Jump to content

malware_hater

Members
  • Posts

    20
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Scanning with Housecall. If all comes up clean, then we can close up this case. Thanks again.
  2. MBAM and Sophos both came up clean. Thanks and I apologize for being a bit too worried about my computer. I will continue to use Avast and MBAM and practice safe browsing to ensure that this computer never gets infected.
  3. Sorry if I did anything wrong, but I uninstalled Avira and installed Avast. Avira was a great solution for me, but the constant popups about asking for you to purchase the premium version annoyed me. Avast full scan found nothing. Currently about to run a full scan with MBAM, then SAS, Housecall, and Sophos Virus Removal Tool.
  4. Sorry Maurice. I thought rkill would be helpful by killing any rootkits that would otherwise be undetectable. I had read this article here: http://www.ghacks.net/2011/07/29/use-rkill-to-stop-malware-processes/ And here is another article: http://www.smartcomputing.com/editorial/article.asp?guid=&bJumpto=true&Isfrm=IN&article=articles/webonly/techsupport/570w10/570w10.asp&ArticleID=63639 I do indeed think I am paranoid, but I have been told that no malware scanner is 100% effective. Maybe I should learn to clean my own machine for a change? Panda ActiveScan frooze up IE and F-Secure keeps failing to download the neccessary files to download.
  5. My name is malware_hater. I am new to the forums here. I have went without an anti-virus unfortunately because I couldn't decide which one to use for at least a week. Now, I have Avira. I ran rkill and MBAM just to make sure my computer was clean and rkill came back with 3 error messages "Installation failed". I decided to not install MBAM and came here to seek some assistance. Thank you for all the help! Here is the DDS log: . DDS (Ver_2011-08-26.01) - FAT32x86 Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 10.5.1 Run by Ken at 11:18:11 on 2012-06-27 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1502 [GMT -7:00] . AV: Avira Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\WINDOWS\Explorer.EXE D:\Superantispyware\SASCORE.EXE C:\Acer\Empowering Technology\admServ.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\PIEngineering\X-keys\XKWdkApp.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.yahoo.com/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mStart Page = hxxp://www.yahoo.com/?.home=ytie uInternet Connection Wizard,ShellNext = iexplore uURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll BHO: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No File TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [X-keys Programming] c:\program files\piengineering\x-keys\XKWdkApp.exe mRun: [LXCRCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCRtime.dll,RunDLLEntry mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [QuickTime Task] "d:\quicktime\QTTask.exe" -atboottime mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe Trusted Zone: eset.com\go DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab DPF: {00134F72-5284-44F7-95A8-52A619F70751} - hxxps://tmos.dpns.ais.ucla.edu/officescan/console/html/ClientInstall/WinNTChk.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab TCP: DhcpNameServer = 192.168.1.254 TCP: Interfaces\{B71C78A1-D096-4D44-B5D2-754D11E381EE} : DhcpNameServer = 192.168.1.254 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Notify: !SASWinLogon - d:\superantispyware\SASWINLO.DLL Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - d:\superantispyware\SASSEH.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\ken\application data\mozilla\firefox\profiles\xokre92i.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/ FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_257.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npptools.dll FF - plugin: d:\quicktime\plugins\npqtplugin.dll FF - plugin: d:\quicktime\plugins\npqtplugin2.dll FF - plugin: d:\quicktime\plugins\npqtplugin3.dll FF - plugin: d:\quicktime\plugins\npqtplugin4.dll FF - plugin: d:\quicktime\plugins\npqtplugin5.dll FF - plugin: d:\quicktime\plugins\npqtplugin6.dll FF - plugin: d:\quicktime\plugins\npqtplugin7.dll . ============= SERVICES / DRIVERS =============== . R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-6-27 36000] R1 SASDIFSV;SASDIFSV;d:\superantispyware\sasdifsv.sys [2011-7-22 12880] R1 SASKUTIL;SASKUTIL;d:\superantispyware\SASKUTIL.SYS [2011-7-12 67664] R2 !SASCORE;SAS Core Service;d:\superantispyware\SASCore.exe [2011-8-11 116608] R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2012-6-27 86224] R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2012-6-27 110032] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-6-27 83392] R2 AWService;AdminWorks Agent X6;c:\acer\empowering technology\admServ.exe [2005-10-24 1314816] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-6-22 116648] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-6-11 257696] S3 GGSAFERDriver;GGSAFER Driver;\??\d:\garena\safedrv.sys --> d:\garena\safedrv.sys [?] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-6-22 116648] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-6-27 113120] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 POWERKEY;POWERKEY;c:\program files\launch manager\POWERKEY.SYS [2006-7-29 2343] . =============== Created Last 30 ================ . 2012-06-27 18:04:07 -------- d-----w- c:\documents and settings\ken\application data\Avira 2012-06-27 17:58:17 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2012-06-27 17:58:17 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2012-06-27 17:58:16 -------- d-----w- c:\program files\Avira 2012-06-27 16:51:00 -------- d-----w- c:\program files\Mozilla Maintenance Service 2012-06-26 18:51:57 -------- d-----w- c:\program files\ESET 2012-06-26 17:42:12 -------- d-----w- c:\documents and settings\ken\application data\SUPERAntiSpyware.com 2012-06-26 17:39:51 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com 2012-06-26 17:39:18 -------- d-----w- c:\documents and settings\all users\application data\SUPERSetup 2012-06-25 18:51:08 -------- d-----w- c:\documents and settings\ken\local settings\application data\visi_coupon 2012-06-21 16:12:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll 2012-06-21 16:12:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll 2012-06-21 16:12:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll 2012-06-21 16:12:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll 2012-06-21 16:12:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll 2012-06-21 16:12:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll 2012-06-21 16:12:01 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll 2012-06-21 16:11:10 -------- d-----w- c:\documents and settings\ken\local settings\application data\Apple 2012-06-20 22:27:29 -------- d-----w- c:\documents and settings\all users\application data\boost_interprocess 2012-06-18 19:01:30 -------- d-----w- c:\windows\Microsoft Antimalware 2012-06-18 17:52:52 62976 ------w- c:\windows\system32\dllcache\cdrom.sys 2012-06-18 17:52:52 465920 ------w- c:\windows\system32\imapi2fs.dll 2012-06-18 17:52:52 465920 ------w- c:\windows\system32\dllcache\imapi2fs.dll 2012-06-18 17:52:52 317952 ------w- c:\windows\system32\imapi2.dll 2012-06-18 17:52:52 317952 ------w- c:\windows\system32\dllcache\imapi2.dll 2012-06-17 04:20:11 -------- d-----w- c:\program files\VideoLAN 2012-06-15 17:52:39 -------- d-sh--w- c:\documents and settings\ken\UserData 2012-06-14 23:23:23 -------- d-----w- c:\program files\Panda Security 2012-06-14 23:09:04 -------- d-s---w- C:\Combo-Fix32091C 2012-06-14 23:02:46 772504 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-06-14 23:02:21 -------- d-----w- c:\program files\Oracle 2012-06-12 16:09:13 -------- d-----w- c:\program files\HitmanPro 2012-06-12 16:09:00 -------- d-----w- c:\documents and settings\all users\application data\HitmanPro 2012-06-11 17:11:50 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-11 17:10:53 -------- d-----w- c:\documents and settings\ken\local settings\application data\Sun 2012-06-11 16:57:30 -------- d-sh--w- C:\Recycled 2012-06-08 18:37:49 -------- d-----w- c:\documents and settings\ken\application data\QuickScan 2012-06-08 18:27:53 -------- d-----w- c:\program files\trend micro 2012-06-07 21:58:25 -------- d-----w- c:\documents and settings\all users\application data\Sophos . ==================== Find3M ==================== . 2012-06-21 19:44:08 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-06-02 22:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 22:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 22:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 22:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 22:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 22:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 22:18:58 214256 ----a-w- c:\windows\system32\muweb.dll 2012-06-02 22:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-05-31 13:22:10 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-05-15 15:39:54 832512 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 13:20:34 1863168 ----a-w- c:\windows\system32\win32k.sys 2012-05-05 02:29:50 143872 ----a-w- c:\windows\system32\javacpl.cpl 2012-05-05 02:29:16 687504 ----a-w- c:\windows\system32\deployJava1.dll 2012-05-04 13:12:30 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 12:32:20 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-29 17:54:18 477240 ----a-w- c:\windows\system32\drivers\sptd.sys 2012-04-23 14:46:48 78336 ----a-w- c:\windows\system32\ieencode.dll 2012-04-23 14:46:48 1830912 ----a-w- c:\windows\system32\inetcpl.cpl 2012-04-23 14:46:48 17408 ----a-w- c:\windows\system32\corpol.dll 2012-04-19 03:56:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2012-04-19 03:56:30 69632 ----a-w- c:\windows\system32\QuickTime.qts . ============= FINISH: 11:18:39.20 =============== And here is the attach.txt log: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume2 Install Date: 7/29/2006 6:07:42 PM System Uptime: 6/27/2012 9:16:00 AM (2 hours ago) . Motherboard: Acer | | Garda-910 Processor: Intel® Celeron® M processor 1.50GHz | U1 | 1496/100mhz . ==== Disk Partitions ========================= . C: is FIXED (FAT32) - 17 GiB total, 4.485 GiB free. D: is FIXED (FAT32) - 17 GiB total, 12.505 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . Acer Arcade Acer eDataSecurity Management Acer eDataSecurity Management 1.00.21 Acer eLock Management Acer Empowering Technology framework Acer GridVista Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.3) Adobe Shockwave Player 11.6 Apple Application Support Apple Software Update Avira Free Antivirus Berlitz Before You Know It Flash Cards CCleaner Critical Update for Windows Media Player 11 (KB959772) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition ERUNT 1.1j ESET Online Scanner v3 Google Update Helper GS Typing Tutor 2.51 Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB932716-v2) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) Intel® Graphics Media Accelerator Driver for Mobile Java Auto Updater Java DB 10.5.3.0 Java 7 Update 5 Java SE Development Kit 6 Update 20 JavaFX 2.1.1 Launch Manager V1.0.9.3 Lexmark 2400 Series Lexmark Fax Solutions Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft National Language Support Downlevel APIs Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft Software Update for Web Folders (English) 14 Microsoft User-Mode Driver Framework Feature Pack 1.7 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft WinUsb 1.0 Mozilla Firefox 13.0.1 (x86 en-US) Mozilla Maintenance Service MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NTI Backup NOW! 4 NTI CD & DVD-Maker OneTouch USB Driver PL-2303 USB-to-Serial QuickTime Realtek AC'97 Audio Revo Uninstaller 1.94 SBC Yahoo! Applications Security Update for CAPICOM (KB931906) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 7 (KB2183461) Security Update for Windows Internet Explorer 7 (KB2360131) Security Update for Windows Internet Explorer 7 (KB2416400) Security Update for Windows Internet Explorer 7 (KB2482017) Security Update for Windows Internet Explorer 7 (KB2497640) Security Update for Windows Internet Explorer 7 (KB2530548) Security Update for Windows Internet Explorer 7 (KB2544521) Security Update for Windows Internet Explorer 7 (KB2559049) Security Update for Windows Internet Explorer 7 (KB2586448) Security Update for Windows Internet Explorer 7 (KB2618444) Security Update for Windows Internet Explorer 7 (KB2647516) Security Update for Windows Internet Explorer 7 (KB2675157) Security Update for Windows Internet Explorer 7 (KB2699988) Security Update for Windows Internet Explorer 7 (KB928090) Security Update for Windows Internet Explorer 7 (KB929969) Security Update for Windows Internet Explorer 7 (KB931768) Security Update for Windows Internet Explorer 7 (KB933566) Security Update for Windows Internet Explorer 7 (KB937143) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB939653) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 7 (KB972260) Security Update for Windows Internet Explorer 7 (KB974455) Security Update for Windows Internet Explorer 7 (KB976325) Security Update for Windows Internet Explorer 7 (KB978207) Security Update for Windows Internet Explorer 7 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows Media Player 9 (KB917734) Security Update for Windows Media Player 9 (KB936782) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2491683) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2510581) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2709162) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981349) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) Soft Data Fax Modem with SmartCP SoftV90 Data Fax Modem with SmartCP SpanishNow! - Advanced Beginner SpanishNow! - Beginner SpanishNow! ToolKit CD - Alphabet Reference SpanishNow! ToolKit CD - Grammar Basics Speccy SpongeBob SquarePants Typing STK017_V2.01 SUPERAntiSpyware swMSM Symantec KB-DocID:2003093015493306 Synaptics Pointing Device Driver Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Windows Internet Explorer 7 (KB976749) Update for Windows Internet Explorer 7 (KB980182) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) Update for Windows XP (KB2641690) Update for Windows XP (KB2718704) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) WebFldrs XP Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Media Format 11 runtime Windows Media Player 11 Windows XP Service Pack 3 WinRAR archiver X-keys Yahoo! Detect . ==== Event Viewer Messages From Past Week ======== . 6/26/2012 4:43:36 PM, error: Service Control Manager [7031] - The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service. 6/26/2012 10:49:50 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip WS2IFSL 6/26/2012 10:49:50 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning. 6/26/2012 10:49:50 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning. 6/26/2012 10:49:50 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning. 6/26/2012 10:49:50 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning. 6/26/2012 10:49:28 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} 6/26/2012 10:49:13 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 6/26/2012 10:49:12 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E} 6/20/2012 1:17:22 PM, error: Print [19] - Sharing printer failed + 1722, Printer LexmarkFax share name LexmarkFax. 6/20/2012 1:17:20 PM, error: Service Control Manager [7000] - The osaio service failed to start due to the following error: The process cannot access the file because it is being used by another process. 6/20/2012 1:15:57 PM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). 6/20/2012 1:15:57 PM, error: Service Control Manager [7034] - The AdminWorks Agent X6 service terminated unexpectedly. It has done this 1 time(s). . ==== End Of File ===========================
  6. I was asked to update java and uninstall an older version by an icon in my task bar. I allowed it to update and now I can access the java control panel.
  7. Thanks I will remove those tools we downloaded and scan with the programs you mentioned. I will tell you if something was found.
  8. I just want be 100% sure that the computer has nothing on it since I do google search some things on biology and biochemistry. I heard of scanners like windows safety scanner which is based on Windows essentials. I want to know some other scanners and scan with them so I can reassure myself that the computer is free of malware and spyware.
  9. Eset found nothing. I already had it installed but I used internet explorer. Here is the log(there was only one and the scan time was a little over an hour) ESETSmartInstaller@High as downloader log: all ok # version=7 # iexplore.exe=7.00.6000.17109 (vista_gdr.120227-1644) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=c7a45150e98aae41b761f4a5e8c1bbb0 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2012-06-13 11:33:54 # local_time=2012-06-13 04:33:54 (-0800, Pacific Daylight Time) # country="United States" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=512 16777215 100 0 360213 360213 0 0 # compatibility_mode=1792 16777191 100 0 341023 341023 0 0 # compatibility_mode=8192 67108863 100 0 514217 514217 0 0 # scanned=59045 # found=0 # cleaned=0 # scan_time=3751
  10. I also scanned with Avira and SuperAntispy, nothing was found. Should I run them again or install another scanner for spyware/trojans this time? Thanks again for the help.
  11. Dr. web did not find anything and would not let me save a report.
  12. I uninstalled java using Revo uninstaller and installed java 7 update 4. When I click on the icon in control panel, it says it could not find the registry key specified: --------------------------- Java Control Panel --------------------------- The system cannot find the registry key specified: HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_31 --------------------------- OK --------------------------- On the test website, it says that Java is working and gives me a green check. I successfully uninstalled and installed flash player. I will now run the dr. web scan. I have not restared my computer after installing java, so maybe that is where the error message came from?
  13. I had some time today, but I don't expect any more till Monday. Here is the combofix log: ComboFix 12-06-09.02 - Ken 06/09/2012 19:07:34.13.1 - FAT32x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2038.1529 [GMT -7:00] Running from: c:\documents and settings\Ken\Desktop\Combo-Fix.exe AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\LocalService\Application Data\156813fd1406C.manifest c:\documents and settings\LocalService\Application Data\156813fd1406O.manifest c:\documents and settings\LocalService\Application Data\156813fd1406S.manifest . . ((((((((((((((((((((((((( Files Created from 2012-05-10 to 2012-06-10 ))))))))))))))))))))))))))))))) . . 2012-06-08 23:53 . 2012-06-08 23:53 -------- d-----w- c:\documents and settings\Ken\Application Data\Avira 2012-06-08 23:47 . 2012-04-27 17:20 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys 2012-06-08 23:47 . 2012-04-25 07:32 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2012-06-08 23:47 . 2012-04-17 04:18 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2012-06-08 23:47 . 2012-06-08 23:47 -------- d-----w- c:\program files\Avira 2012-06-08 18:37 . 2012-06-08 18:37 -------- d-----w- c:\documents and settings\Ken\Application Data\QuickScan 2012-06-08 18:27 . 2012-06-08 18:27 -------- d-----w- C:\rsit 2012-06-08 18:27 . 2012-06-08 18:27 -------- d-----w- c:\program files\trend micro 2012-06-08 18:24 . 2012-06-08 18:24 -------- d-----w- c:\program files\ERUNT 2012-06-07 21:58 . 2012-06-07 21:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Sophos 2012-06-07 19:18 . 2012-06-07 19:18 -------- d-----w- c:\documents and settings\Ken\Application Data\SUPERAntiSpyware.com 2012-06-07 19:16 . 2012-06-07 19:16 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2012-06-06 23:41 . 2012-06-06 23:41 -------- d-----w- c:\program files\ESET 2012-06-06 22:57 . 2012-06-06 22:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-06-06 22:57 . 2012-04-04 22:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-31 13:22 . 2004-08-04 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll 2012-04-29 17:54 . 2012-04-29 17:54 477240 ----a-w- c:\windows\system32\drivers\sptd.sys 2012-04-13 23:01 . 2010-07-01 19:26 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-04-13 23:01 . 2010-04-28 18:35 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-04-11 13:12 . 2004-08-04 12:00 1862272 ----a-w- c:\windows\system32\win32k.sys 2012-04-11 13:10 . 2004-08-04 12:00 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-11 12:35 . 2004-08-04 12:00 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-03-13 04:39 . 2012-06-08 23:48 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "X-keys Programming"="c:\program files\PIEngineering\X-keys\XKWdkApp.exe" [2001-11-20 422400] "LXCRCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll" [2005-12-01 65536] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-02 348624] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "d:\superantispyware\SASSEH.DLL" [2011-07-19 113024] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2011-05-04 17:54 551296 ----a-w- d:\superantispyware\SASWINLO.DLL . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path= backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk] path= backup=c:\windows\pss\Google Updater.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk] path= backup=c:\windows\pss\Microsoft Office.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PHM Reminders.lnk] path= backup=c:\windows\pss\PHM Reminders.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^STK017 PNP Monitor.lnk] path= backup=c:\windows\pss\STK017 PNP Monitor.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADMTray.exe] 2005-10-24 23:45 2462208 ----a-w- c:\acer\Empowering Technology\admtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-03 06:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CtrlVol] 2003-09-16 21:28 20480 ----a-w- c:\program files\Launch Manager\CtrlVol.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader] 2005-07-26 18:36 69632 ----a-w- c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService] 2006-01-02 17:31 397312 ----a-w- c:\acer\Empowering Technology\eRecovery\Monitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint] 2006-02-07 05:10 98304 ----a-w- c:\program files\Lexmark 2400 Series\ezprint.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer] 2006-02-02 08:11 290816 ----a-w- c:\program files\Lexmark Fax Solutions\fm3032.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd] 2005-08-24 19:47 77824 ----a-w- c:\windows\system32\hkcmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers] 2005-08-24 19:51 114688 ----a-w- c:\windows\system32\igfxpers.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray] 2005-08-24 19:50 94208 ----a-w- c:\windows\system32\igfxtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1] 2004-08-04 12:00 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchAp] 2005-07-25 20:36 32768 ----a-w- c:\program files\Launch Manager\LaunchAp.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager] 2005-11-08 17:45 69632 ----a-w- c:\program files\Launch Manager\HotkeyApp.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LMgrOSD] 2005-07-25 17:45 241664 ----a-w- c:\program files\Launch Manager\OSDCtrl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcrmon.exe] 2006-01-22 17:45 286720 ----a-w- c:\program files\Lexmark 2400 Series\lxcrmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002] 2004-08-04 12:00 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] 2005-09-01 02:59 147456 ------w- c:\program files\Acer\Acer Arcade\PCMService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A] 2004-08-04 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync] 2004-08-04 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerKey] 2002-08-30 22:02 94208 ----a-w- c:\program files\Launch Manager\Powerkey.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\preload] 2005-05-20 00:09 32768 ----a-w- c:\windows\RUNXMLPL.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] 2005-04-15 18:01 77824 ----a-w- c:\windows\SOUNDMAN.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2012-01-18 21:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2005-02-04 18:11 708698 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr] 2005-02-04 18:12 102490 ----a-w- c:\program files\Synaptics\SynTP\SynTPLpr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wbutton] 2005-11-08 17:19 81920 ----a-w- c:\program files\Launch Manager\WButton.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YOP] 2005-04-23 02:49 397312 ----a-w- c:\progra~1\Yahoo!\YOP\yop.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "LiveUpdate Notice Service"=2 (0x2) "LiveUpdate"=3 (0x3) "gusvc"=2 (0x2) "NACAgent"=2 (0x2) "WebrootSpySweeperService"=2 (0x2) "Symantec Core LC"=2 (0x2) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "d:\\Garena\\Garena.exe"= "c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "67:UDP"= 67:UDP:DHCP Discovery Service "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 . R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?] R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [6/8/2012 4:47 PM 36000] R1 SASDIFSV;SASDIFSV;d:\superantispyware\sasdifsv.sys [7/22/2011 9:27 AM 12880] R1 SASKUTIL;SASKUTIL;d:\superantispyware\SASKUTIL.SYS [7/12/2011 2:55 PM 67664] R2 !SASCORE;SAS Core Service;d:\superantispyware\SASCore.exe [8/11/2011 4:38 PM 116608] R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [6/8/2012 4:47 PM 86224] S3 GGSAFERDriver;GGSAFER Driver;\??\d:\garena\safedrv.sys --> d:\garena\safedrv.sys [?] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [6/12/2011 11:15 AM 31125880] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 9:37 PM 4640000] S3 POWERKEY;POWERKEY;c:\program files\Launch Manager\POWERKEY.SYS [7/29/2006 6:12 PM 2343] . --- Other Services/Drivers In Memory --- . *NewlyCreated* - SSMDRV . Contents of the 'Scheduled Tasks' folder . 2011-10-01 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 21:21] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mStart Page = hxxp://www.yahoo.com/?.home=ytie uInternet Connection Wizard,ShellNext = iexplore IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html Trusted Zone: eset.com\go TCP: DhcpNameServer = 192.168.1.254 DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\Ken\Application Data\Mozilla\Firefox\Profiles\hkk2yk61.default\ FF - prefs.js: browser.startup.homepage - yahoo.com . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-06-09 19:13 Windows 5.1.2600 Service Pack 3 FAT NTAPI . scanning hidden processes ... . scanning hidden autostart entries ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run LXCRCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,RunDLLEntry??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(672) d:\superantispyware\SASWINLO.DLL c:\windows\system32\WININET.dll . Completion time: 2012-06-09 19:14:41 ComboFix-quarantined-files.txt 2012-06-10 02:14 . Pre-Run: 2,967,502,848 bytes free Post-Run: 2,953,674,752 bytes free . - - End Of File - - 3F6BB73BDEFAACCBF2F40F8E69EFCF0A
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.