Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

infected with ant virus system pro


  • This topic is locked This topic is locked
2 replies to this topic

#1 suerkent

suerkent

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:04:14 PM

Posted 10 November 2009 - 04:36 PM

Hope I have all the info needed....Im computer iliterate
anti virus system pro appeared onscreen....i tried to delete it but the pop ups keep coming back
I'm using AVG the free edition and have downloaded malware bytes also
I also would like to know just WHAT programs I need on my PC to make it safe....ie...spyware..anti-virus, etc.
thanks for your help.


DDS (Ver_09-10-26.01) - NTFSx86
Run by SuerKent at 16:18:45.60 on Tue 11/10/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_01
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.243 [GMT -5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Nova Development\Greeting Card Factory Deluxe\ReminderApp.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
svchost.exe
C:\Sierra\Planner\PLNRnote.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Virtual Assistant\bin\mpbtn.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\SuerKent\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.toast.net/start/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Page_URL = hxxp://www.toast.net/start/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: Free TV Bar Toolbar: {a0729639-d831-46c9-811b-9b0aa79fb45a} - c:\program files\free_tv_bar\tbFree.dll
uURLSearchHooks: LiveTV_ Toolbar: {59385f95-c52f-4a84-b674-4a4206b17218} - c:\program files\livetv_\tbLive.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: LiveTV_ Toolbar: {59385f95-c52f-4a84-b674-4a4206b17218} - c:\program files\livetv_\tbLive.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
BHO: Free TV Bar Toolbar: {a0729639-d831-46c9-811b-9b0aa79fb45a} - c:\program files\free_tv_bar\tbFree.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Free TV Bar Toolbar: {a0729639-d831-46c9-811b-9b0aa79fb45a} - c:\program files\free_tv_bar\tbFree.dll
TB: LiveTV_ Toolbar: {59385f95-c52f-4a84-b674-4a4206b17218} - c:\program files\livetv_\tbLive.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - No File
uRun: [EPSON Stylus NX400 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatiega.exe /fu "c:\windows\temp\E_S7C.tmp" /EF "HKCU"
uRun: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\RegistryBooster.exe /S
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [Performance Center] c:\program files\ascentive\performance center\ApcMain.exe -m
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [ReminderApp] c:\program files\nova development\greeting card factory deluxe\ReminderApp.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [zzzHPSETUP] d:\setup.exe \RESET
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRunOnce: [NSSInstallation] c:\windows\system32\adobe\shockwave 11\nssstub.exe /RunOnce
StartupFolder: c:\docume~1\suerkent\startm~1\programs\startup\eventm~1.lnk - c:\hallmark\EMREMIND.EXE
StartupFolder: c:\docume~1\suerkent\startm~1\programs\startup\ziggyt~1.lnk - c:\program files\ziggytv\ZiggyTV.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\embarq~1.lnk - c:\program files\virtual assistant\bin\matcli.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\eventp~1.lnk - c:\sierra\planner\PLNRnote.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1236736209359
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxsrvc.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\suerkent\applic~1\mozilla\firefox\profiles\ftwh9t00.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.toast.net/start/
FF - prefs.js: keyword.URL - hxxp://urlseek40.vmn.net/search.php?lg=en&type=dns&tbn=oovoo2_0dn&q=
FF - component: c:\documents and settings\suerkent\application data\mozilla\firefox\profiles\ftwh9t00.default\extensions\{9d613b03-9b7c-4fa0-b2f8-32f7cc24873f}\components\SDIIntegrator.dll
FF - component: c:\program files\mozilla firefox\extensions\browserhighlighter@ebay.com\components\Shim.dll
FF - plugin: c:\documents and settings\suerkent\application data\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\documents and settings\suerkent\application data\mozilla\firefox\profiles\ftwh9t00.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-3-2 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-3-2 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-3-2 297752]
S2 gupdate1c99b8acb1051aa;Google Update Service (gupdate1c99b8acb1051aa);c:\program files\google\update\GoogleUpdate.exe [2009-3-2 133104]
S3 getPlus® Helper;getPlus® Helper;c:\program files\nos\bin\getPlus_HelperSvc.exe [2009-7-10 66056]

=============== Created Last 30 ================

2009-11-10 19:31:59 0 d-----w- c:\program files\Runtime Software
2009-11-08 23:53:50 0 d-----w- c:\program files\RegDefense
2009-11-08 20:30:03 0 d-----w- c:\windows\system32\wbem\Repository
2009-11-08 20:29:01 0 d-----w- c:\windows\SHELLNEW
2009-11-08 20:28:59 0 d-----w- c:\program files\Microsoft ActiveSync
2009-11-08 20:22:14 0 d-----w- c:\program files\Ask.com
2009-11-07 16:06:55 4724 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2009-11-06 16:05:07 0 d-----w- c:\program files\common files\L&H
2009-11-06 16:04:03 0 d-----w- c:\windows\SHELLNEW(2)
2009-11-06 16:03:43 0 d-----w- c:\program files\Microsoft Office(2)
2009-11-06 16:01:23 0 d-----w- C:\MSOCache(2)
2009-11-06 14:11:50 0 d-----w- c:\documents and settings\suerkent\.Calendar
2009-11-06 14:11:49 0 d-----w- c:\documents and settings\suerkent\.digilabs
2009-11-06 14:10:46 0 d-----w- c:\program files\My Photo Calendars & cards (Digilabs Edition)
2009-11-06 14:08:04 0 d-----w- c:\program files\calendarmakereval
2009-10-29 18:31:08 0 d-----w- c:\program files\ZiggyTV
2009-10-29 18:20:12 0 d-----w- c:\program files\LiveTV_
2009-10-29 18:05:37 0 d-----w- c:\program files\Conduit
2009-10-29 18:05:36 0 d-----w- c:\program files\Free_TV_Bar
2009-10-24 01:06:35 0 d-----w- c:\docume~1\alluse~1\applic~1\Ascentive
2009-10-24 01:06:16 0 d-----w- c:\docume~1\suerkent\applic~1\Ascentive
2009-10-24 00:53:31 36864 ----a-w- c:\windows\system32\ascbalon.dll
2009-10-24 00:53:31 307200 ----a-w- c:\windows\system32\AscSQLite.dll
2009-10-24 00:53:30 217088 ----a-w- c:\windows\system32\AscConTest.dll
2009-10-24 00:53:30 20480 ----a-w- c:\windows\system32\SysRestore.dll
2009-10-24 00:53:21 0 d-----w- c:\program files\Ascentive
2009-10-23 20:42:57 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-23 20:28:04 0 d-----w- c:\program files\DivX
2009-10-19 11:52:23 1089593 -c----w- c:\windows\system32\dllcache\ntprint.cat
2009-10-18 14:46:27 0 d-----w- c:\windows\system32\XPSViewer
2009-10-18 14:45:31 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-10-18 14:45:31 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-10-18 14:45:31 117760 ------w- c:\windows\system32\prntvpt.dll
2009-10-18 14:45:30 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-10-18 14:45:30 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-10-18 14:45:30 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-10-18 14:45:30 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-10-18 14:45:30 0 d-----w- C:\c01778f8216d4175b8
2009-10-18 14:21:19 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-18 14:21:18 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-18 14:02:34 0 d-----w- c:\docume~1\suerkent\applic~1\AVG8
2009-10-18 13:59:22 0 d-----w- c:\program files\Advanced Registry Optimizer
2009-10-17 19:10:51 178432 ----a-w- c:\windows\system32\lsp.dll
2009-10-17 19:08:28 0 d-----w- c:\program files\dhjbhn
2009-10-17 01:08:38 0 d-----w- c:\docume~1\suerkent\applic~1\MozillaControl
2009-10-17 01:08:31 0 d-----w- c:\program files\Mozilla ActiveX Control v1.7.12
2009-10-17 01:02:24 0 d-----w- c:\program files\VideoLAN
2009-10-17 01:01:51 0 d-----w- c:\program files\Graboid
2009-10-15 23:28:14 0 d-----r- c:\program files\Skype
2009-10-14 22:40:42 221184 ----a-w- c:\windows\system32\wmpns.dll

==================== Find3M ====================

2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 08:08:21 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-17 13:45:43 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-03-31 17:31:54 449 ----a-w- c:\program files\Shortcut to Data.lnk
2009-01-13 18:45:08 81920 ----a-w- c:\program files\common files\WIZ1x0SR_105SR_CFG.exe
2006-12-01 09:54:32 626688 ----a-w- c:\program files\common files\MSVCR80.dll

============= FINISH: 16:19:01.50 ===============

DDS (Ver_09-10-26.01) - NTFSx86
Run by SuerKent at 16:18:45.60 on Tue 11/10/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_01
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.243 [GMT -5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Nova Development\Greeting Card Factory Deluxe\ReminderApp.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
svchost.exe
C:\Sierra\Planner\PLNRnote.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Virtual Assistant\bin\mpbtn.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\SuerKent\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.toast.net/start/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Page_URL = hxxp://www.toast.net/start/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: Free TV Bar Toolbar: {a0729639-d831-46c9-811b-9b0aa79fb45a} - c:\program files\free_tv_bar\tbFree.dll
uURLSearchHooks: LiveTV_ Toolbar: {59385f95-c52f-4a84-b674-4a4206b17218} - c:\program files\livetv_\tbLive.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: LiveTV_ Toolbar: {59385f95-c52f-4a84-b674-4a4206b17218} - c:\program files\livetv_\tbLive.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
BHO: Free TV Bar Toolbar: {a0729639-d831-46c9-811b-9b0aa79fb45a} - c:\program files\free_tv_bar\tbFree.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Free TV Bar Toolbar: {a0729639-d831-46c9-811b-9b0aa79fb45a} - c:\program files\free_tv_bar\tbFree.dll
TB: LiveTV_ Toolbar: {59385f95-c52f-4a84-b674-4a4206b17218} - c:\program files\livetv_\tbLive.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - No File
uRun: [EPSON Stylus NX400 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatiega.exe /fu "c:\windows\temp\E_S7C.tmp" /EF "HKCU"
uRun: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\RegistryBooster.exe /S
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [Performance Center] c:\program files\ascentive\performance center\ApcMain.exe -m
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [ReminderApp] c:\program files\nova development\greeting card factory deluxe\ReminderApp.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [zzzHPSETUP] d:\setup.exe \RESET
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRunOnce: [NSSInstallation] c:\windows\system32\adobe\shockwave 11\nssstub.exe /RunOnce
StartupFolder: c:\docume~1\suerkent\startm~1\programs\startup\eventm~1.lnk - c:\hallmark\EMREMIND.EXE
StartupFolder: c:\docume~1\suerkent\startm~1\programs\startup\ziggyt~1.lnk - c:\program files\ziggytv\ZiggyTV.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\embarq~1.lnk - c:\program files\virtual assistant\bin\matcli.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\eventp~1.lnk - c:\sierra\planner\PLNRnote.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1236736209359
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxsrvc.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\suerkent\applic~1\mozilla\firefox\profiles\ftwh9t00.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.toast.net/start/
FF - prefs.js: keyword.URL - hxxp://urlseek40.vmn.net/search.php?lg=en&type=dns&tbn=oovoo2_0dn&q=
FF - component: c:\documents and settings\suerkent\application data\mozilla\firefox\profiles\ftwh9t00.default\extensions\{9d613b03-9b7c-4fa0-b2f8-32f7cc24873f}\components\SDIIntegrator.dll
FF - component: c:\program files\mozilla firefox\extensions\browserhighlighter@ebay.com\components\Shim.dll
FF - plugin: c:\documents and settings\suerkent\application data\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\documents and settings\suerkent\application data\mozilla\firefox\profiles\ftwh9t00.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-3-2 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-3-2 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-3-2 297752]
S2 gupdate1c99b8acb1051aa;Google Update Service (gupdate1c99b8acb1051aa);c:\program files\google\update\GoogleUpdate.exe [2009-3-2 133104]
S3 getPlus® Helper;getPlus® Helper;c:\program files\nos\bin\getPlus_HelperSvc.exe [2009-7-10 66056]

=============== Created Last 30 ================

2009-11-10 19:31:59 0 d-----w- c:\program files\Runtime Software
2009-11-08 23:53:50 0 d-----w- c:\program files\RegDefense
2009-11-08 20:30:03 0 d-----w- c:\windows\system32\wbem\Repository
2009-11-08 20:29:01 0 d-----w- c:\windows\SHELLNEW
2009-11-08 20:28:59 0 d-----w- c:\program files\Microsoft ActiveSync
2009-11-08 20:22:14 0 d-----w- c:\program files\Ask.com
2009-11-07 16:06:55 4724 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2009-11-06 16:05:07 0 d-----w- c:\program files\common files\L&H
2009-11-06 16:04:03 0 d-----w- c:\windows\SHELLNEW(2)
2009-11-06 16:03:43 0 d-----w- c:\program files\Microsoft Office(2)
2009-11-06 16:01:23 0 d-----w- C:\MSOCache(2)
2009-11-06 14:11:50 0 d-----w- c:\documents and settings\suerkent\.Calendar
2009-11-06 14:11:49 0 d-----w- c:\documents and settings\suerkent\.digilabs
2009-11-06 14:10:46 0 d-----w- c:\program files\My Photo Calendars & cards (Digilabs Edition)
2009-11-06 14:08:04 0 d-----w- c:\program files\calendarmakereval
2009-10-29 18:31:08 0 d-----w- c:\program files\ZiggyTV
2009-10-29 18:20:12 0 d-----w- c:\program files\LiveTV_
2009-10-29 18:05:37 0 d-----w- c:\program files\Conduit
2009-10-29 18:05:36 0 d-----w- c:\program files\Free_TV_Bar
2009-10-24 01:06:35 0 d-----w- c:\docume~1\alluse~1\applic~1\Ascentive
2009-10-24 01:06:16 0 d-----w- c:\docume~1\suerkent\applic~1\Ascentive
2009-10-24 00:53:31 36864 ----a-w- c:\windows\system32\ascbalon.dll
2009-10-24 00:53:31 307200 ----a-w- c:\windows\system32\AscSQLite.dll
2009-10-24 00:53:30 217088 ----a-w- c:\windows\system32\AscConTest.dll
2009-10-24 00:53:30 20480 ----a-w- c:\windows\system32\SysRestore.dll
2009-10-24 00:53:21 0 d-----w- c:\program files\Ascentive
2009-10-23 20:42:57 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-23 20:28:04 0 d-----w- c:\program files\DivX
2009-10-19 11:52:23 1089593 -c----w- c:\windows\system32\dllcache\ntprint.cat
2009-10-18 14:46:27 0 d-----w- c:\windows\system32\XPSViewer
2009-10-18 14:45:31 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-10-18 14:45:31 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-10-18 14:45:31 117760 ------w- c:\windows\system32\prntvpt.dll
2009-10-18 14:45:30 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-10-18 14:45:30 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-10-18 14:45:30 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-10-18 14:45:30 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-10-18 14:45:30 0 d-----w- C:\c01778f8216d4175b8
2009-10-18 14:21:19 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-18 14:21:18 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-18 14:02:34 0 d-----w- c:\docume~1\suerkent\applic~1\AVG8
2009-10-18 13:59:22 0 d-----w- c:\program files\Advanced Registry Optimizer
2009-10-17 19:10:51 178432 ----a-w- c:\windows\system32\lsp.dll
2009-10-17 19:08:28 0 d-----w- c:\program files\dhjbhn
2009-10-17 01:08:38 0 d-----w- c:\docume~1\suerkent\applic~1\MozillaControl
2009-10-17 01:08:31 0 d-----w- c:\program files\Mozilla ActiveX Control v1.7.12
2009-10-17 01:02:24 0 d-----w- c:\program files\VideoLAN
2009-10-17 01:01:51 0 d-----w- c:\program files\Graboid
2009-10-15 23:28:14 0 d-----r- c:\program files\Skype
2009-10-14 22:40:42 221184 ----a-w- c:\windows\system32\wmpns.dll

==================== Find3M ====================

2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 08:08:21 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-17 13:45:43 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-03-31 17:31:54 449 ----a-w- c:\program files\Shortcut to Data.lnk
2009-01-13 18:45:08 81920 ----a-w- c:\program files\common files\WIZ1x0SR_105SR_CFG.exe
2006-12-01 09:54:32 626688 ----a-w- c:\program files\common files\MSVCR80.dll

============= FINISH: 16:19:01.50 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-10-26.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 3/2/2009 2:10:07 PM
System Uptime: 11/10/2009 5:59:46 AM (11 hours ago)

Motherboard: Dell Inc. | | 0M3918
Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 149 GiB total, 117.835 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP325: 11/10/2009 1:33:22 PM - System Checkpoint

==== Installed Programs ======================

Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.2
Adobe Shockwave Player 11.5
ArcSoft Print Creations
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Calendar
Ask Toolbar
AVG 8.5
BufferChm
CreativeProjects
CreativeProjectsTemplates
CueTour
Destinations
Director
DriveImage XML (Private Edition)
EMBARQ Help
EMBARQ Help Online
EMBARQ Remote Control
Embarq Toolbar
EPSON Scan
EPSON Stylus NX400 Series Printer Uninstall
Event Planner
FaceDub
Free_TV_Bar Toolbar
Google Earth
Google Update Helper
Greeting Card Factory Deluxe
Hallmark Card Studio 2
Hide My IP Address
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hoyle Card Games 2005
HP Image Zone 4.5
HP Software Update
HPSystemDiagnostics
InstantShare
Intel® 537EP V9x DF PCI Modem
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Adapters and Drivers
Interactive User’s Guide
Java™ SE Runtime Environment 6 Update 1
LED TAG
LiveTV_ Toolbar
Living 3D Dolphins Full Screen Saver
Loader
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Office Basic Edition 2003
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Move Media Player
Mozilla Firefox (3.5.2)
MSXML 4.0 SP2 (KB954430)
PanoStandAlone
PC Updater
PhotoGallery
PL-2303 USB-to-Serial
PowerDVD 5.3
QFolder
RealPlayer
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
ShareIns
SkinsHP1
Skype web features
Skype™ 4.1
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
SoundMAX
TBS WMP Plug-in
TrayApp
TVUPlayer 2.4.7.2
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows XP Service Pack 3
WIZ1x0_105SR Configtool
ZiggyTV

==== Event Viewer Messages From Past Week ========

11/6/2009 12:00:06 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
11/6/2009 11:54:52 AM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.

==== End Of File ===========================
Sorry if I didn't get it all copied right......hope this helps
thanks for your help

BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:14 PM

Posted 16 November 2009 - 07:21 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :(
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:14 PM

Posted 20 November 2009 - 06:31 PM

Since this issue appears to be resolved ... this topic has been closed. Glad we could help. :(

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users