CJR74

18 Posts

December 7th, 2009 22:00

Malware causing computer to lock up

The infected computer is locking up as well as having antiviral advertising pop ups, to the extent that I am having to use another computer for Forum Posts.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:26:52 PM, on 12/7/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\All Users\Application Data\Wyeke\wyeke127.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\SYSTEM32\userinit.exe
C:\WINDOWS\SYSTEM32\PRISMSVR.EXE
C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Wyeke\wyeke.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
C:\PROGRA~1\MYWEBS~1\bar\3.bin\m3SrchMn.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\DOCUME~1\Carlton\LOCALS~1\Temp\richtx64.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe
C:\Program Files\Dell Wireless\PRISMCFG.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\DOCUME~1\Carlton\LOCALS~1\Temp\wscsvc32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=2070723
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL
R3 - URLSearchHook: NetAssistantBHO Class - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\My.Freeze.com Toolbar\NetAssistant.dll
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: TBSB00781 - {B5DB3E09-CA5B-4419-A3F3-B559708244C9} - C:\Program Files\Profile Pimp\tbcore3.dll
O2 - BHO: NetAssistantBHO - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\My.Freeze.com Toolbar\NetAssistant.dll
O2 - BHO: XBTBPos00 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\My.Freeze.com Toolbar\freeze_control2_phase1_new.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: My.Freeze.com Toolbar - {D0523BB4-21E7-11DD-9AB7-415B56D89593} - C:\Program Files\My.Freeze.com Toolbar\freeze_control2_phase1_new.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\3.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKCU\..\Run: [richtx64.exe] C:\DOCUME~1\Carlton\LOCALS~1\Temp\richtx64.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Desktop Manager.lnk = C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: LaunchU3.exe.lnk = ?
O4 - Global Startup: Wireless USB 2.0 WLAN Card Utility.lnk = ?
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=GRxdm020VPUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: vzTCPConfig - https://www.verizon.net/WhatsNext/CheckMyPc/vzTCPConfig.CAB
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyfios.verizon.net/sdcCommon/download/FIOS/tgctlcm.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/WebfettiInitialSetup1.0.1.1.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://static.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/jinstall-6u7-windows-i586-jc.cab?e=1221704517145&h=1fda7bac32ce5a5e4ba90074b4bf05d1/&filename=jinstall-6u7-windows-i586-jc.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (file missing)
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwssvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
O23 - Service: ThreatFire - PC Tools - C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
O23 - Service: Wyeke Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Wyeke\wyeke127.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
O24 - Desktop Component 0: Privacy Protection - (no file)

--
End of file - 15642 bytes

Responses(39)
Solutions(0)

Bugbatter

4 Apprentice

•

20.5K Posts

January 12th, 2010 18:00

I know what steps I took to, finally, clean my computer---you don't. I've noticed that, after 2 pages of "posts", the infection still exists. I haven't visited or posted on the forum for a few months. It was always my understanding that individuals posted their computer problems or questions on this forum seeking help in resolving them

We do appreciate your trying to help, however, this is the only Dell forum that operates slightly differently. Please refer to this announcement: Please Read This Before Posting For Malware Removal Help

Note that we treat issues in the Malware Removal forum with the utmost care since one incorrect or misleading instruction could result in a great deal of pain and stress for the person with the problem. It is preferred, for the safety of the users that only trained volunteers handle these issues. Because each system is different, and because of different variants of what may seem like the same malware, often times members who think they may be helping, may in fact be harming. What works for one system does not necessarily work for another. If you desire to help, please contact me by Private Message at SpywareHammer about training to become a trained volunteer here and at similar security forums. We can always use more help.

CJR74

18 Posts

January 12th, 2010 19:00

Thanks Dell Forum for assisting me with my computer issues as well as handling any miscommunication.

Bamajim, appeciate your help, what is the next step. Do I need to repost my hijack this log?

bamajim

10.4K Posts

January 13th, 2010 13:00

CJR74

I'd like to do one more check

Please perform a BitDefender Online Virus and Malware Scan here:

* Click Start Scanner.
* Click I Agree… and Start Here.
* An ActiveX warning box will appear; click Install.
* Options displayed are Folders to Scan and Cleaning Options; click Folders to Scan (in most cases it will be C:\).
* Select folders to be scanned by clicking check boxes; click OK.
* Click Start Scan.
* After the scan has completed, click Click here to export the scan report.
* Save the report to your Desktop.
* In your next reply, please include the BitDefender log.

CJR74

18 Posts

January 14th, 2010 14:00

Bamajim,

I have tried Bit Defender several times earlier and again today and for some reason it will not perform the scan.

bamajim

10.4K Posts

January 18th, 2010 16:00

CJR74

Let's try a different online scanner

Run an online virus scan called Kaspersky from HERE.

[1.] At the main page. Press on " Accept". After reading the contents.
[2.] At the next window Select Update. Allow the Database to update.
Note: If prompted to run or update your Java, then follow the prompts to do so. Kaspersky requires Java to run.
[3.] Once the Database has finished, under the Scan icon Select My Computer to start the scan. The scan may take a few minutes to complete.
[4.] Select Scan Report.
[5.] If any threats were found they will appear in the report
[6.] Select "Save error report as" Then in the file name just type in kaspersky Under "save as type" select text .txt
[7.] Save it to your Desktop.

Copy and post the results of the Kaspersky Online scan. If no threats were found then report that as well

CJR74

18 Posts

February 1st, 2010 21:00

I am unable to run Kaspersky. I attempted 2 weeks ago and again just now. The website comes up but I am unable to choose accept to run the program, even with my Spyware Doctor deactivated. Also when the website is open I am unable to close the window without rebooting the computer.

bamajim

10.4K Posts

February 4th, 2010 12:00

CJR74

It may be some of your on-board protection interfering with the online scans like Spyware Doctor, etc.

Rerun FileLister and lets see what's there.

CJR74

18 Posts

February 6th, 2010 06:00

++++++++++++++++++++++++++++++++++
+ File Lister Version 1.1.2 +
+ +
+ By bamajim / SpywareHammer.com +
++++++++++++++++++++++++++++++++++

Report ran on --->>> 2/6/2010 8:26:14 AM

====== Running Processes ======

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PRISMSVR.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe
C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Dell Wireless\PRISMCFG.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\Spyware Doctor\upgrade.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\System32\WScript.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\internet explorer\iexplore.exe

====== BHO's ======
BHO: (NO NAME) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll

BHO: (NO NAME) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

BHO: (NO NAME) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

BHO: (NO NAME) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: (NO NAME) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

BHO: (NO NAME) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll

====== HKLM\~\Run Keys ======

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

[NvCplDaemon] = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
[SigmatelSysTrayApp] = stsystra.exe
[IAAnotif] = C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
[DMXLauncher] = C:\Program Files\Dell\Media Experience\DMXLauncher.exe
[DLA] = C:\WINDOWS\System32\DLA\DLACTRLW.EXE
[ISUSPM Startup] = C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
[ISUSScheduler] = "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
[Google Desktop Search] = "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
[HP Software Update] = C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
[ISTray] = "C:\Program Files\Spyware Doctor\pctsTray.exe"
[hpqSRMon] = C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
[TkBellExe] = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
[SunJavaUpdateSched] = "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
[AppleSyncNotifier] = C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
[QuickTime Task] = "C:\Program Files\QuickTime\qttask.exe" -atboottime
[iTunesHelper] = "C:\Program Files\iTunes\iTunesHelper.exe"

====== HKCU\~\Run Keys ======

[swg] = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
[ISUSPM] = "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
[ctfmon.exe] = C:\WINDOWS\system32\ctfmon.exe

====== DNS Info (List may be empty) ======

HKEY_LOCAL_MACHINE\CCS\~\{73C46A3A-0A2F-471F-B8C1-30E5ACB75D04}\ NameServer=
HKEY_LOCAL_MACHINE\CCS\~\{76194BC0-8E97-488D-969D-65BF95769063}\ NameServer=

HKEY_LOCAL_MACHINE\CS001\~\{73C46A3A-0A2F-471F-B8C1-30E5ACB75D04}\ NameServer=

HKEY_LOCAL_MACHINE\CS001\~\{76194BC0-8E97-488D-969D-65BF95769063}\ NameServer=

HKEY_LOCAL_MACHINE\CS003\~\{73C46A3A-0A2F-471F-B8C1-30E5ACB75D04}\ NameServer=

HKEY_LOCAL_MACHINE\CS003\~\{76194BC0-8E97-488D-969D-65BF95769063}\ NameServer=

====== Folders and Files from "%\" and "%\Windows" Created Last 60 Days ======

12/10/2009 12:16:05 PM    4230025    C:\Avenger
1/17/2010 10:07:23 AM    136272897    C:\RECYCLER
1/17/2010 10:07:23 AM    136272897    C:\RECYCLER\S-1-5-21-3765974026-242047148-4131525191-1009
1/8/2010 1:48:04 PM    1320    32    C:\avenger.txt
1/8/2010 1:32:34 PM    12055680    32    C:\BdUninstallTool2010.01.08-01.32.33.log
1/12/2010 12:14:01 PM    13494    32    C:\ComboFix.txt
12/18/2009 11:57:59 PM    0    32    C:\Files.txt
1/13/2010 3:01:56 AM    2272675    C:\WINDOWS\$NtUninstallKB955759$
1/13/2010 3:01:56 AM    629213    C:\WINDOWS\$NtUninstallKB955759$\spuninst
12/14/2009 12:28:13 PM    996568    C:\WINDOWS\$NtUninstallKB970430$
12/14/2009 12:28:13 PM    633432    C:\WINDOWS\$NtUninstallKB970430$\spuninst
12/14/2009 12:26:56 PM    982217    C:\WINDOWS\$NtUninstallKB971737$
12/14/2009 12:26:56 PM    630985    C:\WINDOWS\$NtUninstallKB971737$\spuninst
1/13/2010 3:01:48 AM    831136    C:\WINDOWS\$NtUninstallKB972270$
1/13/2010 3:01:48 AM    628896    C:\WINDOWS\$NtUninstallKB972270$\spuninst
12/14/2009 12:27:24 PM    2102283    C:\WINDOWS\$NtUninstallKB973904$
12/14/2009 12:27:24 PM    633078    C:\WINDOWS\$NtUninstallKB973904$\spuninst
12/14/2009 12:28:08 PM    813741    C:\WINDOWS\$NtUninstallKB974318$
12/14/2009 12:28:08 PM    631981    C:\WINDOWS\$NtUninstallKB974318$\spuninst
12/14/2009 12:27:02 PM    897710    C:\WINDOWS\$NtUninstallKB974392$
12/14/2009 12:27:02 PM    630958    C:\WINDOWS\$NtUninstallKB974392$\spuninst
12/27/2009 11:34:54 PM    66496605    C:\WINDOWS\BDOSCAN8
12/27/2009 11:35:09 PM    64594667    C:\WINDOWS\BDOSCAN8\Plugins
12/22/2009 8:49:51 AM    814    C:\WINDOWS\pss
1/12/2010 12:14:05 PM    547068    C:\WINDOWS\temp
12/18/2009 11:59:17 PM    3185    32    C:\WINDOWS\Hidden.txt
1/13/2010 3:01:53 AM    9636    32    C:\WINDOWS\KB955759.log
12/10/2009 8:47:53 AM    21724    32    C:\WINDOWS\KB970430.log
12/10/2009 8:47:20 AM    14010    32    C:\WINDOWS\KB971737.log
1/13/2010 3:01:35 AM    8041    32    C:\WINDOWS\KB972270.log
12/14/2009 12:27:23 PM    8683    32    C:\WINDOWS\KB973904.log
12/10/2009 8:47:51 AM    19080    32    C:\WINDOWS\KB974318.log
12/10/2009 8:47:28 AM    14141    32    C:\WINDOWS\KB974392.log
12/14/2009 12:27:53 PM    14508    32    C:\WINDOWS\KB976325-IE8.log
1/22/2010 3:00:18 AM    13681    32    C:\WINDOWS\KB978207-IE8.log
1/12/2010 11:51:04 AM    77312    32    C:\WINDOWS\MBR.exe
1/12/2010 11:51:04 AM    261632    32    C:\WINDOWS\PEV.exe
12/26/2009 11:48:58 AM    81984    32    C:\WINDOWS\system32\bdod.bin
1/12/2010 4:29:20 PM    142    32    C:\WINDOWS\system32\pctlsp.log

====== "\Administrator\Startup" Last 60 Days======

====== "\All Users\Startup" Last 60 Days======

====== "\Program Files" Last 60 Days======

1/17/2010 3:59:13 PM    1582699    C:\Program Files\iPod
1/17/2010 3:59:07 PM    112681025    C:\Program Files\iTunes
1/17/2010 3:57:07 PM    80085723    C:\Program Files\QuickTime

======"Drivers" Modified Last 60 Days======

====== Files Deleted under "%Temp%" ======

87 Files deleted

======"All Users\Application Data" Last 60 Days======

1/17/2010 3:59:07 PM    543771    C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
1/17/2010 3:59:45 PM    543771    C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}\x86
1/17/2010 3:59:45 PM    133968    C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}\x86\x86

====== HKLM\~\ShellServiceObjectDelayLoad======

PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll

CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %Systemroot%\system32\webcheck.dll

SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll

UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll

====== HKLM\~\SharedTaskScheduler======

Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - %SystemRoot%\system32\browseui.dll

Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll

======HKLM\~\msconfig\startupreg======

HKLM\Software\microsoft\shared tools\msconfig\startupreg\

====== Services ( Services that are Whitelisted are not shown) ======

BVRPMPR5 (BVRPMPR5 NDIS Protocol Driver)- \??\C:\WINDOWS\system32\drivers\BVRPMPR5.SYS - Manual/Stopped
CSS DVP (CSS DVP)- C:\WINDOWS\system32\DRIVERS\css-dvp.sys - Auto/Running
DELL_A02 (Dell TrueMobile 1300 USB2.0 WLAN Card Driver)- C:\WINDOWS\system32\DRIVERS\PRISMA02.sys - Manual/Stopped
DLABOIOM (DLABOIOM)- C:\WINDOWS\system32\DLA\DLABOIOM.SYS - Auto/Running
DLACDBHM (DLACDBHM)- C:\WINDOWS\system32\Drivers\DLACDBHM.SYS - System/Running
DLADResN (DLADResN)- C:\WINDOWS\system32\DLA\DLADResN.SYS - Auto/Running
DLAIFS_M (DLAIFS_M)- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS - Auto/Running
DLAOPIOM (DLAOPIOM)- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS - Auto/Running
DLAPoolM (DLAPoolM)- C:\WINDOWS\system32\DLA\DLAPoolM.SYS - Auto/Running
DLARTL_N (DLARTL_N)- C:\WINDOWS\system32\Drivers\DLARTL_N.SYS - System/Running
DLAUDFAM (DLAUDFAM)- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS - Auto/Running
DLAUDF_M (DLAUDF_M)- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS - Auto/Running
DRVMCDB (DRVMCDB)- C:\WINDOWS\system32\Drivers\DRVMCDB.SYS - Boot/Running
DRVNDDM (DRVNDDM)- C:\WINDOWS\system32\Drivers\DRVNDDM.SYS - Auto/Running
DSproct (DSproct)- \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys - Manual/Stopped
dsunidrv (DellSupport UniDriver)- C:\WINDOWS\system32\DRIVERS\dsunidrv.sys - Auto/Running
E100B (Intel(R) PRO Adapter Driver)- C:\WINDOWS\system32\DRIVERS\e100b325.sys - Manual/Stopped
e1express (Intel(R) PRO/1000 PCI Express Network Connection Driver)- C:\WINDOWS\system32\DRIVERS\e1e5132.sys - Manual/Running
iaStor (Intel RAID Controller)- C:\WINDOWS\system32\drivers\iaStor.sys - Boot/Running
PalmUSBD (PalmUSBD)- C:\WINDOWS\system32\drivers\PalmUSBD.sys - Manual/Stopped
PCTCore (PCTools KDS)- C:\WINDOWS\system32\drivers\PCTCore.sys - Boot/Running
pctgntdi (pctgntdi)- \??\C:\WINDOWS\system32\drivers\pctgntdi.sys - System/Running
pctplsg (pctplsg)- \??\C:\WINDOWS\system32\drivers\pctplsg.sys - Manual/Running
RimUsb (BlackBerry Smartphone)- C:\WINDOWS\system32\Drivers\RimUsb.sys - Manual/Stopped
RimVSerPort (RIM Virtual Serial Port v2)- C:\WINDOWS\system32\DRIVERS\RimSerial.sys - Manual/Stopped
STHDA (SigmaTel High Definition Audio CODEC)- C:\WINDOWS\system32\drivers\sthda.sys - Manual/Running
TfFsMon (TfFsMon)- C:\WINDOWS\system32\drivers\TfFsMon.sys - Boot/Running
TfNetMon (TfNetMon)- \??\C:\WINDOWS\system32\drivers\TfNetMon.sys - Manual/Running
TfSysMon (TfSysMon)- C:\WINDOWS\system32\drivers\TfSysMon.sys - Boot/Running
USBAAPL (Apple Mobile USB Driver)- C:\WINDOWS\system32\Drivers\usbaapl.sys - Manual/Stopped

====== Uninstall List ======

Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 ActiveX
Business Contact Manager for Outlook 2007 SP2
CCleaner (remove only)
Conexant D850 56K V.9x DFVc Modem
Collin County Community College District E-Schedule with MultiV
Collin County Community College District E-Schedule with MultiV
Collin County Community College District E-Schedule with MultiV
Collin County Community College District E-Schedule with MultiV
DVDFab Decrypter 2.9.7.7
DVDFab HD Decrypter 3.1.5.0
DVDFab HD Decrypter 3.1.5.0
Google Desktop
Hide and Secret
HijackThis 2.0.2
HP Imaging Device Functions 10.0
HP Photosmart Essential 2.5
HP Smart Web Printing
HP Solution Center 10.0
HP Customer Participation Program 10.0
OCR Software by I.R.I.S. 10.0
Microsoft Internationalized Domain Names Mitigation APIs
Windows Internet Explorer 8
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Update for Windows XP (KB925720)
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Hotfix for Windows Internet Explorer 7 (KB947864)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows XP (KB952004)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Media Player (KB954155)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Hotfix for Windows XP (KB961118)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Update for Windows XP (KB967715)
Update for Windows Internet Explorer 8 (KB968220)
Update for Windows XP (KB968389)
Security Update for Windows XP (KB968537)
Security Update for Windows Media Player (KB968816)
Security Update for Windows XP (KB969059)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Hotfix for Windows XP (KB970653-v3)
GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Update for Windows XP (KB971737)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows Media Player (KB973540)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Hotfix for Windows XP (KB976098-v2)
Security Update for Windows Internet Explorer 8 (KB976325)
Update for Windows Internet Explorer 8 (KB976749)
Security Update for Windows Internet Explorer 8 (KB978207)
Microsoft .NET Framework 1.1 Security Update (KB953297)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft SQL Server 2005
MSN
MySpaceIM
Neonatal Resuscitation DVD-ROM
Microsoft National Language Support Downlevel APIs
NVIDIA Drivers
NVIDIA Drivers
NVIDIA Drivers
RealPlayer
Verizon PC Security Checkup
Shop for HP Supplies
Microsoft Office Small Business 2007
Spyware Doctor 6.0
Profile Pimp
Verizon FiOS Activation
Windows Imaging Component
Windows Media Format Runtime
Windows Media Player 10
Yahoo! Toolbar
Yahoo! Software Update
Yahoo! Software Update
Yahoo! Install Manager
Bonjour
Roxio RecordNow Data
OpenOffice.org Installer 1.0
Microsoft Plus! Photo Story 2 LE
Security Update for CAPICOM (KB931906)
QualxServ Service Agreement
HP Update
Roxio DLA
SA23xx Device Manager
QuickTime
Google Toolbar for Internet Explorer
Roxio MyDVD LE
Google Toolbar for Internet Explorer
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Sonic Update Manager
Java(TM) 6 Update 7
Windows Media Player 10
MobileMe Control Panel
URL Assistant
NetWaiting
Apple Application Support
Apple Application Support
Dell CinePlayer
Microsoft Office 2007 Primary Interop Assemblies
Sony ACID XMC 6.0b
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
MSXML 6 Service Pack 2 (KB973686)
Dell Driver Reset Tool
Sonic Activation Module
Apple Software Update
Microsoft Plus! Digital Media Edition Installer
HP Officejet J6400 Series
DellSupport
MSXML 4.0 SP2 (KB954430)
Microsoft Office Excel MUI (English) 2007
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Outlook MUI (English) 2007
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Word MUI (English) 2007
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Proof (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proof (French) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office 2007 Service Pack 2 (SP2)
Intel(R) Matrix Storage Manager
Microsoft Office 2003 Web Components
Microsoft Office Small Business 2007
Microsoft Office 2007 Service Pack 2 (SP2)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office system 2007 (972581)
Update for Microsoft Office InfoPath 2007 (KB976416)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office Excel 2007 (KB973593)
Update for 2007 Microsoft Office System (KB967642)
Update for Outlook 2007 Junk Email Filter (kb977839)
Security Update for Microsoft Office Word 2007 (KB969604)
Security Update for 2007 Microsoft Office System (KB973704)
Security Update for Microsoft Office system 2007 (KB974234)
Microsoft .NET Framework 3.0 Service Pack 2
USB 2.0 Wireless LAN Card Utility
iTunes
Microsoft Office Small Business Connectivity Components
Apple Mobile Device Support
Roxio RecordNow Audio
Adobe Reader 7.1.0
Roxio RecordNow Copy
Business Contact Manager for Outlook 2007 SP2
Dell Support Center
Netflix Movie Viewer
Microsoft SQL Server Native Client
MSXML 4.0 SP2 (KB936181)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 1.1
Microsoft .NET Framework 3.5 SP1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
getPlus(R) for Adobe
Safari
U3Launcher
MPR - PC Edition
Digital Line Detect
Palm Desktop
32 Bit HP CIO Components Installer
Epocrates Essentials
MSXML 4.0 SP2 (KB973688)

======== Other Info ========

TOTAL PHYSICAL RAM: 2145 MB

Boot Info

[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

OS Type: Microsoft Windows XP Home Edition
Build: 5.1.2600
Service Pack: 2.0

====== Files with Hidden Attributes======
C:\IO.SYS
C:\MSDOS.SYS
C:\pagefile.sys
C:\NTDETECT.COM
C:\Documents and Settings\Administrator\NTUSER.DAT
C:\Documents and Settings\Administrator\Cookies\index.dat
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
C:\Documents and Settings\All Users\Application Data\Sonic\sarlicense.dat
C:\Documents and Settings\All Users\Application Data\Sonic\sarlicense9.dat

==End of Report==

bamajim

10.4K Posts

February 8th, 2010 13:00

CJR74

Since we still have Avenger

1. Rerun Avenger

2. Copy all the text contained in the bold below to your Clipboard by highlighting it and pressing (Ctrl+C):

Files to delete:
C:\WINDOWS\system32\bdod.bin

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, start The Avenger program by clicking on its icon on your desktop.

Select Load Script
Select Paste from Clipboard
The information should now appear in the Open window
Select Execute
Answer Yes When prompted "Are you sure you want to execute the current script?"

4. The Avenger will automatically do the following:

It will Restart your computer.
On reboot, it will briefly open a black command window on your desktop, this is normal.
After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.

5. Please copy/paste the content of c:\avenger.txt into your reply

NEXT

Since You have MBAM installed as well

Open MBAM
Click the Update Tab
Follow the prompts
When it is done updating, Select Perform quick scan ->> Then Scan
Allow it to fix what it finds then post the log it produces inyour reply as well

View All

0 events found

No Events found!

Virus & Spyware

Malware causing computer to lock up

Was this post helpful?