Jump to content

Flutey

Members
  • Posts

    7
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I shall go through those links and do what you suggested Thanks for all your help
  2. Hi I ran the scan and it said 'No Infection Found' do you think the comp is clean now? Thanks again
  3. Here is the attach.txt log . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume2 Install Date: 07/11/2009 04:36:56 System Uptime: 21/09/2011 09:31:55 (1 hours ago) . Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | NC10 Processor: Intel® Atom CPU N270 @ 1.60GHz | U2E1 | 1596/mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 143 GiB total, 100.498 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP1: 20/09/2011 21:23:29 - System Checkpoint RP2: 20/09/2011 21:56:02 - Installed AVG 2012 RP3: 20/09/2011 21:56:33 - Installed AVG 2012 . ==== Installed Programs ====================== . 32 Bit HP CIO Components Installer Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Help Center 2.0 Adobe Photoshop Elements 4.0 Adobe Reader X (10.1.1) Adobe Shockwave Player 11.5 Amazon Kindle Apple Application Support Apple Mobile Device Support Apple Software Update Atheros WLAN Client Audials Audials TV AVG 2012 AVG PC Tuneup 2011 Bonjour BufferChm C4600 ClickNKIDS 1.0 DaisyTrail Fishing Digikit DBXpress Destinations DeviceDiscovery Easy Display Manager Easy Network Manager GPBaseService2 Hide IP NG 1.55 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB942288-v3) HP Customer Participation Program 13.0 HP Imaging Device Functions 13.0 HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5 HP Print Projects 1.0 HP Smart Web Printing 4.60 HP Solution Center 13.0 HP Update HPDiagnosticAlert hpPrintProjects HPProductAssistant HPSSupply hpWLPGInstaller imagine digital freedom - Samsung Intel® Graphics Media Accelerator Driver iTunes Java Auto Updater Java 7 Magic Keyboard Malwarebytes' Anti-Malware version 1.51.2.1300 MarketResearch Marvell Miniport Driver Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2416447) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Mozilla Firefox 6.0.2 (x86 en-GB) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK Namuga 1.3M Webcam OpenOffice.org 3.1 Orange Mobile Broadband Play Camera PS_AIO_05_C4600_Software_Min QuickTime Realtek High Definition Audio Driver Samsung Battery Manager Samsung EDS Samsung Magic Doctor Samsung Recovery Solution III Samsung Update Plus Samsung Wallpaper Scan Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Windows Internet Explorer 8 (KB2183461) Security Update for Windows Internet Explorer 8 (KB2360131) Security Update for Windows Internet Explorer 8 (KB2416400) Security Update for Windows Internet Explorer 8 (KB2482017) Security Update for Windows Internet Explorer 8 (KB2497640) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2530548) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2559049) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Segoe UI Serif CraftArtist Baby Photos Collection Serif CraftArtist Greeting Cards Collection Serif CraftArtist Professional Serif CraftArtist Scrapbooks Collection Serif CraftArtist Wedding Day Collection Shop for HP Supplies Sky Broadband Sky Broadband Browser Branding Skype Toolbars Skype™ 4.2 SmartWebPrinting SolutionCenter Status Synaptics Pointing Device Driver System Requirements Lab TomTom HOME 2.8.2.2264 TomTom HOME Visual Studio Merge Modules Toolbox TrayApp Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Windows Internet Explorer 8 (KB976662) Update for Windows Internet Explorer 8 (KB980182) Update for Windows Internet Explorer 8 (KB980302) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) User Guide WebFldrs XP WebReg WIDCOMM Bluetooth Software Windows Internet Explorer 8 Windows Live Communications Platform Windows Live Essentials Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Media Format 11 runtime Windows Media Player 11 Yahoo! Detect . ==== Event Viewer Messages From Past Week ======== . 20/09/2011 21:33:47, error: Service Control Manager [7034] - The Marvell Yukon Service service terminated unexpectedly. It has done this 1 time(s). 20/09/2011 21:25:40, error: Service Control Manager [7034] - The Adobe Active File Monitor V4 service terminated unexpectedly. It has done this 1 time(s). 20/09/2011 11:32:11, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service. 16/09/2011 18:34:18, error: Service Control Manager [7023] - The System Restore Service service terminated with the following error: The system cannot find the file specified. 16/09/2011 18:34:13, error: SRService [104] - The System Restore initialization process failed. 15/09/2011 08:26:42, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the avgwd service. 14/09/2011 07:34:36, error: ipnathlp [32003] - The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code. . ==== End Of File ===========================
  4. Hi, everything seems to be running ok, haven't seen the blue screen again. I haven't run an AVG scan since it found the 'rootkit'. Should I go back and ask it to remove that file? Or was it a false positive? Thanks again
  5. Hi, I've run Combofix, here's the log Thanks again ComboFix 11-09-20.04 - Abi 20/09/2011 21:26:09.3.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.479 [GMT 1:00] Running from: c:\documents and settings\Abi\My Documents\Downloads\ComboFix.exe FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Abi\Local Settings\Application Data\ApplicationHistory c:\documents and settings\Abi\Local Settings\Application Data\ApplicationHistory\ngen.exe.2c05686e.ini c:\windows\system32\d3d9caps.dat . . ((((((((((((((((((((((((( Files Created from 2011-08-20 to 2011-09-20 ))))))))))))))))))))))))))))))) . . 2011-09-05 17:04 . 2011-09-05 17:04 183696 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll 2011-09-05 17:04 . 2011-09-05 17:04 183696 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll 2011-09-02 20:19 . 2011-09-02 20:19 -------- d-----w- c:\program files\TomTom International B.V 2011-09-02 11:06 . 2011-09-02 11:06 -------- d-----w- c:\program files\Sky Broadband 2011-09-02 07:40 . 2011-09-02 07:40 -------- d-----w- c:\program files\iPod 2011-09-02 07:40 . 2011-09-02 07:41 -------- d-----w- c:\program files\iTunes 2011-08-23 07:47 . 2011-08-23 07:47 -------- d-----w- c:\documents and settings\Abi\Local Settings\Application Data\Help . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-09-09 09:12 . 2009-02-12 18:05 599040 ----a-w- c:\windows\system32\crypt32.dll 2011-09-09 06:11 . 2011-05-21 06:31 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-08-31 16:00 . 2010-05-22 09:55 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-21 07:20 . 2011-08-21 07:20 128000 ----a-w- c:\windows\system32\javacpl.cpl 2011-08-21 07:20 . 2010-05-23 08:56 544656 ----a-w- c:\windows\system32\deployJava1.dll 2011-07-15 13:29 . 2009-02-12 18:05 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-07-12 10:20 . 2011-07-12 10:20 83816 ----a-w- c:\windows\system32\dns-sd.exe 2011-07-12 10:20 . 2011-07-12 10:20 73064 ----a-w- c:\windows\system32\dnssd.dll 2011-07-08 14:02 . 2009-02-12 18:05 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys 2011-07-05 17:37 . 2011-07-05 17:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2011-07-05 17:37 . 2011-07-05 17:37 69632 ----a-w- c:\windows\system32\QuickTime.qts 2011-06-24 14:10 . 2009-02-12 19:22 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2011-06-23 18:36 . 2009-02-12 18:05 916480 ----a-w- c:\windows\system32\wininet.dll 2011-06-23 18:36 . 2009-02-12 18:05 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-06-23 18:36 . 2009-02-12 18:05 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-06-23 12:05 . 2009-02-12 18:05 385024 ----a-w- c:\windows\system32\html.iec 2011-09-07 06:26 . 2011-05-11 19:35 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2008-08-26 16851456] "EDS"="c:\program files\Samsung\Samsung EDS\EDSAgent.exe" [2007-12-21 659456] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-28 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-28 1044480] "DMHotKey"="c:\program files\Samsung\Easy Display Manager\DMLoader.exe" [2006-12-27 466944] "BatteryManager"="c:\program files\Samsung\Samsung Battery Manager\BatteryManager.exe" [2008-10-20 2768896] "MagicKeyboard"="c:\program files\SAMSUNG\MagicKBD\PreMKBD.exe" [2006-05-15 151552] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-09 57344] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-19 421736] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\Abi\Start Menu\Programs\Startup\ OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-9-17 580200] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768] Launcher.lnk - c:\program files\OrangeMobileBroadband\OrangeMobileBroadband_Launcher.exe [2011-5-28 505296] Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"= "c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"= "c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= . R2 DOSMEMIO;MEMIO;c:\windows\system32\MEMIO.SYS [12/02/2009 20:29 4300] R2 OrangeMobileBroadband_Service;OrangeMobileBroadband_Service;c:\program files\OrangeMobileBroadband\OrangeMobileBroadband_Service.exe [28/05/2011 18:28 333264] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [22/04/2011 13:21 92592] R3 DNSeFilter;DNSeFilter;c:\windows\system32\drivers\SamsungEDS.SYS [15/01/2008 04:01 30208] R3 RRNetCapMP;RRNetCapMP;c:\windows\system32\drivers\rrnetcap.sys [21/12/2010 16:52 31848] R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [18/05/2010 14:03 27632] R3 VMC326;Vimicro Camera Service VMC326;c:\windows\system32\drivers\VMC326.sys [12/02/2009 20:33 238464] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 13:16 130384] S2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32mpcoinst,serviceStartProc --> RUNDLL32.EXE ykx32mpcoinst,serviceStartProc [?] S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [18/05/2010 14:03 13224] S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [28/05/2011 18:28 103040] S3 RRNetCap;RRNetCap Service;c:\windows\system32\drivers\rrnetcap.sys [21/12/2010 16:52 31848] S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [18/05/2010 14:10 86696] S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [18/05/2010 14:10 15016] S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [18/05/2010 14:10 114472] S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [18/05/2010 14:10 108328] S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [18/05/2010 14:10 26024] S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [18/05/2010 14:10 104616] S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [18/05/2010 14:10 109736] S3 SUEPD;SUE NDIS Protocol Driver;c:\windows\system32\drivers\SUE_PD.sys [02/08/2006 00:57 19840] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 13:16 753504] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2011-09-09 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.sky.com uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - FF - ProfilePath - c:\documents and settings\Abi\Application Data\Mozilla\Firefox\Profiles\y3wth8zt.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/ FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4ddac59a&v=7.008.031.001&i=26&tp=ab&iy=&ychte=uk&lng=en-GB&q= FF - prefs.js: network.proxy.gopher - FF - prefs.js: network.proxy.gopher_port - 0 FF - prefs.js: network.proxy.type - 0 FF - user.js: network.proxy.type - 0 FF - user.js: network.proxy.http - FF - user.js: network.proxy.http_port - 0 FF - user.js: network.proxy.ssl - FF - user.js: network.proxy.ssl_port - 0 FF - user.js: network.proxy.ftp - FF - user.js: network.proxy.ftp_port - 0 FF - user.js: network.proxy.gopher - FF - user.js: network.proxy.gopher_port - 0 FF - user.js: network.proxy.socks_version - 5 FF - user.js: network.proxy.socks - FF - user.js: network.proxy.socks_port - 0 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-09-20 21:36 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . Completion time: 2011-09-20 21:39:41 ComboFix-quarantined-files.txt 2011-09-20 20:39 ComboFix2.txt 2011-05-23 13:32 . Pre-Run: 108,115,431,424 bytes free Post-Run: 108,212,625,408 bytes free . - - End Of File - - D76506C1E1CA026D8CFB15BC69CD695A
  6. Hi Elise, thanks for your message. I ran the scan you requested and it said 'No infections Found'.
  7. Hi, my virus scanner (AVG) ran it's usual scan today and flagged up a possible rootkit. Apparently it's within Firefox files, but it's never 'found' it before so I'm a bit confused as to whether I have a problem or not. After this scan my computer did crash and I got a completely blue screen with a message saying something to do with Hardware Failure. But I managed to close and restart it. I hope someone can help me work this one out? Thanks Here is the DDS log . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.0.0 Run by Abi at 23:10:36 on 2011-09-19 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.299 [GMT 1:00] . AV: AVG Internet Security 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Firewall *Enabled* . ============== Running Processes =============== . C:\PROGRA~1\AVG\AVG10\avgchsvx.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG10\avgfws.exe C:\Program Files\AVG\AVG10\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\svchost.exe -k hpdevmgmt C:\Program Files\Java\jre7\bin\jqs.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\Program Files\OrangeMobileBroadband\OrangeMobileBroadband_Service.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVG\AVG10\avgam.exe C:\Program Files\AVG\AVG10\avgnsx.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\AVG\AVG10\avgtray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe C:\Program Files\SAMSUNG\MagicKBD\PerformanceManager.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\OrangeMobileBroadband\OrangeMobileBroadband_Launcher.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\WINDOWS\system32\igfxext.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\AVG\AVG10\avgemcx.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\AVG\AVG10\avgcsrvx.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\PROGRA~1\AVG\AVG10\avgrsx.exe C:\Program Files\AVG\AVG10\avgcsrvx.exe C:\Program Files\Outlook Express\msimn.exe C:\WINDOWS\system32\SearchProtocolHost.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.sky.com uWindow Title = Internet Explorer Provided By Sky Broadband uDefault_Page_URL = hxxp://www.sky.com uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe" uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [EDS] c:\program files\samsung\samsung eds\EDSAgent.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [DMHotKey] c:\program files\samsung\easy display manager\DMLoader.exe mRun: [batteryManager] c:\program files\samsung\samsung battery manager\BatteryManager.exe mRun: [MagicKeyboard] c:\program files\samsung\magickbd\PreMKBD.exe mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop elements 4.0\apdproxy.exe" mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [<NO NAME>] mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\abi\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\launcher.lnk - c:\program files\orangemobilebroadband\OrangeMobileBroadband_Launcher.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: Send To Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{6647827C-CBC5-409F-8325-5C991B2F86FD} : DhcpNameServer = 192.168.0.1 Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg10\toolbar\IEToolbar.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\abi\application data\mozilla\firefox\profiles\y3wth8zt.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/ FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4ddac59a&v=7.008.031.001&i=26&tp=ab&iy=&ychte=uk&lng=en-GB&q= FF - prefs.js: network.proxy.gopher - FF - prefs.js: network.proxy.gopher_port - 0 FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\documents and settings\abi\application data\mozilla\firefox\profiles\y3wth8zt.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre7\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.proxy.type - 0 FF - user.js: network.proxy.http - FF - user.js: network.proxy.http_port - 0 FF - user.js: network.proxy.ssl - FF - user.js: network.proxy.ssl_port - 0 FF - user.js: network.proxy.ftp - FF - user.js: network.proxy.ftp_port - 0 FF - user.js: network.proxy.gopher - FF - user.js: network.proxy.gopher_port - 0 FF - user.js: network.proxy.socks_version - 5 FF - user.js: network.proxy.socks - FF - user.js: network.proxy.socks_port - 0 . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-5 297168] R2 avgfws;AVG Firewall;c:\program files\avg\avg10\avgfws.exe [2011-3-9 2708024] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-8-18 7390560] R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520] R2 DOSMEMIO;MEMIO;c:\windows\system32\MEMIO.SYS [2009-2-12 4300] R2 OrangeMobileBroadband_Service;OrangeMobileBroadband_Service;c:\program files\orangemobilebroadband\OrangeMobileBroadband_Service.exe [2011-5-28 333264] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2011-4-22 92592] R2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32mpcoinst,serviceStartProc --> RUNDLL32.EXE ykx32mpcoinst,serviceStartProc [?] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2010-7-12 30432] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-4-14 134480] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 27216] R3 DNSeFilter;DNSeFilter;c:\windows\system32\drivers\SamsungEDS.SYS [2008-1-15 30208] R3 RRNetCapMP;RRNetCapMP;c:\windows\system32\drivers\rrnetcap.sys [2010-12-21 31848] R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2010-5-18 27632] R3 VMC326;Vimicro Camera Service VMC326;c:\windows\system32\drivers\VMC326.sys [2009-2-12 238464] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2011-5-23 984392] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2010-7-12 30432] S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2010-5-18 13224] S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [2011-5-28 103040] S3 RRNetCap;RRNetCap Service;c:\windows\system32\drivers\rrnetcap.sys [2010-12-21 31848] S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [2010-5-18 86696] S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [2010-5-18 15016] S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [2010-5-18 114472] S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [2010-5-18 108328] S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [2010-5-18 26024] S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [2010-5-18 104616] S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [2010-5-18 109736] S3 SUEPD;SUE NDIS Protocol Driver;c:\windows\system32\drivers\SUE_PD.sys [2006-8-2 19840] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2011-09-05 17:04:56 183696 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll 2011-09-05 17:04:56 183696 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll 2011-09-02 20:19:35 -------- d-----w- c:\program files\TomTom International B.V 2011-09-02 11:06:41 -------- d-----w- c:\program files\Sky Broadband 2011-09-02 07:40:54 -------- d-----w- c:\program files\iPod 2011-09-02 07:40:38 -------- d-----w- c:\program files\iTunes 2011-08-23 07:47:27 -------- d-----w- c:\documents and settings\abi\local settings\application data\Help 2011-08-21 14:18:09 -------- d-----w- c:\documents and settings\abi\local settings\application data\Sun 2011-08-21 07:20:30 128000 ----a-w- c:\windows\system32\javacpl.cpl . ==================== Find3M ==================== . 2011-09-19 22:12:00 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll 2011-09-09 06:11:06 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-08-31 16:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-21 07:20:11 544656 ----a-w- c:\windows\system32\deployJava1.dll 2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-07-12 10:20:54 83816 ----a-w- c:\windows\system32\dns-sd.exe 2011-07-12 10:20:54 73064 ----a-w- c:\windows\system32\dnssd.dll 2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys 2011-07-05 17:37:00 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2011-07-05 17:37:00 69632 ----a-w- c:\windows\system32\QuickTime.qts 2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2011-06-23 18:36:30 916480 ----a-w- c:\windows\system32\wininet.dll 2011-06-23 18:36:30 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-06-23 18:36:30 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-06-23 12:05:13 385024 ----a-w- c:\windows\system32\html.iec . ============= FINISH: 23:14:36.68 =============== Here is the Malware Bytes Log: Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 7748 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 19/09/2011 18:43:45 mbam-log-2011-09-19 (18-43-45).txt Scan type: Quick scan Objects scanned: 191332 Time elapsed: 22 minute(s), 38 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) For your information here is my AVG log that detected the 'rootkit': "Scan ""Scheduled scan"" completed." "Rootkits";"1";"0";"1" "Folders selected for scanning:";"Whole computer scan" "Scan started:";"19 September 2011, 16:08:50" "Scan finished:";"19 September 2011, 16:41:07 (32 minute(s) 16 second(s))" "Total object scanned:";"714334" "User who launched the scan:";"SYSTEM" "Rootkits" "";"File";"Infection";"Result" "";"C:\Documents and Settings\Abi\Local Settings\Application Data\Mozilla\Firefox\Profiles\y3wth8zt.default\urlclassifier3.sqlite-journal";"Hidden file";"Object is hidden" ark.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.