max spyware detector\SDManager.sys [2010-5-22 33936] R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2009-1-25 532224] R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-7-16 921952] R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-16 308136] R2 MaxWatchDogService;MaxWatchDogService;c:\program files\max spyware detector\MaxWatchDogService.exe [2010-5-22 507536] R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?] R3 MaxDSrv;MaxDSrv;c:\program files\max spyware detector\MaxDSrv.exe [2011-1-17 450704] R3 SDActMon;SDActMon;c:\program files\max spyware detector\SDActMon.sys [2010-5-22 37520] S2 MaxNPF;MaxNPF; [x] S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-12-3 1402272] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2010-12-3 15264] S3 SEM43XX;Sony Ericsson 802.11 Wireless LAN Adapter Driver SEM43XX;c:\windows\system32\drivers\semwl5.SYS [2005-1-2 368896] S3 SEMWModem;Sony Ericsson SEMWModem;c:\windows\system32\drivers\GCXX.sys [2005-1-2 114944] S3 SEMWWNIC;Sony Ericsson SEMWWNIC;c:\windows\system32\drivers\GCXXNet.sys [2005-1-2 53248] S3 Sony_EricssonWWSC;Sony Ericsson SIM Card Reader;c:\windows\system32\drivers\GCXXSC.sys [2004-12-21 21888] S4 KodakDigitalDisplayService;KodakDigitalDisplayService;c:\program files\kodak\digital display\orbkodaklauncher\DllStartupService.exe [2008-3-6 81920] =============== Created Last 30 ================ 2011-01-16 05:21:35 -------- d-----w- c:\program files\VS Revo Group 2011-01-16 05:08:22 -------- d-----w- c:\program files\CCleaner 2011-01-15 06:06:03 -------- d-----w- C:\a016658004ccf241a6 2011-01-14 00:54:25 -------- d-sh--w- c:\docume~1\alluse~1\applic~1\PILQKTXSCIS 2011-01-14 00:51:50 -------- d-sh--w- c:\docume~1\alluse~1\applic~1\259061 2011-01-05 22:13:03 8724992 ----a-w- c:\windows\VzInHomeAgentInstaller.msi 2011-01-05 22:03:42 9836032 ----a-w- c:\windows\VerizonDM.msi 2011-01-05 22:03:14 -------- d-----w- c:\program files\common files\SupportSoft 2011-01-05 22:03:13 -------- d-----w- c:\program files\Verizon ==================== Find3M ==================== 2011-01-08 05:30:46 1348096 ----a-w- c:\windows\system32\CheckDll.dll 2010-12-08 17:12:59 8136704 ---ha-w- c:\windows\system32\SecSigDB.BIN 2010-12-08 17:12:59 450000 ---ha-w- c:\windows\system32\NameDB.BIN 2010-12-03 09:05:33 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-11-30 01:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-11-30 01:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts 2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll 2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll 2010-11-06 00:34:12 832512 ----a-w- c:\windows\system32\wininet.dll 2010-11-06 00:34:11 78336 ------w- c:\windows\system32\ieencode.dll 2010-11-06 00:34:11 1830912 ------w- c:\windows\system32\inetcpl.cpl 2010-11-06 00:34:11 17408 ------w- c:\windows\system32\corpol.dll 2010-11-03 12:25:53 389120 ------w- c:\windows\system32\html.iec ============= FINISH: 20:25:08.62 ===============
  13. riverrunner06
    Hi, I have been battling a program named Personal Internet Security 2011 on my lap top for a couple weeks ( I only have a couple hours in the evening that I can work at this) and found that Malwarebytes rid my machine of the basic program but, it still has the redirecting thing going on. I read a thread on this site about a similar problem on redirecting that spurred me to seek assistance here. So here goes... As mentioned redirecting is the most noticeable problem. Then there is the other issues like the computer shuts off when I run Spy Bot S&D after about 10 minutes. It has recently started doing the same when I run Malwarebytes. Since I rid the Personal Internet Security 2011 from my PC I have run numerous scans and cleaned countless items. I have used CCleaner, Spy Bot, Max Spyware Dectector, AVG9 & Registry Healer. All of which I have used for some time. This problem persists. And now GMER will not complete as the machines goes to a black screen and shuts down after 10 minutes or so. I have run DeFogger, DDS, and attepmted GMER. Seems the critters on the web are getting more devious and difficult to weed out. Any help with this would be apreciated. Please find below the results of scans, thanks. DDS (Ver_10-12-12.02) - NTFSx86 Run by 5150 at 21:31:57.89 on Wed 01/26/2011 Internet Explorer: 7.0.5730.13 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1407.623 [GMT -8:00] AV: Personal Internet Security 2011 *Enabled/Updated* {A9AC25CD-99A7-4312-9087-F98EEC05F959} AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33} AV: Personal Internet Security 2011 *Enabled/Updated* {5D4C6705-7015-49DD-A35A-EBBECCEE1B78} FW: Personal Internet Security 2011 *Enabled* FW: ZoneAlarm Firewall *Enabled* FW: Personal Internet Security 2011 *Enabled* ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\ACS.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgrsx.exe svchost.exe svchost.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Max Spyware Detector\MaxSDTray.exe svchost.exe C:\Program Files\Max Spyware Detector\MaxUSBProc.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\Max Spyware Detector\MaxWatchDogService.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\Max Spyware Detector\MaxActMon.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\AVG\AVG9\avgemc.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\Max Spyware Detector\MaxDSrv.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Maxthon2\Maxthon.exe C:\Documents and Settings\5150\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.startsearcher.com uSearch Bar = hxxp://www.toshiba.com/search uLocal Page = c:\windows\pchealth\helpctr\system\panels\blank.htm mStart Page = hxxp://www.startsearcher.com uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch uInternet Settings,ProxyOverride = *.local uURLSearchHooks: ZoneAlarm Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - c:\program files\zonealarm\tbZon1.dll mWinlogon: Userinit=c:\windows\system32\userinit.exe BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_04\bin\ssv.dll TB: ZoneAlarm Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - c:\program files\zonealarm\tbZon1.dll TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe" mRun: [sDActiveMonitor] c:\program files\max spyware detector\MaxSDTray.exe -AUTO mRun: [MaxUSBProc] c:\program files\max spyware detector\MaxUSBProc.exe mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe mRun: [sDAutoScan] IE: &AOL Toolbar search IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_04\bin\ssv.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1277178508153 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll Notify: avgrsstarter - avgrsstx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll IFEO: OLT.exe - svchost.exe Hosts: 127.0.0.1 www.spywareinfo.com Hosts: 65.98.95.68 www.google.com Hosts: 65.98.95.68 google.com Hosts: 65.98.95.68 google.com.au Hosts: 65.98.95.68 www.google.com.au Note: multiple HOSTS entries found. Please refer to Attach.txt ============= SERVICES / DRIVERS =============== R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-2-19 64288] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-5-21 216400] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-5-21 29584] R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-5-21 243024] R1 MaxProtector32;MaxProtector32;c:\program files\max spyware detector\MaxProtector32.sys [2011-1-7 40592] R1 SDManager;SDManager;c:\program files\max spyware detector\SDManager.sys [2010-5-22 33936] R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2009-1-25 532224] R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-7-16 921952] R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-16 308136] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-12-3 1402272] R2 MaxWatchDogService;MaxWatchDogService;c:\program files\max spyware detector\MaxWatchDogService.exe [2010-5-22 507536] R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?] R3 MaxDSrv;MaxDSrv;c:\program files\max spyware detector\MaxDSrv.exe [2011-1-17 450704] R3 SDActMon;SDActMon;c:\program files\max spyware detector\SDActMon.sys [2010-5-22 37520] S2 MaxNPF;MaxNPF; [x] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2010-12-3 15264] S3 SEM43XX;Sony Ericsson 802.11 Wireless LAN Adapter Driver SEM43XX;c:\windows\system32\drivers\semwl5.SYS [2005-1-2 368896] S3 SEMWModem;Sony Ericsson SEMWModem;c:\windows\system32\drivers\GCXX.sys [2005-1-2 114944] S3 SEMWWNIC;Sony Ericsson SEMWWNIC;c:\windows\system32\drivers\GCXXNet.sys [2005-1-2 53248] S3 Sony_EricssonWWSC;Sony Ericsson SIM Card Reader;c:\windows\system32\drivers\GCXXSC.sys [2004-12-21 21888] S4 KodakDigitalDisplayService;KodakDigitalDisplayService;c:\program files\kodak\digital display\orbkodaklauncher\DllStartupService.exe [2008-3-6 81920] =============== Created Last 30 ================ 2011-01-16 05:21:35 -------- d-----w- c:\program files\VS Revo Group 2011-01-16 05:08:22 -------- d-----w- c:\program files\CCleaner 2011-01-15 06:06:03 -------- d-----w- C:\a016658004ccf241a6 2011-01-14 00:54:25 -------- d-sh--w- c:\docume~1\alluse~1\applic~1\PILQKTXSCIS 2011-01-14 00:51:50 -------- d-sh--w- c:\docume~1\alluse~1\applic~1\259061 2011-01-05 22:13:03 8724992 ----a-w- c:\windows\VzInHomeAgentInstaller.msi 2011-01-05 22:03:42 9836032 ----a-w- c:\windows\VerizonDM.msi 2011-01-05 22:03:14 -------- d-----w- c:\program files\common files\SupportSoft 2011-01-05 22:03:13 -------- d-----w- c:\program files\Verizon ==================== Find3M ==================== 2011-01-08 05:30:46 1348096 ----a-w- c:\windows\system32\CheckDll.dll 2010-12-08 17:12:59 8136704 ---ha-w- c:\windows\system32\SecSigDB.BIN 2010-12-08 17:12:59 450000 ---ha-w- c:\windows\system32\NameDB.BIN 2010-12-03 09:05:33 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-11-30 01:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-11-30 01:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts 2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll 2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll 2010-11-06 00:34:12 832512 ----a-w- c:\windows\system32\wininet.dll 2010-11-06 00:34:11 78336 ------w- c:\windows\system32\ieencode.dll 2010-11-06 00:34:11 1830912 ------w- c:\windows\system32\inetcpl.cpl 2010-11-06 00:34:11 17408 ------w- c:\windows\system32\corpol.dll 2010-11-03 12:25:53 389120 ------w- c:\windows\system32\html.iec ============= FINISH: 21:33:17.18 =============== Attach.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.