WiredWX Christian Hobby Weather Tools
Would you like to react to this message? Create an account in a few clicks or log in to continue.

WiredWX Christian Hobby Weather ToolsLog in

 


Antivirus Soft

2 posters

descriptionAntivirus Soft EmptyAntivirus Soft4th February 2010, 1:58 am

more_horiz
I have the antivirus soft on my computer. Then, I used ComboFix and i think the virus is almost gone. The pop-ups are gone, and I'm able to download things and open Microsoft WOrd (which I wasnt able to do before). however, the virus is still preventing a connection from my printer to the computer so i cant print anything. Besides for that, everything is normal. what can i do to re-connect my printer to the comp? Here is the log:

ComboFix 10-02-03.04 - stuffx3 02/03/2010 19:48:27.1.1 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1022.530 [GMT -8:00]
Running from: c:\documents and settings\stuffx3\My Documents\Downloads\ComboFix.exe
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\stuffx3\LOCALS~1\Temp\7zS2C.tmp\nonlocalized\xpcom.dll
c:\documents and settings\Administrator\Local Settings\Application Data\{05D11120-42B1-4C03-9DEB-781B408931E0}
c:\documents and settings\Administrator\Local Settings\Application Data\{05D11120-42B1-4C03-9DEB-781B408931E0}\chrome.manifest
c:\documents and settings\Administrator\Local Settings\Application Data\{05D11120-42B1-4C03-9DEB-781B408931E0}\chrome\content\_cfg.js
c:\documents and settings\Administrator\Local Settings\Application Data\{05D11120-42B1-4C03-9DEB-781B408931E0}\chrome\content\overlay.xul
c:\documents and settings\Administrator\Local Settings\Application Data\{05D11120-42B1-4C03-9DEB-781B408931E0}\install.rdf
c:\documents and settings\ASHLEY DOMINIC\Local Settings\Application Data\{99AA70C0-02F3-425F-A29E-39CD6BC0209F}
c:\documents and settings\ASHLEY DOMINIC\Local Settings\Application Data\{99AA70C0-02F3-425F-A29E-39CD6BC0209F}\chrome.manifest
c:\documents and settings\ASHLEY DOMINIC\Local Settings\Application Data\{99AA70C0-02F3-425F-A29E-39CD6BC0209F}\chrome\content\_cfg.js
c:\documents and settings\ASHLEY DOMINIC\Local Settings\Application Data\{99AA70C0-02F3-425F-A29E-39CD6BC0209F}\chrome\content\overlay.xul
c:\documents and settings\ASHLEY DOMINIC\Local Settings\Application Data\{99AA70C0-02F3-425F-A29E-39CD6BC0209F}\install.rdf
c:\documents and settings\stuffx3\Local Settings\Application Data\{481110DC-90EE-497C-8D2F-857A3E37A296}
c:\documents and settings\stuffx3\Local Settings\Application Data\{481110DC-90EE-497C-8D2F-857A3E37A296}\chrome.manifest
c:\documents and settings\stuffx3\Local Settings\Application Data\{481110DC-90EE-497C-8D2F-857A3E37A296}\chrome\content\_cfg.js
c:\documents and settings\stuffx3\Local Settings\Application Data\{481110DC-90EE-497C-8D2F-857A3E37A296}\chrome\content\overlay.xul
c:\documents and settings\stuffx3\Local Settings\Application Data\{481110DC-90EE-497C-8D2F-857A3E37A296}\install.rdf
c:\documents and settings\stuffx3\Local Settings\Temp\7zS2C.tmp\nonlocalized\xpcom.dll
c:\documents and settings\stuffx3\Start Menu\Programs\Startup\scandisk.lnk
C:\s
c:\windows\EventSystem.log
c:\windows\ihiyovox.dll
c:\windows\system32\11323.exe
c:\windows\system32\11478.exe
c:\windows\system32\11538.exe
c:\windows\system32\11840.exe
c:\windows\system32\11942.exe
c:\windows\system32\12316.exe
c:\windows\system32\12382.exe
c:\windows\system32\12623.exe
c:\windows\system32\12859.exe
c:\windows\system32\13931.exe
c:\windows\system32\14604.exe
c:\windows\system32\14771.exe
c:\windows\system32\15141.exe
c:\windows\system32\153.exe
c:\windows\system32\15350.exe
c:\windows\system32\15724.exe
c:\windows\system32\15890.exe
c:\windows\system32\16827.exe
c:\windows\system32\16944.exe
c:\windows\system32\17035.exe
c:\windows\system32\17421.exe
c:\windows\system32\17673.exe
c:\windows\system32\1842.exe
c:\windows\system32\18467.exe
c:\windows\system32\1869.exe
c:\windows\system32\18716.exe
c:\windows\system32\18756.exe
c:\windows\system32\19169.exe
c:\windows\system32\19264.exe
c:\windows\system32\19629.exe
c:\windows\system32\19718.exe
c:\windows\system32\19895.exe
c:\windows\system32\19912.exe
c:\windows\system32\19954.exe
c:\windows\system32\20037.exe
c:\windows\system32\21538.exe
c:\windows\system32\21726.exe
c:\windows\system32\22190.exe
c:\windows\system32\22648.exe
c:\windows\system32\23281.exe
c:\windows\system32\23805.exe
c:\windows\system32\23811.exe
c:\windows\system32\24084.exe
c:\windows\system32\24370.exe
c:\windows\system32\24393.exe
c:\windows\system32\24464.exe
c:\windows\system32\24626.exe
c:\windows\system32\25547.exe
c:\windows\system32\25667.exe
c:\windows\system32\26299.exe
c:\windows\system32\26308.exe
c:\windows\system32\26500.exe
c:\windows\system32\26962.exe
c:\windows\system32\27446.exe
c:\windows\system32\27529.exe
c:\windows\system32\27644.exe
c:\windows\system32\28145.exe
c:\windows\system32\28253.exe
c:\windows\system32\28703.exe
c:\windows\system32\288.exe
c:\windows\system32\292.exe
c:\windows\system32\29358.exe
c:\windows\system32\2995.exe
c:\windows\system32\30106.exe
c:\windows\system32\30333.exe
c:\windows\system32\3035.exe
c:\windows\system32\31101.exe
c:\windows\system32\31322.exe
c:\windows\system32\32391.exe
c:\windows\system32\32439.exe
c:\windows\system32\32662.exe
c:\windows\system32\32757.exe
c:\windows\system32\3548.exe
c:\windows\system32\3902.exe
c:\windows\system32\4664.exe
c:\windows\system32\4827.exe
c:\windows\system32\491.exe
c:\windows\system32\4966.exe
c:\windows\system32\5436.exe
c:\windows\system32\5447.exe
c:\windows\system32\5537.exe
c:\windows\system32\5705.exe
c:\windows\system32\6334.exe
c:\windows\system32\6729.exe
c:\windows\system32\6868.exe
c:\windows\system32\7376.exe
c:\windows\system32\7711.exe
c:\windows\system32\778.exe
c:\windows\system32\8723.exe
c:\windows\system32\8942.exe
c:\windows\system32\9040.exe
c:\windows\system32\9741.exe
c:\windows\system32\9894.exe
c:\windows\system32\9961.exe
c:\windows\system32\warning.html

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ASC3550P


((((((((((((((((((((((((( Files Created from 2010-01-04 to 2010-02-04 )))))))))))))))))))))))))))))))
.

2010-02-04 02:11 . 2010-02-04 02:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-02-04 02:11 . 2010-02-04 02:11 -------- d-----w- c:\program files\Alwil Software
2010-02-04 02:01 . 2010-02-04 02:05 -------- d-----w- c:\documents and settings\stuffx3\.SunDownloadManager
2010-02-03 05:06 . 2009-10-30 19:11 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-02-03 05:06 . 2009-11-09 19:20 207792 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-02-03 05:06 . 2009-10-07 00:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-02-03 05:06 . 2009-09-03 17:45 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-02-03 05:06 . 2010-02-03 05:06 -------- d-----w- c:\program files\Common Files\PC Tools
2010-02-03 05:06 . 2010-02-03 05:11 -------- d-----w- c:\program files\Spyware Doctor
2010-02-03 05:06 . 2010-02-03 05:06 -------- d-----w- c:\documents and settings\stuffx3\Application Data\PC Tools
2010-02-03 05:06 . 2010-02-03 05:06 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2010-01-31 02:14 . 2010-01-31 02:14 -------- d-----w- c:\documents and settings\stuffx3\Application Data\CyberLink
2010-01-31 02:14 . 2010-01-31 02:25 -------- d-----w- c:\documents and settings\stuffx3\Local Settings\Application Data\PowerDVD
2010-01-26 04:13 . 2010-01-26 04:13 -------- d-----w- c:\documents and settings\Administrator\Application Data\Yahoo!
2010-01-26 02:39 . 2010-01-26 03:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-01-26 02:39 . 2010-01-26 02:39 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2010-01-25 23:56 . 2010-01-25 23:56 444 ----a-w- c:\windows\system32\d3d8caps.dat
2010-01-25 23:50 . 2010-02-04 03:12 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-01-25 23:41 . 2010-02-02 08:02 0 ----a-w- c:\windows\Usuwoyadomipu.bin
2010-01-25 23:41 . 2010-02-03 06:07 120 ----a-w- c:\windows\Kbobuyi.dat
2010-01-13 00:13 . 2009-11-21 16:36 470528 ------w- c:\windows\system32\dllcache\aclayers.dll
2010-01-08 05:09 . 2010-01-08 05:09 -------- d-----w- c:\program files\Common Files\Software Update Utility

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-04 04:14 . 2009-01-18 05:07 -------- d-----w- c:\program files\WinClamAVShield
2010-02-04 04:13 . 2009-03-04 02:19 66032 ----a-w- c:\documents and settings\stuffx3\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-03 06:20 . 2007-05-11 20:15 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-02-03 06:14 . 2009-03-04 00:33 -------- d-----w- c:\documents and settings\stuffx3\Application Data\uTorrent
2010-02-03 04:30 . 2009-10-01 05:45 -------- d-----w- c:\program files\uTorrent
2010-02-02 23:33 . 2009-01-17 21:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2010-02-02 23:32 . 2009-03-04 00:21 -------- d-----w- c:\documents and settings\stuffx3\Application Data\Spyware Terminator
2010-02-02 23:32 . 2009-01-17 21:33 -------- d-----w- c:\program files\Spyware Terminator
2010-01-28 05:28 . 2009-01-22 23:39 -------- d-----w- c:\documents and settings\ASHLEY DOMINIC\Application Data\Spyware Terminator
2010-01-26 06:02 . 2009-01-18 15:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-26 06:02 . 2010-01-26 06:02 5115823 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-26 02:55 . 2006-02-17 12:44 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-01-26 02:39 . 2006-02-17 12:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2010-01-23 03:30 . 2009-11-24 04:42 79488 ----a-w- c:\documents and settings\stuffx3\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-21 05:48 . 2009-11-24 06:53 143512 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-01-10 05:13 . 2006-03-06 01:03 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-08 05:09 . 2009-10-26 05:39 -------- d-----w- c:\program files\AIM
2010-01-08 00:07 . 2009-01-18 15:48 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-08 00:07 . 2009-01-18 15:48 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-02 19:19 . 2008-11-02 18:52 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2010-01-02 19:07 . 2010-01-02 19:07 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-02 19:06 . 2010-01-02 19:06 86016 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
2009-11-21 16:36 . 2009-09-16 23:50 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-17 01:18 . 2009-11-17 01:13 63 ----a-w- c:\documents and settings\stuffx3\jagex_runescape_preferences2.dat
2009-11-17 01:16 . 2009-11-17 01:12 38 ----a-w- c:\documents and settings\stuffx3\jagex_runescape_preferences.dat
2009-11-09 08:33 . 2009-11-09 08:33 45056 ----a-r- c:\documents and settings\stuffx3\Application Data\Microsoft\Installer\{08C2044E-9E98-4005-8E3C-E438A10501EC}\MapleStory.exe1_08C2044E9E9840058E3CE438A10501EC.exe
2009-11-09 08:33 . 2009-11-09 08:33 45056 ----a-r- c:\documents and settings\stuffx3\Application Data\Microsoft\Installer\{08C2044E-9E98-4005-8E3C-E438A10501EC}\MapleStory.exe_08C2044E9E9840058E3CE438A10501EC.exe
2009-11-09 08:33 . 2009-11-09 08:33 10134 ----a-r- c:\documents and settings\stuffx3\Application Data\Microsoft\Installer\{08C2044E-9E98-4005-8E3C-E438A10501EC}\ARPPRODUCTICON.exe
2009-11-06 17:20 . 2009-11-21 17:48 34112 ----a-w- c:\documents and settings\stuffx3\Application Data\Mozilla\Firefox\Profiles\nijr47ee.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg_bootstrap.exe
2009-11-06 17:20 . 2009-11-21 17:48 32448 ----a-w- c:\documents and settings\stuffx3\Application Data\Mozilla\Firefox\Profiles\nijr47ee.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
2009-11-06 17:20 . 2009-11-21 17:48 22352 ----a-w- c:\documents and settings\stuffx3\Application Data\Mozilla\Firefox\Profiles\nijr47ee.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
2009-09-27 19:31 . 2006-04-22 02:52 104 --sh--r- c:\windows\system32\7C5853413C.sys
2009-09-27 19:31 . 2006-04-22 02:52 5226 --sha-w- c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-27 3883856]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-10-01 289072]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"DellTransferAgent"="c:\documents and settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe" [2007-11-13 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2009-01-17 1783808]
"YBrowser"="c:\progra~1\Yahoo!\browser\ybrwicon.exe" [2006-07-21 129536]
"VerizonServicepoint.exe"="c:\program files\Verizon\Servicepoint\VerizonServicepoint.exe" [2006-02-01 1880064]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-15 1404928]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2006-02-17 26112]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-27 413696]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-06 114688]
"MPTBox"="c:\progra~1\Canon\MULTIP~1\MPTBox.exe" [2001-10-20 159744]
"monitr32"="c:\program files\Canon\MultiPASS4\monitr32.exe" [2001-10-20 323584]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-06 94208]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-06 77824]
"fxredir"="c:\windows\system32\fxredir.exe" [2001-10-20 77824]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2006-10-04 53760]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
ymetray.lnk - c:\program files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe [2008-2-5 54512]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\browser\\ybrowser.exe"=
"c:\\Program Files\\Yahoo!\\Yahoo! Music Jukebox\\YahooMusicEngine.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2/2/2010 9:06 PM 207792]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [1/17/2009 1:33 PM 141312]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [1/22/2009 3:44 PM 24652]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [1/18/2009 7:48 AM 38224]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder

2010-01-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://verizon.yahoo.com
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride =
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\ASHLEY DOMINIC\Start Menu\Programs\Accessories\IMVU\Run IMVU.lnk
DPF: {03A99563-4F42-4DCF-A069-C728A71164A3} - hxxp://apps.vivaty.com/downloads/player/install.cab
FF - ProfilePath - c:\documents and settings\stuffx3\Application Data\Mozilla\Firefox\Profiles\nijr47ee.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - plugin: c:\documents and settings\stuffx3\Application Data\Mozilla\Firefox\Profiles\nijr47ee.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npdeploytk.dll
FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npnul32.dll
FF - plugin: c:\progra~1\Mozilla Firefox\plugins\nppdf32.dll
FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin.dll
FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin2.dll
FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin3.dll
FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin4.dll
FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin5.dll
FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin6.dll
FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npqtplugin7.dll
FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\progra~1\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - hȋdden: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Djonole - c:\windows\ihiyovox.dll
HKLM-Run-WMC_AutoUpdate - (no file)
HKU-Default-Run-notepad - c:\docume~1\LOCALS~1\ntload.dll
MSConfigStartUp-Internet Security 2010 - c:\program files\InternetSecurity2010\IS2010.exe
AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-03 20:14
Windows 5.1.2600 Service Pack 2 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys PCTCore.sys >>UNKNOWN [0x872F3856]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf77fdfc3
\Driver\ACPI -> ACPI.sys @ 0xf7770cb8
\Driver\atapi -> atapi.sys @ 0xf77087b4
IoDeviceObjectType -> ParseProcedure -> ntoskrnl.exe @ 0x8056d56b
\Device\Harddisk0\DR0 -> ParseProcedure -> ntoskrnl.exe @ 0x8056d56b
NDIS: Intel(R) PRO/100 VE Network Connection -> SendCompleteHandler -> NDIS.sys @ 0xf75fdba0
PacketIndicateHandler -> NDIS.sys @ 0xf760ab21
SendHandler -> NDIS.sys @ 0xf75e887b
user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(636)
c:\windows\system32\WININET.dll

- - - - - - - > 'lsass.exe'(696)
c:\windows\system32\WININET.dll

- - - - - - - > 'explorer.exe'(4028)
c:\windows\system32\WININET.dll
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\progra~1\Yahoo!\browser\ycommon.exe
c:\windows\system32\wscntfy.exe
c:\progra~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
.
**************************************************************************
.
Completion time: 2010-02-03 20:24:25 - machine was rebooted
ComboFix-quarantined-files.txt 2010-02-04 04:24

Pre-Run: 25,620,893,696 bytes free
Post-Run: 35,216,691,200 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 5159921EFFC2DAF94E5743ED4893073F

descriptionAntivirus Soft EmptyRe: Antivirus Soft4th February 2010, 11:50 pm

more_horiz
Hello.

Please download the current version of HijackThis from HERE

  • Double click and run the installer.
  • It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  • After installing, you should get the user agreement, press accept and Hijack This will run.
  • When Hijack This opens, click "Open the Misc Tools section"
  • Then select "Open Uninstall Manager"
  • Click on "Save List..." (generates uninstall_list.txt)
  • Click Save, copy and paste the results in your next post.

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
Antivirus Soft DXwU4
Antivirus Soft VvYDg

descriptionAntivirus Soft EmptyRe: Antivirus Soft5th February 2010, 12:49 am

more_horiz
Acrobat.com
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.2
Adobe Shockwave Player 11.5
AIM 7
Apple Software Update
Canon MultiPASS Suite 4.01
Critical Update for Windows Media Player 11 (KB959772)
Dell Driver Reset Tool
DellSupport
Disney Toontown Online
Disney's Toontown Online
Download Updater (AOL LLC)
FormatFactory 2.20
Free Studio version 4.2
Free YouTube to Mp3 Converter version 3.1
Google
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Format SDK (KB902344)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Adapters and Drivers
Intel(R) PROSet for Wired Connections
Java(TM) 6 Update 13
Java(TM) 6 Update 2
Junk Mail filter update
Malwarebytes' Anti-Malware
MapleStory
Media Converter SA Edition 0.8
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Standard
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.5.7)
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
PhotoFiltre
PowerDVD 5.5
Qualxserve Service Agreement
QuickTime
RealPlayer Basic
Scan Manager 5.2
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Segoe UI
Sibelius Scorch (ActiveX Only)
Sonic Update Manager
Sony Vegas Pro 8.0
Spyware Doctor 7.0
Spyware Terminator
Uninstall 1.0.0.1
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
URL Assistant
Verizon Yahoo! Applications
Verizon Yahoo! Music Jukebox
Viewpoint Media Player
Windows Imaging Component
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows Presentation Foundation
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
WinRAR archiver
WordPerfect Office 12
Xvid 1.2.2 final uninstall

descriptionAntivirus Soft EmptyRe: Antivirus Soft5th February 2010, 1:39 am

more_horiz
Hello.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

    Java(TM) 6 Update 13
    Java(TM) 6 Update 2
    Spyware Terminator
    Viewpoint Media Player

Next,

  1. Close any open browsers.
  2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  3. Open notepad and copy/paste the text in the quotebox below into it:

    File::
    c:\windows\Usuwoyadomipu.bin
    c:\windows\Kbobuyi.dat

    DDS::
    uInternet Settings,ProxyServer = http=127.0.0.1:5555
    uInternet Settings,ProxyOverride =

  4. Save this as CFScript.txt, in the same location as ComboFix.exe

    Antivirus Soft Cfscriptb4i

  5. Referring to the picture above, drag CFScript into ComboFix.exe
  6. When finished, it shall produce a log for you at C:\ComboFix.txt
  7. Please post the contents of the log in your next reply.

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
Antivirus Soft DXwU4
Antivirus Soft VvYDg

descriptionAntivirus Soft EmptyRe: Antivirus Soft5th February 2010, 10:56 pm

more_horiz
Thank you so much but it's working now. But thanks for all the help once again Big Grin

descriptionAntivirus Soft EmptyRe: Antivirus Soft

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum