Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Well I'm not exactly sure at all whats going on...


  • Please log in to reply
7 replies to this topic

#1 jokergonewi1d

jokergonewi1d

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:52 AM

Posted 03 January 2009 - 01:41 AM

Things have been getting weirder and weirder on my pc.
First it started with Zone Alarm giving me grief or at least windows claiming its no longer connected or
installed. Around the same time I've noticed my autorun is no longer working, possibly just a something
I need to click back on. If it's any help I have a motorola Q smartphone that I connect to my computer
for syncing contacts and what not, I also have multiple camera and other devices I connect.
We use Network magic for our home network, I'm currently connected wirelessly and we do have shared folders.
I hoped that using Avast in unision with SB S&D, spywareBlaster and Ad-aware would have kept me clean.
Since this has all started I've tried using various tools such as KasperkyTool and CureIt. They have found nothing other
then a trojan.start.1501 I believe it was.
I even tried uninstalling Avast and giving Avira. I use Zone Alarm still and have downloaded Malwarebytes and SpywareGuard.

With many scans I'm not finding anything but now my games are freezing up and leaving me to hard reset >:
I'm just at a lost and am in hopes you guys might be able to help out.
Any help is greatly appreciated, sorry if I wrote a bit much.

Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:12:48, on 1/2/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ASUS\PC Probe II\Probe2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\VMware\VMware Workstation\hqtray.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe
C:\Program Files\Gateway\EzTune\DTHtml.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Portrait Displays\Pivot Software\floater.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\WINDOWS\system32\vmnat.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\ASUS\AASP\1.00.32\aaCenter.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
C:\Program Files\Pure Networks\Network Magic\WebServer\bin\rotatelogs.exe
C:\Program Files\Pure Networks\Network Magic\WebServer\bin\rotatelogs.exe
C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
C:\Program Files\Pure Networks\Network Magic\WebServer\bin\rotatelogs.exe
C:\Program Files\Pure Networks\Network Magic\WebServer\bin\rotatelogs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Extreme\Desktop\RunScanner.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\HijackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://westwood.ecollege.com/login.learn
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Launch PC Probe II] "C:\Program Files\ASUS\PC Probe II\Probe2.exe" 1
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Workstation\hqtray.exe"
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe"
O4 - HKLM\..\Run: [DT GWY] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -GWY
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [nHancer] "C:\Program Files\nHancer\nHancer.exe" /tray
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: UltimateBet - {3EB3B7E8-1466-405A-B5BC-44513AF85E34} - C:\Documents and Settings\All Users\Start Menu\Programs\UltimateBet\UltimateBet.lnk (HKCU)
O9 - Extra 'Tools' menuitem: UltimateBet - {3EB3B7E8-1466-405A-B5BC-44513AF85E34} - C:\Documents and Settings\All Users\Start Menu\Programs\UltimateBet\UltimateBet.lnk (HKCU)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} -
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by111fd.bay111.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase6662.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1206235057484
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 16943 bytes

BC AdBot (Login to Remove)

 


#2 jokergonewi1d

jokergonewi1d
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:52 AM

Posted 03 January 2009 - 01:42 AM

Not sure if it helps any but here's the my log from RunScanner:

Runscanner logfile http://www.runscanner.net

* = signed file
- = file not found

General info
------------
Computer name : M-TOPSECRET
Creation time : 1/2/2009 09:49:07 PM
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 7.0.5730.13
OS : Microsoft Windows XP
OS Build : 2600
OS SP : Service Pack 3
RunScanner Version : 1.7.0.0
User Language : English (United States)
User rights : Administrator
Windows folder : C:\WINDOWS

Running processes
-----------------
C:\Program Files\ASUS\AASP\1.00.32\aaCenter.exe
* C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
* C:\PROGRA~1\MI3AA1~1\rapimgr.exe (Microsoft Corporation)
* C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
* C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
* C:\WINDOWS\System32\alg.exe (Microsoft Corporation)
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
* C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe (Logitech Inc.)
* C:\WINDOWS\system32\csrss.exe (Microsoft Corporation)
* C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe (Portrait Displays Inc.)
* C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\Program Files\Gateway\EzTune\DTHtml.exe (Portrait Displays, Inc)
* C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
* C:\Program Files\Portrait Displays\Pivot Software\floater.exe
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
* C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
* C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
* C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
* C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
* C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
* C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
* C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
* C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
* C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
* C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
* C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
* C:\WINDOWS\system32\SearchFilterHost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\SearchIndexer.exe (Microsoft Corporation)
* C:\WINDOWS\system32\SearchProtocolHost.exe (Microsoft Corporation)
* C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG)
* C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
* C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
* C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Pure Networks, Inc.)
* C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Portrait Displays, Inc.)
* C:\WINDOWS\system32\PnkBstrA.exe
* C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\ASUS\PC Probe II\Probe2.exe (ASUS)
C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe (Pure Networks, Inc.)
C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe (Pure Networks, Inc.)
* C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Pure Networks, Inc.)
* C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Pure Networks, Inc.)
* C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Pure Networks\Network Magic\WebServer\bin\rotatelogs.exe (Apache Software Foundation)
C:\Program Files\Pure Networks\Network Magic\WebServer\bin\rotatelogs.exe (Apache Software Foundation)
C:\Program Files\Pure Networks\Network Magic\WebServer\bin\rotatelogs.exe (Apache Software Foundation)
C:\Program Files\Pure Networks\Network Magic\WebServer\bin\rotatelogs.exe (Apache Software Foundation)
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe (ASUSTek Computer Inc.)
* C:\WINDOWS\system32\RUNDLL32.EXE (Microsoft Corporation)
* C:\Documents and Settings\Extreme\Desktop\RunScanner.exe (Runscanner.net)
* C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
* C:\WINDOWS\system32\services.exe (Microsoft Corporation)
C:\Program Files\SpywareGuard\sgbhp.exe
* C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
* C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
C:\Program Files\SpywareGuard\sgmain.exe
* c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
* c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
* C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
* C:\WINDOWS\system32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
* C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe (VMware, Inc.)
* C:\Program Files\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
* C:\Program Files\VMware\VMware Workstation\hqtray.exe (VMware, Inc.)
* C:\WINDOWS\system32\vmnat.exe (VMware, Inc.)
* C:\Program Files\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
* C:\WINDOWS\system32\vmnetdhcp.exe (VMware, Inc.)
* C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
* C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
* C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation)
* c:\windows\System32\smss.exe (Microsoft Corporation)
* C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
* C:\WINDOWS\system32\wdfmgr.exe (Microsoft Corporation)
* C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation)
* C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe
* C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)

Unrated items
-------------
002 C:\WINDOWS\system32\xRaidSetup.exe (JMicron Technology Corp.)
002 C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
002 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
002 C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe
002 C:\WINDOWS\RaidTool\xInsIDE.exe
002 C:\Program Files\ASUS\PC Probe II\Probe2.exe (ASUS)
002 * C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
002 * C:\Program Files\Logitech\QuickCam\Quickcam.exe
002 * C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Pure Networks, Inc.)
002 * C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Pure Networks, Inc.)
002 * C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe
002 C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
002 C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
003 C:\Program Files\RocketDock\RocketDock.exe
003 * C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
004 C:\Program Files\SpywareGuard\sgmain.exe
005 C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
005 C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe (ASUSTek Computer Inc.)
008 C:\Program Files\MySpace\IM\MySpaceIM.exe
009 C:\Program Files\MySpace\IM\MySpaceIM.exe
010 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira AntiVir Personal - Free Antivirus Guard)
010 C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira AntiVir Personal - Free Antivirus Scheduler)
010 * C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google Updater Service)
010 C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (InstallDriver Table Manager)
010 * C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (LVCOMSer)
010 * C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe (LVSrvLauncher)
010 * C:\WINDOWS\system32\PnkBstrA.exe (PnkBstrA)
010 * C:\WINDOWS\system32\PnkBstrB.exe (PnkBstrB)
010 C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe (Portrait Displays Display Tune Service)
010 C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Portrait Displays SDK Service)
010 * C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Process Monitor)
010 C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe (Pure Networks Net2Go Service)
010 * C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe (Pure Networks Platform Service)
010 C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Windows CardSpace)
011 C:\WINDOWS\system32\DRIVERS\AegisP.sys (AEGIS Protocol (IEEE 802.1x) v3.4.5.0)
011 * C:\WINDOWS\system32\drivers\AsIO.sys (AsIO)
011 * C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys (avgio)
011 * C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (avgntflt)
011 * C:\WINDOWS\system32\DRIVERS\avipbb.sys (avipbb)
011 * C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (GEAR ASPI Filter Driver)
011 C:\WINDOWS\system32\giveio.sys (giveio)
011 * C:\WINDOWS\system32\DRIVERS\LVcKap.sys (Logitech AEC Driver)
011 * C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys (Logitech LVPr2Mon Driver)
011 * C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys (Logitech Machine Vision Engine Loader)
011 * C:\WINDOWS\system32\DRIVERS\lvpopflt.sys (Logitech POP Suppression Filter)
011 * C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech USB Monitor Filter)
011 C:\WINDOWS\system32\drivers\LUMDriver.sys (LUMDriver)
011 C:\WINDOWS\System32\drivers\pivot.sys (Pivot)
011 C:\WINDOWS\system32\drivers\pivotmou.sys (Pivot Mouse/Pointers Filter Driver)
011 * C:\WINDOWS\system32\drivers\PnkBstrK.sys (PnkBstrK)
011 * C:\WINDOWS\System32\Drivers\PdiPorts.sys (Portrait Displays low level device driver)
011 * C:\WINDOWS\system32\DRIVERS\pnarp.sys (Pure Networks Device Discovery Driver)
011 * C:\WINDOWS\system32\DRIVERS\purendis.sys (Pure Networks Wireless Driver)
011 * C:\WINDOWS\system32\DRIVERS\lvuvc.sys (QuickCam Communicate Deluxe(UVC))
011 C:\WINDOWS\System32\Drivers\SjyPkt.sys (SjyPkt)
011 C:\WINDOWS\System32\Drivers\sptd.sys (sptd)
011 * C:\WINDOWS\system32\DRIVERS\ssmdrv.sys (ssmdrv)
011 * C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys (UVC Filter Service)
031 * C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Pure Networks, Inc.) {4746C79A-2042-4332-8650-48966E44ABA8}
040 * C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) {EF99BD32-C1FB-11D2-892F-0090271D4F88}
043 C:\Documents and Settings\All Users\Start Menu\Programs\UltimateBet\UltimateBet.lnk {3EB3B7E8-1466-405A-B5BC-44513AF85E34}
047 Zone: internet : about internet
050 C:\Program Files\SpywareGuard\spywareguard.dll {81559C35-8464-49F7-BB0E-07A383BEF910}
052 * C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll (Google Inc.) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
052 C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) {DBC80044-A445-435b-BC74-9C25C1C588A9}
052 C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) {E7E6F031-17CE-4C07-BC86-EABFE594F69C}
052 C:\Program Files\SpywareGuard\dlprotect.dll {4A368E80-174F-4872-96B5-0B27DDD11DB2}
052 * C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
052 * C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) {02478D38-C3F9-4efb-9B51-7695ECA05670}
061 C:\WINDOWS\system32\nvshell.dll {1CDB2949-8F65-4355-8456-263E7C208A5D}
061 C:\WINDOWS\system32\nvshell.dll {1E9B04FB-F9E5-4718-997B-B8DA88302A47}
061 * C:\Program Files\Pure Networks\Network Magic\nmspce2.dll (Pure Networks, Inc.) {33F85093-44BB-4587-B25B-FFD05D5B9916}
061 * C:\Program Files\Pure Networks\Network Magic\nmspce2.dll (Pure Networks, Inc.) {C55C499D-3518-44a1-998E-796AC5FC989D}
061 C:\WINDOWS\system32\nvshell.dll {1E9B04FB-F9E5-4718-997B-B8DA88302A48}
061 C:\Program Files\Common Files\Portrait Displays\Shared\HtmlEngine.dll (Portrait Displays, Inc) {654D0431-C930-43C4-B8DA-9AA01BA5B486}
061 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
061 C:\Program Files\SpywareGuard\spywareguard.dll {81559C35-8464-49F7-BB0E-07A383BEF910}
061 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
062 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll (Adobe Systems, Inc.) {F9DB5320-233E-11D1-9F84-707F02C10627}
100 Default_Page_URL HKLM : http://www.yahoo.com/
100 Default_Search_URL HKLM : http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
100 ProxyServer HKCU : :
100 Search Page HKCU : http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
100 Search Page HKLM : http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
100 SearchUrl HKCU : http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
100 Start Page HKCU : http://westwood.ecollege.com/login.learn
100 Start Page HKLM : http://www.yahoo.com/
104 C:\Program Files\SystemRequirementsLab\sysreqlab_srl.dll (Husdawg, LLC) {1E54D648-B804-468d-BC78-4AFFED8E262E}
104 GUID / CLSID not found {4871A87A-BFDD-4106-8153-FFDE2BAC2967}
104 C:\WINDOWS\Downloaded Program Files\MySpaceUploader.ocx (MySpace, Inc.) {48DD0448-9209-4F81-9F6D-D83562940134}
104 C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll (Microsoft® Corporation) {4F1E5B1A-2A80-42CA-8532-2D05CB959537}
104 GUID / CLSID not found {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
105 E&xport to Microsoft Excel : res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
173 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
173 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
221 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
221 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 * C:\Program Files\Pure Networks\Network Magic\nmspce2.dll (Pure Networks, Inc.)
225 * C:\Program Files\Pure Networks\Network Magic\nmspce2.dll (Pure Networks, Inc.)
225 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
225 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
227 * C:\Program Files\Pure Networks\Network Magic\nmspce2.dll (Pure Networks, Inc.)
227 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
229 C:\WINDOWS\system32\nvshell.dll {1E9B04FB-F9E5-4718-997B-B8DA88302A48}
229 * C:\Program Files\Pure Networks\Network Magic\nmspce2.dll (Pure Networks, Inc.)
231 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll (Adobe Systems, Inc.) PDF Column Info

Missing files
-------------
003 C:\Program Files\nHancer\nHancer.exe
011 C:\WINDOWS\system32\drivers\Abiosdsk.sys
011 C:\WINDOWS\system32\drivers\abp480n5.sys
011 C:\WINDOWS\system32\drivers\adpu160m.sys
011 C:\WINDOWS\system32\drivers\Aha154x.sys
011 C:\WINDOWS\system32\drivers\aic78u2.sys
011 C:\WINDOWS\system32\drivers\aic78xx.sys
011 C:\WINDOWS\system32\drivers\AliIde.sys
011 C:\WINDOWS\system32\drivers\amsint.sys
011 C:\WINDOWS\system32\drivers\asc.sys
011 C:\WINDOWS\system32\drivers\asc3350p.sys
011 C:\WINDOWS\system32\drivers\asc3550.sys
011 c:\windows\system32\DRIVERS\aswFsBlk.sys
011 C:\WINDOWS\system32\drivers\Atdisk.sys
011 C:\WINDOWS\system32\drivers\Aavmker4.sys
011 C:\WINDOWS\system32\drivers\aswTdi.sys
011 C:\WINDOWS\system32\drivers\aswSP.sys
011 C:\WINDOWS\system32\drivers\aswMon2.sys
011 C:\WINDOWS\system32\drivers\cd20xrnt.sys
011 C:\WINDOWS\system32\drivers\Changer.sys
011 C:\WINDOWS\system32\drivers\CmdIde.sys
011 C:\WINDOWS\system32\drivers\Cpqarray.sys
011 C:\WINDOWS\system32\drivers\dac2w2k.sys
011 C:\WINDOWS\system32\drivers\dac960nt.sys
011 C:\WINDOWS\system32\drivers\dpti2o.sys
011 C:\WINDOWS\system32\drivers\hpn.sys
011 C:\WINDOWS\system32\drivers\i2omgmt.sys
011 C:\WINDOWS\system32\drivers\i2omp.sys
011 C:\WINDOWS\system32\drivers\ini910u.sys
011 C:\WINDOWS\system32\drivers\IntelIde.sys
011 C:\WINDOWS\system32\drivers\lbrtfdc.sys
011 C:\WINDOWS\system32\drivers\mraid35x.sys
011 C:\WINDOWS\system32\drivers\PCIDump.sys
011 C:\WINDOWS\system32\drivers\PDCOMP.sys
011 C:\WINDOWS\system32\drivers\PDFRAME.sys
011 C:\WINDOWS\system32\drivers\PDRELI.sys
011 C:\WINDOWS\system32\drivers\PDRFRAME.sys
011 C:\WINDOWS\system32\drivers\perc2.sys
011 C:\WINDOWS\system32\drivers\perc2hib.sys
011 C:\WINDOWS\system32\drivers\ql1080.sys
011 C:\WINDOWS\system32\drivers\Ql10wnt.sys
011 C:\WINDOWS\system32\drivers\ql12160.sys
011 C:\WINDOWS\system32\drivers\ql1240.sys
011 C:\WINDOWS\system32\drivers\ql1280.sys
011 C:\WINDOWS\system32\drivers\Simbad.sys
011 C:\WINDOWS\system32\drivers\Sparrow.sys
011 C:\WINDOWS\system32\drivers\sym_hi.sys
011 C:\WINDOWS\system32\drivers\sym_u3.sys
011 C:\WINDOWS\system32\drivers\symc810.sys
011 C:\WINDOWS\system32\drivers\symc8xx.sys
011 C:\WINDOWS\system32\drivers\TosIde.sys
011 C:\WINDOWS\system32\drivers\ultra.sys
011 C:\WINDOWS\system32\drivers\ViaIde.sys
011 C:\WINDOWS\system32\drivers\WDICA.sys
052 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
061 deskpan.dll

#3 jokergonewi1d

jokergonewi1d
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:52 AM

Posted 11 January 2009 - 06:03 PM

Just a little bump, Hoping for a quick look over is all. :thumbsup:

#4 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Members
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the &quot;Logic Free Zone&quot;, in Md, USA
  • Local time:03:52 PM

Posted 14 January 2009 - 11:09 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results, click no to the Optional_Scan
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

R,
K
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#5 jokergonewi1d

jokergonewi1d
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:52 AM

Posted 16 January 2009 - 06:56 AM

Thank you for getting to me :thumbsup:

Its really bothering me as to why non of my auto running apps launch like loading a game dvd or plugging in a thumb drive.
Not to mention how windows is always telling me my firewall is turned off, even after a fresh install of zone alarm it'll always
pop up in a day or so, weird.

Here's my DDS log:



DDS (Ver_09-01-07.01) - NTFSx86
Run by Extreme at 3:51:04.83 on Fri 01/16/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2040 [GMT -8:00]

AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated)
FW: ZoneAlarm Firewall *disabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ASUS\PC Probe II\Probe2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files\VMware\VMware Workstation\hqtray.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Gateway\EzTune\DTHtml.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Portrait Displays\Pivot Software\floater.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ASUS\AASP\1.00.32\aaCenter.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Extreme\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://westwood.ecollege.com/login.learn
uSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
mDefault_Page_URL = hxxp://www.yahoo.com/
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: NoExplorer - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: SpywareGuardDLBLOCK.CBrowserHelper: {4a368e80-174f-4872-96b5-0b27ddd11db2} - c:\program files\spywareguard\dlprotect.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\4.1.805.4472\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [nHancer] "c:\program files\nhancer\nHancer.exe" /tray
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe"
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray
mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe
mRun: [36X Raid Configurer] c:\windows\system32\xRaidSetup.exe boot
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [Launch PC Probe II] "c:\program files\asus\pc probe ii\Probe2.exe" 1
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Ai Nap] "c:\program files\asus\ai suite\ainap\AiNap.exe"
mRun: [vmware-tray] c:\program files\vmware\vmware workstation\vmware-tray.exe
mRun: [VMware hqtray] "c:\program files\vmware\vmware workstation\hqtray.exe"
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [nmapp] "c:\program files\pure networks\network magic\nmapp.exe" -autorun -nosplash
mRun: [PivotSoftware] "c:\program files\portrait displays\pivot software\wpctrl.exe"
mRun: [DT GWY] c:\program files\common files\portrait displays\shared\DT_startup.exe -GWY
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide
mRun: [avgnt] "c:\program files\avira\antivir personaledition classic\avgnt.exe" /min
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [CloneCDTray] "c:\program files\slysoft\clonecd\CloneCDTray.exe" /s
dRun: [MySpaceIM] c:\program files\myspace\im\MySpaceIM.exe
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\extreme\startm~1\programs\startup\spywar~1.lnk - c:\program files\spywareguard\sgmain.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\asuswi~1.lnk - c:\program files\asus wifi-ap solo\RtWLan.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SpywareGuard.Handler: {81559c35-8464-49f7-bb0e-07a383bef910} - c:\program files\spywareguard\spywareguard.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\extreme\applic~1\mozilla\firefox\profiles\k6ayi08c.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
FF - plugin: c:\documents and settings\extreme\application data\mozilla\plugins\npAbacast.dll
FF - plugin: c:\documents and settings\extreme\application data\mozilla\plugins\NPAbacheck.dll
FF - plugin: c:\program files\google\google updater\2.4.1368.5602\npCIDetect13.dll
FF - plugin: c:\program files\ksolo\npAVX.dll

============= SERVICES / DRIVERS ===============

R1 avgio;avgio;c:\program files\avira\antivir personaledition classic\avgio.sys [2009-1-1 11840]
R1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [2003-7-11 14912]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2009-1-1 353680]
R3 avgntflt;avgntflt;c:\program files\avira\antivir personaledition classic\avgntflt.sys [2009-1-1 52032]
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [2008-3-21 332928]
R3 SjyPkt;SjyPkt;c:\windows\system32\drivers\SjyPkt.sys [2008-3-21 13532]
R4 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-9-10 611664]
R4 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\program files\avira\antivir personaledition classic\sched.exe [2009-1-1 68865]
R4 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard;c:\program files\avira\antivir personaledition classic\avguard.exe [2009-1-1 151297]
R4 PdiService;Portrait Displays SDK Service;c:\program files\common files\portrait displays\drivers\pdisrvc.exe [2008-10-2 90112]
R4 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
R4 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S1 aswSP;avast! Self Protection; [x]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2008-5-19 17920]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2008-5-19 7680]
S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [2008-5-19 23680]
S4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswfsblk.sys --> c:\windows\system32\drivers\aswFsBlk.sys [?]

=============== Created Last 30 ================

2009-01-13 04:39 330 a------- C:\END
2009-01-12 00:30 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Azureus
2009-01-12 00:28 <DIR> --d----- c:\docume~1\extreme\applic~1\Azureus
2009-01-12 00:28 <DIR> --d----- c:\program files\Vuze
2009-01-12 00:27 <DIR> --d----- c:\documents and settings\extreme\Temp
2009-01-12 00:24 120,056 -------- c:\windows\system32\pxcpyi64.exe
2009-01-12 00:24 118,520 -------- c:\windows\system32\pxinsi64.exe
2009-01-12 00:24 <DIR> --d----- c:\program files\DivX
2009-01-11 16:24 <DIR> --d----- c:\windows\system32\Adobe
2009-01-11 15:37 <DIR> --d----- c:\program files\Off Road Arena
2009-01-11 15:30 <DIR> --d----- c:\program files\Motorama
2009-01-11 15:18 <DIR> --d----- c:\program files\LEGO Builder Bots
2009-01-11 15:18 <DIR> --d----- c:\program files\ReflexiveArcade
2009-01-09 17:23 <DIR> --d----- c:\docume~1\extreme\applic~1\DAEMON Tools Pro
2009-01-09 17:22 <DIR> --d----- c:\docume~1\alluse~1\applic~1\DAEMON Tools Lite
2009-01-09 17:22 <DIR> --d----- c:\program files\DAEMON Tools Lite
2009-01-09 17:22 <DIR> --d----- c:\docume~1\extreme\applic~1\DAEMON Tools Lite
2009-01-09 15:05 <DIR> --d----- c:\program files\SlySoft
2009-01-09 15:04 <DIR> --d----- c:\program files\Elaborate Bytes
2009-01-09 14:08 16,877 a------- c:\windows\system32\drivers\ASPI32.SYS
2009-01-09 14:08 45,056 a------- c:\windows\system32\WNASPI32.DLL
2009-01-04 11:27 <DIR> --d----- c:\program files\Activision
2009-01-03 22:48 <DIR> --d----- c:\program files\America's Army
2009-01-03 22:07 <DIR> --d----- C:\HiJackThis
2009-01-03 22:01 <DIR> --d----- c:\program files\trend micro
2009-01-02 17:33 <DIR> --d----- c:\program files\SpywareGuard
2009-01-02 17:24 <DIR> --d----- c:\docume~1\extreme\applic~1\Malwarebytes
2009-01-02 17:24 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-01-02 17:24 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-02 17:24 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-01-02 17:24 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-01-02 00:12 <DIR> --d----- c:\documents and settings\extreme\DoctorWeb
2009-01-01 23:06 1,221,008 a------- c:\windows\system32\zpeng25.dll
2009-01-01 23:06 <DIR> --d----- c:\windows\system32\ZoneLabs
2009-01-01 23:06 <DIR> --d----- c:\program files\Zone Labs
2009-01-01 23:06 348,371 a------- c:\windows\system32\vsconfig.xml
2009-01-01 22:32 <DIR> --d----- c:\program files\Avira
2009-01-01 22:32 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Avira
2009-01-01 19:13 1,030,176 a--sh--- c:\windows\system32\drivers\fidbox.dat
2009-01-01 19:13 13,148 a--sh--- c:\windows\system32\drivers\fidbox.idx
2008-12-29 20:21 <DIR> --d----- c:\program files\Microsoft IntelliType Pro
2008-12-29 14:56 266,088 a------- c:\windows\system32\xactengine2_8.dll
2008-12-29 14:56 18,280 a------- c:\windows\system32\x3daudio1_2.dll
2008-12-29 14:56 261,480 a------- c:\windows\system32\xactengine2_7.dll
2008-12-29 14:56 255,848 a------- c:\windows\system32\xactengine2_6.dll
2008-12-29 14:56 251,672 a------- c:\windows\system32\xactengine2_5.dll
2008-12-29 14:56 3,426,072 a------- c:\windows\system32\d3dx9_32.dll
2008-12-29 14:56 237,848 a------- c:\windows\system32\xactengine2_4.dll
2008-12-29 14:56 15,128 a------- c:\windows\system32\x3daudio1_1.dll
2008-12-29 14:56 236,824 a------- c:\windows\system32\xactengine2_3.dll
2008-12-29 14:56 62,744 a------- c:\windows\system32\xinput1_2.dll
2008-12-29 14:55 413,696 a------- c:\windows\system32\wrap_oal.dll
2008-12-29 14:55 110,592 a------- c:\windows\system32\OpenAL32.dll
2008-12-29 14:55 <DIR> --d----- c:\program files\OpenAL
2008-12-29 14:54 <DIR> --d----- c:\windows\system32\xlive
2008-12-22 17:51 <DIR> --d----- c:\docume~1\extreme\applic~1\Windows Search
2008-12-22 02:34 <DIR> --d----- c:\windows\NV18724220.TMP
2008-12-22 02:32 <DIR> --d----- c:\docume~1\extreme\applic~1\Windows Desktop Search
2008-12-22 02:31 <DIR> --d----- c:\windows\system32\GroupPolicy
2008-12-22 02:31 <DIR> --d----- c:\program files\Windows Desktop Search
2008-12-22 02:29 192,000 -c------ c:\windows\system32\dllcache\offfilt.dll
2008-12-22 02:29 98,304 -c------ c:\windows\system32\dllcache\nlhtml.dll
2008-12-20 12:22 410,984 a------- c:\windows\system32\deploytk.dll
2008-12-19 13:46 <DIR> --d----- c:\program files\Microsoft Office Outlook Connector
2008-12-19 01:22 <DIR> --d----- c:\program files\common files\Symantec Shared
2008-12-19 01:21 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Norton
2008-12-19 01:20 <DIR> --d----- c:\program files\NortonInstaller
2008-12-19 01:20 <DIR> --d----- c:\docume~1\alluse~1\applic~1\NortonInstaller
2008-12-17 16:20 921,600 a------- c:\windows\system32\vorbisenc.dll
2008-12-17 16:20 516,096 a------- c:\windows\system32\ac3filter.ax
2008-12-17 16:20 188,416 a------- c:\windows\system32\vorbis.dll
2008-12-17 16:20 61,440 a------- c:\windows\system32\xvid.ax
2008-12-17 16:20 45,056 a------- c:\windows\system32\ogg.dll
2008-12-17 16:20 116,224 a------- c:\windows\system32\rmalt.ax
2008-12-17 16:20 28,672 a------- c:\windows\system32\qtalt.ax
2008-12-17 16:13 <DIR> --d----- C:\TempDVD
2008-12-17 16:13 <DIR> --d----- C:\dvdsanta
2008-12-17 16:11 <DIR> --d----- c:\program files\dvdSanta
2008-12-17 15:54 <DIR> --d----- c:\docume~1\extreme\applic~1\AVS4YOU
2008-12-17 15:53 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AVS4YOU
2008-12-17 15:53 <DIR> --d----- c:\program files\common files\AVSMedia
2008-12-17 15:53 974,848 a------- c:\windows\system32\mfc70.dll
2008-12-17 15:53 1,700,352 a------- c:\windows\system32\GdiPlus.dll
2008-12-17 15:53 24,576 a------- c:\windows\system32\msxml3a.dll
2008-12-17 15:53 <DIR> --d----- c:\program files\AVS4YOU
2008-12-17 15:47 <DIR> --d----- C:\OutputFolder
2008-12-17 10:02 15,104 ac------ c:\windows\system32\dllcache\usbscan.sys
2008-12-17 10:02 159,232 a------- c:\windows\system32\ptpusd.dll
2008-12-17 10:02 15,104 a------- c:\windows\system32\drivers\usbscan.sys
2008-12-17 10:02 5,632 a------- c:\windows\system32\ptpusb.dll

==================== Find3M ====================

2009-01-15 04:50 0 a------- c:\windows\system32\drivers\lvuvc.hs
2009-01-11 17:28 137,688 a------- c:\windows\system32\drivers\PnkBstrK.sys
2009-01-11 17:28 202,040 a------- c:\windows\system32\PnkBstrB.exe
2009-01-04 11:44 66,872 a------- c:\windows\system32\PnkBstrA.exe
2009-01-04 11:42 22,328 ac------ c:\docume~1\extreme\applic~1\PnkBstrK.sys
2009-01-01 23:06 4,212 a---h--- c:\windows\system32\zllictbl.dat
2008-12-25 09:08 669,184 a------- c:\windows\system32\pbsvc.exe
2008-12-11 02:57 333,952 a------- c:\windows\system32\drivers\srv.sys
2008-12-10 16:33 200,704 a------- c:\windows\system32\dtu100.dll
2008-12-10 16:33 86,016 a------- c:\windows\system32\dpl100.dll
2008-12-08 18:28 593,920 a------- c:\windows\system32\dpuGUI11.dll
2008-12-08 18:28 344,064 a------- c:\windows\system32\dpus11.dll
2008-12-08 18:28 294,912 a------- c:\windows\system32\dpu11.dll
2008-12-08 18:28 57,344 a------- c:\windows\system32\dpv11.dll
2008-11-06 08:37 524,288 a------- c:\windows\system32\DivXsm.exe
2008-11-06 08:37 3,596,288 a------- c:\windows\system32\qt-dx331.dll
2008-11-06 08:37 129,784 -c------ c:\windows\system32\pxafs.dll
2008-11-06 08:35 1,044,480 a------- c:\windows\system32\libdivx.dll
2008-11-06 08:35 200,704 a------- c:\windows\system32\ssldivx.dll
2008-11-06 08:33 823,296 a------- c:\windows\system32\divx_xx0c.dll
2008-11-06 08:33 823,296 a------- c:\windows\system32\divx_xx07.dll
2008-11-06 08:33 815,104 a------- c:\windows\system32\divx_xx0a.dll
2008-11-06 08:33 802,816 a------- c:\windows\system32\divx_xx11.dll
2008-11-06 08:33 684,032 a------- c:\windows\system32\DivX.dll
2008-11-06 08:33 12,288 a------- c:\windows\system32\DivXWMPExtType.dll
2008-10-23 04:36 286,720 a------- c:\windows\system32\gdi32.dll
2008-03-21 21:34 1,431,120 ac------ c:\docume~1\alluse~1\applic~1\pswi_preloaded.exe
2006-06-22 22:48 32,768 ac---r-- c:\windows\inf\UpdateUSB.exe
2008-04-25 15:37 88 ---shr-- c:\windows\system32\07B96F2985.sys
2008-04-25 15:37 2,568 ac-sh--- c:\windows\system32\KGyGaAvL.sys
2008-05-08 02:27 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008050820080509\index.dat

============= FINISH: 3:51:33.50 ===============



Thank you for your time, its really greatly appreciated!

#6 RenatoMejias

RenatoMejias

  • Malware Response Team
  • 913 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:52 PM

Posted 18 January 2009 - 10:59 AM

Hi, sorry for the delay.

Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Renato Victor Mejias
Malware help in portuguese
jetian6yw.jpg

#7 jokergonewi1d

jokergonewi1d
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:52 AM

Posted 21 January 2009 - 06:17 AM

The scan completed with nothing suspicious and along with no viruses/threats :thumbsup:
Maybe I'm loosing my mind, I know something is up with my pc, I just can't figure it out.

#8 RenatoMejias

RenatoMejias

  • Malware Response Team
  • 913 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:52 PM

Posted 25 January 2009 - 11:57 AM

Can you give more details, please :thumbsup:
Renato Victor Mejias
Malware help in portuguese
jetian6yw.jpg




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users