Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with something


  • This topic is locked This topic is locked
2 replies to this topic

#1 brenda720

brenda720

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:46 PM

Posted 08 February 2009 - 10:22 AM

DDS (Ver_09-02-01.01) - NTFSx86
Run by Brenda at 9:09:55.85 on Sun 02/08/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3070.2222 [GMT -6:00]

AV: AVG 7.5.552 *On-access scanning enabled* (Updated)
FW: AVG Firewall 7.5.500 *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dlcxcoms.exe
C:\Program Files\Citrix\GoToMyPC\g2svc.exe
C:\Program Files\Citrix\GoToMyPC\g2comm.exe
C:\Program Files\Dell Network Assistant\hnm_svc.exe
C:\Program Files\Citrix\GoToMyPC\g2pre.exe
C:\Program Files\Citrix\GoToMyPC\g2tray.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
svchost.exe C:\WINDOWS\TEMP\VRT1.tmp
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\OEM02Mon.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\KADxMain.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Boingo\GoBoingo\GoBoingo.exe
C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe
C:\Program Files\Dell Photo AIO Printer 926\memcard.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Dell Network Assistant\ezi_hnm2.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
svchost.exe
C:\DOCUME~1\Brenda\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\CVME6B70\dds[1].scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
mDefault_Page_URL = hxxp://www.dell.com
mStart Page = hxxp://www.dell.com
uInternet Connection Wizard,ShellNext = hxxp://www.dell.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\documents and settings\brenda\vat.exe \s
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: NoExplorer - No File
BHO: {6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} - c:\windows\system32\opnOgeFW.dll
BHO: {b8cb6a31-1945-4a80-ae8e-7b9fab3c0e77} - c:\windows\system32\nnnnLbBQ.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
TB: Ask Toolbar: {f0d4b239-da4b-4daf-81e4-dfee4931a4aa} - c:\program files\asksbar\bar\1.bin\ASKSBAR.DLL
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NVHotkey] rundll32.exe nvHotkey.dll,Start
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [KADxMain] c:\windows\system32\KADxMain.exe
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AVG7_CC] c:\progra~1\grisoft\avg7\avgcc.exe /STARTUP
mRun: [GoBoingo] c:\program files\boingo\goboingo\GoBoingo.lnk
mRun: [basicsmssmenu] "c:\program files\seagate\basics\basics status\MaxMenuMgrBasics.exe"
mRun: [dlcxmon.exe] "c:\program files\dell photo aio printer 926\dlcxmon.exe"
mRun: [MemoryCardManager] "c:\program files\dell photo aio printer 926\memcard.exe"
mRun: [GoToMyPC] "c:\program files\citrix\gotomypc\g2svc.exe" -logon
mRun: [Social.IM] c:\program files\social.im\SocialChat.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [Adobe Version Cue CS2] "c:\program files\adobe\adobe version cue cs2\controlpanel\VersionCueCS2Tray.exe"
mRun: [DLCXCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCXtime.dll,_RunDLLEntry@16
mRun: [b0fb2e15] rundll32.exe "c:\windows\system32\kvrkqhgh.dll",b
dRun: [AVG7_Run] c:\progra~1\grisoft\avg7\avgw.exe /RUNONCE
dRun: [zakqsqyd.exe] c:\windows\zakqsqyd.exe
dRun: [tjyzzjzp.exe] c:\windows\tjyzzjzp.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acroba~1.lnk - c:\program files\adobe\acrobat 6.0\distillr\acrotray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~2.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dellne~1.lnk - c:\windows\installer\{0240bdfb-2995-4a3f-8c96-18d41282b716}\Icon0240BDFB3.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
LSP: c:\windows\system32\avgfwafu.dll
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {5CB1506E-1DEA-4E63-89A7-E40E52AEA1FD} - hxxp://usfulfillment.puretracks.com/onager.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1215741265531
DPF: {680285A8-96D3-43DA-9D3D-51DD987D0B77} - hxxp://www.nero.com/doc/NeroVersionCheckerControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgwlntf - avgwlntf.dll
Notify: GoToMyPC - c:\program files\citrix\gotomypc\G2WinLogon.dll
Notify: opnOgeFW - opnOgeFW.dll
AppInit_DLLs: tqvmtl.dll pdlbam.dll
STS: {C5BF49A2-94F3-42BD-F434-3604812C8955} - No File
SEH: {6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} - c:\windows\system32\opnOgeFW.dll
LSA: Authentication Packages = msv1_0 c:\windows\system32\nnnnLbBQ

============= SERVICES / DRIVERS ===============

R1 AvgClean;AVG7 Clean Driver;c:\windows\system32\drivers\avgclean.sys [2008-7-11 10760]
R1 AvgMfx86;AVG Minifilter x86 Resident Driver;c:\windows\system32\drivers\avgmfx86.sys [2008-7-11 26952]
R2 Avg7Alrt;AVG7 Alert Manager Server;c:\progra~1\grisoft\avg7\avgamsvr.exe [2008-7-11 435712]
R2 Avg7UpdSvc;AVG7 Update Service;c:\progra~1\grisoft\avg7\avgupsvc.exe [2008-7-11 66560]
R2 AvgCoreSvc;AVG7 Resident Shield Service;c:\progra~1\grisoft\avg7\avgrssvc.exe [2008-7-11 212992]
R2 AVGFwSrv;AVG Firewall;c:\progra~1\grisoft\avg7\avgfwsrv.exe [2008-7-11 855552]
R2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe -service --> c:\windows\system32\dlcxcoms.exe -service [?]
R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\system32\drivers\OEM02Dev.sys [2008-7-9 235520]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\system32\drivers\OEM02Vfx.sys [2008-7-9 7424]
S3 fuvlbocf;fuvlbocf;\??\c:\windows\system32\drivers\fuvlbocf.sys --> c:\windows\system32\drivers\fuvlbocf.sys [?]
S3 ohqzacgv;ohqzacgv;\??\c:\windows\system32\drivers\ohqzacgv.sys --> c:\windows\system32\drivers\ohqzacgv.sys [?]
S3 protect;protect;c:\windows\system32\drivers\protect.sys [2009-2-8 18944]
S4 Brelorvrm;Brelorvrm; [x]

=============== Created Last 30 ================

2009-02-08 08:52 126,976 a------- c:\windows\system32\_pdlbam.dll
2009-02-08 08:52 126,976 a------- c:\windows\system32\eoparkvx.dll
2009-02-08 08:52 1,602,200 a--sh--- c:\windows\system32\hghqkrvk.ini
2009-02-08 08:52 87,552 a------- c:\windows\system32\kvrkqhgh.dll
2009-02-08 08:49 36,610 a--sh--- c:\windows\system32\QBbLnnnn.ini2
2009-02-08 08:49 36,610 a--sh--- c:\windows\system32\QBbLnnnn.ini
2009-02-08 08:49 281,088 a------- c:\windows\system32\_nnnnLbBQ.dll
2009-02-08 08:45 11,776 a---h--- c:\documents and settings\brenda\vat.exe
2009-02-08 08:45 39,937 a------- c:\windows\services.exe
2009-02-08 08:45 40 a------- c:\windows\file.bat
2009-02-08 08:45 39,937 a------- c:\windows\system32\10.tmp
2009-02-08 08:45 46,080 a------- c:\windows\system32\ndetect.exe
2009-02-08 08:45 162,980 a------- c:\windows\system32\F.tmp
2009-02-08 08:45 67,585 a------- c:\windows\system32\E.tmp
2009-02-08 08:45 168 a------- c:\windows\system32\D.tmp
2009-02-08 08:43 0 a------- c:\windows\system32\1A.tmp
2009-02-08 08:43 39,937 a------- c:\windows\system32\19.tmp
2009-02-08 08:43 3,584 a------- c:\windows\tjyzzjzp.exe
2009-02-08 08:37 18,944 a---h--- c:\windows\system32\drivers\protect.sys
2009-02-08 08:37 162,980 a------- c:\windows\system32\A.tmp
2009-02-08 08:37 67,585 a------- c:\windows\system32\9.tmp
2009-02-08 08:37 64,000 a------- c:\windows\system32\vmware-ufad.exe
2009-02-08 08:37 168 a------- c:\windows\system32\8.tmp
2009-02-07 21:46 32,768 a---h--- c:\documents and settings\brenda\rite.exe
2009-02-07 21:45 163,364 a------- c:\windows\system32\C.tmp
2009-02-07 21:45 46,080 a------- c:\windows\system32\pdbcopy.exe
2009-02-07 21:45 67,585 a------- c:\windows\system32\7.tmp
2009-02-07 21:45 29,184 a------- c:\windows\system32\6.tmp
2009-02-07 21:45 172 a------- c:\windows\system32\5.tmp
2009-02-07 21:24 163,364 a------- c:\windows\system32\B.tmp
2009-02-07 21:24 67,585 a------- c:\windows\system32\4.tmp
2009-02-07 21:24 46,080 a------- c:\windows\system32\7z.exe
2009-02-07 21:24 29,184 a------- c:\windows\system32\3.tmp
2009-02-07 21:24 172 a------- c:\windows\system32\2.tmp
2009-02-07 21:20 664 a------- c:\windows\system32\d3d9caps.dat
2009-02-07 21:14 66,560 a---h--- c:\windows\system32\secupdat.dat
2009-02-07 21:14 32,256 a---h--- c:\documents and settings\brenda\ckhsk.exe
2009-02-07 21:14 53,248 a------- c:\windows\system32\drivers\ndisio.sys
2009-02-07 21:14 3,584 a------- c:\windows\zakqsqyd.exe
2009-02-07 21:14 616 a------- c:\windows\system32\51.tmp
2009-02-07 21:11 15,000 a------- c:\windows\system32\_hs78k4rgf4d.dll
2009-02-07 21:11 46,080 a------- c:\windows\system32\c++.exe
2009-02-07 21:11 163,364 a------- c:\windows\system32\41.tmp
2009-02-07 21:11 67,585 a------- c:\windows\system32\3F.tmp
2009-02-07 21:11 29,184 a------- c:\windows\system32\3D.tmp
2009-02-07 21:11 172 a------- c:\windows\system32\3C.tmp
2009-02-07 18:31 38,400 a------- c:\windows\system32\ddcYpmLe.dll
2009-02-07 18:29 38,400 a------- c:\windows\system32\pmnmLbyY.dll
2009-02-07 18:22 51,200 a------- c:\windows\system32\ssqRJcAR.dll
2009-02-07 18:21 51,200 a------- c:\windows\system32\ssqOIXOI.dll
2009-02-07 17:49 36,864 a------- c:\windows\system32\FileOps.exe
2009-02-07 17:49 <DIR> --d----- c:\windows\system32\Adobe
2009-02-07 17:27 116 a------- c:\windows\NeroDigital.ini
2009-02-07 15:39 6,760,280 a------- c:\windows\system32\NEFcodec.dll
2009-02-07 15:39 200,704 a------- c:\windows\system32\Strato7.dll
2009-02-07 15:39 110,592 a------- c:\windows\system32\RCSigProc.dll
2009-02-07 15:38 <DIR> --d----- c:\program files\common files\Nikon
2009-02-07 15:18 126,976 a------- c:\windows\system32\tqvmtl.dll
2009-02-07 15:18 126,976 a------- c:\windows\system32\qqsebybx.dll
2009-02-07 15:15 1,602,222 a--sh--- c:\windows\system32\ljlqwakk.ini
2009-02-07 15:15 87,552 -------- c:\windows\system32\kkawqljl.dll
2009-02-07 15:15 44,513 a--sh--- c:\windows\system32\wGOrCJjl.ini2
2009-02-07 15:15 44,513 a--sh--- c:\windows\system32\wGOrCJjl.ini
2009-02-07 15:15 281,088 a------- c:\windows\system32\_ljJCrOGw.dll
2009-02-07 15:10 36,352 a------- c:\windows\system32\opnOgeFW.dll
2009-02-07 15:00 <DIR> --d----- c:\program files\common files\Adobe Systems Shared
2009-02-07 14:46 <DIR> --d----- C:\TEST
2009-02-07 14:14 <DIR> --d----- C:\NERO SETUP CD
2009-02-07 13:52 569,344 a------- c:\windows\system32\imagr5.dll
2009-02-07 13:52 544,768 a------- c:\windows\system32\imagx5.dll
2009-02-07 13:52 283,920 a------- c:\windows\system32\ImagXpr5.dll
2009-02-07 13:49 24,064 a------- c:\windows\system32\msxml3a.dll
2009-02-07 13:49 2,023,424 -------- c:\windows\UNNeroVision.exe
2009-02-07 13:49 78,506 -------- c:\windows\UNNeroVision.cfg
2009-02-07 13:49 1,568,768 a------- c:\windows\system32\ImagX7.dll
2009-02-07 13:49 476,320 a------- c:\windows\system32\ImagXpr7.dll
2009-02-07 13:49 471,040 a------- c:\windows\system32\ImagXRA7.dll
2009-02-07 13:49 364,544 a------- c:\windows\system32\TwnLib4.dll
2009-02-07 13:49 262,144 a------- c:\windows\system32\ImagXR7.dll
2009-02-07 13:49 106,496 a------- c:\windows\system32\TwnLib20.dll
2009-02-07 13:49 38,912 a------- c:\windows\system32\picn20.dll
2009-02-07 12:37 <DIR> --d----- C:\Photos 2009
2009-02-03 15:13 56 a---h--- c:\windows\system32\ezsidmv.dat
2009-02-03 14:01 <DIR> --d--r-- c:\program files\Skype
2009-02-01 08:49 <DIR> --d----- C:\avimark

==================== Find3M ====================

2009-02-07 21:35 184,602 a------- c:\windows\pchealth\helpctr\config\cache\Professional_32_1033.dat
2009-01-16 08:12 41,446 a------- c:\windows\system32\nvModes.dat
2008-10-01 15:36 648 a------- c:\docume~1\brenda\applic~1\wklnhst.dat
2008-08-10 17:16 4,114 a------- c:\program files\wsv.exe
2008-07-24 16:45 3,902,784 a------- c:\documents and settings\brenda\gosetup.exe

============= FINISH: 9:12:08.90 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 SifuMike

SifuMike

    malware expert


  • Staff Emeritus
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:04:46 PM

Posted 18 February 2009 - 10:51 PM

Hello brenda720,

Sorry for the delay. We have many logs backed up.

If you still need help then update you old AVG version.
Upgrading to AVG 8.0 is free and it contains the Anti-Spyware engine which is not present in the 7.5 version (unless you have the anti-malware or internet security suite in which case having the Ewido suite is redundant).
  • Download the latest version from AVG'S Website
  • Go to Start > Control Panel double-click on Add/Remove programs and remove the Ewido Security suite(Ewido's was bought by AVG so the 8.0 will have its anti-spyware engine)
  • Run the installation file downloaded before and proceed with the installation. At one point it will warn you that to install AVG 8.0 it will remove previous versions, accept and go forward with the installation.
After AVG 7 is uninstalled and AVG 8.0 installed, update it and do a complete scan
Once the complete scan is finished post the results in the forum this way:
  • Double click AVG's icon near the watch
  • Select from the menu History -> Scan Results
  • Double click the last scan results
  • Click on Export overview to file... and save the file somewhere you'll be able to find
  • Open the saved file with notepad and copy and paste the results here

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 SifuMike

SifuMike

    malware expert


  • Staff Emeritus
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:04:46 PM

Posted 24 February 2009 - 02:49 PM

Due to inactivity, this thread will now be closed.
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users