WiredWX Hobby Weather ToolsLog in

 


antivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes

3 posters

descriptionantivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes - Page 4 EmptyRe: antivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes

more_horiz
Malwarebytes' Anti-Malware 1.41
Database version: 2879
Windows 5.1.2600 Service Pack 3

9/30/2009 10:26:08 PM
mbam-log-2009-09-30 (22-26-08).txt

Scan type: Quick Scan
Objects scanned: 131428
Time elapsed: 56 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

descriptionantivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes - Page 4 EmptyRe: antivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes

more_horiz
Hello.
Lets get this scan going.

  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    Link 1
    Link 2
  • Double click DDS.scr to run.
  • When complete, two logs will open. Save both of the report to your Desktop.
  • Copy and paste DDS.txt back here, I don't need to see attach.txt just yet.

descriptionantivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes - Page 4 EmptyRe: antivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes

more_horiz
DDS (Ver_09-09-29.01) - NTFSx86
Run by Jim at 20:07:39.84 on Thu 10/01/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_16

============== Running Processes ===============


============== Pseudo HJT Report ===============

uSearchMigratedDefaultUrl = hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZRxdm429YYUS&fl=0&ptb=RlD9TCNDbrl.m.ezjD6Pjg&url=http://www.ask.com/web&q={searchTerms}&l=zr&o=sb
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
uURLSearchHooks: H - No File
uURLSearchHooks: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1150595.exe -Update -1150595 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6; FunWebProducts; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 1.0.3705; yie8; yie8)" -"http://www.maidmarian.com/ClubMarian.htm"
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [PCMService] "c:\program files\dell\media experience\PCMService.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [Dell Photo AIO Printer 922] "c:\program files\dell photo aio printer 922\dlbtbmgr.exe"
mRun: [Dell AIO Printer A920] "c:\program files\dell aio printer a920\dlbkbmgr.exe"
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [iolo AntiVirus] "c:\program files\iolo\system mechanic professional\antivirus\ioloAV.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\new folder\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRunOnce: [Uninstall Adobe Download Manager] "c:\windows\system32\rundll32.exe" "c:\program files\nos\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp
StartupFolder: c:\documents and settings\jim\start menu\programs\startup\PowerReg Scheduler V3.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\1.0.150\SSScheduler.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\precas~1.lnk - c:\program files\ocucom\precast\tmon.exe
IE: &Search
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
LSP: c:\windows\system32\iavlsp.dll
LSP: c:\program files\google\google desktop search\GoogleDesktopNetwork1.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/E/3/9/E39C664F-A8E3-4F69-A109-1AE9849204EE/OGAControl.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} - hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab
DPF: {3713F92E-2252-4A87-868E-C5F17704D4C6} - hxxp://www.rockyou.com/RockYouImageUploader.cab
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photos.walmart.com/WalmartActivia.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
TCP: {76AC16A1-8A80-4DE2-83BA-DCD922C1D4CA} = 166.102.165.11,207.91.5.20
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============


============== File Associations ===============

JSEFile=NOTEPAD.EXE %1

=============== Created Last 30 ================

2009-10-01 19:35 --d----- c:\program files\McAfee Security Scan
2009-10-01 19:35 --d----- c:\docume~1\alluse~1\applic~1\McAfee Security Scan
2009-09-30 23:28 411,368 a------- c:\windows\system32\deploytk.dll
2009-09-30 23:28 73,728 a------- c:\windows\system32\javacpl.cpl
2009-09-26 16:10 54,156 a---h--- c:\windows\QTFont.qfn
2009-09-26 16:10 1,409 a------- c:\windows\QTFont.for
2009-09-24 15:10 --d----- C:\ComboFix
2009-09-24 15:03 85,504 a------- c:\windows\inherit.exe
2009-09-23 21:39 491,248 a------- C:\WindowsXP-KB897327-x86-ENU.exe
2009-09-23 21:39 55,536 a------- C:\WindowsXP-KB897327-x86-Symbols-ENU.exe
2009-09-23 20:10 --d----- c:\program files\ACW
2009-09-22 01:39 2,855 a------- c:\windows\explorer.PIF
2009-09-22 00:26 --d----- c:\documents and settings\jim\.housecall6.6
2009-09-20 00:45 a-dshr-- C:\cmdcons
2009-09-20 00:26 229,888 a------- c:\windows\PEV.exe
2009-09-20 00:26 161,792 a------- c:\windows\SWREG.exe
2009-09-20 00:26 98,816 a------- c:\windows\sed.exe
2009-09-13 22:46 --d-h--- c:\windows\PIF
2009-09-08 15:37 664 a------- c:\windows\system32\d3d9caps.dat
2009-09-08 07:22 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-08 07:22 19,160 a------- c:\windows\system32\drivers\mbam.sys
2009-09-08 07:22 --d----- c:\program files\Malwarebytes' Anti-Malware
2009-09-08 07:15 414 a------- C:\spyhunter.fix
2009-09-07 15:54 --d----- c:\windows\system32\wbem\Repository
2009-09-07 06:58 12,537 a------- c:\windows\opybu._sy
2009-09-03 07:45 --d----- c:\docume~1\alluse~1\applic~1\TomTom
2009-09-03 07:36 --d----- c:\program files\TomTom DesktopSuite

==================== Find3M ====================

2009-09-30 05:29 95,616 a------- c:\windows\junction.exe
2009-08-23 23:23 680,960 a------- c:\windows\is-CSKTN.exe
2007-08-20 21:47 848 a--sh--- c:\windows\system32\KGyGaAvL.sys
2009-05-18 18:59 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009051820090519\index.dat

============= FINISH: 20:08:08.70 ===============

descriptionantivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes - Page 4 EmptyRe: antivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes

more_horiz
How is your computer running? Are you still having trouble?

descriptionantivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes - Page 4 EmptyRe: antivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes

more_horiz
Hello,

Everything seems to be doing good except I cannot turn my computer off from the start menu or task manager. You guy's have been awesome! Thanks!

descriptionantivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes - Page 4 EmptyRe: antivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes

more_horiz
Hi

Please tell me if this works:

It is time to fix the damages due to malware, and to secure your computer to help prevent re-infection.
Please download DragonFix by DragonMaster Jay, and save it to your Desktop. Right click and Extract All, and save the files to your Desktop.
  • Please disable realtime protection. (If any)
  • Double-click RunFirst.vbs. Follow the prompts and make sure it completes. It will confirm the Restore Point was added.
  • Double-click DragonFix.reg, and follow the prompt(s).
  • Please reboot your computer. In your case, do the following: open Command Prompt (Start > Run - Type in CMD and hit enter). In the Command Prompt Window, enter in the following and hit enter: shutdown /r


Make sure there is a space between the shutdown and /r

descriptionantivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes - Page 4 EmptyRe: antivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes

more_horiz
Hello,

I tried the run first and got "Activex component can't create object: Get Object" Thanks!

descriptionantivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes - Page 4 EmptyRe: antivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes

more_horiz
Hi

Please create a Restore Point yourself, by going to Start > All Programs > Accessories > System Restore

==

Then, try DragonFix and do the Restart command. Don't worry about RunFirst.vbs.

Then, let me know if that fȋxed it.

descriptionantivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes - Page 4 EmptyRe: antivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes

more_horiz
Hey,

Everything seems to be doing great! I will be watching this site very often to try and learn more about computers. You have already taught me a great deal. I just wished I were as good as you guys. Would you have any suggestions as per learning what you guys do? I have found this to be very interesting and would love to learn more. Thanks!!

descriptionantivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes - Page 4 EmptyRe: antivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes

more_horiz
The following links will be helpful to find free malware removal training:

Geeks to Go


What the Tech


Malware Removal


SpywareHammer


Spyware Info Forum


Bleeping Computer

Tech Support Forum

descriptionantivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes - Page 4 EmptyRe: antivirs 2010 removal, no desktop cannot d/l and use hijk or malware bytes

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum