When I run Malware Byte's anti malware I receive the error "Run-time error 5, invalid proceedure call or argument"
When I run Malware Byte's anti malware I receive the error "Run-time error 5, invalid proceedure call or argument"
Limewire is gone, our son seemed to have installed that without permission, I have removed the adobe reader and installed the fox reader, also updated the Java as detailed.
Things seem to be going much smoother, my wife's original wallpaper is back as it was before which really made her happy.
I wanted to say thank you for all of your assistance, you have really made a huge difference and I really appreciate it! My wife has learned a lot also, now she understands how much work one wrong click can make.
Please let me know if I need to do something for the one app that did not run, but things are so much better now, again thank you so much.
----------------------------------------------------------------------------------------
Step 1
Custom CFScript
- Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:
Code:Driver:: 0005c497.sys 006dc4ff.sys 00b5bd3f.sys 00c8bd52.sys 00d3c565.sys 016dbdf7.sys 029266be.sys 030ec7a0.sys 0366c7f8.sys 03b0c842.sys 0427c0b1.sys 053ec1c7.sys 058e227e.sys 0629c2b2.sys 06f66b22.sys 06fdc387.sys 0761cbf3.sys 07a6c430.sys 0908c591.sys 0a05c68f.sys 0a13cea5.sys 0af35dfd.sys 0b2ecfc0.sys 0c6fc8f9.sys 0c86c90f.sys 0c8ad11c.sys 0cf57121.sys 0d577183.sys 0d8d71b9.sys 0e32cabb.sys 0e77d309.sys 0e98cb22.sys 0ebbcb45.sys 0f25cbaf.sys 0fe8cc72.sys 1004cc8d.sys 1124d5b6.sys 11a1ce2b.sys 11e2d674.sys 13a5d02e.sys 1428d8ba.sys 147d78aa.sys 1552d9e5.sys 15cfd258.sys 16b2d33c.sys 17db7c07.sys 180dd497.sys 182dd4b6.sys 18391c00.sys 189ed528.sys 19b87de4.sys 1a77df09.sys 1a8cd715.sys 1a93df25.sys 1b587f84.sys 1e3e826a.sys 1e88db11.sys 1f7a83a6.sys 2028dcb2.sys 212d855a.sys 2257e6e9.sys 229edf28.sys 22d5df5e.sys 22f5e787.sys 2425e0af.sys 262deac0.sys 269ceb2e.sys 27b4e43e.sys 28388c64.sys 28afe538.sys 290feda1.sys 29f2e67b.sys 2a0fe699.sys 2b85f017.sys 2c60f0f2.sys 2dbbea44.sys 2e00f292.sys 2e19f2ab.sys 2ee2eb6c.sys 2f9aec24.sys 31559581.sys 31f0f682.sys 324feed9.sys 33449771.sys 3361efea.sys 3369f7fb.sys 33aff039.sys 3471f0fa.sys 3485f10e.sys 35d3f25d.sys 35f1f27b.sys 3736f3c0.sys 3785f40e.sys 37d6f45f.sys 3808f491.sys 3877fd09.sys 38d0f559.sys 3904f58d.sys 391ef5a8.sys 39c9f653.sys 3ad2ff64.sys 3b2fffc1.sys 3bdbf865.sys 3be6a013.sys 3e2102b4.sys 3fc9a3f5.sys 4015a442.sys 4086fd10.sys 424fa67c.sys 4329ffb2.sys 43d70062.sys 43fa0085.sys 446900f3.sys 46b60b49.sys 485a04e5.sys 48f50d88.sys 494a05d5.sys 49cb0e5e.sys 4be8b014.sys 4bea107d.sys 4cd41167.sys 4e1d12b0.sys 4e801313.sys 4f6213f5.sys 507eb4aa.sys 50d60d60.sys 51310dbb.sys 51741607.sys 5208169b.sys 52d80f63.sys 52e70f72.sys 540cb838.sys 545218e6.sys 545f18f2.sys 554411cf.sys 577313fe.sys 580b1c9e.sys 58eb1d7e.sys 58f8bd24.sys 5ac61750.sys 5b211fb4.sys 5b44bf70.sys 5dcd2260.sys 5e1f1aa9.sys 5e44c271.sys 5eff1b8a.sys 61481dd3.sys 61dc266f.sys 61f42687.sys 62931f1e.sys 631327a6.sys 635427e7.sys 63b0c7dc.sys 63df2872.sys 64862919.sys 65772a0a.sys 6643ca6f.sys 6687cab3.sys 66e52370.sys 6701238c.sys 675a23e5.sys 67742c07.sys 67d12c64.sys 68ea2574.sys 691825a3.sys 695a25e5.sys 69a92634.sys 6b5a27e5.sys 6c4830db.sys 6c4a30dd.sys 6cad2937.sys 6d6729f1.sys 6e6a2af5.sys 6e8b2b16.sys 6f0e33a1.sys 6f4d33e0.sys 70ef3582.sys 71f7368b.sys 72723705.sys 73052f90.sys 732437b7.sys 7360d78d.sys 73a63839.sys 74b03943.sys 75d53260.sys 761932a4.sys 76243ab7.sys 762b3abe.sys 763d32c7.sys 76e93b7d.sys 77823c15.sys 77c3344d.sys 79843e17.sys 7af1377c.sys 7b4837d2.sys 7b79400c.sys 7c3a38c4.sys 7db04243.sys 7e043a8f.sys 7e173aa1.sys 7e5d42f0.sys 7ed2e2fe.sys 81804613.sys 83e0406a.sys 840e48a2.sys 842840b3.sys 845c40e6.sys 846d4900.sys 85d8ea04.sys 863b4ace.sys 8642ea6f.sys 86d74b6b.sys 874f4be2.sys 87718b38.sys 87d64461.sys 880b4496.sys 88f24d85.sys 890a4595.sys 894a45d4.sys 8a3046ba.sys 8b114fa5.sys 8b2b47b5.sys 8bca505d.sys 8c5850eb.sys 8c8a4914.sys 8d1651a9.sys 8d5949e4.sys 8d6a51fd.sys 8d804a0b.sys 8da94a34.sys 8dbb524e.sys 8e154aa0.sys 8e174aa2.sys 8ebd4b48.sys 8f0a539d.sys 914f4dda.sys 915ef58a.sys 916c4df7.sys 91a04e2b.sys 9208569b.sys 923556c8.sys 929f4f2a.sys 9308f735.sys 933cf768.sys 935857eb.sys 93d65869.sys 948d5920.sys 969a5325.sys 974e5be1.sys 981b5cae.sys 98225cb5.sys 986754f2.sys 98fa5d8d.sys 9ab2fede.sys 9b32ff5e.sys 9b5757e2.sys 9b7b600e.sys 9b99ffc5.sys 9bc06054.sys 9bda5864.sys 9bfa608d.sys 9c5f58e9.sys 9cb36146.sys 9cea617d.sys 9d6f59fa.sys 9d7a620d.sys 9ee06373.sys 9f4863dc.sys a05c0489.sys a0ae6541.sys a32467b7.sys a60a6295.sys a7306bc3.sys a8de6569.sys abc3684e.sys ac2970bc.sys acb0693b.sys adb57248.sys adec727f.sys aeb17344.sys aeed7380.sys af7d6c07.sys afc813f5.sys b0a96d34.sys b14c1579.sys b2027695.sys b37a780d.sys b3b817e5.sys b3e1706b.sys b504718e.sys b5e21a0f.sys b6357ac8.sys b69d7327.sys b7417bd4.sys b79c7427.sys b7ef7c82.sys b8047c98.sys b81c1c49.sys b8587cec.sys b8b57d49.sys b9011d2e.sys b92975b4.sys ba4d7ee1.sys bcc97953.sys bdba824d.sys bf767c01.sys bff87c82.sys c0347cbe.sys c04b7cd5.sys c088851b.sys c17925a7.sys c1f8868b.sys c25a7ee5.sys c2f28785.sys c3b48847.sys c41588a8.sys c54381cd.sys c57429a1.sys c81d84a8.sys c9602d8d.sys c97a8e0d.sys c9b0863a.sys c9ee8679.sys ca2e86b9.sys ca6086eb.sys ca918f24.sys caa48f37.sys cad5875f.sys cb4187cb.sys cc7c30aa.sys cd2191b4.sys cd7d8a07.sys ce8932b6.sys ce918b1c.sys ced68b60.sys cf009393.sys cf088b93.sys cf769409.sys cf8733b4.sys cfbc8c47.sys cfc49458.sys d0568ce1.sys d0fc958f.sys d1b68e41.sys d20a8e95.sys d23796ca.sys d3019794.sys d39037bd.sys d3b79042.sys d53d99d0.sys d6643a92.sys d6c69b59.sys d7e93c16.sys d7f19c85.sys d9449dd7.sys d9719e04.sys da7c9706.sys dad59f68.sys db1f9fb3.sys db209fb3.sys dc2398ad.sys dd56a1e9.sys ddcb41f8.sys ddf9a28c.sys de8c9b17.sys df549bdf.sys e0ffa592.sys e1de460c.sys e22ba6bf.sys e3279fb1.sys e39ca82f.sys e41ca0a7.sys e46c015e.sys e58ea218.sys e75cabf0.sys e7dcac70.sys e7ebac7e.sys e89dad30.sys ea3caecf.sys ea42a6cc.sys eaa6af39.sys ec79b10d.sys ec85b118.sys ed1fa9aa.sys ed7b51a8.sys edc8b25b.sys ee0daa98.sys ee435271.sys ee93ab1e.sys f04e0d40.sys f161adeb.sys f190b623.sys f211ae9b.sys f224b6b7.sys f248b6db.sys f294b727.sys f360b7f3.sys f434b0be.sys f476b909.sys f489b91c.sys f60fb29a.sys f6c2b34d.sys f6e3b36d.sys f822bcb5.sys f833bcc6.sys f8675c95.sys f8c5b54f.sys f8c85cf5.sys f92bbdbe.sys f963b5ed.sys f9db5e08.sys fa03b68d.sys fb145f41.sys fbc9c05d.sys fc81c114.sys fd46b9d1.sys fd5c6189.sys fd7961a6.sys ff0ec3a1.sys ff0fc3a2.sys ff45bbd0.sys ffdac46d.sys ADS::- Save this as CFScript.txt and place it on your desktop.
- Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
- ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
- When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply.
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.
A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own. This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper
----------------------------------------------------------------------------------------
Step 2
Malwarebytes' Anti-Malware
Let's reinstall MalwareBytes, that should cure the problem.
Please download Malwarebytes' Anti-Malware to your desktop.
- Double-click mbam-setup.exe and follow the prompts to install the program.
- At the end, be sure a checkmark is placed next to
- Update Malwarebytes' Anti-Malware
- and Launch Malwarebytes' Anti-Malware
- then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select Perform full scan, then click Scan.
- When the scan is complete, click OK, then Show Results to view the results.
- Be sure that everything is checked, and click Remove Selected.
- When completed, a log will open in Notepad. please copy and paste the log into your next reply
- If requested, please reboot
- If you accidently close it, the log file is saved here and will be named like this:
- C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
----------------------------------------------------------------------------------------
Step 3
Kaspersky Online Scanner .
Your Antivirus and/or Antispyware may give a warning during the scan. This is perfectly normal
NOTE:- This scan is best done from IE (Internet Explorer)
NOTE:- Vista users should start IE by Start(Vista Orb) >> Internet Explorer >> Right-Click Run As Admin
Go Here http://www.kaspersky.com/kos/eng/par...avwebscan.html
Read the Requirements and limitations before you click Accept.
Once the database has downloaded, click My Computer in the left pane
Now go and put the kettle on !
When the scan has completed, click Save Report As...
Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.
**Note**
To optimize scanning time and produce a more sensible report for review:
- Close any open programs.
- Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.
Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.
----------------------------------------------------------------------------------------
Logs/Information to Post in Reply
Please post the following logs/Information in your reply
Some of the logs I request will be quite large, You may need to split them over a couple of replies.
- Combofix Log
- MalwareBytes Log
- Kaspersky Log
Microsoft MVP Consumer Security 2009 -2010
If we have helped, please consider a donation
THESE INSTRUCTIONS ARE FOR THIS USER ONLY
ComboFix 09-08-10.06 - Administrator 08/17/2009 11:13.2.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.1441 [GMT -6:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 090816-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_0005c497.sys
-------\Service_006dc4ff.sys
-------\Service_00b5bd3f.sys
-------\Service_00c8bd52.sys
-------\Service_00d3c565.sys
-------\Service_016dbdf7.sys
-------\Service_029266be.sys
-------\Service_030ec7a0.sys
-------\Service_0366c7f8.sys
-------\Service_03b0c842.sys
-------\Service_0427c0b1.sys
-------\Service_053ec1c7.sys
-------\Service_058e227e.sys
-------\Service_0629c2b2.sys
-------\Service_06f66b22.sys
-------\Service_06fdc387.sys
-------\Service_0761cbf3.sys
-------\Service_07a6c430.sys
-------\Service_0908c591.sys
-------\Service_0a05c68f.sys
-------\Service_0a13cea5.sys
-------\Service_0af35dfd.sys
-------\Service_0b2ecfc0.sys
-------\Service_0c6fc8f9.sys
-------\Service_0c86c90f.sys
-------\Service_0c8ad11c.sys
-------\Service_0cf57121.sys
-------\Service_0d577183.sys
-------\Service_0d8d71b9.sys
-------\Service_0e32cabb.sys
-------\Service_0e77d309.sys
-------\Service_0e98cb22.sys
-------\Service_0ebbcb45.sys
-------\Service_0f25cbaf.sys
-------\Service_0fe8cc72.sys
-------\Service_1004cc8d.sys
-------\Service_1124d5b6.sys
-------\Service_11a1ce2b.sys
-------\Service_11e2d674.sys
-------\Service_13a5d02e.sys
-------\Service_1428d8ba.sys
-------\Service_147d78aa.sys
-------\Service_1552d9e5.sys
-------\Service_15cfd258.sys
-------\Service_16b2d33c.sys
-------\Service_17db7c07.sys
-------\Service_180dd497.sys
-------\Service_182dd4b6.sys
-------\Service_18391c00.sys
-------\Service_189ed528.sys
-------\Service_19b87de4.sys
-------\Service_1a77df09.sys
-------\Service_1a8cd715.sys
-------\Service_1a93df25.sys
-------\Service_1b587f84.sys
-------\Service_1e3e826a.sys
-------\Service_1e88db11.sys
-------\Service_1f7a83a6.sys
-------\Service_2028dcb2.sys
-------\Service_212d855a.sys
-------\Service_2257e6e9.sys
-------\Service_229edf28.sys
-------\Service_22d5df5e.sys
-------\Service_22f5e787.sys
-------\Service_2425e0af.sys
-------\Service_262deac0.sys
-------\Service_269ceb2e.sys
-------\Service_27b4e43e.sys
-------\Service_28388c64.sys
-------\Service_28afe538.sys
-------\Service_290feda1.sys
-------\Service_29f2e67b.sys
-------\Service_2a0fe699.sys
-------\Service_2b85f017.sys
-------\Service_2c60f0f2.sys
-------\Service_2dbbea44.sys
-------\Service_2e00f292.sys
-------\Service_2e19f2ab.sys
-------\Service_2ee2eb6c.sys
-------\Service_2f9aec24.sys
-------\Service_31559581.sys
-------\Service_31f0f682.sys
-------\Service_324feed9.sys
-------\Service_33449771.sys
-------\Service_3361efea.sys
-------\Service_3369f7fb.sys
-------\Service_33aff039.sys
-------\Service_3471f0fa.sys
-------\Service_3485f10e.sys
-------\Service_35d3f25d.sys
-------\Service_35f1f27b.sys
-------\Service_3736f3c0.sys
-------\Service_3785f40e.sys
-------\Service_37d6f45f.sys
-------\Service_3808f491.sys
-------\Service_3877fd09.sys
-------\Service_38d0f559.sys
-------\Service_3904f58d.sys
-------\Service_391ef5a8.sys
-------\Service_39c9f653.sys
-------\Service_3ad2ff64.sys
-------\Service_3b2fffc1.sys
-------\Service_3bdbf865.sys
-------\Service_3be6a013.sys
-------\Service_3e2102b4.sys
-------\Service_3fc9a3f5.sys
-------\Service_4015a442.sys
-------\Service_4086fd10.sys
-------\Service_424fa67c.sys
-------\Service_4329ffb2.sys
-------\Service_43d70062.sys
-------\Service_43fa0085.sys
-------\Service_446900f3.sys
-------\Service_46b60b49.sys
-------\Service_485a04e5.sys
-------\Service_48f50d88.sys
-------\Service_494a05d5.sys
-------\Service_49cb0e5e.sys
-------\Service_4be8b014.sys
-------\Service_4bea107d.sys
-------\Service_4cd41167.sys
-------\Service_4e1d12b0.sys
-------\Service_4e801313.sys
-------\Service_4f6213f5.sys
-------\Service_507eb4aa.sys
-------\Service_50d60d60.sys
-------\Service_51310dbb.sys
-------\Service_51741607.sys
-------\Service_5208169b.sys
-------\Service_52d80f63.sys
-------\Service_52e70f72.sys
-------\Service_540cb838.sys
-------\Service_545218e6.sys
-------\Service_545f18f2.sys
-------\Service_554411cf.sys
-------\Service_577313fe.sys
-------\Service_580b1c9e.sys
-------\Service_58eb1d7e.sys
-------\Service_58f8bd24.sys
-------\Service_5ac61750.sys
-------\Service_5b211fb4.sys
-------\Service_5b44bf70.sys
-------\Service_5dcd2260.sys
-------\Service_5e1f1aa9.sys
-------\Service_5e44c271.sys
-------\Service_5eff1b8a.sys
-------\Service_61481dd3.sys
-------\Service_61dc266f.sys
-------\Service_61f42687.sys
-------\Service_62931f1e.sys
-------\Service_631327a6.sys
-------\Service_635427e7.sys
-------\Service_63b0c7dc.sys
-------\Service_63df2872.sys
-------\Service_64862919.sys
-------\Service_65772a0a.sys
-------\Service_6643ca6f.sys
-------\Service_6687cab3.sys
-------\Service_66e52370.sys
-------\Service_6701238c.sys
-------\Service_675a23e5.sys
-------\Service_67742c07.sys
-------\Service_67d12c64.sys
-------\Service_68ea2574.sys
-------\Service_691825a3.sys
-------\Service_695a25e5.sys
-------\Service_69a92634.sys
-------\Service_6b5a27e5.sys
-------\Service_6c4830db.sys
-------\Service_6c4a30dd.sys
-------\Service_6cad2937.sys
-------\Service_6d6729f1.sys
-------\Service_6e6a2af5.sys
-------\Service_6e8b2b16.sys
-------\Service_6f0e33a1.sys
-------\Service_6f4d33e0.sys
-------\Service_70ef3582.sys
-------\Service_71f7368b.sys
-------\Service_72723705.sys
-------\Service_73052f90.sys
-------\Service_732437b7.sys
-------\Service_7360d78d.sys
-------\Service_73a63839.sys
-------\Service_74b03943.sys
-------\Service_75d53260.sys
-------\Service_761932a4.sys
-------\Service_76243ab7.sys
-------\Service_762b3abe.sys
-------\Service_763d32c7.sys
-------\Service_76e93b7d.sys
-------\Service_77823c15.sys
-------\Service_77c3344d.sys
-------\Service_79843e17.sys
-------\Service_7af1377c.sys
-------\Service_7b4837d2.sys
-------\Service_7b79400c.sys
-------\Service_7c3a38c4.sys
-------\Service_7db04243.sys
-------\Service_7e043a8f.sys
-------\Service_7e173aa1.sys
-------\Service_7e5d42f0.sys
-------\Service_7ed2e2fe.sys
-------\Service_81804613.sys
-------\Service_83e0406a.sys
-------\Service_840e48a2.sys
-------\Service_842840b3.sys
-------\Service_845c40e6.sys
-------\Service_846d4900.sys
-------\Service_85d8ea04.sys
-------\Service_863b4ace.sys
-------\Service_8642ea6f.sys
-------\Service_86d74b6b.sys
-------\Service_874f4be2.sys
-------\Service_87718b38.sys
-------\Service_87d64461.sys
-------\Service_880b4496.sys
-------\Service_88f24d85.sys
-------\Service_890a4595.sys
-------\Service_894a45d4.sys
-------\Service_8a3046ba.sys
-------\Service_8b114fa5.sys
-------\Service_8b2b47b5.sys
-------\Service_8bca505d.sys
-------\Service_8c5850eb.sys
-------\Service_8c8a4914.sys
-------\Service_8d1651a9.sys
-------\Service_8d5949e4.sys
-------\Service_8d6a51fd.sys
-------\Service_8d804a0b.sys
-------\Service_8da94a34.sys
-------\Service_8dbb524e.sys
-------\Service_8e154aa0.sys
-------\Service_8e174aa2.sys
-------\Service_8ebd4b48.sys
-------\Service_8f0a539d.sys
-------\Service_914f4dda.sys
-------\Service_915ef58a.sys
-------\Service_916c4df7.sys
-------\Service_91a04e2b.sys
-------\Service_9208569b.sys
-------\Service_923556c8.sys
-------\Service_929f4f2a.sys
-------\Service_9308f735.sys
-------\Service_933cf768.sys
-------\Service_935857eb.sys
-------\Service_93d65869.sys
-------\Service_948d5920.sys
-------\Service_969a5325.sys
-------\Service_974e5be1.sys
-------\Service_981b5cae.sys
-------\Service_98225cb5.sys
-------\Service_986754f2.sys
-------\Service_98fa5d8d.sys
-------\Service_9ab2fede.sys
-------\Service_9b32ff5e.sys
-------\Service_9b5757e2.sys
-------\Service_9b7b600e.sys
-------\Service_9b99ffc5.sys
-------\Service_9bc06054.sys
-------\Service_9bda5864.sys
-------\Service_9bfa608d.sys
-------\Service_9c5f58e9.sys
-------\Service_9cb36146.sys
-------\Service_9cea617d.sys
-------\Service_9d6f59fa.sys
-------\Service_9d7a620d.sys
-------\Service_9ee06373.sys
-------\Service_9f4863dc.sys
-------\Service_a05c0489.sys
-------\Service_a0ae6541.sys
-------\Service_a32467b7.sys
-------\Service_a60a6295.sys
-------\Service_a7306bc3.sys
-------\Service_a8de6569.sys
-------\Service_abc3684e.sys
-------\Service_ac2970bc.sys
-------\Service_acb0693b.sys
-------\Service_adb57248.sys
-------\Service_adec727f.sys
-------\Service_aeb17344.sys
-------\Service_aeed7380.sys
-------\Service_af7d6c07.sys
-------\Service_afc813f5.sys
-------\Service_b0a96d34.sys
-------\Service_b14c1579.sys
-------\Service_b2027695.sys
-------\Service_b37a780d.sys
-------\Service_b3b817e5.sys
-------\Service_b3e1706b.sys
-------\Service_b504718e.sys
-------\Service_b5e21a0f.sys
-------\Service_b6357ac8.sys
-------\Service_b69d7327.sys
-------\Service_b7417bd4.sys
-------\Service_b79c7427.sys
-------\Service_b7ef7c82.sys
-------\Service_b8047c98.sys
-------\Service_b81c1c49.sys
-------\Service_b8587cec.sys
-------\Service_b8b57d49.sys
-------\Service_b9011d2e.sys
-------\Service_b92975b4.sys
-------\Service_ba4d7ee1.sys
-------\Service_bcc97953.sys
-------\Service_bdba824d.sys
-------\Service_bf767c01.sys
-------\Service_bff87c82.sys
-------\Service_c0347cbe.sys
-------\Service_c04b7cd5.sys
-------\Service_c088851b.sys
-------\Service_c17925a7.sys
-------\Service_c1f8868b.sys
-------\Service_c25a7ee5.sys
-------\Service_c2f28785.sys
-------\Service_c3b48847.sys
-------\Service_c41588a8.sys
-------\Service_c54381cd.sys
-------\Service_c57429a1.sys
-------\Service_c81d84a8.sys
-------\Service_c9602d8d.sys
-------\Service_c97a8e0d.sys
-------\Service_c9b0863a.sys
-------\Service_c9ee8679.sys
-------\Service_ca2e86b9.sys
-------\Service_ca6086eb.sys
-------\Service_ca918f24.sys
-------\Service_caa48f37.sys
-------\Service_cad5875f.sys
-------\Service_cb4187cb.sys
-------\Service_cc7c30aa.sys
-------\Service_cd2191b4.sys
-------\Service_cd7d8a07.sys
-------\Service_ce8932b6.sys
-------\Service_ce918b1c.sys
-------\Service_ced68b60.sys
-------\Service_cf009393.sys
-------\Service_cf088b93.sys
-------\Service_cf769409.sys
-------\Service_cf8733b4.sys
-------\Service_cfbc8c47.sys
-------\Service_cfc49458.sys
-------\Service_d0568ce1.sys
-------\Service_d0fc958f.sys
-------\Service_d1b68e41.sys
-------\Service_d20a8e95.sys
-------\Service_d23796ca.sys
-------\Service_d3019794.sys
-------\Service_d39037bd.sys
-------\Service_d3b79042.sys
-------\Service_d53d99d0.sys
-------\Service_d6643a92.sys
-------\Service_d6c69b59.sys
-------\Service_d7e93c16.sys
-------\Service_d7f19c85.sys
-------\Service_d9449dd7.sys
-------\Service_d9719e04.sys
-------\Service_da7c9706.sys
-------\Service_dad59f68.sys
-------\Service_db1f9fb3.sys
-------\Service_db209fb3.sys
-------\Service_dc2398ad.sys
-------\Service_dd56a1e9.sys
-------\Service_ddcb41f8.sys
-------\Service_ddf9a28c.sys
-------\Service_de8c9b17.sys
-------\Service_df549bdf.sys
-------\Service_e0ffa592.sys
-------\Service_e1de460c.sys
-------\Service_e22ba6bf.sys
-------\Service_e3279fb1.sys
-------\Service_e39ca82f.sys
-------\Service_e41ca0a7.sys
-------\Service_e46c015e.sys
-------\Service_e58ea218.sys
-------\Service_e75cabf0.sys
-------\Service_e7dcac70.sys
-------\Service_e7ebac7e.sys
-------\Service_e89dad30.sys
-------\Service_ea3caecf.sys
-------\Service_ea42a6cc.sys
-------\Service_eaa6af39.sys
-------\Service_ec79b10d.sys
-------\Service_ec85b118.sys
-------\Service_ed1fa9aa.sys
-------\Service_ed7b51a8.sys
-------\Service_edc8b25b.sys
-------\Service_ee0daa98.sys
-------\Service_ee435271.sys
-------\Service_ee93ab1e.sys
-------\Service_f04e0d40.sys
-------\Service_f161adeb.sys
-------\Service_f190b623.sys
-------\Service_f211ae9b.sys
-------\Service_f224b6b7.sys
-------\Service_f248b6db.sys
-------\Service_f294b727.sys
-------\Service_f360b7f3.sys
-------\Service_f434b0be.sys
-------\Service_f476b909.sys
-------\Service_f489b91c.sys
-------\Service_f60fb29a.sys
-------\Service_f6c2b34d.sys
-------\Service_f6e3b36d.sys
-------\Service_f822bcb5.sys
-------\Service_f833bcc6.sys
-------\Service_f8675c95.sys
-------\Service_f8c5b54f.sys
-------\Service_f8c85cf5.sys
-------\Service_f92bbdbe.sys
-------\Service_f963b5ed.sys
-------\Service_f9db5e08.sys
-------\Service_fa03b68d.sys
-------\Service_fb145f41.sys
-------\Service_fbc9c05d.sys
-------\Service_fc81c114.sys
-------\Service_fd46b9d1.sys
-------\Service_fd5c6189.sys
-------\Service_fd7961a6.sys
-------\Service_ff0ec3a1.sys
-------\Service_ff0fc3a2.sys
-------\Service_ff45bbd0.sys
-------\Service_ffdac46d.sys
((((((((((((((((((((((((( Files Created from 2009-07-17 to 2009-08-17 )))))))))))))))))))))))))))))))
.
2009-08-17 15:41 . 2009-08-17 15:40 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-17 15:33 . 2009-08-17 15:33 -------- d-----w- c:\program files\Foxit Software
2009-08-17 15:33 . 2009-08-17 15:33 -------- d-----w- c:\documents and settings\Administrator\Application Data\Foxit
2009-08-17 14:56 . 2009-08-17 14:56 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-08-17 14:56 . 2009-08-03 19:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-17 14:56 . 2009-08-17 14:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-08-17 14:56 . 2009-08-17 14:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-17 14:56 . 2009-08-03 19:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-16 15:30 . 2009-08-16 15:34 -------- d-----w- C:\rsit
2009-08-13 17:48 . 2009-08-13 17:48 -------- d-----w- c:\program files\Trend Micro
2009-08-13 17:29 . 2009-08-13 17:29 94493460 ----a-w- C:\regbackup.reg
2009-08-13 16:55 . 2009-08-13 16:55 16 ----a-w- c:\windows\system32\drivers\ZuneBusEnum.exe.sys
2009-08-13 16:20 . 2009-08-13 17:07 -------- d-----w- c:\documents and settings\Administrator\.housecall6.6
2009-08-13 16:02 . 2009-08-13 16:02 16 ----a-w- c:\windows\system32\drivers\sessionstore-1..sys
2009-08-13 15:44 . 2009-08-13 15:44 16 ----a-w- c:\windows\system32\drivers\History.IE5.sys
2009-08-13 15:41 . 2009-08-13 16:20 16 ----a-w- c:\windows\system32\drivers\Aavm4h.dll.sys
2009-08-13 15:37 . 2009-08-13 16:19 16 ----a-w- c:\windows\system32\drivers\zllictbl.dat.sys
2009-08-12 14:04 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2009-08-10 20:41 . 2008-08-14 10:04 138496 ------w- c:\windows\system32\dllcache\afd.sys
2009-08-10 06:03 . 2009-08-10 06:03 -------- d-----w- c:\program files\AskBarDis
2009-08-10 06:02 . 2009-02-16 06:10 1221512 ----a-w- c:\windows\system32\zpeng25.dll
2009-08-10 06:00 . 2009-08-10 06:00 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-10 05:59 . 2009-08-10 05:59 -------- d-----w- c:\program files\MSBuild
2009-08-10 05:59 . 2009-08-10 05:59 -------- d-----w- c:\program files\Reference Assemblies
2009-08-10 05:59 . 2009-08-10 05:59 -------- d-----w- C:\ddd1fcc9e2fae00c404e3e3bb27d
2009-08-10 05:59 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-10 05:59 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-10 05:59 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-10 05:59 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-08-10 05:59 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-10 05:59 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-10 05:59 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-10 04:20 . 2009-08-13 16:38 16 ----a-w- c:\windows\system32\drivers\.sys
2009-08-05 09:01 . 2009-08-05 09:01 204800 ------w- c:\windows\system32\dllcache\mswebdvd.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-17 15:40 . 2006-12-07 09:51 -------- d-----w- c:\program files\Java
2009-08-17 15:34 . 2006-12-07 09:54 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-17 15:12 . 2008-10-04 01:22 1295234 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2009-08-10 06:02 . 2006-12-30 19:40 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2009-08-10 05:20 . 2008-07-09 01:53 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-10 04:19 . 2009-08-16 15:17 69632 ----a-w- c:\windows\system32\drivers\trz37D.tmp
2009-08-05 09:01 . 2004-08-04 08:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-17 19:01 . 2004-08-04 08:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-15 05:30 . 2009-07-15 05:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia
2009-07-15 05:29 . 2009-07-15 05:29 -------- d-----w- c:\program files\Yahoo! Games
2009-07-14 05:43 . 2004-08-04 08:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-10 19:01 . 2007-03-24 15:03 -------- d-----w- c:\documents and settings\Administrator\Application Data\IMVU
2009-06-29 16:12 . 2004-08-04 08:00 827392 ----a-w- c:\windows\system32\wininet.dll
2009-06-29 16:12 . 2004-08-04 08:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-29 16:12 . 2004-08-04 08:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-06-25 08:25 . 2004-08-04 08:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:25 . 2004-08-04 08:00 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:25 . 2004-08-04 08:00 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:25 . 2004-08-04 08:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-25 08:25 . 2004-08-04 08:00 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:25 . 2004-08-04 08:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-24 11:18 . 2004-08-04 08:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-23 19:13 . 2009-06-23 19:04 -------- d-----w- c:\documents and settings\Administrator\Application Data\W Photo Studio Viewer
2009-06-18 18:36 . 2009-06-18 18:36 0 ---ha-w- c:\windows\system32\drivers\Msft_User_ZuneDriver_01_07_00.Wdf
2009-06-18 18:36 . 2009-06-18 18:36 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_WinUSB_01007.Wdf
2009-06-18 18:34 . 2009-06-18 18:34 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-06-18 18:29 . 2009-06-18 18:29 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_zumbus_01007.Wdf
2009-06-18 18:29 . 2009-06-18 18:29 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-06-16 14:36 . 2004-08-04 08:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:36 . 2004-08-04 08:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-12 12:31 . 2004-08-04 08:00 80896 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-12 12:31 . 2004-08-04 08:00 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 15:19 . 2004-08-04 08:00 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 14:13 . 2004-08-04 08:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 06:14 . 2004-08-04 08:00 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-03 19:09 . 2004-08-04 08:00 1291264 ----a-w- c:\windows\system32\quartz.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-08-17_15.12.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-08-17 17:18 . 2009-08-17 17:18 16384 c:\windows\Temp\Perflib_Perfdata_638.dat
+ 2009-08-17 17:18 . 2009-08-17 17:18 16384 c:\windows\Temp\Perflib_Perfdata_340.dat
- 2009-08-17 15:09 . 2009-08-17 15:09 8192 c:\windows\ERDNT\subs\Users\00000004\UsrClass.dat
+ 2009-08-17 17:17 . 2009-08-17 17:17 8192 c:\windows\ERDNT\subs\Users\00000004\UsrClass.dat
+ 2009-08-17 17:17 . 2009-08-17 17:17 8192 c:\windows\ERDNT\subs\Users\00000002\UsrClass.dat
- 2009-08-17 15:09 . 2009-08-17 15:09 8192 c:\windows\ERDNT\subs\Users\00000002\UsrClass.dat
+ 2009-08-17 15:41 . 2009-08-17 15:40 149280 c:\windows\system32\javaws.exe
+ 2009-08-17 15:41 . 2009-08-17 15:40 145184 c:\windows\system32\javaw.exe
+ 2009-08-17 15:41 . 2009-08-17 15:40 145184 c:\windows\system32\java.exe
+ 2009-08-17 17:17 . 2009-08-17 17:17 188416 c:\windows\ERDNT\subs\Users\00000006\UsrClass.dat
- 2009-08-17 15:09 . 2009-08-17 15:09 229376 c:\windows\ERDNT\subs\Users\00000003\NTUSER.DAT
+ 2009-08-17 17:17 . 2009-08-17 17:17 229376 c:\windows\ERDNT\subs\Users\00000003\NTUSER.DAT
+ 2009-08-17 17:17 . 2009-08-17 17:17 229376 c:\windows\ERDNT\subs\Users\00000001\NTUSER.DAT
- 2009-08-17 15:09 . 2009-08-17 15:09 229376 c:\windows\ERDNT\subs\Users\00000001\NTUSER.DAT
+ 2009-08-17 15:40 . 2009-08-17 15:40 1757696 c:\windows\Installer\11a852.msi
+ 2009-08-17 17:17 . 2009-08-17 17:17 7172096 c:\windows\ERDNT\subs\Users\00000005\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-10-17 00:22 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-10-17 333192]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-10-17 333192]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-01-05 344064]
"SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2005-07-23 176128]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-24 233472]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-16 981384]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-17 149280]
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^IMVU.lnk]
path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\IMVU.lnk
backup=c:\windows\pss\IMVU.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"idsvc"=3 (0x3)
"IDriverT"=3 (0x3)
"ASKService"=2 (0x2)
"aawservice"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [7/8/2008 7:37 PM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7/8/2008 7:37 PM 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [7/13/2008 10:23 AM 222456]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [8/17/2009 8:56 AM 38160]
S4 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [8/10/2009 12:03 AM 464264]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\a6rjsg2e.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPZoneSB.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-17 11:19
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(712)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3944)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ZoneLabs\vsmon.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Completion time: 2009-08-17 11:41 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-17 17:40
ComboFix2.txt 2009-08-17 15:23
Pre-Run: 65,217,654,784 bytes free
Post-Run: 65,247,047,680 bytes free
688 --- E O F --- 2009-08-13 09:02
completed the combo fix, I am currently at work, I will finish the rest once I am home, just wanted to provide an update, again thank you for your assistance.
This topic has been closed due to inactivity.
If you still require help, please start a new topic and include a new HijackThis log with a link to your previous thread.
Please do not add any logs that might have been requested previously, you would be starting fresh.
Applies only to the original poster, anyone else with similar problems please start your own topic.
Microsoft MVP Reconnect 2018-
Windows Insider MVP 2016-2018
Microsoft Consumer Security MVP 2006-2016