Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Pop up say I have a trojan.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Pop up say I have a trojan.

Unread postby Shaba » September 18th, 2009, 12:08 am

Yes you did :)

Still problems?
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland
Advertisement
Register to Remove

Re: Pop up say I have a trojan.

Unread postby bhunt261 » September 19th, 2009, 7:07 pm

No popups... Still kinda slow though. Thanks...
bhunt261
Regular Member
 
Posts: 51
Joined: June 16th, 2007, 9:14 am

Re: Pop up say I have a trojan.

Unread postby Shaba » September 20th, 2009, 4:46 am

So let's then check this:

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Pop up say I have a trojan.

Unread postby bhunt261 » September 20th, 2009, 11:03 am

Followed your instructions... Only one file... The log file came up, but there was no info.txt file. Thanks...

Logfile of random's system information tool 1.06 (written by random/random)
Run by kathryn at 2009-09-20 09:54:49
Microsoft® Windows Vista™ Home Basic
System drive C: has 41 GB (54%) free of 75 GB
Total RAM: 502 MB (16% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:55:26 AM, on 9/20/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Toshiba\Utilities\KeNotify.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\system32\spool\DRIVERS\W32X86\3\lxbyPSWX.EXE
C:\Program Files\windows defender\MSASCui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\kathryn\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\kathryn.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [LXBYCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXBYtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\Windows\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\System32\bgsvcgen.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Update Service (gupdate1c9b66c150593a0) (gupdate1c9b66c150593a0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: lxby_device - - C:\Windows\system32\lxbycoms.exe
O23 - Service: pinger - Unknown owner - C:\TOSHIBA\IVP\ISM\pinger.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 6455 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{BFDBFFA3-BB85-4167-939F-464D40A24166}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-04-05 312928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-09-16 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-19 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-09-15 2223872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-09-15 2223872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-11-09 3784704]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2006-11-01 413696]
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-01-18 421888]
"KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2006-12-20 411768]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2006-12-11 448632]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2006-12-15 530552]
"LXBYCATS"=rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXBYtime.dll,_RunDLLEntry@16 []
"PinnacleDriverCheck"=C:\Windows\system32\PSDrvCheck.exe [2004-03-10 406016]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-19 136600]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-06-08 98304]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2006-10-03 221184]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-04-05 198160]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-09-16 2007832]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2006-11-28 212992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\TOSHIBA\ivp\NetInt\Netint.exe"="C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine"
"C:\TOSHIBA\Ivp\ISM\pinger.exe"="C:\TOSHIBA\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2009-09-17 18:48:17 ----D---- C:\Program Files\ESET
2009-09-17 15:14:10 ----A---- C:\ProgramData\SPL1998.tmp
2009-09-17 13:14:01 ----HD---- C:\$AVG8.VAULT$
2009-09-15 20:15:00 ----A---- C:\Windows\system32\avgrsstx.dll.old
2009-09-15 20:15:00 ----A---- C:\Windows\system32\avgrsstx.dll
2009-09-15 19:45:33 ----A---- C:\Windows\system32\occache.dll
2009-09-15 19:45:33 ----A---- C:\Windows\system32\jsproxy.dll
2009-09-15 19:45:32 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-09-15 19:45:32 ----A---- C:\Windows\system32\msfeeds.dll
2009-09-15 19:45:32 ----A---- C:\Windows\system32\iepeers.dll
2009-09-15 19:45:31 ----A---- C:\Windows\system32\ieui.dll
2009-09-15 19:45:31 ----A---- C:\Windows\system32\iesetup.dll
2009-09-15 19:45:30 ----A---- C:\Windows\system32\wininet.dll
2009-09-15 19:45:30 ----A---- C:\Windows\system32\iernonce.dll
2009-09-15 19:45:29 ----A---- C:\Windows\system32\msfeedssync.exe
2009-09-15 19:45:29 ----A---- C:\Windows\system32\iertutil.dll
2009-09-15 19:45:29 ----A---- C:\Windows\system32\ie4uinit.exe
2009-09-15 19:45:28 ----A---- C:\Windows\system32\urlmon.dll
2009-09-15 19:45:28 ----A---- C:\Windows\system32\ieUnatt.exe
2009-09-15 19:45:28 ----A---- C:\Windows\system32\iesysprep.dll
2009-09-15 19:45:28 ----A---- C:\Windows\system32\iedkcs32.dll
2009-09-15 19:45:25 ----A---- C:\Windows\system32\ieframe.dll
2009-09-15 19:45:24 ----A---- C:\Windows\system32\mshtml.dll
2009-09-15 19:43:08 ----A---- C:\Windows\system32\mshtmled.dll
2009-09-15 19:43:08 ----A---- C:\Windows\system32\icardie.dll
2009-09-15 19:43:07 ----A---- C:\Windows\system32\msls31.dll
2009-09-15 19:43:07 ----A---- C:\Windows\system32\mshtmler.dll
2009-09-15 19:43:07 ----A---- C:\Windows\system32\corpol.dll
2009-09-15 19:43:07 ----A---- C:\Windows\system32\admparse.dll
2009-09-15 19:43:06 ----A---- C:\Windows\system32\imgutil.dll
2009-09-15 19:43:06 ----A---- C:\Windows\system32\ieakeng.dll
2009-09-15 19:43:06 ----A---- C:\Windows\system32\dxtrans.dll
2009-09-15 19:43:06 ----A---- C:\Windows\system32\dxtmsft.dll
2009-09-15 19:43:05 ----A---- C:\Windows\system32\webcheck.dll
2009-09-15 19:43:05 ----A---- C:\Windows\system32\msrating.dll
2009-09-15 19:43:05 ----A---- C:\Windows\system32\licmgr10.dll
2009-09-15 19:43:05 ----A---- C:\Windows\system32\inseng.dll
2009-09-15 19:43:05 ----A---- C:\Windows\system32\ieaksie.dll
2009-09-15 19:43:04 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-09-15 19:43:04 ----A---- C:\Windows\system32\wextract.exe
2009-09-15 19:43:04 ----A---- C:\Windows\system32\mstime.dll
2009-09-15 19:43:04 ----A---- C:\Windows\system32\ieakui.dll
2009-09-15 19:43:03 ----A---- C:\Windows\system32\pngfilt.dll
2009-09-15 19:43:03 ----A---- C:\Windows\system32\advpack.dll
2009-09-15 19:43:02 ----A---- C:\Windows\system32\vbscript.dll
2009-09-15 19:43:02 ----A---- C:\Windows\system32\url.dll
2009-09-15 19:43:02 ----A---- C:\Windows\system32\jscript.dll
2009-09-15 19:43:02 ----A---- C:\Windows\system32\ieapfltr.dll
2009-09-15 19:42:56 ----A---- C:\Windows\system32\mshta.exe
2009-09-15 19:42:56 ----A---- C:\Windows\system32\iexpress.exe
2009-09-15 19:42:55 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-09-15 19:42:55 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-09-15 19:42:55 ----A---- C:\Windows\system32\PDMSetup.exe
2009-09-15 19:39:55 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-09-15 19:39:50 ----A---- C:\Windows\system32\gameux.dll
2009-09-15 19:39:49 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-09-14 21:05:24 ----D---- C:\VideoProfessor
2009-09-14 20:58:37 ----RHD---- C:\Users\kathryn\AppData\Roaming\SecuROM
2009-09-14 20:58:20 ----A---- C:\Windows\system32\CmdLineExt.dll
2009-09-13 20:30:34 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2009-09-13 13:08:17 ----D---- C:\Program Files\AVG
2009-09-13 13:08:15 ----D---- C:\ProgramData\avg8
2009-09-09 21:40:45 ----SHD---- C:\$RECYCLE.BIN
2009-09-09 21:26:52 ----A---- C:\ComboFix.txt
2009-09-06 21:05:21 ----A---- C:\Windows\PEV.exe
2009-07-30 11:53:29 ----A---- C:\ProgramData\SPLF6B8.tmp

======List of files/folders modified in the last 3 months======

2009-09-20 09:55:21 ----D---- C:\Windows\Temp
2009-09-20 09:54:39 ----D---- C:\Windows\Prefetch
2009-09-20 00:00:57 ----SHD---- C:\System Volume Information
2009-09-17 18:48:24 ----SD---- C:\Windows\Downloaded Program Files
2009-09-17 18:48:17 ----RD---- C:\Program Files
2009-09-17 15:16:24 ----AD---- C:\Windows\System32
2009-09-17 15:16:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-09-17 15:16:23 ----D---- C:\Windows\inf
2009-09-17 15:15:55 ----D---- C:\Program Files\Lx_cats
2009-09-17 15:14:10 ----D---- C:\ProgramData
2009-09-16 12:53:23 ----D---- C:\Windows\system32\drivers
2009-09-15 20:12:21 ----SHD---- C:\Windows\Installer
2009-09-15 20:11:52 ----D---- C:\Windows
2009-09-15 20:04:01 ----D---- C:\Windows\system32\Tasks
2009-09-15 20:03:59 ----D---- C:\Windows\Tasks
2009-09-15 19:49:46 ----D---- C:\Windows\system32\migration
2009-09-15 19:49:46 ----D---- C:\Program Files\Internet Explorer
2009-09-15 19:49:45 ----D---- C:\Windows\system32\en-US
2009-09-15 19:49:45 ----D---- C:\Windows\PolicyDefinitions
2009-09-15 19:49:41 ----D---- C:\Windows\AppPatch
2009-09-15 19:47:33 ----D---- C:\Windows\winsxs
2009-09-15 19:47:29 ----D---- C:\Windows\system32\catroot
2009-09-15 19:46:42 ----D---- C:\Windows\system32\catroot2
2009-09-09 21:27:02 ----D---- C:\Qoobox
2009-09-09 21:24:14 ----D---- C:\Windows\ERDNT
2009-09-09 21:21:31 ----A---- C:\Windows\system.ini
2009-09-09 20:49:38 ----D---- C:\Program Files\Common Files
2009-09-02 20:49:23 ----D---- C:\Program Files\Napster
2009-08-20 19:52:38 ----SD---- C:\Users\kathryn\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2009-09-16 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2009-09-16 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2009-09-15 108552]
R1 cdrbsdrv;cdrbsdrv; C:\Windows\system32\drivers\cdrbsdrv.sys [2005-05-11 32256]
R1 DLACDBHM;DLACDBHM; C:\Windows\System32\Drivers\DLACDBHM.SYS [2007-02-08 12856]
R1 DLARTL_M;DLARTL_M; C:\Windows\System32\Drivers\DLARTL_M.SYS [2006-08-11 28184]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2007-11-14 395312]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-06-15 128016]
R1 PCLEPCI;PCLEPCI; \??\C:\Windows\system32\drivers\pclepci.sys [2004-07-16 14165]
R2 DLABMFSM;DLABMFSM; C:\Windows\System32\DLA\DLABMFSM.SYS [2006-08-18 35096]
R2 DLABOIOM;DLABOIOM; C:\Windows\System32\DLA\DLABOIOM.SYS [2006-08-18 32472]
R2 DLADResM;DLADResM; C:\Windows\System32\DLA\DLADResM.SYS [2006-08-18 9400]
R2 DLAIFS_M;DLAIFS_M; C:\Windows\System32\DLA\DLAIFS_M.SYS [2006-08-18 104472]
R2 DLAOPIOM;DLAOPIOM; C:\Windows\System32\DLA\DLAOPIOM.SYS [2006-08-18 26008]
R2 DLAPoolM;DLAPoolM; C:\Windows\System32\DLA\DLAPoolM.SYS [2006-08-18 14520]
R2 DLAUDF_M;DLAUDF_M; C:\Windows\System32\DLA\DLAUDF_M.SYS [2006-08-18 97848]
R2 DLAUDFAM;DLAUDFAM; C:\Windows\System32\DLA\DLAUDFAM.SYS [2006-08-18 94648]
R2 DRVNDDM;DRVNDDM; C:\Windows\System32\Drivers\DRVNDDM.SYS [2007-02-09 51768]
R2 elagopro;GoProto Protocol Driver for LELA; C:\Windows\system32\DRIVERS\elagopro.sys [2007-03-22 28672]
R2 elaunidr;UniDriver for LELA; C:\Windows\system32\DRIVERS\elaunidr.sys [2007-03-22 5376]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-08-31 1161152]
R3 ASAPIW2k;ASAPIW2K; C:\Windows\system32\drivers\ASAPIW2k.sys [2004-03-10 11264]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-02-28 694784]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2007-11-16 14208]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-28 1476096]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-08 1647976]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-10-26 82432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-10-27 179896]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2006-07-06 168448]
S1 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys [2005-08-01 64896]
S3 catchme;catchme; \??\C:\Users\kathryn\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-28 1476096]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2006-11-09 219264]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2006-11-09 211072]
S4 KR3NPXP;KR3NPXP; C:\Windows\system32\drivers\kr3npxp.sys [2006-09-27 479488]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-09-12 9216]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-09-16 297752]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\Windows\System32\bgsvcgen.exe [2006-09-22 118784]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
R2 lxby_device;lxby_device; C:\Windows\system32\lxbycoms.exe [2007-04-16 537520]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 pinger;pinger; C:\TOSHIBA\IVP\ISM\pinger.exe [2007-01-25 136816]
R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-05 159744]
R2 Swupdtmr;Swupdtmr; c:\TOSHIBA\IVP\swupdate\swupdtmr.exe [2007-01-25 63096]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2006-12-20 428152]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2006-11-01 77824]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-05 880640]
S2 gupdate1c9b66c150593a0;Google Update Service (gupdate1c9b66c150593a0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-05 133104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe []
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]

-----------------EOF-----------------
bhunt261
Regular Member
 
Posts: 51
Joined: June 16th, 2007, 9:14 am

Re: Pop up say I have a trojan.

Unread postby Shaba » September 20th, 2009, 12:01 pm

You have too little RAM for Vista.

I recommend at least to double it; making it four times bigger won't hurt too.

So that would be cure for slowness :)
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Pop up say I have a trojan.

Unread postby bhunt261 » September 21st, 2009, 2:11 pm

Thanks... Can you give me a little guidance on the most appropriate way to do that???
bhunt261
Regular Member
 
Posts: 51
Joined: June 16th, 2007, 9:14 am

Re: Pop up say I have a trojan.

Unread postby Shaba » September 21st, 2009, 2:22 pm

You will need to buy more.

Correct type depends on your motherboard. Do you know which motherboard you have?
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Pop up say I have a trojan.

Unread postby bhunt261 » September 21st, 2009, 5:43 pm

Not really. I remember seeing something that said A135. It's a Toshiba laptop.
bhunt261
Regular Member
 
Posts: 51
Joined: June 16th, 2007, 9:14 am

Re: Pop up say I have a trojan.

Unread postby Shaba » September 22nd, 2009, 12:25 am

If it is a laptop, then it is better to take it to some store to ask if you can add more RAM.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Pop up say I have a trojan.

Unread postby NonSuch » September 27th, 2009, 10:21 pm

As this issue appears to be resolved, this topic is now closed.

You can help support this site from this link :
Donations For Malware Removal
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27301
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 40 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware