WiredWX Hobby Weather ToolsLog in

 


AntiVirus Soft Infection - Can Not Run Programs!

2 posters

descriptionAntiVirus Soft Infection - Can Not Run Programs! - Page 3 EmptyRe: AntiVirus Soft Infection - Can Not Run Programs!

more_horiz
ComboFix 10-03-15.04 - K Dawg 03/15/2010 21:10:35.4.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1150.723 [GMT -7:00]
Running from: c:\documents and settings\K Dawg\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\K Dawg\Desktop\CFScript.txt
AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Outdated) {FB06448E-52B8-493A-90F3-E43226D3305C}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_d42cb0d9.sys
-------\Service_hko2fc6


((((((((((((((((((((((((( Files Created from 2010-02-16 to 2010-03-16 )))))))))))))))))))))))))))))))
.

2010-03-16 03:56 . 2010-03-16 03:56 -------- d-----w- C:\Combo-Fix1125C
2010-03-16 03:49 . 2010-03-16 03:49 -------- d-----w- C:\FOUND.011
2010-03-15 02:05 . 2010-03-15 02:05 -------- d-----w- C:\Combo-Fix
2010-03-14 21:54 . 2010-03-14 21:54 -------- d-----w- C:\_OTL
2010-03-14 03:23 . 2010-03-14 03:23 -------- d-----w- c:\documents and settings\K Dawg\Local Settings\Application Data\Temp
2010-03-14 03:23 . 2010-03-14 03:23 -------- d-----w- c:\documents and settings\K Dawg\Local Settings\Application Data\Google
2010-03-14 03:22 . 2010-03-14 03:22 -------- d-----w- c:\documents and settings\K Dawg\Local Settings\Application Data\Deployment

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-24 09:39 . 2009-11-22 10:03 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-19 22:46 . 2010-01-19 22:46 59056 ----a-w- c:\documents and settings\NEWACCT\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-07 23:07 . 2009-08-16 06:14 38224 ----a-w- c:\winnt\system32\drivers\mbamswissarmy.sys
2010-01-07 23:07 . 2009-08-16 06:14 19160 ----a-w- c:\winnt\system32\drivers\mbam.sys
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-03-15_02.24.06 )))))))))))))))))))))))))))))))))))))))))
.
- 1980-01-01 07:00 . 2010-03-15 02:06 65494 c:\winnt\system32\perfc009.dat
+ 1980-01-01 07:00 . 2010-03-16 03:54 65494 c:\winnt\system32\perfc009.dat
+ 1980-01-01 07:00 . 2010-03-16 03:54 409874 c:\winnt\system32\perfh009.dat
- 1980-01-01 07:00 . 2010-03-15 02:06 409874 c:\winnt\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\K Dawg\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-03-14 135664]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-12-12 9555968]
"ctfmon.exe"="c:\winnt\system32\ctfmon.exe" [2004-08-04 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Wireless Network Monitor.lnk - c:\program files\Linksys\WUSB600N\WUSB600N.exe [2008-1-9 6922240]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\winnt\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk.disabled]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk.disabled
backup=c:\winnt\pss\Adobe Reader Speed Launch.lnk.disabledCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\winnt\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk.disabled]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk.disabled
backup=c:\winnt\pss\Kodak EasyShare software.lnk.disabledCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak software updater.lnk.disabled]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak software updater.lnk.disabled
backup=c:\winnt\pss\Kodak software updater.lnk.disabledCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^K Dawg^Start Menu^Programs^Startup^ChkDisk.dll]
path=c:\documents and settings\K Dawg\Start Menu\Programs\Startup\ChkDisk.dll
backup=c:\winnt\pss\ChkDisk.dllStartup

[HKLM\~\startupfolder\C:^Documents and Settings^K Dawg^Start Menu^Programs^Startup^ChkDisk.lnk]
path=c:\documents and settings\K Dawg\Start Menu\Programs\Startup\ChkDisk.lnk
backup=c:\winnt\pss\ChkDisk.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
2004-07-11 04:10 339968 ----a-w- c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
2004-12-11 01:02 67184 ----a-w- c:\program files\Common Files\Symantec Shared\ccApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GWMDMMSG]
2002-01-03 22:00 100913 ----a-w- c:\winnt\GWMDMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GWMDMpi]
2002-01-03 22:00 40960 ----a-w- c:\winnt\GWMDMpi.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2003-11-18 07:11 118784 ----a-w- c:\winnt\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
2001-10-22 16:05 196608 ----a-w- c:\winnt\system32\spool\drivers\w32x86\3\hpztsb04.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2007-02-05 23:52 849280 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-10-29 03:21 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itype]
2006-07-07 23:14 576320 ----a-w- c:\program files\Microsoft IntelliType Pro\itype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-09-05 08:54 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2008-09-16 19:16 1833296 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray]
2004-12-30 21:19 120640 ----a-w- c:\progra~1\SYMANT~1\VPTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2006-11-21 16:38 35328 ----a-w- c:\program files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WUSB54GSCSVC"=2 (0x2)
"PictureTaker"=3 (0x3)
"iPod Service"=3 (0x3)
"Apple Mobile Device"=2 (0x2)
"Symantec AntiVirus"=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Steam"=
"Aim6"="c:\program files\Common Files\AOL\Launch\AOLLaunch.exe" /d locale=en-US ee://aol/imApp

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"MCUpdateExe"=c:\progra~1\mcafee.com\agent\mcupdate.exe
"MCAgentExe"=c:\progra~1\mcafee.com\agent\mcagent.exe
"IPHSend"=c:\program files\Common Files\AOL\IPHSend\IPHSend.exe
"IgfxTray"=c:\winnt\System32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\1145426670\\ee\\aolsoftware.exe"=
"c:\\Program Files\\Common Files\\AOL\\1145426670\\ee\\aim6.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8602:TCP"= 8602:TCP:XBC
"8602:UDP"= 8602:UDP:XBCPORT2
"88:TCP"= 88:TCP:XboxLive2
"3074:TCP"= 3074:TCP:XboxLive
"3074:UDP"= 3074:UDP:XboxLiveUDP
"88:UDP"= 88:UDP:XboxLive2UDP

R2 SVKP;SVKP;c:\winnt\system32\SVKP.sys [10/10/2004 2:53 AM 2368]
S2 DVC150;DVC 150B;c:\winnt\system32\drivers\DVC150B.sys [1/20/2007 6:14 PM 31924]
S3 NPF;NetGroup Packet Filter Driver;c:\winnt\system32\drivers\npf.sys [8/2/2005 2:10 PM 32512]
S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [12/30/2004 2:19 PM 153416]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder

2010-03-09 c:\winnt\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 19:34]

2010-03-16 c:\winnt\Tasks\GoogleUpdateTaskUserS-1-5-21-2212413462-1417066420-3376078148-1005Core.job
- c:\documents and settings\K Dawg\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-03-14 03:23]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://mail.live.com/default.aspx?wa=wsignin1.0
DPF: Microsoft XML Parser for Java - file://c:\winnt\Java\classes\xmldso.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-15 21:17
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\PSSdk23]
"ImagePath"="\??\c:\winnt\system32\Drivers\PsSdk23.drv"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1620)
c:\winnt\system32\ieframe.dll
c:\winnt\system32\webcheck.dll
c:\winnt\system32\WPDShServiceObj.dll
c:\winnt\system32\PortableDeviceTypes.dll
c:\winnt\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\winnt\System32\Ati2evxx.exe
c:\program files\Common Files\Symantec Shared\ccSetMgr.exe
c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Symantec AntiVirus\DefWatch.exe
.
**************************************************************************
.
Completion time: 2010-03-15 21:22:03 - machine was rebooted
ComboFix-quarantined-files.txt 2010-03-16 04:22
ComboFix2.txt 2010-03-16 04:07
ComboFix3.txt 2010-03-15 02:29

Pre-Run: 7,565,508,608 bytes free
Post-Run: 7,509,016,576 bytes free

- - End Of File - - DFDE11A10792D6D9630102C28BCF6228

descriptionAntiVirus Soft Infection - Can Not Run Programs! - Page 3 EmptyRe: AntiVirus Soft Infection - Can Not Run Programs!

more_horiz
Hello.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /uninstall

This will also reset your restore points.

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.

descriptionAntiVirus Soft Infection - Can Not Run Programs! - Page 3 EmptyRe: AntiVirus Soft Infection - Can Not Run Programs!

more_horiz
Wow... its taking foreverrrrr. Oh well i'll just leave it on not rly bothering anything else... It found 2 things and is only 10% on the C drive. Smile...

descriptionAntiVirus Soft Infection - Can Not Run Programs! - Page 3 EmptyRe: AntiVirus Soft Infection - Can Not Run Programs!

more_horiz
WTF! Limewire won't run cuz that Java stuff I deleted. What would you recommend?

Says DL their software at java.com


... Can I ask why you had me delete that stuff before?

descriptionAntiVirus Soft Infection - Can Not Run Programs! - Page 3 EmptyRe: AntiVirus Soft Infection - Can Not Run Programs!

more_horiz
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=f2e038b43278f440bcc2f93910d514c3
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-03-17 03:23:26
# local_time=2010-03-16 08:23:26 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=89848
# found=3
# cleaned=3
# scan_time=17042
C:\WINNT\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\K98DC123\crypt_install[1].exe a variant of Win32/Kryptik.ADP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\K Dawg\Desktop\iTunes APPROVED\Lil Wayne - The Carter 3 -09- Shoot Me Down.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan (cleaned - quarantined) 00000000000000000000000000000000 C
F:\iTunes APPROVED\Lil Wayne - The Carter 3 -09- Shoot Me Down.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan (cleaned - quarantined) 00000000000000000000000000000000 C


Lil Wayne FTL. LMAO

descriptionAntiVirus Soft Infection - Can Not Run Programs! - Page 3 EmptyRe: AntiVirus Soft Infection - Can Not Run Programs!

more_horiz
Bump. Wondering why Limewire STILL won't work.?

descriptionAntiVirus Soft Infection - Can Not Run Programs! - Page 3 EmptyRe: AntiVirus Soft Infection - Can Not Run Programs!

more_horiz
Hello.

Updating Java:

  • Download the latest version of Java SE Runtime Environment (JRE) 6 Update 18.
  • Click the "Download JRE" button to the right.
  • In the Window that opens, select your platform, check the "agree" box, and click Continue.
  • Click on the link to download Windows Offline Installation and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Then from your desktop double-click on jre-6u18-windows-i586.exe that you downloaded to install the newest version.

Please uninstall Limewire, it's un-safe. Smile...

descriptionAntiVirus Soft Infection - Can Not Run Programs! - Page 3 EmptyRe: AntiVirus Soft Infection - Can Not Run Programs!

more_horiz
Belahzur wrote:
Hello.

Updating Java:

  • Download the latest version of Java SE Runtime Environment (JRE) 6 Update 18.
  • Click the "Download JRE" button to the right.
  • In the Window that opens, select your platform, check the "agree" box, and click Continue.
  • Click on the link to download Windows Offline Installation and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Then from your desktop double-click on jre-6u18-windows-i586.exe that you downloaded to install the newest version.

Please uninstall Limewire, it's un-safe. Smile...


That's true. Especially if you download .avi or .wav or .wma it can be some serious stuff and i've come across that stuff and found out firsthand what it can do... however I need a program w/ at least that good of a P2P network for finding individual, mostly rare, single songs... any suggestions?

descriptionAntiVirus Soft Infection - Can Not Run Programs! - Page 3 EmptyRe: AntiVirus Soft Infection - Can Not Run Programs!

more_horiz
Nope, no method of P2P is safe from risk.

descriptionAntiVirus Soft Infection - Can Not Run Programs! - Page 3 EmptyRe: AntiVirus Soft Infection - Can Not Run Programs!

more_horiz
Belahzur wrote:
Nope, no method of P2P is safe from risk.


My Limewire def didnt start working after the DL... hmmm... prolly just reinstall altogether. Thanks again man.

descriptionAntiVirus Soft Infection - Can Not Run Programs! - Page 3 EmptyRe: AntiVirus Soft Infection - Can Not Run Programs!

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum