Windows 7 Loader 1.6.9 By Daz Rar
Posted by admin
Sorry to be such a pain and plea for help in these forums but i've had alot of problems with viruses, trojan horses and other malware in the past two months.
Been doing full scans with Ad-aware which come up with no results, AVG which come up with no results and alot for Spybot. My latest scan (15 minutes ago) comes up with 6 entries for Adbrite, 3 entries for Adviva, 3 for Burstmedia, 1 entry for DoubleClick, 4 entries for FastClick, 8 entries for Hitbox, 3 entries for Mediaplex, 1 entry for Stat counter, 4 entries for Tradedoubler, 1 entry for Webtrends live and 19 entries for Win32. Porn popup.
Everytime it manages to remove all the entries, however on second scan, most if not all entries come back
Lastly, Just today, as i was browsing the internet, my AVG resident shield is going crazy and detecting 100s of multiple threats from viruses which have infected lots of different files. It's saying the infections are:
Trojan horse SHeur3.AQRA
Qin32/Zbot.A
VBS/Generic
Can anyone help me? i think these infections have really slowed my internet and are driving my antivurs programs crazy
DDS (Ver_10-03-17.01) - NTFSx86 NETWORK
Run by Kofizzle at 18:08:47.65 on 05/10/2010
Internet Explorer: 8.0.6001.18943 BrowserJavaVersion: 1.6.0_17
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2045.1221 [GMT 1:00]
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
Running Processes
C:Windowssystem32wininit.exe
C:Windowssystem32lsm.exe
svchost.exe 4
C:Windowssystem32svchost.exe -k DcomLaunch
svchost.exe 4
C:Windowssystem32svchost.exe -k rpcss
C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted
C:Windowssystem32svchost.exe -k netsvcs
C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted
C:Windowssystem32svchost.exe -k NetworkService
C:Windowssystem32svchost.exe -k LocalService
C:Program FilesLavasoftAd-AwareAAWService.exe
C:Windowssystem32svchost.exe -k LocalServiceNoNetwork
C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted
C:Windowssystem32wbemunsecapp.exe
C:Windowssystem32wbemwmiprvse.exe
C:WindowsExplorer.EXE
C:UsersKofizzleAppDataLocalGoogleChromeApplicationchrome.exe
C:Program FilesLavasoftAd-AwareAAWWSC.exe
C:Program FilesLavasoftAd-AwareAAWTray.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:UsersKofizzleAppDataLocalGoogleChromeApplicationchrome.exe
C:UsersKofizzleAppDataLocalGoogleChromeApplicationchrome.exe
C:UsersKofizzleDesktopDesktopDesktopDesktopgmer.exe
C:UsersKofizzleAppDataLocalGoogleChromeApplicationchrome.exe
C:UsersKofizzleAppDataLocalGoogleChromeApplicationchrome.exe
C:UsersKofizzleDownloadsdds (1).scr
C:Windowssystem32wbemwmiprvse.exe
Pseudo HJT Report
uStart Page = hxxp://www.google.co.uk/
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=6080828
mDefault_Page_URL = hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=6080828
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:program filesavgavg9toolbarIEToolbar.dll
mWinlogon: Userinit=c:windowssystem32userinit.exe,,c:program filesmicrosoftdesktoplayer.exe
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:program filescommon filesadobeacrobatactivexAcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:program filesavgavg9avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:progra~1spybot - search & destroySDHelper.dll
BHO: {589456F4-70D3-366B-B945-08D130ED0BF0} - No File
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:program filescommon filesmicrosoft sharedwindows liveWindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:program filesavgavg9toolbarIEToolbar.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:program filesdellbaeBAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:program filesjavajre6binjp2ssv.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:program filesavgavg9toolbarIEToolbar.dll
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
uRun: [ehTray.exe] c:windowsehomeehTray.exe
uRun: [BitTorrent DNA] 'c:program filesdnabtdna.exe'
uRun: [Google Update] 'c:userskofizzleappdatalocalgoogleupdateGoogleUpdate.exe' /c
uRun: [ZE18MW23GY] c:userskofizzleappdatalocaltempWkt.exe
uRun: [SpybotSD TeaTimer] c:program filesspybot - search & destroyTeaTimer.exe
uRun: [{4AC4A4F6-BCB3-07AC-5A45-ECD18932FD37}] c:userskofizzleappdataroamingixikdoahz.exe
uRun: [Skype] 'c:program filesskypephoneSkype.exe' /nosplash /minimized
uRun: [{CD0E99EC-B03F-82F5-06AA-FA9FD1E58BD3}] c:userskofizzleappdataroamingfuuhnierqy.exe
mRun: [Bluetooth HCI Monitor] RunDll32 HCIMNTR.DLL,RunCheckHCIMode
mRun: [PMX Daemon] ICO.EXE
mRun: [IAAnotif] 'c:program filesintelintel matrix storage managerIaanotif.exe'
mRun: [Windows Mobile Device Center] %windir%WindowsMobilewmdc.exe
mRun: [SunJavaUpdateSched] 'c:program filesjavajre6binjusched.exe'
mRun: [SigmatelSysTrayApp] c:program filessigmatelc-major audiowdmsttray.exe
mRun: [AVG9_TRAY] c:progra~1avgavg9avgtray.exe
mRun: [a-squared] 'c:program filesemsisoft anti-malwarea2guard.exe' /d=60
mRun: [QuickTime Task] 'c:program filesquicktimeQTTask.exe' -atboottime
mRun: [iTunesHelper] 'c:program filesitunesiTunesHelper.exe'
mRun: [AppleSyncNotifier] c:program filescommon filesapplemobile device supportAppleSyncNotifier.exe
dRunOnce: [FlashPlayerUpdate] c:windowssystem32macromedflashFlashUtil10c.exe
StartupFolder: c:progra~2micros~1windowsstartm~1programsstartupblueto~1.lnk - c:program fileswidcommbluetooth softwareBTTray.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:progra~1micros~3office12EXCEL.EXE/3000
IE: Open using &Advanced JPEG Compressor - c:program filesadvanced jpeg compressorajcieex.htm
IE: Send image to &Bluetooth Device.. - c:program fileswidcommbluetooth softwarebtsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device.. - c:program fileswidcommbluetooth softwarebtsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:program fileswidcommbluetooth softwarebtsendto_ie.htm
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:windowswindowsmobileINetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:windowswindowsmobileINetRepl.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:progra~1micros~3office12REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:progra~1spybot - search & destroySDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 208.67.220.220,208.67.222.222
TCP: {3379FE79-71F0-4A8F-BBEF-68CCBA7B5340} = 208.67.220.220,208.67.222.222
TCP: {9C786266-BBCE-4BD9-9B94-E1A52CDE6DFE} = 208.67.220.220,208.67.222.222
TCP: {B670210A-1E28-4D21-A79F-CDFEFDA43883} = 208.67.220.220,208.67.222.222
Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} -
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:program filesavgavg9toolbarIEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:program filesavgavg9avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:progra~1common~1skypeSkype4COM.dll
AppInit_DLLs: c:progra~1googlegoogle~2GOEC62~1.DLL,avgrsstx.dll
SEH: {16664848-0E00-11D2-8059-000000000000} - No File
FIREFOX
FF - ProfilePath - c:userskofizzleappdataroamingmozillafirefoxprofilesnfhrowe2.default
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/webhp?client=firefox-a&rls=org.mozilla:en-GB:official&channel=s&hl=en&btnG=Google+Search
FF - component: c:program filesavgavg9firefoxcomponentsavgssff.dll
FF - component: c:program filesmozilla firefoxextensions{ab2ce124-6272-4b12-94a9-7303c7397bd1}componentsSkypeFfComponent.dll
FF - plugin: c:program filesmicrosoftoffice livenpOLW.dll
FF - plugin: c:program filesmozilla firefoxpluginsnpbittorrent.dll
FF - plugin: c:program filesnvidia corporation3d visionnpnv3dv.dll
FF - plugin: c:program filesnvidia corporation3d visionnpnv3dvstreaming.dll
FF - plugin: c:program filesvistacodecpackrmbrowserpluginsnppl3260.dll
FF - plugin: c:program filesvistacodecpackrmbrowserpluginsnprpjplug.dll
FF - plugin: c:userskofizzleappdatalocalgoogleupdate1.2.183.29npGoogleOneClick8.dll
FF - plugin: c:userskofizzleappdataroamingfacebooknpfbplugin_1_0_3.dll
FF - plugin: c:userskofizzleappdataroamingmozillapluginsnpgoogletalk.dll
FF - plugin: c:userskofizzleappdataroamingmozillapluginsnpgtpo3dautoplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:windowsmicrosoft.netframeworkv3.5windows presentation foundationdotnetassistantextension
FF - HiddenExtension: Java Console: No Registry Reference - c:program filesmozilla firefoxextensions{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:program filesmozilla firefoxextensions{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
c:program filesmozilla firefoxgreprefsall.js - pref('ui.use_native_colors', true);
c:program filesmozilla firefoxgreprefsall.js - pref('ui.use_native_popup_windows', false);
c:program filesmozilla firefoxgreprefsall.js - pref('browser.enable_click_image_resizing', true);
c:program filesmozilla firefoxgreprefsall.js - pref('accessibility.browsewithcaret_shortcut.enabled', true);
c:program filesmozilla firefoxgreprefsall.js - pref('javascript.options.mem.high_water_mark', 32);
c:program filesmozilla firefoxgreprefsall.js - pref('javascript.options.mem.gc_frequency', 1600);
c:program filesmozilla firefoxgreprefsall.js - pref('network.IDN.whitelist.lu', true);
c:program filesmozilla firefoxgreprefsall.js - pref('network.IDN.whitelist.nu', true);
c:program filesmozilla firefoxgreprefsall.js - pref('network.IDN.whitelist.nz', true);
c:program filesmozilla firefoxgreprefsall.js - pref('network.IDN.whitelist.xn--mgbaam7a8h', true);
c:program filesmozilla firefoxgreprefsall.js - pref('network.IDN.whitelist.xn--mgberp4a5d4ar', true);
c:program filesmozilla firefoxgreprefsall.js - pref('network.IDN.whitelist.xn--p1ai', true);
c:program filesmozilla firefoxgreprefsall.js - pref('network.IDN.whitelist.xn--mgbayh7gpa', true);
c:program filesmozilla firefoxgreprefsall.js - pref('network.IDN.whitelist.tel', true);
c:program filesmozilla firefoxgreprefsall.js - pref('network.auth.force-generic-ntlm', false);
c:program filesmozilla firefoxgreprefsall.js - pref('network.proxy.type', 5);
c:program filesmozilla firefoxgreprefsall.js - pref('network.buffer.cache.count', 24);
c:program filesmozilla firefoxgreprefsall.js - pref('network.buffer.cache.size', 4096);
c:program filesmozilla firefoxgreprefsall.js - pref('dom.ipc.plugins.timeoutSecs', 45);
c:program filesmozilla firefoxgreprefsall.js - pref('svg.smil.enabled', false);
c:program filesmozilla firefoxgreprefsall.js - pref('ui.trackpoint_hack.enabled', -1);
c:program filesmozilla firefoxgreprefsall.js - pref('browser.formfill.debug', false);
c:program filesmozilla firefoxgreprefsall.js - pref('browser.formfill.agedWeight', 2);
c:program filesmozilla firefoxgreprefsall.js - pref('browser.formfill.bucketSize', 1);
c:program filesmozilla firefoxgreprefsall.js - pref('browser.formfill.maxTimeGroupings', 25);
c:program filesmozilla firefoxgreprefsall.js - pref('browser.formfill.timeGroupingSize', 604800);
c:program filesmozilla firefoxgreprefsall.js - pref('browser.formfill.boundaryWeight', 25);
c:program filesmozilla firefoxgreprefsall.js - pref('browser.formfill.prefixWeight', 5);
c:program filesmozilla firefoxgreprefsall.js - pref('accelerometer.enabled', true);
c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref('security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref', true);
c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref('security.ssl.renego_unrestricted_hosts', ');
c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref('security.ssl.treat_unsafe_negotiation_as_broken', false);
c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref('security.ssl.require_safe_negotiation', false);
c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref('security.ssl3.rsa_seed_sha', true);
c:program filesmozilla firefoxdefaultspreffirefox-branding.js - pref('app.update.download.backgroundInterval', 600);
c:program filesmozilla firefoxdefaultspreffirefox-branding.js - pref('app.update.url.manual', 'http://www.firefox.com');
c:program filesmozilla firefoxdefaultspreffirefox-branding.js - pref('browser.search.param.yahoo-fr-ja', 'mozff');
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name', 'chrome://browser/locale/browser.properties');
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description', 'chrome://browser/locale/browser.properties');
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('xpinstall.whitelist.add', 'addons.mozilla.org');
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('xpinstall.whitelist.add.36', 'getpersonas.com');
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('lightweightThemes.update.enabled', true);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('browser.allTabs.previews', false);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('plugins.hide_infobar_for_outdated_plugin', false);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('plugins.update.notifyUser', false);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('toolbar.customization.usesheet', false);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('dom.ipc.plugins.enabled.nptest.dll', true);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('dom.ipc.plugins.enabled.npswf32.dll', true);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('dom.ipc.plugins.enabled.npctrl.dll', true);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('dom.ipc.plugins.enabled.npqtplugin.dll', true);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('dom.ipc.plugins.enabled', false);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('browser.taskbar.previews.enable', false);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('browser.taskbar.previews.max', 20);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('browser.taskbar.previews.cachetime', 20);
SERVICES / DRIVERS
R0 AvgRkx86;avgrkx86.sys;c:windowssystem32driversavgrkx86.sys [2010-8-1 52872]
R0 Lbd;Lbd;c:windowssystem32driversLbd.sys [2010-8-18 64288]
R1 AvgTdiX;AVG Network Redirector;c:windowssystem32driversavgtdix.sys [2010-8-1 243024]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:program fileslavasoftad-awareAAWService.exe [2010-8-12 1356952]
R3 pmxmouse;PMXMOUSE;c:windowssystem32driverspmxmouse.sys [2008-8-27 18432]
R3 pmxusblf;PMXUSBLF;c:windowssystem32driverspmxusblf.sys [2008-8-27 19008]
S1 a2injectiondriver;a2injectiondriver;c:program filesemsisoft anti-malwarea2dix86.sys [2010-8-18 39576]
S1 a2util;a-squared Malware-IDS utility driver;c:program filesemsisoft anti-malwarea2util32.sys [2010-8-18 11776]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:windowssystem32driversavgldx86.sys [2010-8-1 216400]
S1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:windowssystem32driversavgmfx86.sys [2010-8-1 29584]
S2 0133911220302769mcinstcleanup;McAfee Application Installer Cleanup (0133911220302769);c:userskofizzleappdatalocaltemp013391~1.exe c:progra~1common~1mcafeeinstal~1cleanup.ini -cleanup -nolog -service --> c:userskofizzleappdatalocaltemp013391~1.exe c:progra~1common~1mcafeeinstal~1cleanup.ini -cleanup -nolog -service [?]
S2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:program filesemsisoft anti-malwarea2service.exe [2010-8-18 1935656]
S2 avg9wd;AVG WatchDog;c:program filesavgavg9avgwdsvc.exe [2010-8-1 308136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsmicrosoft.netframeworkv4.0.30319mscorsvw.exe [2010-3-18 130384]
S2 RoxLiveShare10;LiveShare P2P Server 10;'c:program filescommon filesroxio shared10.0sharedcomroxliveshare10.exe' --> c:program filescommon filesroxio shared10.0sharedcomRoxLiveShare10.exe [?]
S2 SessionLauncher;SessionLauncher;c:usersadmini~1appdatalocaltempdx9sessionlauncher.exe --> c:usersadmini~1appdatalocaltempdx9SessionLauncher.exe [?]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:program filesnvidia corporation3d visionnvSCPAPISvr.exe [2010-6-7 240232]
S3 a2acc;a2acc;c:program filesemsisoft anti-malwarea2accx86.sys [2010-8-18 71008]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:windowssystem32driversASPI32.SYS [2009-4-16 84832]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:program filesavgavg9toolbarToolbarBroker.exe [2010-8-16 430152]
S3 FontCache;Windows Font Cache Service;c:windowssystem32svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:program fileslavasoftad-awarekernexplorer.sys [2010-8-12 15008]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:windowsmicrosoft.netframeworkv4.0.30319wpfWPFFontCache_v0400.exe [2010-3-18 753504]
File Associations
regfile='regedit.exe' '%1'
Created Last 30
2010-10-04 18:10:20 0 d-----w- c:program filestmp
2010-09-29 17:12:33 2048 ----a-w- c:windowssystem32tzres.dll
2010-09-28 21:34:10 0 d-----w- c:program filesPearson VUE
2010-09-28 21:34:10 0 d-----w- c:program filescommon filesPearson VUE Common
2010-09-24 22:19:33 0 d-----w- c:program filesTrend Micro
2010-09-14 18:38:08 502272 ----a-w- c:windowssystem32usp10.dll
2010-09-14 18:38:07 128000 ----a-w- c:windowssystem32spoolsv.exe
2010-09-14 18:38:06 317952 ----a-w- c:windowssystem32MP4SDECD.DLL
2010-09-14 18:37:59 739328 ----a-w- c:windowssystem32inetcomm.dll
2010-09-12 17:49:51 56 ---ha-w- c:windowssystem32ezsidmv.dat
2010-09-12 17:46:25 0 d-----r- c:program filesSkype
2010-09-12 17:46:17 0 d-----w- c:programdataSkype
2010-09-12 17:40:40 0 d-----w- c:program filesDroidCam
2010-09-11 10:01:17 0 d-----w- c:program filesiPod
Find3M
2010-10-05 16:05:36 37205 ----a-w- c:programdatanvModes.dat
2010-10-05 16:03:24 5870 ----a-w- c:windowsbthservsdp.dat
2010-09-11 09:57:56 51200 ----a-w- c:windowsinfinfpub.dat
2010-09-11 09:57:56 143360 ----a-w- c:windowsinfinfstrng.dat
2010-09-11 09:57:56 143360 ----a-w- c:windowsinfinfstor.dat
2010-08-30 14:47:25 26082 ----a-w- c:userskofizzleappdataroamingwklnhst.dat
2010-08-30 00:43:34 57400 ----a-w- c:windowssystem32driversmountmgr.sys
2010-08-21 19:38:29 95024 ----a-w- c:windowssystem32driversSBREDrv.sys
2010-08-12 12:15:20 64288 ----a-w- c:windowssystem32driversLbd.sys
2010-08-12 12:15:20 15880 ----a-w- c:windowssystem32lsdelete.exe
2010-08-01 21:03:01 12536 ----a-w- c:windowssystem32avgrsstx.dll
2010-07-20 01:18:54 131088 ---ha-w- c:windowssystem32mlfcache.dat
2010-07-12 11:45:24 665600 ----a-w- c:windowsinfdrvindex.dat
2010-07-10 21:53:33 37665 ----a-w- c:windowsfontsGlobalUserInterface.CompositeFont
2008-10-19 18:10:45 267592 ----a-w- c:program filesUninstall Ask Toolbar.dll
2008-01-21 02:43:21 174 --sha-w- c:program filesdesktop.ini
2006-11-02 12:42:02 30674 ----a-w- c:windowsinfperflib0409perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:windowsinfperflib0409perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:windowsinfperflib0409perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:windowsinfperflib0409perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:windowsinfperflib0000perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:windowsinfperflib0000perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:windowsinfperflib0000perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:windowsinfperflib0000perfc.dat
2010-06-01 21:45:12 16384 --sha-w- c:windowsserviceprofileslocalserviceappdatalocaltempcookiesindex.dat
2010-06-01 21:45:12 16384 --sha-w- c:windowsserviceprofileslocalserviceappdatalocaltemphistoryhistory.ie5index.dat
2010-06-01 21:45:12 32768 --sha-w- c:windowsserviceprofileslocalserviceappdatalocaltemptemporary internet filescontent.ie5index.dat
2009-12-21 16:06:39 16384 --sha-w- c:windowsserviceprofilesnetworkserviceappdatalocalmicrosoftwindowshistoryhistory.ie5index.dat
2009-12-21 16:06:39 32768 --sha-w- c:windowsserviceprofilesnetworkserviceappdatalocalmicrosoftwindowstemporary internet filescontent.ie5index.dat
2009-12-21 16:06:39 16384 --sha-w- c:windowsserviceprofilesnetworkserviceappdataroamingmicrosoftwindowscookiesindex.dat
2009-10-15 16:49:05 245760 --sha-w- c:windowsserviceprofilesnetworkserviceappdataroamingmicrosoftwindowsietldcacheindex.dat
2008-08-28 07:02:52 8192 --sha-w- c:windowsusersdefaultNTUSER.DAT
FINISH: 18:10:58.20
Thank you for your help!
Been doing full scans with Ad-aware which come up with no results, AVG which come up with no results and alot for Spybot. My latest scan (15 minutes ago) comes up with 6 entries for Adbrite, 3 entries for Adviva, 3 for Burstmedia, 1 entry for DoubleClick, 4 entries for FastClick, 8 entries for Hitbox, 3 entries for Mediaplex, 1 entry for Stat counter, 4 entries for Tradedoubler, 1 entry for Webtrends live and 19 entries for Win32. Porn popup.
Everytime it manages to remove all the entries, however on second scan, most if not all entries come back
Lastly, Just today, as i was browsing the internet, my AVG resident shield is going crazy and detecting 100s of multiple threats from viruses which have infected lots of different files. It's saying the infections are:
Trojan horse SHeur3.AQRA
Qin32/Zbot.A
VBS/Generic
Can anyone help me? i think these infections have really slowed my internet and are driving my antivurs programs crazy
DDS (Ver_10-03-17.01) - NTFSx86 NETWORK
Run by Kofizzle at 18:08:47.65 on 05/10/2010
Internet Explorer: 8.0.6001.18943 BrowserJavaVersion: 1.6.0_17
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2045.1221 [GMT 1:00]
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
Running Processes
C:Windowssystem32wininit.exe
C:Windowssystem32lsm.exe
svchost.exe 4
C:Windowssystem32svchost.exe -k DcomLaunch
svchost.exe 4
C:Windowssystem32svchost.exe -k rpcss
C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted
C:Windowssystem32svchost.exe -k netsvcs
C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted
C:Windowssystem32svchost.exe -k NetworkService
C:Windowssystem32svchost.exe -k LocalService
C:Program FilesLavasoftAd-AwareAAWService.exe
C:Windowssystem32svchost.exe -k LocalServiceNoNetwork
C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted
C:Windowssystem32wbemunsecapp.exe
C:Windowssystem32wbemwmiprvse.exe
C:WindowsExplorer.EXE
C:UsersKofizzleAppDataLocalGoogleChromeApplicationchrome.exe
C:Program FilesLavasoftAd-AwareAAWWSC.exe
C:Program FilesLavasoftAd-AwareAAWTray.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:UsersKofizzleAppDataLocalGoogleChromeApplicationchrome.exe
C:UsersKofizzleAppDataLocalGoogleChromeApplicationchrome.exe
C:UsersKofizzleDesktopDesktopDesktopDesktopgmer.exe
C:UsersKofizzleAppDataLocalGoogleChromeApplicationchrome.exe
C:UsersKofizzleAppDataLocalGoogleChromeApplicationchrome.exe
C:UsersKofizzleDownloadsdds (1).scr
C:Windowssystem32wbemwmiprvse.exe
Pseudo HJT Report
uStart Page = hxxp://www.google.co.uk/
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=6080828
mDefault_Page_URL = hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=6080828
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:program filesavgavg9toolbarIEToolbar.dll
mWinlogon: Userinit=c:windowssystem32userinit.exe,,c:program filesmicrosoftdesktoplayer.exe
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:program filescommon filesadobeacrobatactivexAcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:program filesavgavg9avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:progra~1spybot - search & destroySDHelper.dll
BHO: {589456F4-70D3-366B-B945-08D130ED0BF0} - No File
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:program filescommon filesmicrosoft sharedwindows liveWindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:program filesavgavg9toolbarIEToolbar.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:program filesdellbaeBAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:program filesjavajre6binjp2ssv.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:program filesavgavg9toolbarIEToolbar.dll
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
uRun: [ehTray.exe] c:windowsehomeehTray.exe
uRun: [BitTorrent DNA] 'c:program filesdnabtdna.exe'
uRun: [Google Update] 'c:userskofizzleappdatalocalgoogleupdateGoogleUpdate.exe' /c
uRun: [ZE18MW23GY] c:userskofizzleappdatalocaltempWkt.exe
uRun: [SpybotSD TeaTimer] c:program filesspybot - search & destroyTeaTimer.exe
uRun: [{4AC4A4F6-BCB3-07AC-5A45-ECD18932FD37}] c:userskofizzleappdataroamingixikdoahz.exe
uRun: [Skype] 'c:program filesskypephoneSkype.exe' /nosplash /minimized
uRun: [{CD0E99EC-B03F-82F5-06AA-FA9FD1E58BD3}] c:userskofizzleappdataroamingfuuhnierqy.exe
mRun: [Bluetooth HCI Monitor] RunDll32 HCIMNTR.DLL,RunCheckHCIMode
mRun: [PMX Daemon] ICO.EXE
mRun: [IAAnotif] 'c:program filesintelintel matrix storage managerIaanotif.exe'
mRun: [Windows Mobile Device Center] %windir%WindowsMobilewmdc.exe
mRun: [SunJavaUpdateSched] 'c:program filesjavajre6binjusched.exe'
mRun: [SigmatelSysTrayApp] c:program filessigmatelc-major audiowdmsttray.exe
mRun: [AVG9_TRAY] c:progra~1avgavg9avgtray.exe
mRun: [a-squared] 'c:program filesemsisoft anti-malwarea2guard.exe' /d=60
mRun: [QuickTime Task] 'c:program filesquicktimeQTTask.exe' -atboottime
mRun: [iTunesHelper] 'c:program filesitunesiTunesHelper.exe'
mRun: [AppleSyncNotifier] c:program filescommon filesapplemobile device supportAppleSyncNotifier.exe
dRunOnce: [FlashPlayerUpdate] c:windowssystem32macromedflashFlashUtil10c.exe
StartupFolder: c:progra~2micros~1windowsstartm~1programsstartupblueto~1.lnk - c:program fileswidcommbluetooth softwareBTTray.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:progra~1micros~3office12EXCEL.EXE/3000
IE: Open using &Advanced JPEG Compressor - c:program filesadvanced jpeg compressorajcieex.htm
IE: Send image to &Bluetooth Device.. - c:program fileswidcommbluetooth softwarebtsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device.. - c:program fileswidcommbluetooth softwarebtsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:program fileswidcommbluetooth softwarebtsendto_ie.htm
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:windowswindowsmobileINetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:windowswindowsmobileINetRepl.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:progra~1micros~3office12REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:progra~1spybot - search & destroySDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 208.67.220.220,208.67.222.222
TCP: {3379FE79-71F0-4A8F-BBEF-68CCBA7B5340} = 208.67.220.220,208.67.222.222
TCP: {9C786266-BBCE-4BD9-9B94-E1A52CDE6DFE} = 208.67.220.220,208.67.222.222
TCP: {B670210A-1E28-4D21-A79F-CDFEFDA43883} = 208.67.220.220,208.67.222.222
Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} -
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:program filesavgavg9toolbarIEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:program filesavgavg9avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:progra~1common~1skypeSkype4COM.dll
AppInit_DLLs: c:progra~1googlegoogle~2GOEC62~1.DLL,avgrsstx.dll
SEH: {16664848-0E00-11D2-8059-000000000000} - No File
FIREFOX
FF - ProfilePath - c:userskofizzleappdataroamingmozillafirefoxprofilesnfhrowe2.default
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/webhp?client=firefox-a&rls=org.mozilla:en-GB:official&channel=s&hl=en&btnG=Google+Search
FF - component: c:program filesavgavg9firefoxcomponentsavgssff.dll
FF - component: c:program filesmozilla firefoxextensions{ab2ce124-6272-4b12-94a9-7303c7397bd1}componentsSkypeFfComponent.dll
FF - plugin: c:program filesmicrosoftoffice livenpOLW.dll
FF - plugin: c:program filesmozilla firefoxpluginsnpbittorrent.dll
FF - plugin: c:program filesnvidia corporation3d visionnpnv3dv.dll
FF - plugin: c:program filesnvidia corporation3d visionnpnv3dvstreaming.dll
FF - plugin: c:program filesvistacodecpackrmbrowserpluginsnppl3260.dll
FF - plugin: c:program filesvistacodecpackrmbrowserpluginsnprpjplug.dll
FF - plugin: c:userskofizzleappdatalocalgoogleupdate1.2.183.29npGoogleOneClick8.dll
FF - plugin: c:userskofizzleappdataroamingfacebooknpfbplugin_1_0_3.dll
FF - plugin: c:userskofizzleappdataroamingmozillapluginsnpgoogletalk.dll
FF - plugin: c:userskofizzleappdataroamingmozillapluginsnpgtpo3dautoplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:windowsmicrosoft.netframeworkv3.5windows presentation foundationdotnetassistantextension
FF - HiddenExtension: Java Console: No Registry Reference - c:program filesmozilla firefoxextensions{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:program filesmozilla firefoxextensions{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
c:program filesmozilla firefoxgreprefsall.js - pref('ui.use_native_colors', true);
c:program filesmozilla firefoxgreprefsall.js - pref('ui.use_native_popup_windows', false);
c:program filesmozilla firefoxgreprefsall.js - pref('browser.enable_click_image_resizing', true);
c:program filesmozilla firefoxgreprefsall.js - pref('accessibility.browsewithcaret_shortcut.enabled', true);
c:program filesmozilla firefoxgreprefsall.js - pref('javascript.options.mem.high_water_mark', 32);
c:program filesmozilla firefoxgreprefsall.js - pref('javascript.options.mem.gc_frequency', 1600);
c:program filesmozilla firefoxgreprefsall.js - pref('network.IDN.whitelist.lu', true);
c:program filesmozilla firefoxgreprefsall.js - pref('network.IDN.whitelist.nu', true);
c:program filesmozilla firefoxgreprefsall.js - pref('network.IDN.whitelist.nz', true);
c:program filesmozilla firefoxgreprefsall.js - pref('network.IDN.whitelist.xn--mgbaam7a8h', true);
c:program filesmozilla firefoxgreprefsall.js - pref('network.IDN.whitelist.xn--mgberp4a5d4ar', true);
c:program filesmozilla firefoxgreprefsall.js - pref('network.IDN.whitelist.xn--p1ai', true);
c:program filesmozilla firefoxgreprefsall.js - pref('network.IDN.whitelist.xn--mgbayh7gpa', true);
c:program filesmozilla firefoxgreprefsall.js - pref('network.IDN.whitelist.tel', true);
c:program filesmozilla firefoxgreprefsall.js - pref('network.auth.force-generic-ntlm', false);
c:program filesmozilla firefoxgreprefsall.js - pref('network.proxy.type', 5);
c:program filesmozilla firefoxgreprefsall.js - pref('network.buffer.cache.count', 24);
c:program filesmozilla firefoxgreprefsall.js - pref('network.buffer.cache.size', 4096);
c:program filesmozilla firefoxgreprefsall.js - pref('dom.ipc.plugins.timeoutSecs', 45);
c:program filesmozilla firefoxgreprefsall.js - pref('svg.smil.enabled', false);
c:program filesmozilla firefoxgreprefsall.js - pref('ui.trackpoint_hack.enabled', -1);
c:program filesmozilla firefoxgreprefsall.js - pref('browser.formfill.debug', false);
c:program filesmozilla firefoxgreprefsall.js - pref('browser.formfill.agedWeight', 2);
c:program filesmozilla firefoxgreprefsall.js - pref('browser.formfill.bucketSize', 1);
c:program filesmozilla firefoxgreprefsall.js - pref('browser.formfill.maxTimeGroupings', 25);
c:program filesmozilla firefoxgreprefsall.js - pref('browser.formfill.timeGroupingSize', 604800);
c:program filesmozilla firefoxgreprefsall.js - pref('browser.formfill.boundaryWeight', 25);
c:program filesmozilla firefoxgreprefsall.js - pref('browser.formfill.prefixWeight', 5);
c:program filesmozilla firefoxgreprefsall.js - pref('accelerometer.enabled', true);
c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref('security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref', true);
c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref('security.ssl.renego_unrestricted_hosts', ');
c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref('security.ssl.treat_unsafe_negotiation_as_broken', false);
c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref('security.ssl.require_safe_negotiation', false);
c:program filesmozilla firefoxgreprefssecurity-prefs.js - pref('security.ssl3.rsa_seed_sha', true);
c:program filesmozilla firefoxdefaultspreffirefox-branding.js - pref('app.update.download.backgroundInterval', 600);
c:program filesmozilla firefoxdefaultspreffirefox-branding.js - pref('app.update.url.manual', 'http://www.firefox.com');
c:program filesmozilla firefoxdefaultspreffirefox-branding.js - pref('browser.search.param.yahoo-fr-ja', 'mozff');
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name', 'chrome://browser/locale/browser.properties');
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description', 'chrome://browser/locale/browser.properties');
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('xpinstall.whitelist.add', 'addons.mozilla.org');
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('xpinstall.whitelist.add.36', 'getpersonas.com');
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('lightweightThemes.update.enabled', true);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('browser.allTabs.previews', false);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('plugins.hide_infobar_for_outdated_plugin', false);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('plugins.update.notifyUser', false);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('toolbar.customization.usesheet', false);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('dom.ipc.plugins.enabled.nptest.dll', true);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('dom.ipc.plugins.enabled.npswf32.dll', true);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('dom.ipc.plugins.enabled.npctrl.dll', true);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('dom.ipc.plugins.enabled.npqtplugin.dll', true);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('dom.ipc.plugins.enabled', false);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('browser.taskbar.previews.enable', false);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('browser.taskbar.previews.max', 20);
c:program filesmozilla firefoxdefaultspreffirefox.js - pref('browser.taskbar.previews.cachetime', 20);
SERVICES / DRIVERS
R0 AvgRkx86;avgrkx86.sys;c:windowssystem32driversavgrkx86.sys [2010-8-1 52872]
R0 Lbd;Lbd;c:windowssystem32driversLbd.sys [2010-8-18 64288]
R1 AvgTdiX;AVG Network Redirector;c:windowssystem32driversavgtdix.sys [2010-8-1 243024]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:program fileslavasoftad-awareAAWService.exe [2010-8-12 1356952]
R3 pmxmouse;PMXMOUSE;c:windowssystem32driverspmxmouse.sys [2008-8-27 18432]
R3 pmxusblf;PMXUSBLF;c:windowssystem32driverspmxusblf.sys [2008-8-27 19008]
S1 a2injectiondriver;a2injectiondriver;c:program filesemsisoft anti-malwarea2dix86.sys [2010-8-18 39576]
S1 a2util;a-squared Malware-IDS utility driver;c:program filesemsisoft anti-malwarea2util32.sys [2010-8-18 11776]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:windowssystem32driversavgldx86.sys [2010-8-1 216400]
S1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:windowssystem32driversavgmfx86.sys [2010-8-1 29584]
S2 0133911220302769mcinstcleanup;McAfee Application Installer Cleanup (0133911220302769);c:userskofizzleappdatalocaltemp013391~1.exe c:progra~1common~1mcafeeinstal~1cleanup.ini -cleanup -nolog -service --> c:userskofizzleappdatalocaltemp013391~1.exe c:progra~1common~1mcafeeinstal~1cleanup.ini -cleanup -nolog -service [?]
S2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:program filesemsisoft anti-malwarea2service.exe [2010-8-18 1935656]
S2 avg9wd;AVG WatchDog;c:program filesavgavg9avgwdsvc.exe [2010-8-1 308136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsmicrosoft.netframeworkv4.0.30319mscorsvw.exe [2010-3-18 130384]
S2 RoxLiveShare10;LiveShare P2P Server 10;'c:program filescommon filesroxio shared10.0sharedcomroxliveshare10.exe' --> c:program filescommon filesroxio shared10.0sharedcomRoxLiveShare10.exe [?]
S2 SessionLauncher;SessionLauncher;c:usersadmini~1appdatalocaltempdx9sessionlauncher.exe --> c:usersadmini~1appdatalocaltempdx9SessionLauncher.exe [?]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:program filesnvidia corporation3d visionnvSCPAPISvr.exe [2010-6-7 240232]
S3 a2acc;a2acc;c:program filesemsisoft anti-malwarea2accx86.sys [2010-8-18 71008]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:windowssystem32driversASPI32.SYS [2009-4-16 84832]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:program filesavgavg9toolbarToolbarBroker.exe [2010-8-16 430152]
S3 FontCache;Windows Font Cache Service;c:windowssystem32svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:program fileslavasoftad-awarekernexplorer.sys [2010-8-12 15008]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:windowsmicrosoft.netframeworkv4.0.30319wpfWPFFontCache_v0400.exe [2010-3-18 753504]
File Associations
regfile='regedit.exe' '%1'
Created Last 30
2010-10-04 18:10:20 0 d-----w- c:program filestmp
2010-09-29 17:12:33 2048 ----a-w- c:windowssystem32tzres.dll
2010-09-28 21:34:10 0 d-----w- c:program filesPearson VUE
2010-09-28 21:34:10 0 d-----w- c:program filescommon filesPearson VUE Common
2010-09-24 22:19:33 0 d-----w- c:program filesTrend Micro
2010-09-14 18:38:08 502272 ----a-w- c:windowssystem32usp10.dll
2010-09-14 18:38:07 128000 ----a-w- c:windowssystem32spoolsv.exe
2010-09-14 18:38:06 317952 ----a-w- c:windowssystem32MP4SDECD.DLL
2010-09-14 18:37:59 739328 ----a-w- c:windowssystem32inetcomm.dll
2010-09-12 17:49:51 56 ---ha-w- c:windowssystem32ezsidmv.dat
2010-09-12 17:46:25 0 d-----r- c:program filesSkype
2010-09-12 17:46:17 0 d-----w- c:programdataSkype
2010-09-12 17:40:40 0 d-----w- c:program filesDroidCam
2010-09-11 10:01:17 0 d-----w- c:program filesiPod
Find3M
2010-10-05 16:05:36 37205 ----a-w- c:programdatanvModes.dat
2010-10-05 16:03:24 5870 ----a-w- c:windowsbthservsdp.dat
2010-09-11 09:57:56 51200 ----a-w- c:windowsinfinfpub.dat
2010-09-11 09:57:56 143360 ----a-w- c:windowsinfinfstrng.dat
2010-09-11 09:57:56 143360 ----a-w- c:windowsinfinfstor.dat
2010-08-30 14:47:25 26082 ----a-w- c:userskofizzleappdataroamingwklnhst.dat
2010-08-30 00:43:34 57400 ----a-w- c:windowssystem32driversmountmgr.sys
2010-08-21 19:38:29 95024 ----a-w- c:windowssystem32driversSBREDrv.sys
2010-08-12 12:15:20 64288 ----a-w- c:windowssystem32driversLbd.sys
2010-08-12 12:15:20 15880 ----a-w- c:windowssystem32lsdelete.exe
2010-08-01 21:03:01 12536 ----a-w- c:windowssystem32avgrsstx.dll
2010-07-20 01:18:54 131088 ---ha-w- c:windowssystem32mlfcache.dat
2010-07-12 11:45:24 665600 ----a-w- c:windowsinfdrvindex.dat
2010-07-10 21:53:33 37665 ----a-w- c:windowsfontsGlobalUserInterface.CompositeFont
2008-10-19 18:10:45 267592 ----a-w- c:program filesUninstall Ask Toolbar.dll
2008-01-21 02:43:21 174 --sha-w- c:program filesdesktop.ini
2006-11-02 12:42:02 30674 ----a-w- c:windowsinfperflib0409perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:windowsinfperflib0409perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:windowsinfperflib0409perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:windowsinfperflib0409perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:windowsinfperflib0000perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:windowsinfperflib0000perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:windowsinfperflib0000perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:windowsinfperflib0000perfc.dat
2010-06-01 21:45:12 16384 --sha-w- c:windowsserviceprofileslocalserviceappdatalocaltempcookiesindex.dat
2010-06-01 21:45:12 16384 --sha-w- c:windowsserviceprofileslocalserviceappdatalocaltemphistoryhistory.ie5index.dat
2010-06-01 21:45:12 32768 --sha-w- c:windowsserviceprofileslocalserviceappdatalocaltemptemporary internet filescontent.ie5index.dat
2009-12-21 16:06:39 16384 --sha-w- c:windowsserviceprofilesnetworkserviceappdatalocalmicrosoftwindowshistoryhistory.ie5index.dat
2009-12-21 16:06:39 32768 --sha-w- c:windowsserviceprofilesnetworkserviceappdatalocalmicrosoftwindowstemporary internet filescontent.ie5index.dat
2009-12-21 16:06:39 16384 --sha-w- c:windowsserviceprofilesnetworkserviceappdataroamingmicrosoftwindowscookiesindex.dat
2009-10-15 16:49:05 245760 --sha-w- c:windowsserviceprofilesnetworkserviceappdataroamingmicrosoftwindowsietldcacheindex.dat
2008-08-28 07:02:52 8192 --sha-w- c:windowsusersdefaultNTUSER.DAT
FINISH: 18:10:58.20
Thank you for your help!
Attached Files
- Ark.log23.04KB1 downloads
- Attach.txt9.61KB2 downloads
Tere naam full movie 2003. Indian hero ajay devgan all movies. Atif aslam songs 2018. Edited by kissiman, 05 October 2010 - 01:17 PM.