Fake Windows Security Center

Status
Not open for further replies.
TwiztedTwit

TwiztedTwit

Baseband Member
Messages
95
I was finally able to run all the security programs on my daughters computer via flash drive. I still cant connect to the internet. When I go into network connections it shows MSN (which is how she normally connects) with a message of "Unavailable-device missing.

On my Lan or High Speed connection on Local Area Connection it says "limited or no connectivity"

Here is a copy of the HJT log if someone could look at it and advise it would be most appreciated.

I noticed her info says IE8, and yet its always asking us to download IE8


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:23:11 PM, on 9/19/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\iWin Games\iWinGamesInstaller.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\My Downloads\Computer Tech\Spybot S&D\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\System32\alg.exe
C:\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2BABB2DE-1512-481A-84FA-92CA9B012435} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\MYDOWN~1\COMPUT~1\SPYBOT~2\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {84FEBFF8-945B-4F9A-B9B8-B68EC5020770} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\My Downloads\Computer Tech\Malwarebytes\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DriverCure] C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe -scan
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\My Downloads\Computer Tech\Spybot S&D\Spybot - Search & Destroy\TeaTimer.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - ?p=ZUman000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\MYDOWN~1\COMPUT~1\SPYBOT~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\MYDOWN~1\COMPUT~1\SPYBOT~2\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} -
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} -
O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874} -
O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} -
O16 - DPF: {3D3DBC64-0D21-4EA4-94EE-86D6D9B31C0C} -
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} -
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} -
O16 - DPF: {42FDC231-A411-45F8-B8B6-3B5026111DA8} -
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} -
O16 - DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} -
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} -
O16 - DPF: {61900274-3323-4446-BDCD-91548D32AF1B} -
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} -
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} -
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} -
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} -
O16 - DPF: {94299420-321F-4FF9-A247-62A23EBB640B} -
O16 - DPF: {97438FE9-D361-4279-BA82-98CC0877A717} -
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} -
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} -
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} -
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} -
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} -
O16 - DPF: {BB637307-92FA-47EC-B3F7-6969078673CC} -
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} -
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} -
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} -
O16 - DPF: {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} -
O16 - DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} -
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} -
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: kri746.dat
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iWinGamesInstaller - iWin Inc. - C:\Program Files\iWin Games\iWinGamesInstaller.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

--
End of file - 7315 bytes
 
Remove these entries:

C:\Program Files\iWin Games\iWinGamesInstaller.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {2BABB2DE-1512-481A-84FA-92CA9B012435} - (no file)
O2 - BHO: (no name) - {84FEBFF8-945B-4F9A-B9B8-B68EC5020770} - (no file)
O2 - BHO: (no name) - {84FEBFF8-945B-4F9A-B9B8-B68EC5020770} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O8 - Extra context menu item: &Search - ?p=ZUman000
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} -
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} -
O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874} -
O16 - DPF: {3D3DBC64-0D21-4EA4-94EE-86D6D9B31C0C} -
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} -
O16 - DPF: {42FDC231-A411-45F8-B8B6-3B5026111DA8} -
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} -
O16 - DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} -
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} -
O16 - DPF: {61900274-3323-4446-BDCD-91548D32AF1B} -
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} -
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} -
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} -
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} -
O16 - DPF: {94299420-321F-4FF9-A247-62A23EBB640B} -
O16 - DPF: {97438FE9-D361-4279-BA82-98CC0877A717} -
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} -
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} -
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} -
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} -
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} -
O16 - DPF: {BB637307-92FA-47EC-B3F7-6969078673CC} -
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} -
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} -
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} -
O16 - DPF: {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} -
O16 - DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} -
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} -
O23 - Service: iWinGamesInstaller - iWin Inc. - C:\Program Files\iWin Games\iWinGamesInstaller.exe

Will need to run Malwarebytes, Combofix and post those logs as well.
 
Removed the entries as advised. I came across this info on the MSN Connection Mgr device missing, but really only trust info from here, so I thought you could verify.

"The MXN Connection manager is installed when you start to install MSN Explorer, the missing device will be displayed if you dont have a dial up modem.
You can right click the Connection Manager and delete it.

To uninstall MSN EXPLORER, go to CONTROL PANEL/ADD/REMOVE PROGRAMS. Check if you see MSN there (will be here if updated from the version included with XP)
If not there, click add/remove Windows Components, scrolldown to MSN Explorer, if checked, uncheck it.

To install MSN Explorer you have to setup your ISP account with MSN ( I know she hasnt done this, her ISP is Cox Cable.)


Here is my new HJT log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:01:40 PM, on 9/19/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\My Downloads\Computer Tech\Spybot S&D\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\MYDOWN~1\COMPUT~1\SPYBOT~2\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\My Downloads\Computer Tech\Malwarebytes\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DriverCure] C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe -scan
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\My Downloads\Computer Tech\Spybot S&D\Spybot - Search & Destroy\TeaTimer.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\MYDOWN~1\COMPUT~1\SPYBOT~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\MYDOWN~1\COMPUT~1\SPYBOT~2\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: kri746.dat
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

--
End of file - 5061 bytes
 
I had previously ran Malwarebytes and had it fix everything, I neglected to save a log. I ran the quick scan this time, and here is the log I saved. I hope I didnt screw anything up the first time.

Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 3

9/19/2009 5:22:43 PM
mbam-log-2009-09-19 (17-22-24).txt

Scan type: Quick Scan
Objects scanned: 104907
Time elapsed: 11 minute(s), 53 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 16
Registry Values Infected: 0
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{3d87b50d-542a-45b6-96e9-f03cfaa8c962} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2d2bee6e-3c9a-4d58-b9ec-458edb28d0f6} (Rogue.DriveCleaner) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6156a32a-c512-4e23-aa9a-2315f4265681} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c17e102b-bd29-4e92-b699-1a21d2cb8e6c} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{84febff8-945b-4f9a-b9b8-b68ec5020770} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
 
When running Combofix, it says I didnt have the "system recovery console" either enabled or it was missing. I do have the System Recovery enabled on this computer.

Here is my Combofix log:

ComboFix 09-09-18.02 - Eric 09/19/2009 17:29.1.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.479.154 [GMT -7:00]
Running from: c:\my downloads\Computer Tech\Combofix\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\enicybo._dl
c:\documents and settings\All Users\Application Data\ofuducurum.inf
c:\documents and settings\All Users\Application Data\qymilafepe.scr
c:\documents and settings\All Users\Application Data\xytuk._dl
c:\documents and settings\All Users\Documents\abixo.dll
c:\documents and settings\All Users\Documents\cora.sys
c:\documents and settings\All Users\Documents\gevoqa.inf
c:\documents and settings\All Users\Documents\irysuho._dl
c:\documents and settings\All Users\Documents\momuhykux.reg
c:\documents and settings\All Users\Documents\omeso._dl
c:\documents and settings\All Users\Documents\pewupyxy.reg
c:\documents and settings\Eric\Application Data\.#
c:\documents and settings\Eric\Application Data\itafopatel._dl
c:\documents and settings\Eric\Application Data\kyjag.ban
c:\documents and settings\Eric\Application Data\vovyhig.sys
c:\documents and settings\Eric\Cookies\fuqafevin._dl
c:\documents and settings\Eric\Cookies\idibi.inf
c:\documents and settings\Eric\Cookies\ohan.db
c:\documents and settings\Eric\Cookies\pota.dl
c:\documents and settings\Eric\Cookies\wyrybupic.inf
c:\documents and settings\Eric\Cookies\yjiwulewen.lib
c:\documents and settings\Eric\err.log
c:\documents and settings\Eric\Local Settings\Application Data\ixuhusajy.bat
c:\documents and settings\Eric\Local Settings\Application Data\udinex.bin
c:\documents and settings\Eric\Local Settings\Application Data\uhojyv.bat
c:\documents and settings\Eric\Local Settings\Application Data\utykim.inf
c:\documents and settings\Eric\Local Settings\Temporary Internet Files\azezif.inf
c:\documents and settings\Eric\Local Settings\Temporary Internet Files\cidyfoco.bat
c:\documents and settings\Eric\Local Settings\Temporary Internet Files\dabem.reg
c:\documents and settings\Eric\Local Settings\Temporary Internet Files\idopogocu.com
c:\documents and settings\Eric\Local Settings\Temporary Internet Files\pocagusuni.bat
c:\documents and settings\Eric\Local Settings\Temporary Internet Files\sixekap.com
c:\documents and settings\Eric\Local Settings\Temporary Internet Files\uqesuzevu.com
c:\program files\Common Files\ekymuz.scr
c:\program files\Common Files\olikucazaq.dl
c:\program files\Common Files\sibil.reg
c:\program files\Common Files\wisigo.vbs
c:\windows\COUPON~1.OCX
c:\windows\CouponPrinter.ocx
c:\windows\ecotarap.bin
c:\windows\ecuso.ban
c:\windows\ibabady.sys
c:\windows\numyvemyz.dl
c:\windows\omag.exe
c:\windows\ryka.dll
c:\windows\safafubume.ban
c:\windows\sorodil.pif
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\bvnitxms.ini
c:\windows\system32\byvepoj.scr
c:\windows\system32\canufuze.pif
c:\windows\system32\cirnckpo.ini
c:\windows\system32\Data
c:\windows\system32\dumphive.exe
c:\windows\system32\ehapucijy.ban
c:\windows\system32\esnlxikv.ini
c:\windows\system32\hijonisedy.bat
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\iedwmeef.ini
c:\windows\system32\iutsuliv.ini
c:\windows\system32\lucgmvov.ini
c:\windows\system32\lucywyxe.pif
c:\windows\system32\nmlTuBeg.ini
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\sysidiha.scr
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\vuvbisxg.ini
c:\windows\system32\wlvjcrup.ini
c:\windows\system32\WS2Fix.exe
c:\windows\system32\yhuxacoco.bin
c:\windows\ymykole.bat

c:\windows\system32\proquota.exe was missing
Restored copy from - c:\windows\ServicePackFiles\i386\proquota.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_IWINGAMESINSTALLER
-------\Legacy_MYWEBSEARCHSERVICE
-------\Service_iWinGamesInstaller


((((((((((((((((((((((((( Files Created from 2009-08-20 to 2009-09-20 )))))))))))))))))))))))))))))))
.

2009-09-20 00:41 . 2008-04-14 00:12 50176 -c--a-w- c:\windows\system32\dllcache\proquota.exe
2009-09-20 00:41 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\proquota.exe
2009-09-19 20:14 . 2009-09-19 20:14 -------- d-----w- c:\documents and settings\Eric\Application Data\Malwarebytes
2009-09-19 16:58 . 2009-09-19 16:58 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-09-19 16:58 . 2009-09-10 21:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-19 16:58 . 2009-09-19 16:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-19 16:58 . 2009-09-10 21:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-19 02:59 . 2009-09-19 23:52 -------- d-----w- C:\backups
2009-09-18 16:39 . 2009-09-18 16:39 -------- d-----w- c:\documents and settings\Administrator\Application Data\Lavasoft
2009-09-16 07:50 . 2009-09-16 07:50 -------- d-----w- c:\documents and settings\Eric\Application Data\PC Tools
2009-09-16 07:50 . 2009-09-16 07:50 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2009-09-15 02:45 . 2008-12-11 15:38 159600 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-09-15 02:45 . 2009-04-03 17:18 130936 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-09-15 02:45 . 2008-12-18 18:16 73840 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-09-15 02:44 . 2009-09-16 07:50 -------- d-----w- c:\program files\Common Files\PC Tools
2009-09-15 02:44 . 2008-12-10 18:36 64392 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-09-15 02:44 . 2009-09-16 08:19 -------- d-----w- c:\program files\Spyware Doctor
2009-09-15 02:17 . 2009-09-15 02:17 15824 ----a-w- c:\windows\paqy.dat
2009-09-15 01:44 . 2009-09-15 01:44 12909 ----a-w- c:\documents and settings\Eric\Local Settings\Application Data\xavohucy.dat
2009-09-15 01:44 . 2009-09-15 01:44 11093 ----a-w- c:\windows\valugavik.com
2009-09-12 04:01 . 2009-09-12 04:01 19633 ----a-w- c:\windows\system32\bulosoqaxi.dat
2009-09-08 23:12 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-20 00:46 . 2007-06-25 23:31 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-09-19 03:00 . 2006-12-14 14:39 -------- d-----w- c:\program files\Virtools Web Player 3.0
2009-09-19 02:05 . 2007-06-14 01:10 -------- d-----w- c:\program files\PopCap Games
2009-09-19 01:56 . 2006-09-22 19:19 -------- d-----w- c:\program files\BFG
2009-09-19 01:14 . 2009-07-01 04:59 -------- d-----w- c:\documents and settings\Eric\Application Data\DriverCure
2009-09-16 08:21 . 2008-04-05 00:13 -------- d-----w- c:\program files\iWin Games
2009-09-16 07:50 . 2006-11-04 03:59 -------- d-----w- c:\program files\Yahoo!
2009-09-15 07:31 . 2009-07-01 04:42 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverCure
2009-09-12 04:01 . 2009-09-12 04:01 18496 ----a-w- c:\program files\Common Files\nigydok.db
2009-08-21 13:30 . 2006-10-18 11:00 44944 ------w- c:\windows\system32\drivers\pxhelp20.sys
2009-08-16 15:58 . 2009-05-22 20:27 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-16 15:58 . 2009-05-22 20:27 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-16 15:58 . 2009-05-22 20:27 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-15 10:40 . 2006-12-04 13:09 19520 ----a-w- c:\documents and settings\Eric\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-15 10:14 . 2009-08-15 10:14 -------- d-----w- c:\program files\MSBuild
2009-08-15 10:13 . 2009-08-15 10:13 -------- d-----w- c:\program files\Reference Assemblies
2009-08-11 03:00 . 2009-02-23 04:11 -------- d-----w- c:\program files\RealArcade
2009-08-05 09:01 . 2004-08-04 12:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-17 19:01 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 17:08 . 2004-08-04 12:00 286720 ----a-w- c:\windows\system32\wmpdxm.dll
2009-06-25 08:25 . 2004-08-04 12:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:25 . 2004-08-04 12:00 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:25 . 2004-08-04 12:00 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:25 . 2004-08-04 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-25 08:25 . 2004-08-04 12:00 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:25 . 2004-08-04 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-24 11:18 . 2004-08-04 12:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2008-04-10 02:16 . 2008-04-10 02:16 0 ----a-w- c:\program files\temp01
2006-09-22 19:14 . 2006-09-22 19:14 774144 ----a-w- c:\program files\RngInterstitial.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\my downloads\Computer Tech\Spybot S&D\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-08-16 2007832]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2009-07-23 1181064]
"Malwarebytes Anti-Malware (reboot)"="c:\my downloads\Computer Tech\Malwarebytes\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-16 15:58 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Eric^Start Menu^Programs^Startup^iWin Desktop Alerts.lnk]
path=c:\documents and settings\Eric\Start Menu\Programs\Startup\iWin Desktop Alerts.lnk
backup=c:\windows\pss\iWin Desktop Alerts.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"iPod Service"=3 (0x3)
"Brother XP spl Service"=2 (0x2)
"brmfrmps"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"c:\\Program Files\\iWin Games\\iWinGames.exe"=
"c:\\Program Files\\iWin Games\\WebUpdater.exe"=
"c:\\Program Files\\Disney\\Disney Online\\PiratesOnline\\Launcher1.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [9/14/2009 7:45 PM 130936]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [5/22/2009 1:27 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [5/22/2009 1:27 PM 108552]
R1 rxp;rxp;c:\windows\system32\drivers\rxp.sys [1/29/2007 2:36 PM 14080]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [5/22/2009 1:27 PM 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [5/22/2009 1:26 PM 297752]
R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [8/4/2004 5:00 AM 14336]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [9/14/2009 7:44 PM 348752]

--- Other Services/Drivers In Memory ---

*Deregistered* - mchInjDrv

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-09-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 21:57]
.
.
------- Supplementary Scan -------
.
mWindow Title =
IE: { - c:\program files\platinumplay\casinogame.exe
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-DriverCure - c:\program files\ParetoLogic\DriverCure\DriverCure.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-09-19 17:46
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3d,3b,fa,56,5f,9c,81,43,9d,d5,00,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3d,3b,fa,56,5f,9c,81,43,9d,d5,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2780)
c:\program files\Spyware Doctor\pctgmhk.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\progra~1\SPYWAR~1\SDCONT~1.DLL
c:\my downloads\Computer Tech\Malwarebytes\Malwarebytes' Anti-Malware\mbamext.dll
c:\program files\WinRAR\rarext.dll
c:\program files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
c:\mydown~1\COMPUT~1\SPYBOT~2\SPYBOT~1\SDHelper.dll
c:\windows\system32\jsproxy.dll
c:\program files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Spyware Doctor\pctsSvc.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\windows\system32\wdfmgr.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
.
**************************************************************************
.
Completion time: 2009-09-20 17:51 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-20 00:51

Pre-Run: 100,452,032,512 bytes free
Post-Run: 100,528,742,400 bytes free

269 --- E O F --- 2009-09-09 10:10
 
Run Combofix first, it should break apart the entries that malwarebytes cant fix and then malwarebytes and clean it up
 
Sorry that is my fault. I should have said that before but failed to.
 
Status
Not open for further replies.

Similar threads

XWrench3
hijack this scan
Replies
6
Views
2K
XWrench3
XWrench3
G
Computer slow and work in background
Replies
0
Views
2K
grecycle99
G
N
Laptop slowing down in function (internet and general apps)
Replies
1
Views
3K
Trotter
Trotter
M
computer suddenly slowed down.
Replies
0
Views
3K
mike3dp
M
N
Your computer appears to be correctly configured, but the device or resource (DNS server) is not responding"
Replies
0
Views
4K
nev
N
Back
Top Bottom