Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Cannot update anti-virus security on PC or Laptop

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Cannot update anti-virus security on PC or Laptop

Unread postby young » May 14th, 2009, 9:23 am

========== FILES ==========
File/Folder H:\Program Files\SpeedBit Video Downloader not found.
H:\Program Files\Windows Doctor\2.0\backup\AutoSave\04-19-2009-19-04-44 moved successfully.
H:\Program Files\Windows Doctor\2.0\backup\AutoSave moved successfully.
H:\Program Files\Windows Doctor\2.0\backup moved successfully.
H:\Program Files\Windows Doctor\2.0 moved successfully.
H:\Program Files\Windows Doctor moved successfully.
H:\Program Files\SpeedBit Video Accelerator moved successfully.
H:\Documents and Settings\All Users\Application Data\SpeedBit moved successfully.
H:\Program Files\DAP moved successfully.
H:\Download Accelerator Plus Premium v9.0.0.7 moved successfully.

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05132009_231833
;***********************************************************************************************************************************************************************************
ANALYSIS: 2009-05-14 09:14:10
PROTECTIONS: 1
MALWARE: 32
SUSPECTS: 1
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
avast! antivirus 4.8.1335 [VPS 090513-0] 4.8.1335 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@trafficmp[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@atdmt[2].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@247realmedia[1].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@fastclick[2].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@tribalfusion[1].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@mediaplex[1].txt
00147806 Cookie/7search TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@7search[2].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@com[1].txt
00167647 Cookie/Yadro TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.yadro.ru/]
00167647 Cookie/Yadro TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@yadro[2].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.xiti.com/]
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.azjmp.com/]
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.azjmp.com/]
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.azjmp.com/]
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.azjmp.com/]
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.azjmp.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@statcounter[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@ad.yieldmanager[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@apmebf[1].txt
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.burstnet.com/]
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@burstnet[2].txt
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.burstnet.com/]
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.burstnet.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@bs.serving-sys[2].txt
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[www.burstbeacon.com/]
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@www.burstbeacon[2].txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@server.iad.liveperson[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@advertising[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@ads.pointroll[1].txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@realmedia[1].txt
00171633 Cookie/Cgi-bin TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@www5.addfreestats[1].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@questionmarket[1].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@zedo[1].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@bluestreak[1].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@adrevolver[2].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@go[2].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00262020 Cookie/Atwola TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@atwola[2].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.atwola.com/]
00262020 Cookie/Atwola TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.atwola.com/]
00457634 Adware/Fotomoto Adware No 0 Yes No H:\Program Files\Mozilla Firefox\components\nsBrowserOpt.dll
01196325 Cookie/Enhance TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@enhance[2].txt
;===================================================================================================================================================================================
SUSPECTS
Sent Location !
;===================================================================================================================================================================================
No H:\Documents and Settings\Turkessa M\My Documents\My Completed Downloads\ComboFix.exe !
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description !
;===================================================================================================================================================================================
;===================================================================================================================================================================================
Logfile of random's system information tool 1.06 (written by random/random)
Run by Turkessa M at 2009-05-14 09:15:54
Microsoft Windows XP Home Edition Service Pack 3
System drive H: has 18 GB (23%) free of 76 GB
Total RAM: 446 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:16:10 AM, on 5/14/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
H:\Program Files\Alwil Software\Avast4\ashServ.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\sm56hlpr.exe
H:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
H:\Program Files\HP\HP Software Update\HPWuSchd2.exe
H:\Program Files\Java\jre6\bin\jusched.exe
H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
H:\Program Files\Bonjour\mDNSResponder.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Java\jre6\bin\jqs.exe
H:\Program Files\iTunes\iTunesHelper.exe
H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
H:\Program Files\Common Files\LightScribe\LSSrvc.exe
H:\WINDOWS\system32\ctfmon.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
H:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
H:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
H:\Program Files\iPod\bin\iPodService.exe
H:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
H:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Documents and Settings\Turkessa M\Desktop\RSIT.exe
H:\Program Files\Trend Micro\HijackThis\Turkessa M.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/home.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [WorksFUD] H:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] H:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] H:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NeroFilterCheck] H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] "H:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [HP Software Update] H:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] H:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ad-Watch] H:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "H:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] H:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [BIBLauncher] H:\Documents and Settings\Turkessa M\My Documents\BIBLauncher.exe
O4 - Startup: Adobe Gamma.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Desktop Manager.lnk = H:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00130000-B1BA-11CE-ABC6-F5B2E79D9E3F} (LEAD Main Control (13.0)) - https://id2.myfilecontrol.com/fcwweb/co ... ocx13n.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - https://atlcitrix.kslaw.com/Citrix/ICAW ... wficat.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {5AB7DB23-F148-414E-AB7E-8E6FFD604B07} (FCWClientAccess.AccessClient) - https://id2.myfilecontrol.com/fcwweb/co ... CPrint.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se5483.cab
O16 - DPF: {78E2413E-4B39-41D0-AC5A-910ABA9BD8DF} (ImageControl Object) - https://id2.myfilecontrol.com/fcwweb/co ... gMan81.cab
O16 - DPF: {7DD62E58-5FA8-11D2-AFB7-00104B64F126} (Sview Control) - https://chf.isentry.com/svinstall/svinstall_green.exe
O23 - Service: Adobe LM Service - Adobe Systems - H:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - H:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - H:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - H:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - H:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - H:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

--
End of file - 10364 bytes

======Scheduled tasks folder======

H:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
H:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - H:\Program Files\Java\jre6\bin\ssv.dll [2009-02-25 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - H:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-25 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-25 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SMSERIAL"=H:\WINDOWS\sm56hlpr.exe [2004-12-29 544768]
"WorksFUD"=H:\Program Files\Microsoft Works\wkfud.exe [2001-10-05 24576]
"Microsoft Works Portfolio"=H:\Program Files\Microsoft Works\WksSb.exe [2001-08-23 331830]
"Microsoft Works Update Detection"=H:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [2001-08-17 28738]
"NeroFilterCheck"=H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"WinampAgent"=H:\Program Files\Winamp\winampa.exe [2008-03-27 36352]
"HP Software Update"=H:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=H:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"SunJavaUpdateSched"=H:\Program Files\Java\jre6\bin\jusched.exe [2009-02-25 136600]
"Adobe Reader Speed Launcher"=H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"Ad-Watch"=H:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-03-08 515416]
"QuickTime Task"=H:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"iTunesHelper"=H:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"RoxWatchTray"=H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2007-08-16 236016]
"avast!"=H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=H:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"MSMSGS"=H:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"LightScribe Control Panel"=H:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-07-18 451872]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-01 153136]
"BIBLauncher"=H:\Documents and Settings\Turkessa M\My Documents\BIBLauncher.exe [2008-02-05 609496]

H:\Documents and Settings\All Users\Start Menu\Programs\Startup
Desktop Manager.lnk - H:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
HP Digital Imaging Monitor.lnk - H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Works Calendar Reminders.lnk - H:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe

H:\Documents and Settings\Turkessa M\Start Menu\Programs\Startup
Adobe Gamma.lnk - H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
H:\WINDOWS\system32\Ati2evxx.dll [2005-08-13 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - H:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"H:\Documents and Settings\Turkessa M\Local Settings\Temporary Internet Files\Content.IE5\ZLQTOKCE\incredimail_install[1].exe"="H:\Documents and Settings\Turkessa M\Local Settings\Temporary Internet Files\Content.IE5\ZLQTOKCE\incredimail_install[1].exe:*:Enabled:IncrediMail Installer"
"H:\Program Files\IncrediMail\bin\ImApp.exe"="H:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"H:\Program Files\IncrediMail\bin\IncMail.exe"="H:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"H:\Program Files\IncrediMail\bin\ImpCnt.exe"="H:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"H:\incredimail_install.exe"="H:\incredimail_install.exe:*:Enabled:IncrediMail Installer"
"H:\Program Files\Winamp Remote\bin\Orb.exe"="H:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"H:\Program Files\Winamp Remote\bin\OrbTray.exe"="H:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"H:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="H:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
"H:\Program Files\Bonjour\mDNSResponder.exe"="H:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"H:\Program Files\iTunes\iTunes.exe"="H:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
shell\AutoRun\command - J:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ae6f003f-38bc-11dd-a95d-0013d49e6e73}]
shell\AutoRun\command - J:\LaunchU3.exe -a


======List of files/folders created in the last 1 months======

2009-05-13 23:23:21 ----D---- H:\Program Files\Panda Security
2009-05-13 23:23:20 ----D---- H:\WINDOWS\LastGood
2009-05-10 21:44:33 ----D---- H:\_OTMoveIt
2009-05-10 21:41:02 ----D---- H:\WINDOWS\ERDNT
2009-05-07 21:51:06 ----A---- H:\WINDOWS\system32\aswBoot.exe
2009-05-07 21:51:03 ----D---- H:\Program Files\Alwil Software
2009-05-06 19:11:49 ----D---- H:\rsit
2009-04-26 18:55:34 ----D---- H:\Program Files\Trend Micro
2009-04-26 02:40:58 ----A---- H:\WINDOWS\system32\cmd.execf
2009-04-26 02:40:05 ----D---- H:\32788R22FWJFW
2009-04-26 00:15:18 ----D---- H:\Program Files\Enigma Software Group
2009-04-25 16:23:45 ----D---- H:\Program Files\Windows Live Safety Center
2009-04-19 13:50:04 ----AD---- H:\Documents and Settings\All Users\Application Data\TEMP
2009-04-16 01:21:39 ----HDC---- H:\WINDOWS\$NtUninstallKB959426$
2009-04-16 01:21:21 ----HDC---- H:\WINDOWS\$NtUninstallKB961373$
2009-04-16 01:18:23 ----HDC---- H:\WINDOWS\$NtUninstallKB956572$
2009-04-16 01:17:53 ----HDC---- H:\WINDOWS\$NtUninstallKB952004$
2009-04-16 01:17:40 ----HDC---- H:\WINDOWS\$NtUninstallKB960803$
2009-04-16 01:17:13 ----HDC---- H:\WINDOWS\$NtUninstallKB923561$
2009-04-15 21:54:15 ----N---- H:\WINDOWS\system32\xpsp4res.dll

======List of files/folders modified in the last 1 months======

2009-05-14 07:18:02 ----D---- H:\WINDOWS\Temp
2009-05-13 23:33:15 ----D---- H:\WINDOWS\system32\drivers
2009-05-13 23:23:32 ----D---- H:\WINDOWS\Prefetch
2009-05-13 23:23:21 ----HD---- H:\WINDOWS\inf
2009-05-13 23:23:21 ----D---- H:\Program Files
2009-05-13 23:23:20 ----D---- H:\WINDOWS
2009-05-13 23:20:06 ----SD---- H:\WINDOWS\Downloaded Program Files
2009-05-13 23:20:05 ----D---- H:\WINDOWS\system32\CatRoot2
2009-05-13 23:16:37 ----SHD---- H:\WINDOWS\Installer
2009-05-13 23:16:37 ----HD---- H:\Config.Msi
2009-05-13 23:10:11 ----A---- H:\WINDOWS\SchedLgU.Txt
2009-05-13 23:09:33 ----D---- H:\WINDOWS\system32
2009-05-08 17:53:24 ----D---- H:\WINDOWS\system32\config
2009-05-07 23:45:43 ----D---- H:\Program Files\Mozilla Firefox
2009-05-07 22:36:19 ----SHD---- H:\System Volume Information
2009-05-07 22:36:19 ----D---- H:\Program Files\Common Files
2009-04-27 15:13:47 ----A---- H:\WINDOWS\NeroDigital.ini
2009-04-24 11:17:08 ----D---- H:\Program Files\Common Files\Microsoft Shared
2009-04-24 11:17:07 ----D---- H:\WINDOWS\WinSxS
2009-04-24 11:10:46 ----D---- H:\Documents and Settings\All Users\Application Data\McAfee
2009-04-24 09:48:26 ----A---- H:\WINDOWS\system32\e19e0c47-1d43-4932-7fd9-7e3e88300a66.exe
2009-04-23 21:50:05 ----SD---- H:\WINDOWS\Tasks
2009-04-21 12:52:18 ----D---- H:\WINDOWS\network diagnostic
2009-04-19 14:04:15 ----A---- H:\WINDOWS\system32\PerfStringBackup.INI
2009-04-19 13:55:26 ----D---- H:\Program Files\Bonjour
2009-04-19 13:55:24 ----D---- H:\Program Files\Internet Explorer
2009-04-16 03:07:01 ----D---- H:\WINDOWS\system32\wbem
2009-04-16 03:07:01 ----D---- H:\WINDOWS\AppPatch
2009-04-16 01:21:42 ----RSHDC---- H:\WINDOWS\system32\dllcache
2009-04-16 01:21:34 ----A---- H:\WINDOWS\imsins.BAK
2009-04-16 01:18:11 ----HD---- H:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; H:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 aswSP;avast! Self Protection; H:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; H:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R2 aswFsBlk;aswFsBlk; H:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; H:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 DgiVecp;Team MFP Comm Driver; H:\WINDOWS\System32\Drivers\DgiVecp.sys [2005-03-14 41984]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); H:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-29 3644928]
R3 Arp1394;1394 ARP Client Protocol; H:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; H:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 ati2mtag;ati2mtag; H:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-13 1313792]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; H:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; H:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-01-17 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; H:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-01-17 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; H:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-01-17 21568]
R3 MODEMCSA;Unimodem Streaming Filter Device; H:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 NIC1394;1394 Net Driver; H:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RimVSerPort;RIM Virtual Serial Port v2; H:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-01-18 26496]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; H:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; H:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 smserial;smserial; H:\WINDOWS\system32\DRIVERS\smserial.sys [2005-01-11 923826]
R3 usbccgp;Microsoft USB Generic Parent Driver; H:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; H:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; H:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; H:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Microsoft USB PRINTER Class; H:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; H:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbstor;USB Mass Storage Driver; H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 grmnusb;grmnusb; H:\WINDOWS\system32\drivers\grmnusb.sys [2003-09-23 7296]
S3 HidUsb;Microsoft HID Class Driver; H:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Mouse HID Driver; H:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 RimUsb;BlackBerry Smartphone; H:\WINDOWS\System32\Drivers\RimUsb.sys [2007-05-31 22656]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; H:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; H:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; H:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; H:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 aswUpdSv;avast! iAVS4 Control Service; H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; H:\WINDOWS\system32\Ati2evxx.exe [2005-08-13 376832]
R2 avast! Antivirus;avast! Antivirus; H:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 Bonjour Service;Bonjour Service; H:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; H:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 JavaQuickStarterService;Java Quick Starter; H:\Program Files\Java\jre6\bin\jqs.exe [2009-02-25 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; H:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-07-25 79136]
R2 Net Driver HPZ12;Net Driver HPZ12; H:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; H:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; H:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
R3 hpqcxs08;hpqcxs08; H:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 iPod Service;iPod Service; H:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
R3 NMIndexingService;NMIndexingService; H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; H:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-07-24 358896]
S2 RoxLiveShare9;LiveShare P2P Server 9; H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2007-08-16 309744]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-08-16 166384]
S3 Adobe LM Service;Adobe LM Service; H:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-11-02 72704]
S3 IDriverT;InstallDriver Table Manager; H:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; H:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-15 951632]
S3 NBService;NBService; H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 ose;Office Source Engine; H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2008-01-07 89136]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; H:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-07-24 88560]
S3 RoxMediaDB9;RoxMediaDB9; H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-08-16 1092080]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; H:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; H:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

-----------------EOF-----------------
young
Regular Member
 
Posts: 15
Joined: April 25th, 2009, 6:03 pm
Advertisement
Register to Remove

Re: Cannot update anti-virus security on PC or Laptop

Unread postby young » May 14th, 2009, 9:24 am

========== FILES ==========
File/Folder H:\Program Files\SpeedBit Video Downloader not found.
H:\Program Files\Windows Doctor\2.0\backup\AutoSave\04-19-2009-19-04-44 moved successfully.
H:\Program Files\Windows Doctor\2.0\backup\AutoSave moved successfully.
H:\Program Files\Windows Doctor\2.0\backup moved successfully.
H:\Program Files\Windows Doctor\2.0 moved successfully.
H:\Program Files\Windows Doctor moved successfully.
H:\Program Files\SpeedBit Video Accelerator moved successfully.
H:\Documents and Settings\All Users\Application Data\SpeedBit moved successfully.
H:\Program Files\DAP moved successfully.
H:\Download Accelerator Plus Premium v9.0.0.7 moved successfully.

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05132009_231833
;***********************************************************************************************************************************************************************************
ANALYSIS: 2009-05-14 09:14:10
PROTECTIONS: 1
MALWARE: 32
SUSPECTS: 1
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
avast! antivirus 4.8.1335 [VPS 090513-0] 4.8.1335 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@trafficmp[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@atdmt[2].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@247realmedia[1].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@fastclick[2].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@tribalfusion[1].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@mediaplex[1].txt
00147806 Cookie/7search TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@7search[2].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@com[1].txt
00167647 Cookie/Yadro TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.yadro.ru/]
00167647 Cookie/Yadro TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@yadro[2].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.xiti.com/]
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.azjmp.com/]
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.azjmp.com/]
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.azjmp.com/]
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.azjmp.com/]
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.azjmp.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@statcounter[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@ad.yieldmanager[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@apmebf[1].txt
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.burstnet.com/]
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@burstnet[2].txt
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.burstnet.com/]
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.burstnet.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@bs.serving-sys[2].txt
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[www.burstbeacon.com/]
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@www.burstbeacon[2].txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@server.iad.liveperson[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@advertising[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@ads.pointroll[1].txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@realmedia[1].txt
00171633 Cookie/Cgi-bin TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@www5.addfreestats[1].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@questionmarket[1].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@zedo[1].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@bluestreak[1].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@adrevolver[2].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@go[2].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.go.com/]
00262020 Cookie/Atwola TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@atwola[2].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.atwola.com/]
00262020 Cookie/Atwola TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Application Data\Mozilla\Firefox\Profiles\v8veomve.default\cookies.txt[.atwola.com/]
00457634 Adware/Fotomoto Adware No 0 Yes No H:\Program Files\Mozilla Firefox\components\nsBrowserOpt.dll
01196325 Cookie/Enhance TrackingCookie No 0 Yes No H:\Documents and Settings\Turkessa M\Cookies\turkessa_m@enhance[2].txt
;===================================================================================================================================================================================
SUSPECTS
Sent Location !
;===================================================================================================================================================================================
No H:\Documents and Settings\Turkessa M\My Documents\My Completed Downloads\ComboFix.exe !
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description !
;===================================================================================================================================================================================
;===================================================================================================================================================================================
Logfile of random's system information tool 1.06 (written by random/random)
Run by Turkessa M at 2009-05-14 09:15:54
Microsoft Windows XP Home Edition Service Pack 3
System drive H: has 18 GB (23%) free of 76 GB
Total RAM: 446 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:16:10 AM, on 5/14/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
H:\Program Files\Alwil Software\Avast4\ashServ.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\sm56hlpr.exe
H:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
H:\Program Files\HP\HP Software Update\HPWuSchd2.exe
H:\Program Files\Java\jre6\bin\jusched.exe
H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
H:\Program Files\Bonjour\mDNSResponder.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Java\jre6\bin\jqs.exe
H:\Program Files\iTunes\iTunesHelper.exe
H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
H:\Program Files\Common Files\LightScribe\LSSrvc.exe
H:\WINDOWS\system32\ctfmon.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
H:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
H:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
H:\Program Files\iPod\bin\iPodService.exe
H:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
H:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Documents and Settings\Turkessa M\Desktop\RSIT.exe
H:\Program Files\Trend Micro\HijackThis\Turkessa M.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.comcast.net/home.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [WorksFUD] H:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] H:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] H:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NeroFilterCheck] H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] "H:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [HP Software Update] H:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] H:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ad-Watch] H:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "H:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] H:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [BIBLauncher] H:\Documents and Settings\Turkessa M\My Documents\BIBLauncher.exe
O4 - Startup: Adobe Gamma.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Desktop Manager.lnk = H:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00130000-B1BA-11CE-ABC6-F5B2E79D9E3F} (LEAD Main Control (13.0)) - https://id2.myfilecontrol.com/fcwweb/co ... ocx13n.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - https://atlcitrix.kslaw.com/Citrix/ICAW ... wficat.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {5AB7DB23-F148-414E-AB7E-8E6FFD604B07} (FCWClientAccess.AccessClient) - https://id2.myfilecontrol.com/fcwweb/co ... CPrint.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se5483.cab
O16 - DPF: {78E2413E-4B39-41D0-AC5A-910ABA9BD8DF} (ImageControl Object) - https://id2.myfilecontrol.com/fcwweb/co ... gMan81.cab
O16 - DPF: {7DD62E58-5FA8-11D2-AFB7-00104B64F126} (Sview Control) - https://chf.isentry.com/svinstall/svinstall_green.exe
O23 - Service: Adobe LM Service - Adobe Systems - H:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - H:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - H:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - H:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - H:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - H:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

