Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Malware - I can't open anti virus programs on my computer

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Malware - I can't open anti virus programs on my computer

Unread postby Andrei180 » October 18th, 2009, 11:00 pm

Hi, I'm new to the forums so sorry if i do something wrong. I can't run any of my anti-spyware; anti-virus programs. Spybot, ad aware, mcfaee, won't open. I tried a few other ones that also didn't work. the hijak program also doesn't open on my computer. I ran combo fix and that worked, but dont know what to do now. Here is the output. Thanks for the help.


ComboFix 09-10-18.02 - Andrei 10/18/2009 22:32.1.2 - NTFSx86 MINIMAL
Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.3038.2585 [GMT -4:00]
Running from: c:\users\Andrei\Desktop\ComboFix.exe
AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1751340025-624803116-3758112878-500
c:\$recycle.bin\S-1-5-21-414854224-1900353229-2636520066-500
c:\program files\Adware Professional
c:\program files\Adware Professional\Adware Professional.exe
c:\program files\Adware Professional\noadware4_081909.na
c:\program files\Adware Professional\nutilities.dll
c:\program files\Adware Professional\unins000.dat
c:\program files\Adware Professional\unins000.exe
c:\program files\Adware Professional\UninstlDll.dll
c:\windows\system32\Cache

Infected copy of c:\windows\system32\cngaudit.dll was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226ED}
-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226EE}


((((((((((((((((((((((((( Files Created from 2009-09-19 to 2009-10-19 )))))))))))))))))))))))))))))))
.

2009-10-19 02:38 . 2009-10-19 02:39 -------- d-----w- c:\users\Andrei\AppData\Local\temp
2009-10-19 02:38 . 2009-10-19 02:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-10-19 02:10 . 2009-10-19 02:10 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2009-10-19 02:10 . 2009-10-19 02:37 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-10-19 02:10 . 2009-10-19 02:10 -------- d-----w- c:\users\Andrei\AppData\Roaming\SUPERAntiSpyware.com
2009-10-19 02:04 . 2009-10-19 02:04 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-10-19 01:42 . 2009-10-08 15:31 149456 ----a-w- c:\windows\SGDetectionTool.dll
2009-10-19 01:42 . 2009-10-08 15:31 767952 ----a-w- c:\windows\BDTSupport.dll
2009-10-19 01:42 . 2009-10-02 18:19 1152470 ----a-w- c:\windows\UDB.zip
2009-10-19 01:42 . 2008-11-26 16:08 131 ----a-w- c:\windows\IDB.zip
2009-10-19 01:42 . 2009-10-08 15:31 165840 ----a-w- c:\windows\PCTBDRes.dll
2009-10-19 01:42 . 2009-10-08 15:31 1636304 ----a-w- c:\windows\PCTBDCore.dll
2009-10-19 01:41 . 2009-09-24 12:55 97208 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2009-10-19 01:41 . 2009-09-24 12:55 229304 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-10-19 01:40 . 2009-10-06 20:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-10-19 01:40 . 2009-09-23 20:10 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-10-19 01:40 . 2009-09-03 13:45 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-10-19 01:40 . 2009-10-19 01:44 -------- d-----w- c:\program files\Spyware Doctor
2009-10-19 01:40 . 2009-10-19 01:43 -------- d-----w- c:\program files\Common Files\PC Tools
2009-10-19 01:40 . 2009-10-19 01:40 -------- d-----w- c:\users\Andrei\AppData\Roaming\PC Tools
2009-10-19 01:40 . 2009-10-19 01:40 -------- d-----w- c:\programdata\PC Tools
2009-10-18 23:08 . 2008-06-19 21:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-10-18 23:07 . 2009-10-18 23:07 -------- d-----w- c:\program files\Panda Security
2009-10-18 22:17 . 2009-09-23 12:55 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-10-18 22:16 . 2009-10-18 22:16 -------- dc-h--w- c:\programdata\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-10-18 22:16 . 2009-10-18 22:17 -------- d-----w- c:\programdata\Lavasoft
2009-10-18 22:16 . 2009-10-18 22:16 -------- d-----w- c:\program files\Lavasoft
2009-10-18 04:00 . 2009-10-19 02:25 0 ----a-r- c:\windows\win32k.sys
2009-10-16 05:11 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-16 05:11 . 2009-08-04 12:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-10-16 05:11 . 2009-08-04 12:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-10-16 05:09 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-10-16 05:09 . 2009-09-14 09:29 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-10-16 05:09 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-10-14 18:52 . 2009-10-14 18:52 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-10-14 18:48 . 2009-10-14 18:49 43083040 ----a-w- C:\AdbeRdr910_en_US_Std.exe
2009-10-12 21:11 . 2009-10-12 21:12 -------- d-----w- c:\windows\system32\ca-ES
2009-10-12 21:11 . 2009-10-12 21:12 -------- d-----w- c:\windows\system32\eu-ES
2009-10-12 21:11 . 2009-10-12 21:12 -------- d-----w- c:\windows\system32\vi-VN
2009-10-12 18:57 . 2009-10-12 18:57 -------- d-----w- c:\windows\system32\EventProviders
2009-10-11 18:44 . 2009-10-11 18:44 -------- d-----w- c:\program files\CCleaner
2009-10-03 00:59 . 2009-10-01 14:29 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-10-03 00:50 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-10-03 00:50 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-10-03 00:50 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-10-03 00:50 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-03 00:50 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2009-10-03 00:50 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-10-03 00:50 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-10-03 00:49 . 2009-08-06 23:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-10-03 00:49 . 2009-08-06 22:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-09-29 23:00 . 2009-05-18 18:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-09-29 23:00 . 2008-04-17 17:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-09-29 22:58 . 2009-09-29 22:58 -------- d-----w- c:\program files\iPod
2009-09-29 22:58 . 2009-09-29 23:00 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-29 22:58 . 2009-09-29 23:00 -------- d-----w- c:\program files\iTunes
2009-09-29 22:56 . 2009-09-29 22:56 -------- d-----w- c:\program files\QuickTime

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-19 02:22 . 2008-06-17 17:27 12 ----a-w- c:\windows\bthservsdp.dat
2009-10-19 01:29 . 2009-07-15 14:45 -------- d-----w- c:\users\Andrei\AppData\Roaming\EndNote
2009-10-19 01:10 . 2009-09-15 15:20 1356 ----a-w- c:\users\Andrei\AppData\Local\d3d9caps.dat
2009-10-18 21:55 . 2008-08-22 23:05 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-10-18 21:55 . 2008-08-22 23:05 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-10-18 16:01 . 2008-08-23 02:24 -------- d-----w- c:\programdata\Google Updater
2009-10-16 11:30 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-10-14 18:51 . 2008-06-17 17:53 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-12 21:12 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-10-12 21:12 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-10-12 21:12 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-10-12 21:12 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-10-12 21:12 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-10-12 21:12 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-10-11 21:18 . 2008-08-07 17:22 -------- d-----w- c:\program files\Microsoft Works
2009-09-29 22:58 . 2008-08-23 02:20 -------- d-----w- c:\program files\Common Files\Apple
2009-09-29 22:50 . 2009-07-31 23:00 -------- d-----w- c:\program files\Safari
2009-09-23 23:18 . 2008-08-18 21:06 -------- d-----w- c:\programdata\Microsoft Help
2009-09-16 07:20 . 2009-10-19 01:40 7383 ----a-w- c:\windows\system32\drivers\pctcore.cat
2009-09-15 10:20 . 2009-10-19 01:40 7383 ----a-w- c:\windows\system32\drivers\pctplsg.cat
2009-09-15 06:12 . 2009-10-19 01:40 7412 ----a-w- c:\windows\system32\drivers\PCTAppEvent.cat
2009-09-15 05:01 . 2009-10-19 01:41 7387 ----a-w- c:\windows\system32\drivers\pctgntdi.cat
2009-08-29 00:27 . 2009-09-02 22:22 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14 . 2009-09-02 22:22 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-27 05:22 . 2009-10-16 05:10 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-27 05:17 . 2009-10-16 05:10 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-08-27 05:17 . 2009-10-16 05:10 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-08-27 03:42 . 2009-10-16 05:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-08-14 16:27 . 2009-09-09 12:06 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-08-14 15:53 . 2009-09-09 12:05 17920 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 13:49 . 2009-09-09 12:06 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 13:49 . 2009-09-09 12:05 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 13:49 . 2009-09-09 12:05 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 13:49 . 2009-09-09 12:06 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 13:49 . 2009-09-09 12:06 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 13:49 . 2009-09-09 12:05 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 13:49 . 2009-09-09 12:05 10240 ----a-w- c:\windows\system32\finger.exe
2009-08-14 13:48 . 2009-09-09 12:06 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-08-14 13:48 . 2009-09-09 12:06 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-04-10 00:07 . 2009-07-15 14:23 23864 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll
2008-06-17 18:18 . 2008-06-17 18:18 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{472734EA-242A-422B-ADF8-83D1E48CC825}= "c:\program files\Spyware Doctor\BDT\PCTBrowserDefender.dll" [2009-10-08 395216]

[HKEY_CLASSES_ROOT\clsid\{472734ea-242a-422b-adf8-83d1e48cc825}]
[HKEY_CLASSES_ROOT\BrowserDefender.BDToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{175B7885-28AB-4D18-8773-7A13A99980A4}]
[HKEY_CLASSES_ROOT\BrowserDefender.BDToolbar]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
4/3/2008 20:10 2957312 ----a-w- c:\program files\Protector Suite QL\farchns.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
4/3/2008 20:10 2957312 ----a-w- c:\program files\Protector Suite QL\farchns.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Sidebar="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
WMPNSCFG="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
SUPERAntiSpyware="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-10-13 2000112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Windows Defender="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
SynTPEnh="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-09 835584]
ISBMgr.exe="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-04 317280]
VMSwitch="c:\program files\Sony\VAIO Mode Switch\VMSwitch.exe" [2008-05-26 534368]
SmartWiHelper="c:\program files\Sony Corporation\SmartWi Connection Utility\SmartWiHelper.exe" [2008-05-30 73728]
VAIO Help and Support Demo="c:\program files\Sony\VAIO Help and Support Demo\LaunchVHSD.exe" [2007-08-28 290816]
StartCCC="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
PSQLLauncher="c:\program files\Protector Suite QL\launcher.exe" [2008-04-03 48904]
AppleSyncNotifier="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
SunJavaUpdateSched="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
McAfeeUpdaterUI="c:\program files\McAfee\Common Framework\udaterui.exe" [2008-03-14 136512]
ShStatEXE="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2009-04-10 124240]
QuickTime Task="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
iTunesHelper="c:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440]
Adobe Reader Speed Launcher="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
ISTray="c:\program files\Spyware Doctor\pctsTray.exe" [2009-09-22 1243088]
RtHDVCpl="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-06-07 6111232]
Skytel="Skytel.exe" - c:\windows\SkyTel.exe [2008-06-07 1826816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
GrpConv="grpconv -o" [X]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-8-17 113664]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-10-30 748072]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
EnableUIADesktopToggle= 0 (0x0)
DisableCAD= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
9/3/2009 19:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
4/3/2008 19:57 90112 ----a-w- c:\windows\System32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
5/16/2008 0:20 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli psqlpwd

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
AntiVirusOverride=dword:00000001
VistaSp2=hex(b):ba,66,79,82,81,4b,ca,01

R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [10/18/2009 6:17 PM 64288]
R0 PCTCore;PCTools KDS;c:\windows\System32\drivers\PCTCore.sys [10/18/2009 9:40 PM 207280]
R0 shpf;Sony HDD Protection Filter Driver;c:\windows\System32\drivers\shpf.sys [6/17/2008 2:17 PM 22560]
R2 McAfeeEngineService;McAfee Engine Service;c:\program files\McAfee\VirusScan Enterprise\engineserver.exe [4/9/2009 8:07 PM 21256]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys [6/17/2008 2:18 PM 9344]
S0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [10/18/2009 7:08 PM 28544]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [10/12/2009 9:24 PM 9968]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10/12/2009 9:24 PM 74480]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [10/18/2009 9:42 PM 112592]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [9/24/2009 7:17 AM 1169232]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\System32\mfevtps.exe [7/15/2009 10:23 AM 70216]
S2 regi;regi;c:\windows\System32\drivers\regi.sys [4/17/2007 11:09 PM 11032]
S2 RtkHDMIService;RtkHDMIService;c:\windows\RTKAUDIOSERVICE.EXE [6/17/2008 1:42 PM 98304]
S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [10/18/2009 9:40 PM 358600]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [6/17/2008 1:55 PM 411488]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [6/17/2008 1:43 PM 28464]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\System32\drivers\mferkdet.sys [7/15/2009 10:23 AM 65224]
S3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\System32\drivers\NETw5v32.sys [4/28/2008 9:29 AM 3658752]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
.
Contents of the 'Scheduled Tasks' folder

2009-10-19 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-23 00:32]
.
.
------- Supplementary Scan -------
.
uLocal Page = \blank.htm
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.ro
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Andrei\AppData\Roaming\Mozilla\Firefox\Profiles\3ialdmxl.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: c:\program files\Mozilla Firefox\components\Scriptff.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npSfAppM.dll
FF - plugin: c:\users\Andrei\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Adware Professional - c:\program files\Adware Professional\Adware Professional.exe
HKLM-RunOnce-<NO NAME> - (no file)
AddRemove-Adware Professional 5.0_is1 - c:\program files\Adware Professional\unins000.exe



**************************************************************************
scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files:

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
BlindDial=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
BlindDial=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
BlindDial=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
BlindDial=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
BlindDial=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(608)
c:\windows\system32\psqlpwd.dll
c:\program files\Protector Suite QL\homefus2.dll
c:\program files\Protector Suite QL\infra.dll

- - - - - - - > 'Explorer.exe'(1360)
c:\program files\Protector Suite QL\farchns.dll
c:\program files\Protector Suite QL\infra.dll
.
------------------------ Other Running Processes ------------------------
.
c:\combofix\CF20536.exe
.
**************************************************************************
.
Completion time: 2009-10-19 22:44 - machine was rebooted
ComboFix-quarantined-files.txt 2009-10-19 02:43

Pre-Run: 170,713,935,872 bytes free
Post-Run: 170,522,013,696 bytes free

- - End Of File - - 64942D760BCBDA9C6B4DFDA4F1D5B9EA
Andrei180
Active Member
 
Posts: 1
Joined: October 18th, 2009, 10:55 pm
Advertisement
Register to Remove

Re: Malware - I can't open anti virus programs on my computer

Unread postby NonSuch » October 19th, 2009, 10:54 pm

While we appreciate that you very likely posted at multiple forums in order to ensure a response, that only serves to tie up the time of multiple helpers who could be using that time to help someone else who also has problems. Although there are many forums that handle HijackThis logs, there are not so many helpers; most of us help out at several forums. In addition, the results may not work out so well when you're following different instructions from different helpers. They may suggest different approaches for the same problem, all of which may be good; however, system conflicts may arise if different fixes for the same problem are applied simultaneously.

In the future, for your sake as well as ours, please refrain from requesting help from multiple forums. Choose one, and stick with that one until they've resolved your problem.

This topic is now closed.

You can help support this site from this link :
Donations For Malware Removal
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27300
Joined: February 23rd, 2005, 7:08 am
Location: California


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 47 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware