Jump to content

Striker911

Honorary Members
  • Posts

    21
  • Joined

  • Last visited

Reputation

0 Neutral

About Striker911

  • Birthday 07/13/1980

Profile Information

  • Location
    Mountain Home, AR USA
  1. Aww. No windows CD. After I built my computer, I took it to a computer shop to get the programing done. I live 5 hours away now.
  2. I do but I dont know whats next. The run command fix did not work. I tried the AVG tool that wanted to fix 3,000 errors and it only fixed half of them. I am stuck and just dont know what to do at this point.
  3. Its faster but somethings are still not working. I disabled most all the Apps on firefox and now they are all running. Never turned them back on but they are all on. The download page is still blank after something is downloaded. Cant click it to "run". Sounds like i have some registry errors after the fact.
  4. I think I got a steal on my thumb drive. $9.88 for a 8gb scandisk. I was able to dl combofix and it did its updates and scan. Here is the report. ComboFix 12-06-21.02 - Owner 06/21/2012 16:24:04.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3327.2205 [GMT -5:00] Running from: G:\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\All Users\Application Data\TEMP\AVG\avgmfapx.exe c:\documents and settings\All Users\Application Data\TEMP\AVG\avgmfarx.dll c:\documents and settings\All Users\Application Data\TEMP\AVG\avgntdumpx.exe c:\documents and settings\All Users\Application Data\TEMP\AVG\avgrunasx.exe c:\documents and settings\All Users\Application Data\TEMP\AVG\avi7.avg c:\documents and settings\All Users\Application Data\TEMP\AVG\compat.ini c:\documents and settings\All Users\Application Data\TEMP\AVG\htmlayout.dll c:\documents and settings\All Users\Application Data\TEMP\AVG\incavi.avm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_cz.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_da.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_es.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_fr.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ge.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_hu.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_id.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_in.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_it.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_jp.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ko.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ms.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_nl.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pb.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pl.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pt.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ru.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sc.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sk.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sp.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_tr.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_us.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zh.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zt.htm c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaconf.txt c:\documents and settings\All Users\Application Data\TEMP\AVG\mfacz.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfada.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaes.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfafr.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfage.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfahu.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaid.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfain.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfait.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfajp.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfako.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfams.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfanl.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapb.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapl.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapt.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaru.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfasc.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfask.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfasp.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfatr.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaus.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfavera.txt c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaverx.txt c:\documents and settings\All Users\Application Data\TEMP\AVG\mfazh.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\mfazt.lns c:\documents and settings\All Users\Application Data\TEMP\AVG\microavi.avg c:\documents and settings\All Users\Application Data\TEMP\AVG\miniavi.avg c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.exe c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.ini c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\84udjxyy.default\searchplugins\bing-zugo.xml c:\documents and settings\Owner\WINDOWS c:\program files\Internet Explorer\SETC7.tmp c:\program files\Internet Explorer\SETC8.tmp c:\program files\Search Toolbar c:\program files\Search Toolbar\icon.ico c:\program files\Search Toolbar\SearchToolbarUninstall.exe c:\program files\Search Toolbar\SearchToolbarUpdater.exe c:\windows\jestertb.dll c:\windows\system32\avisynth.dll c:\windows\system32\Cache c:\windows\system32\Cache\05db629bdde6a6b6.fb c:\windows\system32\Cache\272512937d9e61a4.fb c:\windows\system32\Cache\287204568329e189.fb c:\windows\system32\Cache\28bc8f716fd76a47.fb c:\windows\system32\Cache\2c53092c95605355.fb c:\windows\system32\Cache\31a0997e9a5b5eb3.fb c:\windows\system32\Cache\32c84fe32bb74d60.fb c:\windows\system32\Cache\3917078cb68ec657.fb c:\windows\system32\Cache\3a4d6d49ec2bbd36.fb c:\windows\system32\Cache\590ba23ce359fd0c.fb c:\windows\system32\Cache\5a7267a69acc6712.fb c:\windows\system32\Cache\610289e025a3ee9a.fb c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb c:\windows\system32\Cache\671783e106894d3c.fb c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb c:\windows\system32\Cache\6d03dad1035885d3.fb c:\windows\system32\Cache\8acd07389880188f.fb c:\windows\system32\Cache\a8556537add6dfc5.fb c:\windows\system32\Cache\ad10a52aff5e038d.fb c:\windows\system32\Cache\c1fa887b03019701.fb c:\windows\system32\Cache\c4d28dca2e7648be.fb c:\windows\system32\Cache\d201ef9910cd39de.fb c:\windows\system32\Cache\d2e94710a5708128.fb c:\windows\system32\Cache\d79b9dfe81484ec4.fb c:\windows\system32\Cache\e0de16f883bea794.fb c:\windows\system32\Cache\f998975c9cc711ee.fb c:\windows\system32\devil.dll c:\windows\system32\SET4EC.tmp c:\windows\system32\SET4F0.tmp c:\windows\system32\SET4F1.tmp c:\windows\system32\SET4F8.tmp c:\windows\system32\SETCF.tmp c:\windows\system32\SETD0.tmp c:\windows\system32\SETD1.tmp c:\windows\system32\SETD2.tmp c:\windows\system32\SETD3.tmp c:\windows\system32\SETD4.tmp c:\windows\system32\SETD5.tmp c:\windows\system32\SETD6.tmp c:\windows\system32\SETD7.tmp c:\windows\system32\SETD8.tmp c:\windows\system32\SETD9.tmp c:\windows\system32\SETDA.tmp c:\windows\system32\SETDB.tmp c:\windows\system32\SETDC.tmp c:\windows\system32\SETDE.tmp c:\windows\system32\SETDF.tmp c:\windows\system32\SETE0.tmp c:\windows\system32\SETE1.tmp c:\windows\system32\SETE2.tmp c:\windows\system32\SETE3.tmp c:\windows\system32\SETE4.tmp c:\windows\system32\SETE5.tmp c:\windows\system32\SETE6.tmp c:\windows\system32\SETE7.tmp c:\windows\system32\SETE8.tmp c:\windows\system32\SETE9.tmp c:\windows\system32\SETEA.tmp c:\windows\system32\SETEB.tmp c:\windows\system32\SETEC.tmp c:\windows\system32\SETED.tmp c:\windows\system32\SETEE.tmp c:\windows\system32\SETEF.tmp c:\windows\system32\SETF0.tmp c:\windows\system32\SETF1.tmp c:\windows\system32\SETF2.tmp c:\windows\system32\SETF3.tmp . . ((((((((((((((((((((((((( Files Created from 2012-05-21 to 2012-06-21 ))))))))))))))))))))))))))))))) . . 2012-06-21 10:56 . 2012-06-21 10:56 -------- d-----w- c:\windows\LastGood 2012-06-19 22:34 . 2012-06-19 22:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-06-19 22:34 . 2012-06-19 22:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-06-19 22:34 . 2012-04-04 20:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-19 21:31 . 2012-06-19 21:31 27424 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys 2012-06-19 21:31 . 2012-06-19 21:31 -------- d-----w- c:\program files\HitmanPro 2012-06-19 21:30 . 2012-06-19 21:31 -------- d-----w- c:\documents and settings\All Users\Application Data\HitmanPro 2012-06-19 20:13 . 2012-06-19 20:13 -------- d-----w- c:\documents and settings\Administrator 2012-06-13 23:45 . 2012-06-13 23:45 4126880 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe 2012-06-13 16:35 . 2012-05-11 14:42 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll 2012-06-12 08:47 . 2012-06-12 08:47 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2012-06-06 18:11 . 2012-06-06 18:11 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll 2012-06-06 18:11 . 2012-06-06 18:11 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-13 23:45 . 2012-04-05 03:19 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-13 23:45 . 2011-05-30 23:37 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-06-02 20:19 . 2009-08-07 01:24 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 20:19 . 2009-12-03 06:50 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 20:19 . 2009-12-03 06:50 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 20:19 . 2009-12-03 06:50 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 20:19 . 2009-08-07 01:24 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 20:19 . 2009-12-03 06:50 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 20:19 . 2009-08-07 01:24 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 20:19 . 2008-04-14 12:00 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 20:19 . 2009-08-07 01:24 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 20:19 . 2009-12-03 06:50 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 20:19 . 2009-12-03 06:50 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 20:18 . 2009-12-05 17:35 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 20:18 . 2009-12-05 17:35 214256 ----a-w- c:\windows\system32\muweb.dll 2012-06-02 20:18 . 2009-12-05 17:35 17136 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-05-31 13:22 . 2008-04-14 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:08 . 2008-04-14 12:00 916992 ------w- c:\windows\system32\wininet.dll 2012-05-15 13:20 . 2008-04-14 12:00 1863168 ----a-w- c:\windows\system32\win32k.sys 2012-05-12 17:26 . 2009-05-22 02:21 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-05-12 17:26 . 2009-05-22 00:57 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-05-11 14:42 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2012-05-11 14:42 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:38 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec 2012-05-04 13:16 . 2008-04-14 12:00 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 12:32 . 2008-04-14 00:01 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:46 . 2009-12-03 06:48 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-19 09:50 . 2012-04-19 09:50 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys 2012-04-19 01:56 . 2012-04-19 01:56 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2012-04-19 01:56 . 2012-04-19 01:56 69632 ----a-w- c:\windows\system32\QuickTime.qts 2012-06-16 19:35 . 2011-03-24 14:07 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-06-12 08:47 2068536 ----a-w- c:\program files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll" [2012-06-12 2068536] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "cdloader"="c:\documents and settings\Owner\Application Data\mjusbsp\cdloader2.exe" [2012-02-01 50592] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2008-11-17 17676288] "Six Engine"="c:\program files\ASUS\EPU-4 Engine\FourEngine.exe" [2009-02-14 5634560] "ProcessGovernor"="c:\program files\Process Lasso\processgovernor.exe" [2011-03-16 293392] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1352272] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-06-12 1104440] "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-05-12 296056] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "RunNarrator"="Narrator.exe" [2008-04-14 53760] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-09-03 20:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2010-10-28 10:13 64592 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\Logitech\\Logitech Harmony Remote Software 7\\HarmonyRemote.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"= "c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"= "c:\\Documents and Settings\\Owner\\Application Data\\mjusbsp\\magicJack.exe"= . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [4/19/2012 4:50 AM 24896] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [7/11/2011 1:13 AM 31952] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7/11/2011 1:13 AM 235216] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [7/11/2011 1:14 AM 301248] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [11/11/2009 11:44 AM 9968] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [11/11/2009 11:44 AM 74480] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2/14/2012 4:53 AM 193288] R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [6/13/2011 5:39 PM 10448] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [6/19/2012 5:34 PM 654408] R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [6/12/2012 3:47 AM 935480] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [12/23/2011 1:32 PM 139856] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [12/23/2011 1:32 PM 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [12/23/2011 1:32 PM 17232] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [8/24/2010 12:30 PM 40912] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [8/24/2010 12:30 PM 10448] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6/19/2012 5:34 PM 22344] R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [11/11/2009 11:44 AM 7408] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [4/30/2012 9:44 AM 5106744] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/4/2012 10:19 PM 257696] S3 hitmanpro35;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro36.sys [6/19/2012 4:31 PM 27424] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/25/2012 2:00 PM 113120] S3 SWUSBFLT;Microsoft SideWinder VIA Filter Driver;c:\windows\system32\drivers\SWUSBFLT.SYS [12/22/2009 7:39 PM 3968] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2012-06-21 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 23:45] . 2012-06-17 c:\windows\Tasks\Driver Robot.job - c:\program files\Driver Robot\1.2.0.5\DriverRobot.exe [2009-12-05 23:29] . 2012-06-20 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-839522115-1409082233-1417001333-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 23:21] . 2012-06-20 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-839522115-1409082233-1417001333-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 23:21] . . ------- Supplementary Scan ------- . uInternet Connection Wizard,ShellNext = iexplore IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: {{A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\Superfish\Window Shopper\SuperfishIEAddon.dll TCP: DhcpNameServer = 192.168.1.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\84udjxyy.default\ FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/ FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B1b577661-d4bf-43e8-89bf-ed26edf098fa%7D&mid=39f2aa3e2573e9131b881e97531e8a2a-5e74b46db955cce663847f1f854a63d5128a3926&ds=AVG&v=11.1.0.7〈=en&pr=fr&d=2012-05-11%2019%3A46%3A51&sap=ku&q= . - - - - ORPHANS REMOVED - - - - . Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-06-21 16:27 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(580) c:\program files\SUPERAntiSpyware\SASWINLO.dll c:\windows\system32\WININET.dll c:\windows\system32\Ati2evxx.dll c:\windows\system32\atiadlxx.dll c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll . Completion time: 2012-06-21 16:28:46 ComboFix-quarantined-files.txt 2012-06-21 21:28 . Pre-Run: 133,475,987,456 bytes free Post-Run: 133,691,707,392 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer . - - End Of File - - AF1EE25A98E3535574A344C99DBC00DA
  5. Okay. Thank you very much for all the help. I am totally computer dumb and so far I have not had any trouble with your help. Here is a more detailed description of the files that where quarantined and deleted. Files Detected: 2 C:\Documents and Settings\Owner\My Documents\Downloads\uSeRiNiT.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully. C:\Documents and Settings\Owner\My Documents\Downloads\WiNlOgOn.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
  6. If my wife calls on her break I will see if she can pick up a flash drive on her way home. Will be a while cause she gets off work at 11pm Central time. Might have to finish that part up tomorrow. I did a quick scan and it found two more things: Heuristics.res File C:\documents and settings\owner\mydocuments Going to close out and do a full scan next.
  7. Guess I am confused about the above links and how to make that work. I have to go in safe mode then DL one of them. Then in safe mode save on a disk and ul once out of safe mode from said disk? I clicked on the first one while out of safe mode and it tried to run. Got them all to run in DOS out of safe mode and this is what they said: This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish. Rkill was run on 06/20/2012 at 16:03:13. Operating System: Microsoft Windows XP Processes terminated by Rkill or while it was running: C:\Documents and Settings\Owner\Application Data\mjusbsp\magicJack.exe Rkill completed on 06/20/2012 at 16:03:21.
  8. Ya lol. The desktop is the one I am having trouble with. The Laptop was dropped and its been down for a while. Wold have been nice to have it now though.
  9. TY for the help on this. I will probably have to wait until Sunday when I go to my dads house. Think the HD is dead in our lap top. Will update. Thanks again.
  10. Never mind on the price. Its good forever. Google works wonders again : )
  11. Okay I did all that and still when I DL something it disappears in the DL window when the DL is done, and I cant run or find it. I was able to do it all in safe mode but not out of safe mode. MB did find a Trojan and its in Quarantine. I have the 14 day trial as of now but need to put some money in the bank so I can buy MB. Is the $25 for a month, year, or a one time charge?
  12. I got it. I updated everything in safe mode and MB was the only one to catch it. TROJAN.BHO Registry key hklm\software\microsoft\windows\currentbersion\e..... Wont show the rest of it. Do I need to delete the threats in the folder or just keep them in quarantine? Malwarebytes' Anti-Malware 1.43 Database version: 3458 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 6/18/2012 11:46:47 AM mbam-log-2012-06-18 (11-46-47).txt Scan type: Full Scan (C:\|D:\|E:\|F:\|) Objects scanned: 168734 Time elapsed: 18 minute(s), 53 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) 2012/06/19 18:02:13 -0500 CPQXPP MESSAGE Executing scheduled update: Daily 2012/06/19 18:02:14 -0500 CPQXPP MESSAGE Database already up-to-date 2012/06/19 18:03:36 -0500 CPQXPP Owner MESSAGE Starting protection 2012/06/19 18:03:47 -0500 CPQXPP Owner MESSAGE Protection started successfully 2012/06/19 18:03:50 -0500 CPQXPP Owner MESSAGE Starting IP protection 2012/06/19 18:03:56 -0500 CPQXPP Owner MESSAGE IP Protection started successfully
  13. My first thread for referance. http://forums.malwarebytes.org/index.php?showtopic=111305&pid=561848&st=0entry561848 I always do updates and I just found out that the DL's I do are not working but some bug is making it look like they are. So after two cases of CC fruad and strange things going on with my system, I decited to dig into the computer. What I found: MB has not been used or updated since DEC 2009. I use it all the time but some how its being blocked. None of my DL's work. No option to run after the DL. Cant save to desktop and run. Its just all messed up. Not very good with computers but I have to get some help and learn. Once this is all done I will do my part by upgrading to a paid MB account. Just cant get it to work till its cleaned up. Thanks in advance.
  14. Thanks a million. I had two cases of CC fraud already and I bet no one is to blame but my infected computer... It all makes since now. Looked like I was getting updates but I was in fact not getting them.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.