--
End of file - 10364 bytes

======Scheduled tasks folder======

H:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
H:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - H:\Program Files\Java\jre6\bin\ssv.dll [2009-02-25 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - H:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-25 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-25 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SMSERIAL"=H:\WINDOWS\sm56hlpr.exe [2004-12-29 544768]
"WorksFUD"=H:\Program Files\Microsoft Works\wkfud.exe [2001-10-05 24576]
"Microsoft Works Portfolio"=H:\Program Files\Microsoft Works\WksSb.exe [2001-08-23 331830]
"Microsoft Works Update Detection"=H:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [2001-08-17 28738]
"NeroFilterCheck"=H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"WinampAgent"=H:\Program Files\Winamp\winampa.exe [2008-03-27 36352]
"HP Software Update"=H:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=H:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"SunJavaUpdateSched"=H:\Program Files\Java\jre6\bin\jusched.exe [2009-02-25 136600]
"Adobe Reader Speed Launcher"=H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"Ad-Watch"=H:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-03-08 515416]
"QuickTime Task"=H:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"iTunesHelper"=H:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"RoxWatchTray"=H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2007-08-16 236016]
"avast!"=H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=H:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"MSMSGS"=H:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"LightScribe Control Panel"=H:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-07-18 451872]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-01 153136]
"BIBLauncher"=H:\Documents and Settings\Turkessa M\My Documents\BIBLauncher.exe [2008-02-05 609496]

H:\Documents and Settings\All Users\Start Menu\Programs\Startup
Desktop Manager.lnk - H:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
HP Digital Imaging Monitor.lnk - H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Works Calendar Reminders.lnk - H:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe

H:\Documents and Settings\Turkessa M\Start Menu\Programs\Startup
Adobe Gamma.lnk - H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
H:\WINDOWS\system32\Ati2evxx.dll [2005-08-13 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - H:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"H:\Documents and Settings\Turkessa M\Local Settings\Temporary Internet Files\Content.IE5\ZLQTOKCE\incredimail_install[1].exe"="H:\Documents and Settings\Turkessa M\Local Settings\Temporary Internet Files\Content.IE5\ZLQTOKCE\incredimail_install[1].exe:*:Enabled:IncrediMail Installer"
"H:\Program Files\IncrediMail\bin\ImApp.exe"="H:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"H:\Program Files\IncrediMail\bin\IncMail.exe"="H:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"H:\Program Files\IncrediMail\bin\ImpCnt.exe"="H:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"H:\incredimail_install.exe"="H:\incredimail_install.exe:*:Enabled:IncrediMail Installer"
"H:\Program Files\Winamp Remote\bin\Orb.exe"="H:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"H:\Program Files\Winamp Remote\bin\OrbTray.exe"="H:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"H:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="H:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
"H:\Program Files\Bonjour\mDNSResponder.exe"="H:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"H:\Program Files\iTunes\iTunes.exe"="H:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
shell\AutoRun\command - J:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ae6f003f-38bc-11dd-a95d-0013d49e6e73}]
shell\AutoRun\command - J:\LaunchU3.exe -a


======List of files/folders created in the last 1 months======

2009-05-13 23:23:21 ----D---- H:\Program Files\Panda Security
2009-05-13 23:23:20 ----D---- H:\WINDOWS\LastGood
2009-05-10 21:44:33 ----D---- H:\_OTMoveIt
2009-05-10 21:41:02 ----D---- H:\WINDOWS\ERDNT
2009-05-07 21:51:06 ----A---- H:\WINDOWS\system32\aswBoot.exe
2009-05-07 21:51:03 ----D---- H:\Program Files\Alwil Software
2009-05-06 19:11:49 ----D---- H:\rsit
2009-04-26 18:55:34 ----D---- H:\Program Files\Trend Micro
2009-04-26 02:40:58 ----A---- H:\WINDOWS\system32\cmd.execf
2009-04-26 02:40:05 ----D---- H:\32788R22FWJFW
2009-04-26 00:15:18 ----D---- H:\Program Files\Enigma Software Group
2009-04-25 16:23:45 ----D---- H:\Program Files\Windows Live Safety Center
2009-04-19 13:50:04 ----AD---- H:\Documents and Settings\All Users\Application Data\TEMP
2009-04-16 01:21:39 ----HDC---- H:\WINDOWS\$NtUninstallKB959426$
2009-04-16 01:21:21 ----HDC---- H:\WINDOWS\$NtUninstallKB961373$
2009-04-16 01:18:23 ----HDC---- H:\WINDOWS\$NtUninstallKB956572$
2009-04-16 01:17:53 ----HDC---- H:\WINDOWS\$NtUninstallKB952004$
2009-04-16 01:17:40 ----HDC---- H:\WINDOWS\$NtUninstallKB960803$
2009-04-16 01:17:13 ----HDC---- H:\WINDOWS\$NtUninstallKB923561$
2009-04-15 21:54:15 ----N---- H:\WINDOWS\system32\xpsp4res.dll

======List of files/folders modified in the last 1 months======

2009-05-14 07:18:02 ----D---- H:\WINDOWS\Temp
2009-05-13 23:33:15 ----D---- H:\WINDOWS\system32\drivers
2009-05-13 23:23:32 ----D---- H:\WINDOWS\Prefetch
2009-05-13 23:23:21 ----HD---- H:\WINDOWS\inf
2009-05-13 23:23:21 ----D---- H:\Program Files
2009-05-13 23:23:20 ----D---- H:\WINDOWS
2009-05-13 23:20:06 ----SD---- H:\WINDOWS\Downloaded Program Files
2009-05-13 23:20:05 ----D---- H:\WINDOWS\system32\CatRoot2
2009-05-13 23:16:37 ----SHD---- H:\WINDOWS\Installer
2009-05-13 23:16:37 ----HD---- H:\Config.Msi
2009-05-13 23:10:11 ----A---- H:\WINDOWS\SchedLgU.Txt
2009-05-13 23:09:33 ----D---- H:\WINDOWS\system32
2009-05-08 17:53:24 ----D---- H:\WINDOWS\system32\config
2009-05-07 23:45:43 ----D---- H:\Program Files\Mozilla Firefox
2009-05-07 22:36:19 ----SHD---- H:\System Volume Information
2009-05-07 22:36:19 ----D---- H:\Program Files\Common Files
2009-04-27 15:13:47 ----A---- H:\WINDOWS\NeroDigital.ini
2009-04-24 11:17:08 ----D---- H:\Program Files\Common Files\Microsoft Shared
2009-04-24 11:17:07 ----D---- H:\WINDOWS\WinSxS
2009-04-24 11:10:46 ----D---- H:\Documents and Settings\All Users\Application Data\McAfee
2009-04-24 09:48:26 ----A---- H:\WINDOWS\system32\e19e0c47-1d43-4932-7fd9-7e3e88300a66.exe
2009-04-23 21:50:05 ----SD---- H:\WINDOWS\Tasks
2009-04-21 12:52:18 ----D---- H:\WINDOWS\network diagnostic
2009-04-19 14:04:15 ----A---- H:\WINDOWS\system32\PerfStringBackup.INI
2009-04-19 13:55:26 ----D---- H:\Program Files\Bonjour
2009-04-19 13:55:24 ----D---- H:\Program Files\Internet Explorer
2009-04-16 03:07:01 ----D---- H:\WINDOWS\system32\wbem
2009-04-16 03:07:01 ----D---- H:\WINDOWS\AppPatch
2009-04-16 01:21:42 ----RSHDC---- H:\WINDOWS\system32\dllcache
2009-04-16 01:21:34 ----A---- H:\WINDOWS\imsins.BAK
2009-04-16 01:18:11 ----HD---- H:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; H:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 aswSP;avast! Self Protection; H:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; H:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R2 aswFsBlk;aswFsBlk; H:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; H:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 DgiVecp;Team MFP Comm Driver; H:\WINDOWS\System32\Drivers\DgiVecp.sys [2005-03-14 41984]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); H:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-29 3644928]
R3 Arp1394;1394 ARP Client Protocol; H:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; H:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 ati2mtag;ati2mtag; H:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-13 1313792]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; H:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; H:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-01-17 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; H:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-01-17 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; H:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-01-17 21568]
R3 MODEMCSA;Unimodem Streaming Filter Device; H:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 NIC1394;1394 Net Driver; H:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RimVSerPort;RIM Virtual Serial Port v2; H:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-01-18 26496]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; H:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; H:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 smserial;smserial; H:\WINDOWS\system32\DRIVERS\smserial.sys [2005-01-11 923826]
R3 usbccgp;Microsoft USB Generic Parent Driver; H:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; H:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; H:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; H:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Microsoft USB PRINTER Class; H:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; H:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbstor;USB Mass Storage Driver; H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 grmnusb;grmnusb; H:\WINDOWS\system32\drivers\grmnusb.sys [2003-09-23 7296]
S3 HidUsb;Microsoft HID Class Driver; H:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Mouse HID Driver; H:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 RimUsb;BlackBerry Smartphone; H:\WINDOWS\System32\Drivers\RimUsb.sys [2007-05-31 22656]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; H:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; H:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; H:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; H:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 aswUpdSv;avast! iAVS4 Control Service; H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; H:\WINDOWS\system32\Ati2evxx.exe [2005-08-13 376832]
R2 avast! Antivirus;avast! Antivirus; H:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 Bonjour Service;Bonjour Service; H:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; H:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 JavaQuickStarterService;Java Quick Starter; H:\Program Files\Java\jre6\bin\jqs.exe [2009-02-25 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; H:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-07-25 79136]
R2 Net Driver HPZ12;Net Driver HPZ12; H:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; H:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; H:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
R3 hpqcxs08;hpqcxs08; H:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 iPod Service;iPod Service; H:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
R3 NMIndexingService;NMIndexingService; H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; H:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-07-24 358896]
S2 RoxLiveShare9;LiveShare P2P Server 9; H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2007-08-16 309744]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-08-16 166384]
S3 Adobe LM Service;Adobe LM Service; H:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-11-02 72704]
S3 IDriverT;InstallDriver Table Manager; H:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; H:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-15 951632]
S3 NBService;NBService; H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 ose;Office Source Engine; H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2008-01-07 89136]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; H:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-07-24 88560]
S3 RoxMediaDB9;RoxMediaDB9; H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-08-16 1092080]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; H:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; H:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

-----------------EOF-----------------
young
Regular Member
 
Posts: 15
Joined: April 25th, 2009, 6:03 pm

Re: Cannot update anti-virus security on PC or Laptop

Unread postby MikeSwim07 » May 15th, 2009, 8:54 pm

Run OTMoveIt3
  • Double-click on OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • Copy the lines in the codebox below.
  • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
    Code: Select all
    :files
    H:\Program Files\Mozilla Firefox\components\nsBrowserOpt.dll
    
  • Return to OTMoveIt3, right click in the Paste Instructions for Items to be Moved window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
  • If you are not asked to reboot close OTMoveIt3.
  • A log C:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log will be created (where mmddyyyy_hhmmss are numbers giving date and time the log was created).

Update Java Runtime

You are using an old version of Java. Sun's Java is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason, it's extremely important that you keep the program up to date, and also remove the older more vulnerable versions from your system. The most current version of Sun Java is: Java Runtime Environment Version 6 Update 13.
  • Go to http://java.sun.com/javase/downloads/index.jsp
  • Go to Java Runtime Environment (JRE) 6 Update 13 and click on Download button.
  • In the Platform box choose Windows.
  • Check the box to Accept License Agreement and click Continue.
  • Click on Windows Online Installation, click on the link under it which says "jre-6u13-windows-i586-p.exe" and save the downloaded file to your desktop.
  • Go to Start => Control Panel => Add or Remove Programs
  • Uninstall all old versions of Java (Java 3 Runtime Environment, JRE or JSE)
  • Reboot your computer
  • Delete the folder C:\Program Files\Java if present
  • Install the new version by running the newly-downloaded file with the java icon which will be at your desktop, and follow the on-screen instructions.
  • Reboot your computer

Please post the OTMoveIt3 log, an new Uninstall List, How is everything running now?
MikeSwim07
Regular Member
 
Posts: 4215
Joined: August 27th, 2007, 9:44 am
Location: Gone

Re: Cannot update anti-virus security on PC or Laptop

Unread postby young » May 17th, 2009, 2:19 pm

Computer seems to be running MUCH better. Most important, my anti-virus program seems to be updating! Thanks! Here are the most recent logs you requested:


========== FILES ==========
LoadLibrary failed for H:\Program Files\Mozilla Firefox\components\nsBrowserOpt.dll
H:\Program Files\Mozilla Firefox\components\nsBrowserOpt.dll NOT unregistered.
H:\Program Files\Mozilla Firefox\components\nsBrowserOpt.dll moved successfully.

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05172009_141246

Logfile of random's system information tool 1.06 (written by random/random)
Run by Turkessa M at 2009-05-17 14:27:47
Microsoft Windows XP Home Edition Service Pack 3
System drive H: has 17 GB (23%) free of 76 GB
Total RAM: 446 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:29:42 PM, on 5/17/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
H:\Program Files\Alwil Software\Avast4\ashServ.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Alwil Software\Avast4\setup\avast.setup
H:\Documents and Settings\Turkessa M\Desktop\RSIT.exe
H:\WINDOWS\sm56hlpr.exe
H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
H:\Program Files\Bonjour\mDNSResponder.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
H:\Program Files\Java\jre6\bin\jqs.exe
H:\Program Files\HP\HP Software Update\HPWuSchd2.exe
H:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
H:\Program Files\Common Files\LightScribe\LSSrvc.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\iTunes\iTunesHelper.exe
H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
H:\Program Files\Java\jre6\bin\jusched.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
H:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
H:\WINDOWS\system32\wscntfy.exe
H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
H:\Program Files\Trend Micro\HijackThis\Turkessa M.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.comcast.net/home.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [WorksFUD] H:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] H:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] H:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NeroFilterCheck] H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] "H:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [HP Software Update] H:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] H:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ad-Watch] H:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "H:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "H:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] H:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [BIBLauncher] H:\Documents and Settings\Turkessa M\My Documents\BIBLauncher.exe
O4 - Startup: Adobe Gamma.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Desktop Manager.lnk = H:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00130000-B1BA-11CE-ABC6-F5B2E79D9E3F} (LEAD Main Control (13.0)) - https://id2.myfilecontrol.com/fcwweb/co ... ocx13n.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - https://atlcitrix.kslaw.com/Citrix/ICAW ... wficat.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {5AB7DB23-F148-414E-AB7E-8E6FFD604B07} (FCWClientAccess.AccessClient) - https://id2.myfilecontrol.com/fcwweb/co ... CPrint.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se5483.cab
O16 - DPF: {78E2413E-4B39-41D0-AC5A-910ABA9BD8DF} (ImageControl Object) - https://id2.myfilecontrol.com/fcwweb/co ... gMan81.cab
O16 - DPF: {7DD62E58-5FA8-11D2-AFB7-00104B64F126} (Sview Control) - https://chf.isentry.com/svinstall/svinstall_green.exe
O23 - Service: Adobe LM Service - Adobe Systems - H:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - H:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - H:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - H:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - H:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - H:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

--
End of file - 10187 bytes

======Scheduled tasks folder======

H:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
H:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - H:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-17 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-17 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - H:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SMSERIAL"=H:\WINDOWS\sm56hlpr.exe [2004-12-29 544768]
"WorksFUD"=H:\Program Files\Microsoft Works\wkfud.exe [2001-10-05 24576]
"Microsoft Works Portfolio"=H:\Program Files\Microsoft Works\WksSb.exe [2001-08-23 331830]
"Microsoft Works Update Detection"=H:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [2001-08-17 28738]
"NeroFilterCheck"=H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"WinampAgent"=H:\Program Files\Winamp\winampa.exe [2008-03-27 36352]
"HP Software Update"=H:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=H:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"Adobe Reader Speed Launcher"=H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"Ad-Watch"=H:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-03-08 515416]
"QuickTime Task"=H:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"iTunesHelper"=H:\Program Files\iTunes\iTunesHelper.exe [2009-04-02 342312]
"RoxWatchTray"=H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2007-08-16 236016]
"avast!"=H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"SunJavaUpdateSched"=H:\Program Files\Java\jre6\bin\jusched.exe [2009-05-17 148888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=H:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"MSMSGS"=H:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"LightScribe Control Panel"=H:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-07-18 451872]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-01 153136]
"BIBLauncher"=H:\Documents and Settings\Turkessa M\My Documents\BIBLauncher.exe [2008-02-05 609496]

H:\Documents and Settings\All Users\Start Menu\Programs\Startup
Desktop Manager.lnk - H:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
HP Digital Imaging Monitor.lnk - H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Works Calendar Reminders.lnk - H:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe

H:\Documents and Settings\Turkessa M\Start Menu\Programs\Startup
Adobe Gamma.lnk - H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
H:\WINDOWS\system32\Ati2evxx.dll [2005-08-13 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - H:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"H:\Documents and Settings\Turkessa M\Local Settings\Temporary Internet Files\Content.IE5\ZLQTOKCE\incredimail_install[1].exe"="H:\Documents and Settings\Turkessa M\Local Settings\Temporary Internet Files\Content.IE5\ZLQTOKCE\incredimail_install[1].exe:*:Enabled:IncrediMail Installer"
"H:\Program Files\IncrediMail\bin\ImApp.exe"="H:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"H:\Program Files\IncrediMail\bin\IncMail.exe"="H:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"H:\Program Files\IncrediMail\bin\ImpCnt.exe"="H:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"H:\incredimail_install.exe"="H:\incredimail_install.exe:*:Enabled:IncrediMail Installer"
"H:\Program Files\Winamp Remote\bin\Orb.exe"="H:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"H:\Program Files\Winamp Remote\bin\OrbTray.exe"="H:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"H:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="H:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
"H:\Program Files\Bonjour\mDNSResponder.exe"="H:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"H:\Program Files\iTunes\iTunes.exe"="H:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
shell\AutoRun\command - J:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ae6f003f-38bc-11dd-a95d-0013d49e6e73}]
shell\AutoRun\command - J:\LaunchU3.exe -a


======List of files/folders created in the last 1 months======

2009-05-17 14:23:00 ----A---- H:\WINDOWS\system32\javaws.exe
2009-05-17 14:23:00 ----A---- H:\WINDOWS\system32\javaw.exe
2009-05-17 14:23:00 ----A---- H:\WINDOWS\system32\java.exe
2009-05-13 23:23:21 ----D---- H:\Program Files\Panda Security
2009-05-10 21:44:33 ----D---- H:\_OTMoveIt
2009-05-10 21:41:02 ----D---- H:\WINDOWS\ERDNT
2009-05-07 21:51:06 ----A---- H:\WINDOWS\system32\aswBoot.exe
2009-05-07 21:51:03 ----D---- H:\Program Files\Alwil Software
2009-05-06 19:11:49 ----D---- H:\rsit
2009-04-26 18:55:34 ----D---- H:\Program Files\Trend Micro
2009-04-26 02:40:58 ----A---- H:\WINDOWS\system32\cmd.execf
2009-04-26 02:40:05 ----D---- H:\32788R22FWJFW
2009-04-26 00:15:18 ----D---- H:\Program Files\Enigma Software Group
2009-04-25 16:23:45 ----D---- H:\Program Files\Windows Live Safety Center
2009-04-19 13:50:04 ----AD---- H:\Documents and Settings\All Users\Application Data\TEMP

======List of files/folders modified in the last 1 months======

2009-05-17 14:29:51 ----D---- H:\WINDOWS\Temp
2009-05-17 14:29:30 ----D---- H:\WINDOWS
2009-05-17 14:27:35 ----A---- H:\WINDOWS\SchedLgU.Txt
2009-05-17 14:26:33 ----D---- H:\WINDOWS\system32\CatRoot2
2009-05-17 14:23:05 ----SHD---- H:\WINDOWS\Installer
2009-05-17 14:23:04 ----HD---- H:\Config.Msi
2009-05-17 14:23:01 ----D---- H:\WINDOWS\system32
2009-05-17 14:22:43 ----A---- H:\WINDOWS\system32\deploytk.dll
2009-05-17 14:22:20 ----D---- H:\WINDOWS\Prefetch
2009-05-17 14:21:46 ----D---- H:\Program Files\Java
2009-05-17 14:21:46 ----D---- H:\Program Files\Common Files
2009-05-13 23:33:15 ----D---- H:\WINDOWS\system32\drivers
2009-05-13 23:23:21 ----HD---- H:\WINDOWS\inf
2009-05-13 23:23:21 ----D---- H:\Program Files
2009-05-13 23:20:06 ----SD---- H:\WINDOWS\Downloaded Program Files
2009-05-08 17:53:24 ----D---- H:\WINDOWS\system32\config
2009-05-07 23:45:43 ----D---- H:\Program Files\Mozilla Firefox
2009-05-07 22:36:19 ----SHD---- H:\System Volume Information
2009-04-27 15:13:47 ----A---- H:\WINDOWS\NeroDigital.ini
2009-04-24 11:17:08 ----D---- H:\Program Files\Common Files\Microsoft Shared
2009-04-24 11:17:07 ----D---- H:\WINDOWS\WinSxS
2009-04-24 11:10:46 ----D---- H:\Documents and Settings\All Users\Application Data\McAfee
2009-04-24 09:48:26 ----A---- H:\WINDOWS\system32\e19e0c47-1d43-4932-7fd9-7e3e88300a66.exe
2009-04-23 21:50:05 ----SD---- H:\WINDOWS\Tasks
2009-04-21 12:52:18 ----D---- H:\WINDOWS\network diagnostic
2009-04-19 14:04:15 ----A---- H:\WINDOWS\system32\PerfStringBackup.INI
2009-04-19 13:55:26 ----D---- H:\Program Files\Bonjour
2009-04-19 13:55:24 ----D---- H:\Program Files\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; H:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 aswSP;avast! Self Protection; H:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; H:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R2 aswFsBlk;aswFsBlk; H:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; H:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 DgiVecp;Team MFP Comm Driver; H:\WINDOWS\System32\Drivers\DgiVecp.sys [2005-03-14 41984]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); H:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-29 3644928]
R3 Arp1394;1394 ARP Client Protocol; H:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; H:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 ati2mtag;ati2mtag; H:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-13 1313792]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; H:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; H:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-01-17 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; H:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-01-17 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; H:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-01-17 21568]
R3 MODEMCSA;Unimodem Streaming Filter Device; H:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 NIC1394;1394 Net Driver; H:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RimVSerPort;RIM Virtual Serial Port v2; H:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-01-18 26496]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; H:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; H:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 smserial;smserial; H:\WINDOWS\system32\DRIVERS\smserial.sys [2005-01-11 923826]
R3 usbccgp;Microsoft USB Generic Parent Driver; H:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; H:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; H:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; H:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Microsoft USB PRINTER Class; H:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; H:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbstor;USB Mass Storage Driver; H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 grmnusb;grmnusb; H:\WINDOWS\system32\drivers\grmnusb.sys [2003-09-23 7296]
S3 HidUsb;Microsoft HID Class Driver; H:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Mouse HID Driver; H:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 RimUsb;BlackBerry Smartphone; H:\WINDOWS\System32\Drivers\RimUsb.sys [2007-05-31 22656]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; H:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; H:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; H:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; H:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 aswUpdSv;avast! iAVS4 Control Service; H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; H:\WINDOWS\system32\Ati2evxx.exe [2005-08-13 376832]
R2 avast! Antivirus;avast! Antivirus; H:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 Bonjour Service;Bonjour Service; H:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; H:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 JavaQuickStarterService;Java Quick Starter; H:\Program Files\Java\jre6\bin\jqs.exe [2009-05-17 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; H:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-07-25 79136]
R2 Net Driver HPZ12;Net Driver HPZ12; H:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; H:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; H:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
R3 hpqcxs08;hpqcxs08; H:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 iPod Service;iPod Service; H:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
R3 NMIndexingService;NMIndexingService; H:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; H:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-07-24 358896]
S2 RoxLiveShare9;LiveShare P2P Server 9; H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2007-08-16 309744]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-08-16 166384]
S3 Adobe LM Service;Adobe LM Service; H:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-11-02 72704]
S3 IDriverT;InstallDriver Table Manager; H:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; H:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-03-15 951632]
S3 NBService;NBService; H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 ose;Office Source Engine; H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2008-01-07 89136]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; H:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-07-24 88560]
S3 RoxMediaDB9;RoxMediaDB9; H:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-08-16 1092080]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; H:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; H:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

-----------------EOF-----------------
young
Regular Member
 
Posts: 15
Joined: April 25th, 2009, 6:03 pm

Re: Cannot update anti-virus security on PC or Laptop

Unread postby MikeSwim07 » May 17th, 2009, 5:41 pm

This is my normal post for when you are clear - which you now are - or seem to be.
Please advise of any problems you still have. If you think you're clean please give one more reply so that I can archive this topic.

Now that you are clean, I have some tips & tricks for you to keep your computer clean and secure. The first few (like removing dangerous tools and Windows Update) have to be done, the others are optional.

It may seem like your system will be too much protected with all these things installed, but a lot of programs aren't running always on the background so don't slow down your computer. Please take a look at the following things:

    Delete Harmful tools with OTMoveIt3

    • Start OTMoveIt.exe
    • Click on CleanUp!
    • A list of tools will be downloaded from the internet
    • When a box pops up click Yes
  • You may delete any logs that any of the tools produced. I recommend that you keep Malwarebyte's Anti-Malware and scan with it regularly.

  • Clear Old System Restore Points
    • Turn System Restore off
    • On the Desktop, right click on the My Computer icon.
    • Click Properties.
    • Click the System Restore tab.
    • Check Turn off System Restore.
    • Click Apply, and then click OK.
    • Turn System Restore on
    • On the Desktop, right click on the My Computer icon.
    • Click Properties.
    • Click the System Restore tab.
    • Uncheck *Turn off System Restore*.
    • Click Apply, and then click OK.
    Note: only do this once,and not on a regular basis
  • Make your Internet Explorer more secure - This can be done by following these simple instructions:
    • From within Internet Explorer click on the Tools menu and then click on Options.
    • Click once on the Security tab
    • Click once on the Internet icon so it becomes highlighted.
    • Click once on the Custom Level button.
      • Change the Download signed ActiveX controls to Prompt
      • Change the Download unsigned ActiveX controls to Disable
      • Change the Initialize and script ActiveX controls not marked as safe to Disable
      • Change the Installation of desktop items to Prompt
      • Change the Launching programs and files in an IFRAME to Prompt
      • Change the Navigate sub-frames across different domains to Prompt
      • When all these settings have been made, click on the OK button.
      • If it prompts you as to whether or not you want to save the settings, press the Yes button.
    • Next press the Apply button and then the OK to exit the Internet Properties page.
  • Update your Anti-Virus Software - It is imperative that you update your Anti-virus software everyday. If you do not allow your anti-virus software to update itself then it will not be able to catch any of the new variants that may come out.
  • Visit Microsoft's Update Site Frequently - It is important that you visit http://update.microsoft.com/ regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
  • Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option.
    This will provide real-time spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an anti-virus software. A tutorial on installing & using this product can be found here:
    Tutorial for Spybot S & D
  • Install WinPatrol - As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge. You can download it from this website:
    WinPatrol
    The developer is a well-known man in the MalWare Removal business. If you really like WinPatrol think about upgrading to the PLUS version. It will give you additional features and you will only have to pay once, for your whole malware-free life.
  • Install MVPS HOSTS - This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers.
    For information on how to download and install, please read this tutorial here:
    WinHelp2002
    Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.
  • Bookmark this general cleanup link - It could be that your computer is becoming slower and slower. This is not always the cause of malware. Most of the times it's malware when you're computer is suddenly getting slow or doing strange. When the slowdown increases slowly check (bookmark please) this link for tips & tricks:
    Help! My computer is slow
  • Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically.

>> Here << you can see how you can help us.
MikeSwim07
Regular Member
 
Posts: 4215
Joined: August 27th, 2007, 9:44 am
Location: Gone

Re: Cannot update anti-virus security on PC or Laptop

Unread postby young » May 21st, 2009, 2:24 pm

Thanks for all of your help! However, I STILL cannont access microsoft updates (directs me to google) and spybot page will not load at all. Otherwise, I did everything else you requested. Don't know what the issue is with those particular pages, but it continues.
young
Regular Member
 
Posts: 15
Joined: April 25th, 2009, 6:03 pm

Re: Cannot update anti-virus security on PC or Laptop

Unread postby MikeSwim07 » May 21st, 2009, 6:14 pm

I suggest that you reset your router. This may fix this issue.

Can you try the spybot link again? It seems to be working for me.
MikeSwim07
Regular Member
 
Posts: 4215
Joined: August 27th, 2007, 9:44 am
Location: Gone

Re: Cannot update anti-virus security on PC or Laptop

Unread postby young » May 23rd, 2009, 9:04 pm

THAT DID IT!!!! I should be home free now! Thanks Mike for all of your help!
young
Regular Member
 
Posts: 15
Joined: April 25th, 2009, 6:03 pm

Re: Cannot update anti-virus security on PC or Laptop

Unread postby MikeSwim07 » May 23rd, 2009, 9:58 pm

I am glad that I could help you :)
MikeSwim07
Regular Member
 
Posts: 4215
Joined: August 27th, 2007, 9:44 am
Location: Gone

Re: Cannot update anti-virus security on PC or Laptop

Unread postby silver » May 27th, 2009, 9:52 pm

This topic is now closed
We are pleased to have been of assistance in getting you clean.

If you have been helped and wish to donate with the costs of this volunteer site, you can do so using this link
Donations For Malware Removal
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 24 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware