Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

TeeVeeWatch, etc virus removal

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

TeeVeeWatch, etc virus removal

Unread postby codesurfer » June 24th, 2013, 2:57 pm

Hello,

I am running windows XP on a Dell laptop about 10 yrs old, which I hardly use so it's still running well until it got infected recently. Tred to remove viruses (TeeVeeWatch, Iminent, etc.) but was not completely successful. Here are my logs. Thanks

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.5730.13
Run by Noel at 11:44:49 on 2013-06-24
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.46 [GMT -7:00]
.
.
============== Running Processes ================
.
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\HitmanPro\hmpsched.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Umbrella\umbrella.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uURLSearchHooks: InternetHelper3.1 Toolbar: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - c:\program files\internethelper3.1\prxtbInterror.dll
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: InternetHelper3.1 Toolbar: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - c:\program files\internethelper3.1\prxtbInterror.dll
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: IMinent WebBooster (BHO): {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -
TB: InternetHelper3.1 Toolbar: {07CBF788-1359-421B-A4E3-5A8D041B90A3} - c:\program files\internethelper3.1\prxtbInterror.dll
TB: InternetHelper3.1 Toolbar: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - c:\program files\internethelper3.1\prxtbInterror.dll
uRun: [cdloader] "c:\documents and settings\csgadm#\application data\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /installquiet
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Iminent] c:\program files\iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
mRun: [IminentMessenger] c:\program files\iminent\Iminent.Messengers.exe
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: microsoft.com
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/Shar ... vSniff.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windows ... 8890885803
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/Shar ... /cabsa.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microso ... 8911218891
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://javadl.sun.com/webapps/download/ ... leId=19588
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{30BD40D5-B97C-4DB0-9BF9-BE7F16AFBA6B} : DHCPNameServer = 192.168.1.254
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - c:\program files\windows defender\MpShHook.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\csgadm#\application data\mozilla\firefox\profiles\vgaxm8by.default\
FF - plugin: c:\windows\npMSDM.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_202.dll
.
============= SERVICES / DRIVERS ===============
.
R2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\hitmanpro\hmpsched.exe [2013-6-21 106280]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-6-21 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-6-21 701512]
R2 SProtection;SProtection;c:\program files\common files\umbrella\Umbrella.exe [2013-5-21 2839592]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-6-21 22856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe --> c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [?]
S3 SophosVirusRemovalTool;Sophos Virus Removal Tool;c:\program files\sophos\sophos virus removal tool\svrtservice.exe --> c:\program files\sophos\sophos virus removal tool\SVRTservice.exe [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\wpffontcache_v0400.exe --> c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [?]
S4 vsdatant;vsdatant;a --> a [?]
.
=============== Created Last 30 ================
.
2013-06-22 11:00:42 -------- d-----w- c:\program files\Microsoft Download Manager
2013-06-22 07:41:22 12872 ----a-w- c:\windows\system32\bootdelete.exe
2013-06-22 07:17:35 -------- d-----w- C:\MGtools
2013-06-22 06:42:29 -------- d-----w- c:\documents and settings\csgadm#\application data\Malwarebytes
2013-06-22 06:41:42 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-22 06:23:22 -------- d-----w- c:\program files\HitmanPro
2013-06-22 06:19:51 -------- d-----w- c:\documents and settings\all users\application data\HitmanPro
2013-06-22 06:10:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-06-22 06:10:47 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2013-06-22 04:02:04 -------- d-----w- c:\documents and settings\csgadm#\local settings\application data\Mozilla
2013-06-22 01:57:16 -------- d-----w- c:\program files\Motive
2013-06-21 20:03:57 -------- d-----w- c:\documents and settings\all users\application data\Sophos
2013-06-21 20:01:26 -------- d-----w- c:\program files\Sophos
2013-06-21 19:32:27 297808 ----a-w- c:\windows\system32\TBD83.tmp
2013-06-21 19:23:22 771424 ----a-w- c:\windows\system32\TBD78.tmp
2013-06-04 05:18:31 -------- d-----w- c:\program files\CCleaner
2013-06-04 04:23:17 -------- d-----w- c:\documents and settings\csgadm#\application data\Iminent
2013-06-04 04:05:30 -------- d-----w- c:\documents and settings\all users\application data\Iminent
2013-06-04 03:38:19 -------- d-----w- c:\documents and settings\csgadm#\local settings\application data\ApplicationHistory
2013-06-04 03:38:07 -------- d-----w- C:\94205964dd8481724cd3477968
2013-06-04 03:02:28 -------- d-----w- C:\864a8b031925f36d3312c436d06a63
2013-06-04 03:01:29 -------- d-----w- c:\program files\common files\Umbrella
2013-06-04 02:48:48 -------- d-----w- c:\program files\MyPC Backup
2013-06-04 02:40:01 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-04 02:36:33 -------- d-----w- c:\program files\Conduit
2013-06-04 02:35:58 -------- d-----w- c:\documents and settings\csgadm#\local settings\application data\InternetHelper3.1
2013-06-04 02:35:54 -------- d-----w- c:\documents and settings\csgadm#\local settings\application data\Temp
2013-06-04 02:35:48 -------- d-----w- c:\documents and settings\csgadm#\local settings\application data\Conduit
2013-06-04 02:35:47 -------- d-----w- c:\program files\InternetHelper3.1
2013-06-04 02:17:35 -------- d-----w- c:\documents and settings\csgadm#\local settings\application data\TeeveeWatchSA
.
==================== Find3M ====================
.
2013-06-04 02:40:00 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 11:45:28.03 ===============
codesurfer
Active Member
 
Posts: 13
Joined: June 24th, 2013, 2:41 pm
Advertisement
Register to Remove

Re: TeeVeeWatch, etc virus removal

Unread postby Cypher » June 25th, 2013, 1:20 pm

Operating Systems no longer supported by Microsoft
It appears you are using a computer with an unsupported Operating System.

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.

The section here explains why we do not offer help for such computers. Thank you for your understanding.

This topic is now closed.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 58 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware