Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Runtime error when removing malware
Message
<blockquote data-quote="streamlined" data-source="post: 113737" data-attributes="member: 7029"><p>DDS (Ver_2012-11-20.01) - NTFS_x86 </p><p>Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.7.2</p><p>Run by at 20:54:17 on 2013-03-27</p><p>Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.526 [GMT -7:00]</p><p>.</p><p>AV: AVG Anti-Virus Free Edition 2013 *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}</p><p>.</p><p>============== Running Processes ================</p><p>.</p><p>C:\Program Files\Intel\Wireless\Bin\EvtEng.exe</p><p>C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe</p><p>C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe</p><p>C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe</p><p>C:\WINDOWS\Explorer.EXE</p><p>C:\WINDOWS\system32\spoolsv.exe</p><p>C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe</p><p>C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe</p><p>C:\Program Files\AVG\AVG2013\avgwdsvc.exe</p><p>C:\Program Files\Bonjour\mDNSResponder.exe</p><p>C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe</p><p>C:\Program Files\Common Files\Motive\McciCMService.exe</p><p>C:\WINDOWS\system32\nvsvc32.exe</p><p>C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe</p><p>C:\Program Files\Canon\CAL\CALMAIN.exe</p><p>C:\Program Files\Real\RealPlayer\RealPlay.exe</p><p>C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe</p><p>C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe</p><p>C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe</p><p>C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe</p><p>C:\Program Files\Dell\Media Experience\DMXLauncher.exe</p><p>C:\WINDOWS\system32\dla\tfswctrl.exe</p><p>C:\Program Files\Dell\QuickSet\quickset.exe</p><p>C:\WINDOWS\system32\BacsTray.exe</p><p>C:\Program Files\Apoint\Apoint.exe</p><p>C:\WINDOWS\System32\alg.exe</p><p>C:\Program Files\BroadJump\Client Foundation\CFD.exe</p><p>C:\Program Files\Common Files\AOL\ACS\AOLDial.exe</p><p>C:\Program Files\HP\HP Software Update\HPWuSchd2.exe</p><p>C:\Program Files\AVG\AVG2013\avgui.exe</p><p>C:\Program Files\Apoint\Apntex.exe</p><p>C:\Program Files\iPod\bin\iPodService.exe</p><p>C:\WINDOWS\system32\wbem\wmiprvse.exe</p><p>C:\WINDOWS\system32\wuauclt.exe</p><p>C:\Program Files\Mozilla Firefox\firefox.exe</p><p>C:\Program Files\Google\Update\GoogleUpdate.exe</p><p>C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe</p><p>C:\WINDOWS\system32\wbem\wmiprvse.exe</p><p>C:\WINDOWS\system32\svchost.exe -k DcomLaunch</p><p>C:\WINDOWS\system32\svchost.exe -k rpcss</p><p>C:\WINDOWS\System32\svchost.exe -k netsvcs</p><p>C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup</p><p>C:\WINDOWS\system32\svchost.exe -k NetworkService</p><p>C:\WINDOWS\system32\svchost.exe -k LocalService</p><p>C:\WINDOWS\system32\svchost.exe -k LocalService</p><p>C:\WINDOWS\System32\svchost.exe -k HPZ12</p><p>C:\WINDOWS\System32\svchost.exe -k HPZ12</p><p>C:\WINDOWS\system32\svchost.exe -k imgsvc</p><p>.</p><p>============== Pseudo HJT Report ===============</p><p>.</p><p>BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - </p><p>BHO: Shareaza Web Download Hook: {0EEDB912-C5FA-486F-8334-57288578C627} - c:\program files\etomi\plugins\RazaWebHook.dll</p><p>BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - </p><p>BHO: <No Name>: {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - </p><p>BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\tfswshx.dll</p><p>BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll</p><p>BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll</p><p>TB: Easy-WebPrint: {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - c:\program files\canon\easy-webprint\Toolband.dll</p><p>mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r</p><p>mRun: [RealTray] "c:\program files\real\realplayer\RealPlay.exe" SYSTEMBOOTHIDEPLAYER</p><p>mRun: [nwiz] "nwiz.exe" /installquiet</p><p>mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup</p><p>mRun: [Motive SmartBridge] "c:\progra~1\sbcsel~1\smartb~1\MotiveSB.exe"</p><p>mRun: [mmtask] "c:\program files\musicmatch\musicmatch jukebox\mmtask.exe"</p><p>mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless</p><p>mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"</p><p>mRun: [DMXLauncher] "c:\program files\dell\media experience\DMXLauncher.exe"</p><p>mRun: [dla] "c:\windows\system32\dla\tfswctrl.exe"</p><p>mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe</p><p>mRun: [bacstray] "BacsTray.exe"</p><p>mRun: [Apoint] "c:\program files\apoint\Apoint.exe"</p><p>mRun: [BJCFD] "c:\program files\broadjump\client foundation\CFD.exe"</p><p>mRun: [AOLDialer] "c:\program files\common files\aol\acs\AOLDial.exe"</p><p>mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"</p><p>mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime</p><p>mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"</p><p>mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"</p><p>mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"</p><p>mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY</p><p>uPolicies-Explorer: NoDriveTypeAutoRun = dword:323</p><p>uPolicies-Explorer: NoDriveAutoRun = dword:67108863</p><p>uPolicies-Explorer: NoDrives = dword:0</p><p>mPolicies-Explorer: NoDriveTypeAutoRun = dword:323</p><p>mPolicies-Explorer: NoDriveAutoRun = dword:67108863</p><p>mPolicies-Explorer: NoDrives = dword:0</p><p>mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1</p><p>mPolicies-Explorer: NoDriveTypeAutoRun = dword:323</p><p>mPolicies-Explorer: NoDriveAutoRun = dword:67108863</p><p>IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-00107-0002-0007-ABCDEFFEDCBC} - <orphaned></p><p>IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE}</p><p>IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe</p><p>IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe</p><p>DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab</p><p>DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} - hxxp://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab</p><p>DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} - hxxp://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab</p><p>DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} - hxxp://www.digitalwebbooks.com/reader/dbplugin.cab</p><p>DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab</p><p>DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - hxxp://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab</p><p>DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll</p><p>DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-36.cab</p><p>DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab</p><p>DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194630862701</p><p>DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab</p><p>DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab</p><p>DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab</p><p>DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} - hxxps://pattcw.att.motive.com/wizlet/DSLActivation/static/installer/ATTInternetInstaller.cab</p><p>TCP: NameServer = 192.168.1.254</p><p>TCP: Interfaces\{131DB1F6-5184-4D54-B400-3B7762D6B9CA} : DHCPNameServer = 192.168.1.254</p><p>Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - </p><p>Notify: IntelWireless - c:\program files\intel\wireless\bin\LgNotify.dll</p><p>SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll</p><p>.</p><p>================= FIREFOX ===================</p><p>.</p><p>FF - ProfilePath - c:\documents and settings\g man\application data\mozilla\firefox\profiles\gdf3hr6x.default\</p><p>FF - plugin: c:\program files\common files\motive\npMotive.dll</p><p>FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll</p><p>FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll</p><p>FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll</p><p>FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll</p><p>FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll</p><p>FF - plugin: c:\windows\system32\npDeployJava1.dll</p><p>FF - plugin: c:\windows\system32\npptools.dll</p><p>.</p><p>============= SERVICES / DRIVERS ===============</p><p>.</p><p>R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 55776]</p><p>R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]</p><p>R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 94048]</p><p>R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 35552]</p><p>R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 179936]</p><p>R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 19936]</p><p>R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 159712]</p><p>R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 164832]</p><p>R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]</p><p>S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-16 5814904]</p><p>S2 RPakIO;RPakIO; [x]</p><p>S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-3-27 40776]</p><p>S3 ZD1211BU(Hawking);Hawking Hi-Gain Wireless-G USB Dish Adapter(Hawking);c:\windows\system32\drivers\ZD1211BU.sys [2008-2-6 402432]</p><p>.</p><p>=============== Created Last 30 ================</p><p>.</p><p>2013-03-28 01:01:35 -------- d-sha-r- C:\cmdcons</p><p>2013-03-28 00:58:53 98816 ----a-w- c:\windows\sed.exe</p><p>2013-03-28 00:58:53 256000 ----a-w- c:\windows\PEV.exe</p><p>2013-03-28 00:58:53 208896 ----a-w- c:\windows\MBR.exe</p><p>2013-03-28 00:37:11 -------- d-----w- C:\TDSSKiller_Quarantine</p><p>2013-03-27 20:29:21 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys</p><p>2013-03-27 20:29:20 -------- d-----w- c:\documents and settings\g man\application data\Malwarebytes</p><p>2013-03-27 20:28:27 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes</p><p>2013-03-27 20:28:25 21104 ----a-w- c:\windows\system32\drivers\mbam.sys</p><p>2013-03-27 20:28:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware</p><p>2013-03-21 19:04:36 12928 ------w- c:\windows\system32\dllcache\usb8023x.sys</p><p>2013-03-21 19:04:36 12928 ------w- c:\windows\system32\dllcache\usb8023.sys</p><p>.</p><p>==================== Find3M ====================</p><p>.</p><p>2013-03-14 01:51:18 73432 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl</p><p>2013-03-14 01:51:18 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe</p><p>2013-02-12 00:32:23 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys</p><p>2013-02-12 00:32:23 12928 ------w- c:\windows\system32\drivers\usb8023x.sys</p><p>2013-02-05 20:05:47 916480 ----a-w- c:\windows\system32\wininet.dll</p><p>2013-02-05 20:05:46 43520 ----a-w- c:\windows\system32\licmgr10.dll</p><p>2013-02-05 20:05:46 1469440 ----a-w- c:\windows\system32\inetcpl.cpl</p><p>2013-02-05 05:53:57 385024 ----a-w- c:\windows\system32\html.iec</p><p>2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll</p><p>2013-01-07 01:16:02 2193024 ----a-w- c:\windows\system32\ntoskrnl.exe</p><p>2013-01-07 00:36:58 2069760 ----a-w- c:\windows\system32\ntkrnlpa.exe</p><p>2013-01-04 01:20:00 1867264 ----a-w- c:\windows\system32\win32k.sys</p><p>2013-01-02 06:49:10 148992 ----a-w- c:\windows\system32\mpg2splt.ax</p><p>2013-01-02 06:49:10 1292288 ----a-w- c:\windows\system32\quartz.dll</p><p>.</p><p>============= FINISH: 20:55:45.92 ===============</p><p></p><p></p><p>Better?</p></blockquote><p></p>
[QUOTE="streamlined, post: 113737, member: 7029"] DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.7.2 Run by at 20:54:17 on 2013-03-27 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.526 [GMT -7:00] . AV: AVG Anti-Virus Free Edition 2013 *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ============== Running Processes ================ . C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG2013\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\WINDOWS\system32\BacsTray.exe C:\Program Files\Apoint\Apoint.exe C:\WINDOWS\System32\alg.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\Program Files\Common Files\AOL\ACS\AOLDial.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - BHO: Shareaza Web Download Hook: {0EEDB912-C5FA-486F-8334-57288578C627} - c:\program files\etomi\plugins\RazaWebHook.dll BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - BHO: <No Name>: {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\tfswshx.dll BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: Easy-WebPrint: {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - c:\program files\canon\easy-webprint\Toolband.dll mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r mRun: [RealTray] "c:\program files\real\realplayer\RealPlay.exe" SYSTEMBOOTHIDEPLAYER mRun: [nwiz] "nwiz.exe" /installquiet mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup mRun: [Motive SmartBridge] "c:\progra~1\sbcsel~1\smartb~1\MotiveSB.exe" mRun: [mmtask] "c:\program files\musicmatch\musicmatch jukebox\mmtask.exe" mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe" mRun: [DMXLauncher] "c:\program files\dell\media experience\DMXLauncher.exe" mRun: [dla] "c:\windows\system32\dla\tfswctrl.exe" mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe mRun: [bacstray] "BacsTray.exe" mRun: [Apoint] "c:\program files\apoint\Apoint.exe" mRun: [BJCFD] "c:\program files\broadjump\client foundation\CFD.exe" mRun: [AOLDialer] "c:\program files\common files\aol\acs\AOLDial.exe" mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe" mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY uPolicies-Explorer: NoDriveTypeAutoRun = dword:323 uPolicies-Explorer: NoDriveAutoRun = dword:67108863 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDriveTypeAutoRun = dword:323 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 mPolicies-Explorer: NoDrives = dword:0 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:323 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-00107-0002-0007-ABCDEFFEDCBC} - <orphaned> IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} - hxxp://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} - hxxp://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} - hxxp://www.digitalwebbooks.com/reader/dbplugin.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - hxxp://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-36.cab DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194630862701 DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} - hxxps://pattcw.att.motive.com/wizlet/DSLActivation/static/installer/ATTInternetInstaller.cab TCP: NameServer = 192.168.1.254 TCP: Interfaces\{131DB1F6-5184-4D54-B400-3B7762D6B9CA} : DHCPNameServer = 192.168.1.254 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Notify: IntelWireless - c:\program files\intel\wireless\bin\LgNotify.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\g man\application data\mozilla\firefox\profiles\gdf3hr6x.default\ FF - plugin: c:\program files\common files\motive\npMotive.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npptools.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 55776] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 94048] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 35552] R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 179936] R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 19936] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 159712] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 164832] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-16 5814904] S2 RPakIO;RPakIO; [x] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-3-27 40776] S3 ZD1211BU(Hawking);Hawking Hi-Gain Wireless-G USB Dish Adapter(Hawking);c:\windows\system32\drivers\ZD1211BU.sys [2008-2-6 402432] . =============== Created Last 30 ================ . 2013-03-28 01:01:35 -------- d-sha-r- C:\cmdcons 2013-03-28 00:58:53 98816 ----a-w- c:\windows\sed.exe 2013-03-28 00:58:53 256000 ----a-w- c:\windows\PEV.exe 2013-03-28 00:58:53 208896 ----a-w- c:\windows\MBR.exe 2013-03-28 00:37:11 -------- d-----w- C:\TDSSKiller_Quarantine 2013-03-27 20:29:21 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2013-03-27 20:29:20 -------- d-----w- c:\documents and settings\g man\application data\Malwarebytes 2013-03-27 20:28:27 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2013-03-27 20:28:25 21104 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-03-27 20:28:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-03-21 19:04:36 12928 ------w- c:\windows\system32\dllcache\usb8023x.sys 2013-03-21 19:04:36 12928 ------w- c:\windows\system32\dllcache\usb8023.sys . ==================== Find3M ==================== . 2013-03-14 01:51:18 73432 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-03-14 01:51:18 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-02-12 00:32:23 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys 2013-02-12 00:32:23 12928 ------w- c:\windows\system32\drivers\usb8023x.sys 2013-02-05 20:05:47 916480 ----a-w- c:\windows\system32\wininet.dll 2013-02-05 20:05:46 43520 ----a-w- c:\windows\system32\licmgr10.dll 2013-02-05 20:05:46 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2013-02-05 05:53:57 385024 ----a-w- c:\windows\system32\html.iec 2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll 2013-01-07 01:16:02 2193024 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-01-07 00:36:58 2069760 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-01-04 01:20:00 1867264 ----a-w- c:\windows\system32\win32k.sys 2013-01-02 06:49:10 148992 ----a-w- c:\windows\system32\mpg2splt.ax 2013-01-02 06:49:10 1292288 ----a-w- c:\windows\system32\quartz.dll . ============= FINISH: 20:55:45.92 =============== Better? [/QUOTE]
Insert quotes…
Verification
Post reply
Top