We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide
Please could someone check this?
Insane_Drifter
Posts: 465 Forumite
in Techie Stuff
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 00:00:22, on 11/02/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgfws9.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\WINDOWS\system32\Prismsta.exe
C:\Program Files\Common Files\AOL\1263321424\ee\AOLSoftware.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NETGEAR\WG111T Configuration Utility\wlan111t.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AOL 9.0 VRa\waol.exe
C:\Program Files\AOL 9.0 VRa\shellmon.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.imesh.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.imesh.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.aol.co.uk/web?isinit=true&query=%s
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - (no file)
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: (no name) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - (no file)
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Prism_Utility] Prismsta.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1263321424\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111T Configuration Utility\wlan111t.exe
O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab
O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} (CAScanner Control) - http://cainternetsecurity.net/scanner/cascanner.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs:
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
--
End of file - 8121 bytes
Scan saved at 00:00:22, on 11/02/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgfws9.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\WINDOWS\system32\Prismsta.exe
C:\Program Files\Common Files\AOL\1263321424\ee\AOLSoftware.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NETGEAR\WG111T Configuration Utility\wlan111t.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AOL 9.0 VRa\waol.exe
C:\Program Files\AOL 9.0 VRa\shellmon.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.imesh.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.imesh.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.aol.co.uk/web?isinit=true&query=%s
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - (no file)
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: (no name) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - (no file)
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Prism_Utility] Prismsta.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1263321424\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111T Configuration Utility\wlan111t.exe
O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab
O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} (CAScanner Control) - http://cainternetsecurity.net/scanner/cascanner.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs:
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
--
End of file - 8121 bytes
0
Comments
-
Don't see anything too bad in there.
O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} (CAScanner Control) - http://cainternetsecurity.net/scanner/cascanner.cab
can go.
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
Looks to be your problem.
If hijack doesn't remove this, report back.
You can simply remove it, but I'm thinking you'll need to run another program to get rid of the file creation program.
I'd recommend Combofix.0 -
TICK and FIX these ~
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.imesh.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.imesh.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - (no file)
O3 - Toolbar: (no name) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - (no file)
O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} (CAScanner Control) - http://cainternetsecurity.net/scanner/cascanner.cab
O20 - AppInit_DLLs:
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
Download MALWAREBYTES (Make sure you click 'DOWNLOAD LATEST VERSION')
http://www.filehippo.com/download_malwarebytes_anti_malware/
Open malwarebytes and goto UPDATE and click 'check for updates'. After its updated goto SCANNER and click PERFORM FULL SCAN then click SCAN
Post the COMPLETE log here AFTER youve deleted everything it finds:idea:0 -
Malwarebytes' Anti-Malware 1.44
Database version: 3724
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
11/02/2010 13:21:06
mbam-log-2010-02-11 (13-21-06).txt
Scan type: Full Scan (C:\|)
Objects scanned: 158949
Time elapsed: 1 hour(s), 17 minute(s), 3 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)0 -
What symptoms are you suffering?My very sincere apologies for those hoping to request off-board assistance but I am now so inundated with requests that in order to do justice to those "already in the system" I am no longer accepting PM's and am unlikely to do so for the foreseeable future (August 2016).
For those seeking more detailed advice and guidance regarding small claims cases arising from private parking issues I recommend that you visit the Private Parking forum on PePiPoo.com0 -
I think my pc is just dying! Sometimes when i start up pc my screen shuts down,when that doesn't happen pc will randomly reboot or freeze and then i sometimes end up with coloured lines all over the screen? So just a few glitches! I can't really afford a new pc but been told i could maybe update it? Good idea or not?0
-
you should have SP3 not 2,0
-
Goto DEVICE MANAGER
Do any of the items have a 'yellow exclamation' mark by them?
Please run COMBOFIX
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Shut down your anti virus
Follow the simple instructions it gives
Post the COMPLETE log it creates here (Split into sections if need be)
If it comes up with a RENAMING error then RIGHT click the exe file and RENAME and call it QWERTY (Making the complete file name 'QWERTY.exe') Or SAVE as 'QWERTY' on download:idea:0 -
ComboFix 10-02-11.04 - Jeni 12/02/2010 11:27:40.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.44.1033.18.1023.492 [GMT 0:00]
Running from: c:\documents and settings\Jeni\My Documents\ComboFix.exe
AV: AVG Internet Security *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
((((((((((((((((((((((((( Files Created from 2010-01-12 to 2010-02-12 )))))))))))))))))))))))))))))))
.
2010-02-08 15:37 . 2010-02-08 15:37
d
w- c:\windows\system32\wbem\Repository
2010-02-06 11:14 . 2010-02-08 15:37
d
w- c:\program files\PC Tune-Up
2010-02-01 13:02 . 2009-12-11 08:38 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-02-01 13:01 . 2009-12-21 19:14 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-02-01 13:01 . 2009-12-21 19:14 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-01-30 23:51 . 2010-01-30 23:51 388096 ----a-r- c:\documents and settings\Jeni\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-01-30 23:51 . 2010-01-30 23:51
d
w- c:\program files\TrendMicro
2010-01-30 23:50 . 2010-01-30 23:50
d
w- c:\program files\Speccy
2010-01-30 23:49 . 2010-01-30 23:49
d
w- c:\program files\Defraggler
2010-01-30 23:33 . 2010-01-30 23:34
d
w- c:\program files\CCleaner
2010-01-30 11:27 . 2009-12-17 00:09 49241 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4482\sb_BunkerHill.dll
2010-01-30 11:27 . 2009-12-16 07:07 136528 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4482\Vercopy.exe
2010-01-30 11:27 . 2009-12-15 06:14 95568 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4482\RunOnce.exe
2010-01-30 11:27 . 2009-12-15 04:35 106496 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4482\sb_Raga_Refresh.dll
2010-01-30 11:27 . 2009-12-14 16:00 106496 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4482\sb_Almaak.dll
2010-01-30 11:27 . 2009-12-14 14:06 106496 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4482\sb_Thailand.dll
2010-01-30 11:27 . 2009-12-14 14:03 106496 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4482\sb_Strauss.dll
2010-01-30 11:27 . 2009-12-15 06:33 120144 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4482\SBFix.exe
2010-01-29 21:22 . 2010-01-31 18:24
d
w- c:\windows\system32\scripting
2010-01-29 21:22 . 2010-01-31 18:23
d
w- c:\windows\l2schemas
2010-01-29 21:22 . 2010-01-31 18:24
d
w- c:\windows\system32\en
2010-01-29 21:22 . 2010-01-31 18:24
d
w- c:\windows\system32\bits
2010-01-29 20:37 . 2004-08-04 12:00 502272 ----a-w- c:\windows\system32\dllcache\wmm2fxa.dll
2010-01-29 20:36 . 2004-08-04 12:00 6144 ----a-w- c:\windows\system32\dllcache\kbd101.dll
2010-01-29 20:35 . 2005-04-28 19:16 274432 ----a-w- c:\windows\system32\dllcache\migism.dll
2010-01-29 20:34 . 2005-08-22 18:29 197632 ----a-w- c:\windows\system32\dllcache\netman.dll
2010-01-29 20:33 . 2010-01-31 21:04
d
w- c:\windows\EHome
2010-01-29 19:11 . 2010-01-29 19:11
d
w- c:\windows\system32\XPSViewer
2010-01-29 19:10 . 2010-01-29 19:10
d
w- c:\program files\MSBuild
2010-01-29 19:10 . 2010-01-29 19:10
d
w- c:\program files\Reference Assemblies
2010-01-29 19:09 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-01-29 19:09 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-01-29 19:09 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-01-29 19:09 . 2008-07-06 12:06 575488
w- c:\windows\system32\xpsshhdr.dll
2010-01-29 19:09 . 2008-07-06 12:06 117760
w- c:\windows\system32\prntvpt.dll
2010-01-29 19:09 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-01-29 19:09 . 2008-07-06 10:50 597504
w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-01-29 19:09 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-01-29 19:09 . 2008-07-06 12:06 1676288
w- c:\windows\system32\xpssvcs.dll
2010-01-29 19:04 . 2010-01-29 19:04
d
w- c:\program files\MSXML 6.0
2010-01-26 19:39 . 2010-01-26 19:39
d
w- c:\documents and settings\Jeni\Application Data\Hewlett-Packard
2010-01-26 19:35 . 2010-01-26 19:39
d
w- c:\temp\FixEngine
2010-01-26 19:30 . 2010-01-26 19:30
d
w- c:\program files\HP
2010-01-26 19:01 . 2010-01-29 19:34 20440 ----a-w- c:\windows\hpoins01.dat
2010-01-26 19:01 . 2003-04-05 12:33 16622
w- c:\windows\hpomdl01.dat
2010-01-26 17:49 . 2010-01-26 17:49
d
w- c:\windows\system32\NtmsData
2010-01-26 17:13 . 2010-01-26 17:13
dc----w- c:\documents and settings\All Users\Application Data\9F
2010-01-26 09:43 . 2010-01-26 09:45
d
w- c:\documents and settings\Jeni\Local Settings\Application Data\ApplicationHistory
2010-01-24 11:37 . 2010-02-01 15:38
d
w- c:\program files\Windows Live Safety Center
2010-01-23 20:45 . 2010-01-23 20:45
d
w- c:\documents and settings\Jeni\Application Data\Windows Desktop Search
2010-01-23 20:44 . 2010-01-24 23:26
d
w- c:\program files\Windows Desktop Search
2010-01-23 20:44 . 2010-01-23 20:44
d
w- c:\windows\system32\GroupPolicy
2010-01-23 20:42 . 2010-01-23 20:42
d
w- c:\program files\Windows Media Connect 2
2010-01-23 20:38 . 2010-01-24 12:31
d
w- c:\windows\system32\LogFiles
2010-01-23 20:38 . 2010-01-23 20:40
d
w- c:\windows\system32\drivers\UMDF
2010-01-23 20:31 . 2010-01-23 20:31
d
w- c:\windows\system32\URTTemp
2010-01-23 20:27 . 2006-11-13 06:02 36352 ----a-w- c:\windows\system32\tsgqec.dll
2010-01-23 20:27 . 2006-11-13 06:02 288768 ----a-w- c:\windows\system32\rhttpaa.dll
2010-01-23 20:27 . 2006-11-13 06:02 116736 ----a-w- c:\windows\system32\aaclient.dll
2010-01-23 13:03 . 2010-01-23 13:03
d
w- c:\documents and settings\Jeni\Local Settings\Application Data\Microsoft Corporation
2010-01-23 13:02 . 2010-01-23 20:06
d
w- c:\program files\Microsoft Windows 7 Upgrade Advisor
2010-01-23 11:22 . 2010-01-23 11:22
d-sh--w- c:\documents and settings\Jeni\IECompatCache
2010-01-23 11:22 . 2010-01-23 11:22
d-sh--w- c:\documents and settings\Jeni\PrivacIE
2010-01-23 11:13 . 2010-01-23 11:13
d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-01-23 11:13 . 2010-01-23 11:13
d-sh--w- c:\documents and settings\Jeni\IETldCache
2010-01-23 11:07 . 2010-02-01 22:45
d
w- c:\windows\ie8updates
2010-01-23 11:05 . 2010-02-01 13:00
dc-h--w- c:\windows\ie8
2010-01-23 10:41 . 2010-01-23 10:41
d
w- c:\documents and settings\LocalService\Local Settings\Application Data\AOL
2010-01-20 21:04 . 2009-11-25 13:02 1230080 -c--a-w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar\IEToolbar.dll
2010-01-18 17:23 . 2010-01-18 17:23
dc----w- c:\documents and settings\All Users\Application Data\AIM
2010-01-18 17:23 . 2010-01-18 17:23
d
w- c:\documents and settings\Jeni\Local Settings\Application Data\AIM
2010-01-18 17:23 . 2010-01-18 17:23
d
w- c:\program files\AIM
2010-01-18 17:23 . 2010-01-18 17:23
d
w- c:\program files\Common Files\Software Update Utility
2010-01-18 16:35 . 2010-01-18 16:35
d
w- c:\documents and settings\Jeni\Application Data\acccore
2010-01-18 16:35 . 2010-01-18 16:35
dc----w- c:\documents and settings\All Users\Application Data\AOL OCP
2010-01-18 16:35 . 2010-01-18 16:35
d
w- c:\documents and settings\Jeni\Local Settings\Application Data\AOL OCP
2010-01-18 16:33 . 2010-01-18 16:33 228912 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\triton_uk\6.1.17.1\migrator.exe
2010-01-18 16:33 . 2010-01-18 16:33 141944 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\triton_uk\6.1.17.1\alsetup.exe
2010-01-18 16:33 . 2010-01-18 16:33 120368 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\triton_uk\6.1.17.1\aoldlmgr.exe
2010-01-18 16:33 . 2010-01-18 16:33 63024 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\triton_uk\6.1.17.1\instSup.dll
2010-01-18 16:33 . 2010-01-18 16:33 35888 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\triton_uk\6.1.17.1\postproc.exe
2010-01-18 16:33 . 2010-01-18 16:33 83504 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\triton_uk\6.1.17.1\ProgUpd.dll
2010-01-18 16:33 . 2010-01-18 16:33 15920 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\triton_uk\6.1.17.1\ocpchk.dll
2010-01-18 16:32 . 2010-01-18 16:33 1273280 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\triton_uk\6.1.17.1\AIMinst.exe
2010-01-18 16:32 . 2010-01-18 16:32 87600 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\triton_uk\6.1.17.1\AOLFirewallMgr.dll
2010-01-18 16:32 . 2010-01-18 16:32 13872 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\triton_uk\6.1.17.1\imappver.dll
2010-01-18 16:32 . 2010-01-18 16:32 169520 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\triton_uk\6.1.17.1\setup.exe
2010-01-18 16:32 . 2010-01-18 16:32 376568 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\triton_uk\6.1.17.1\unagi3.exe
2010-01-18 16:31 . 2010-01-18 16:32 3858056 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\triton_uk\6.1.17.1\Vwpt.exe
2010-01-18 16:30 . 2010-01-18 16:31 481480 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\triton_uk\6.1.17.1\AIMLang.exe
2010-01-18 16:30 . 2010-01-18 16:30 237104 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\triton_uk\6.1.17.1\gui.dll
2010-01-18 16:30 . 2010-01-18 16:30 477520 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\triton_uk\6.1.17.1\aimlang_uk.exe
2010-01-18 16:30 . 2010-01-18 16:30 357776 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\triton_uk\6.1.17.1\tbsetup.exe
2010-01-18 16:28 . 2010-01-18 16:30 5095496 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\triton_uk\6.1.17.1\ocpinst.exe
2010-01-18 16:28 . 2010-01-18 16:28 11824 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\triton_uk\6.1.17.1\tbinst.dll
2010-01-18 15:22 . 2010-01-28 12:21
d
w- c:\documents and settings\Jeni\Application Data\AdobeUM
2010-01-18 15:21 . 2010-01-18 15:21
d
w- c:\program files\Common Files\Adobe
2010-01-18 10:20 . 2010-01-18 10:20
d
w- c:\documents and settings\Jeni\Local Settings\Application Data\AVG Security Toolbar
2010-01-17 23:29 . 2010-01-20 12:36
dc----w- C:\$AVG
2010-01-17 23:28 . 2010-01-17 23:28 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-01-17 23:28 . 2010-01-17 23:28 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-01-17 23:28 . 2010-01-17 23:28 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-01-17 23:28 . 2010-02-12 10:01
d
w- c:\windows\system32\drivers\Avg
2010-01-17 23:28 . 2010-01-25 22:39
dc----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2010-01-17 23:27 . 2010-01-17 23:27 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-01-17 23:27 . 2010-01-17 23:27 25608 ----a-w- c:\windows\system32\drivers\AVGIDSxx.sys
2010-01-17 23:27 . 2010-01-17 23:27 161800 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-01-17 23:27 . 2010-01-17 23:27 50968 ----a-w- c:\windows\system32\avgfwdx.dll
2010-01-17 23:27 . 2010-01-17 23:27 30104 ----a-w- c:\windows\system32\drivers\avgfwdx.sys
2010-01-17 23:27 . 2010-01-17 23:27
d
w- c:\program files\AVG
2010-01-17 23:26 . 2010-01-17 23:27
dc----w- c:\documents and settings\All Users\Application Data\avg9
2010-01-17 20:27 . 2010-01-17 20:27
dc----w- c:\documents and settings\All Users\Application Data\CA
2010-01-17 20:20 . 2010-01-17 20:22
d
w- c:\documents and settings\Jeni\.housecall6.6
2010-01-16 16:50 . 2010-01-16 16:50
d
w- c:\program files\Common Files\Hewlett-Packard
2010-01-16 16:48 . 2010-01-26 19:08
d
w- c:\program files\Hewlett-Packard
2010-01-15 16:46 . 2009-12-21 19:14 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-01-15 16:46 . 2009-12-21 19:14 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-01-15 16:46 . 2009-12-31 15:33 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2010-01-15 16:46 . 2009-12-21 19:14 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-01-15 16:46 . 2009-12-21 19:14 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-01-15 16:46 . 2009-03-08 04:11 445952 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dll
2010-01-15 16:46 . 2009-03-08 04:31 59904 -c--a-w- c:\windows\system32\dllcache\icardie.dll
2010-01-15 16:46 . 2009-02-06 21:07 3698584 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dat
2010-01-15 00:43 . 2010-01-15 00:43
dc----w- C:\SBE
2010-01-14 17:00 . 2010-01-26 17:18
d
w- c:\documents and settings\Jeni\Local Settings\Application Data\iMesh
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-12 11:15 . 2010-01-11 11:34 13104 ----a-w- c:\documents and settings\Jeni\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-31 18:07 . 2010-01-09 18:17 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-26 22:15 . 2010-01-12 18:45
d
w- c:\documents and settings\All Users\Application Data\AOL Downloads
2010-01-25 10:55 . 2010-01-10 18:33
d
w- c:\program files\AOL Toolbar
2010-01-18 17:23 . 2010-01-10 18:33
d
w- c:\program files\Common Files\Nullsoft
2010-01-18 17:23 . 2010-01-10 18:31
dc----w- c:\documents and settings\All Users\Application Data\AOL
2010-01-15 22:32 . 2010-01-12 18:57
d
w- c:\program files\AOL 9.0 VRa
2010-01-14 11:05 . 2010-01-10 18:31
d
w- c:\program files\AOL 9.0
2010-01-14 11:03 . 2010-01-10 18:31
d
w- c:\program files\Common Files\AOL
2010-01-13 18:48 . 2010-01-12 18:47 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-01-12 18:59 . 2010-01-10 18:31
d
w- c:\program files\Common Files\aolshare
2010-01-12 18:56 . 2010-01-12 18:56
d
w- c:\program files\AOL 9.0 VR
2010-01-12 18:53 . 2010-01-12 18:53 685384 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\sysinfo\SinfInst.exe
2010-01-12 18:53 . 2010-01-12 18:53 49152 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\tpspd\DaclDll.dll
2010-01-12 18:53 . 2010-01-12 18:53 584168 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\tpspd\wbsetup.exe
2010-01-12 18:53 . 2010-01-12 18:53 343472 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\afix\afixinst.exe
2010-01-12 18:52 . 2010-01-12 18:52 223152 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\afix\wsfinst.exe
2010-01-12 18:52 . 2010-01-12 18:52 6144 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\tb\tbinst.dll
2010-01-12 18:52 . 2010-01-12 18:52 3858056 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\vwpt\Vwpt.exe
2010-01-12 18:52 . 2010-01-12 18:52 6144 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\afix\ocfcheck.dll
2010-01-12 18:51 . 2010-01-12 18:51 390704 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\afix\WinsockFix.exe
2010-01-12 18:51 . 2010-01-12 18:51
d
w- c:\documents and settings\Jeni\Application Data\Malwarebytes
2010-01-12 18:51 . 2010-01-12 18:51
d
w- c:\program files\Malwarebytes' Anti-Malware
2010-01-12 18:51 . 2010-01-12 18:51
d
w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-12 18:50 . 2010-01-12 18:50 1357512 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\ocp\ocpinst.exe
2010-01-12 18:50 . 2010-01-12 18:50 848944 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\waol-uk-0.4327.48.1.exe
2010-01-12 18:50 . 2010-01-12 18:50 61440 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\vwpt\VPPrePop.exe
2010-01-12 18:50 . 2010-01-12 18:50 142040 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\aolload\alsetup.exe
2010-01-12 18:50 . 2010-01-12 18:50 96976 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\sm\sminstlp.exe
2010-01-12 18:50 . 2010-01-12 18:50 63024 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\ocp\instSup.dll
2010-01-12 18:50 . 2010-01-12 18:50 357768 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\tb\tbsetup.exe
2010-01-12 18:50 . 2010-01-12 18:50 10800 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\afix\wsfixchk.dll
2010-01-12 18:50 . 2010-01-12 18:49 1134216 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\flash\flash9ex.exe
2010-01-12 18:49 . 2010-01-12 18:49 45056 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\sysinfo\SiNdInst.dll
2010-01-12 18:49 . 2010-01-12 18:49 122336 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\afix\afixlang_uk.exe
2010-01-12 18:49 . 2010-01-12 18:49 54832 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\ocp\ocpgc.exe
2010-01-12 18:47 . 2010-01-12 18:47 120016 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\afix\afixlang.exe
2010-01-12 18:46 . 2010-01-12 18:46 174848 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\sm\stmninst.exe
2010-01-12 18:46 . 2010-01-12 18:46 574667 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\muinst\muinst.exe
2010-01-12 18:46 . 2010-01-12 18:46 49152 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\vwpt\AOLVPChk.dll
2010-01-12 18:46 . 2010-01-12 18:46 57344 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\tpspd\tsverchk.dll
2010-01-12 18:46 . 2010-01-12 18:46 15920 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\ocp\ocpchk.dll
2010-01-12 18:46 . 2010-01-12 18:45 15099672 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\waol_uk\0.0.1.2\comps\acs\acssetup.exe
2010-01-11 14:30 . 2010-01-10 18:34
d
w- c:\documents and settings\Jeni\Application Data\AOL
2010-01-11 13:32 . 2010-01-09 19:43
d--h--w- c:\program files\InstallShield Installation Information
2010-01-10 18:33 . 2010-01-10 18:33
d
w- c:\program files\Common Files\aolback
2010-01-10 18:33 . 2010-01-10 18:33
d
w- c:\program files\Learn2.com
2010-01-10 18:33 . 2010-01-10 18:33
d
w- c:\documents and settings\Jeni\Application Data\You've Got Pictures Screensaver
2010-01-10 18:33 . 2010-01-10 18:33
d
w- c:\documents and settings\All Users\Application Data\Viewpoint
2010-01-10 18:33 . 2010-01-10 18:33
d
w- c:\program files\Viewpoint
2010-01-10 18:33 . 2010-01-10 18:33
d
w- c:\program files\QuickTime
2010-01-10 18:33 . 2010-01-10 18:33
d
w- c:\documents and settings\All Users\Application Data\QuickTime
2010-01-10 18:32 . 2010-01-10 18:32 8552 ----a-w- c:\windows\system32\drivers\asctrm.sys
2010-01-10 18:32 . 2010-01-10 18:32
d
w- c:\program files\Common Files\Real
2010-01-10 18:32 . 2010-01-10 18:32
d
w- c:\program files\Real
2010-01-10 18:31 . 2010-01-10 18:31 335 ----a-w- c:\windows\nsreg.dat
2010-01-10 18:26 . 2010-01-10 18:26 15890 ----a-w- c:\windows\system32\drivers\mdc8021x.sys
2010-01-10 18:26 . 2010-01-09 20:09
d
w- c:\program files\NETGEAR
2010-01-09 22:55 . 2010-01-09 22:55
d
w- c:\documents and settings\Jeni\Application Data\Cyberlink
2010-01-09 20:08 . 2010-01-09 19:43
d
w- c:\program files\Common Files\InstallShield
2010-01-09 19:47 . 2010-01-09 19:46
d
w- c:\program files\MUSICMATCH
2010-01-09 19:47 . 2010-01-09 19:47 28276 ----a-w- c:\windows\system32\drivers\MxlW2k.sys
2010-01-09 19:44 . 2010-01-09 19:43
d
w- c:\program files\Home Cinema
2010-01-09 19:44 . 2010-01-09 19:44
d
w- c:\program files\X10 Hardware
2010-01-09 19:44 . 2010-01-09 19:44
d
w- c:\program files\Common Files\X10
2010-01-09 19:43 . 2010-01-09 19:43
d
w- c:\documents and settings\All Users\Application Data\CyberLink
2010-01-09 19:43 . 2010-01-09 19:43
d
w- c:\program files\CyberLink
2010-01-09 19:41 . 2010-01-09 19:41
d
w- c:\program files\C-Media 3D Audio
2010-01-09 18:18 . 2010-01-09 18:18
d
w- c:\program files\microsoft frontpage
2010-01-09 18:14 . 2010-01-09 18:14 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-07 16:07 . 2010-01-12 18:51 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 16:07 . 2010-01-12 18:51 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-05 10:00 . 2004-08-04 12:00 832512 ----a-w- c:\windows\system32\wininet(4).dll
2010-01-05 10:00 . 2004-08-04 12:00 832512 ----a-w- c:\windows\system32\wininet(3).dll
2010-01-05 10:00 . 2004-08-04 12:00 1168384 ----a-w- c:\windows\system32\urlmon(4).dll
2010-01-05 10:00 . 2004-08-04 12:00 1168384 ----a-w- c:\windows\system32\urlmon(3).dll
2009-12-31 16:14 . 2010-01-29 20:34 352640 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:14 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-16 12:58 . 2010-01-09 18:12 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:35 . 2010-01-29 20:34 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-08 18:55 . 2010-01-29 20:34 2180352 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 18:19 . 2010-01-29 20:34 2057728 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 14:41 . 2010-01-29 20:34 453760 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:33 . 2004-08-04 12:00 1291264 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:33 . 2004-08-04 00:56 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:37 . 2004-08-04 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:37 . 2004-08-04 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:37 . 2004-08-04 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:37 . 2004-08-04 00:56 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:37 . 2001-08-17 22:36 8704 ----a-w- c:\windows\system32\tsbyuv.dll
.0 -
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 13:02 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2007-12-07 71008]
"AOL Spyware Protection"="c:\progra~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" [2004-10-18 79448]
"Prism_Utility"="Prismsta.exe" [2004-01-14 215552]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]
"HostManager"="c:\program files\Common Files\AOL\1263321424\ee\AOLSoftware.exe" [2006-09-26 50736]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-13 149280]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
NETGEAR WG111T Smart Wizard.lnk - c:\program files\NETGEAR\WG111T Configuration Utility\wlan111t.exe [2010-1-10 491608]
WG111v2 Smart Wizard Wireless Setting.lnk - c:\program files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe [2010-1-9 745472]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hpoddt01.exe.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\hpoddt01.exe.lnk
backup=c:\windows\pss\hpoddt01.exe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim]
2009-12-01 17:38 3951976 ----a-w- c:\program files\AIM\aim.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG9_TRAY]
2010-01-17 23:27 2033432 ----a-w- c:\progra~1\AVG\AVG9\avgtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]
2003-03-14 17:15 143360 ----a-w- c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-10-13 16:24 1694208 ----a-w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
2004-09-03 17:34 81920
w- c:\program files\Home Cinema\PowerCinema\PCMService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-01-10 18:33 98304 ----a-w- c:\program files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2010-01-10 18:32 26112 ----a-w- c:\program files\Real\RealPlayer\realplay.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\1263321424\\ee\\aolsoftware.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"=
"c:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"=
"c:\\Program Files\\AOL 9.0 VRa\\waol.exe"=
"c:\\Program Files\\iMesh Applications\\iMesh\\iMesh.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [17/01/2010 23:27 25608]
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [17/01/2010 23:27 161800]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [17/01/2010 23:28 333192]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [17/01/2010 23:27 360584]
R2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [17/01/2010 23:27 906520]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [17/01/2010 23:27 285392]
R2 avgfws9;AVG Firewall;c:\program files\AVG\AVG9\avgfws9.exe [17/01/2010 23:27 2304192]
R2 AVGIDSAgent;AVG9IDSAgent;c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [17/01/2010 23:27 5832712]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [09/01/2010 20:09 66048]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [17/01/2010 23:27 30104]
R3 AVGIDSDriverxpx;AVG9IDSDriver;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys [17/01/2010 23:27 122376]
R3 AVGIDSFilterxpx;AVG9IDSFilter;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys [17/01/2010 23:27 30216]
R3 AVGIDSShimxpx;AVG9IDSShim;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys [17/01/2010 23:27 25736]
R3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [10/01/2010 18:26 17149]
R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;c:\windows\system32\drivers\PhTVTune.sys [09/01/2010 19:51 24704]
S3 ATHFMWDL;NETGEAR WG111T Bootloader driver;c:\windows\system32\drivers\Athfmwdl.sys [10/01/2010 18:26 43392]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [17/01/2010 23:27 30104]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - ATWPKT2
*Deregistered* - ATWPKT2
.
Contents of the 'Scheduled Tasks' folder
2010-01-27 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1200 series5E771253C1676EBED677BF361FDFC537825E15B8264593723.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-06 00:52]
2010-02-12 c:\windows\Tasks\User_Feed_Synchronization-{1B936070-650D-48D2-B83A-F967BE2FB5FD}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 04:31]
.
.
Supplementary Scan
.
uSearchURL,(Default) = hxxp://search.aol.co.uk/web?isinit=true&query=%s
IE: &AOL Toolbar search - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTML
FF - ProfilePath - c:\documents and settings\Jeni\Application Data\Mozilla\Firefox\Profiles\n67dte5h.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.com/?src=aim&ncid=snsusaimc00000001
FF - prefs.js: keyword.URL - hxxp://uk.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_uk&p=
FF - plugin: c:\documents and settings\Jeni\Application Data\Mozilla\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(yahoo.homepage.dontask, true.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-Cmaudio - cmicnfg.cpl
Notify-dimsntfy - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-12 11:45
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
DLLs Loaded Under Running Processes
- - - - - - - > 'winlogon.exe'(1332)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(1096)
c:\windows\system32\WININET.dll
c:\program files\Common Files\AOL\ACS\WLHook.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Other Running Processes
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\AOL\ACS\AOLAcsd.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\System32\snmp.exe
c:\windows\system32\RunDll32.exe
c:\windows\system32\Prismsta.exe
c:\windows\system32\SearchIndexer.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
.
**************************************************************************
.
Completion time: 2010-02-12 11:52:03 - machine was rebooted
ComboFix-quarantined-files.txt 2010-02-12 11:51
Pre-Run: 28,673,294,336 bytes free
Post-Run: 28,738,461,696 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
- - End Of File - - A4AABA54FA3EB1F884656A8EDB3EBED90 -
Ill go through this in a bit, but I notice you have the full AVG security suite
1 ~ its bad - when it comes upto renewal id seriously recommend kaspersky over AVG
2 ~ the firewall is AWFUL. It would be a lot safer if you switched it off (Or used on conjunction with if you cant) windows firewall which is far safer
Did you goto device manager?:idea:0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 353.5K Banking & Borrowing
- 254.2K Reduce Debt & Boost Income
- 455.1K Spending & Discounts
- 246.6K Work, Benefits & Business
- 603K Mortgages, Homes & Bills
- 178.1K Life & Family
- 260.6K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards