Jump to content

Somethings wronggg.. please help asap


 Share

Recommended Posts

Hey AVG spyware found an adware program in error doctor, and i tried to uninstall the program to no avail. I rebooted in safe mode and deleted it in program files as well as the start menu. Gone right? no.. ever since ive had weird exe files being made in my temp folder not allowing me to save any programs through firefox, and whatever this is, is creating random exe files and making it look as though those are the files im trying to save. With it, i receive the error "c:/....[file] couldn't be saved because i cannot change the contents of the folder. Every time i try to save something it creates a new bogus exe file as to make it look like that the file im trying to save. I usually have a VERY clean computer, but now whatever this is is screwing it up... please help me get my computer back :)

Link to comment
Share on other sites


As usual, HijackThis log....

Ad-Aware SE

Spybot

CWShredder

Kaspersky or NOD32 (anti-virus)

Try Unlocker if files refuse to be modified/moved/deleted.

Use CCleaner to clean out temp/cache.

Use FileMon when you have Firefox open to see which files are trying to access others.

If the file(s) persist after this (unlikely), boot to a CD and delete them.

Link to comment
Share on other sites

Heres my hijack this log, more to come

Logfile of HijackThis v1.99.1

Scan saved at 10:05:28 PM, on 12/2/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\wltrysvc.exe

C:\WINDOWS\System32\bcmwltry.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Program Files\Comodo\Firewall\cmdagent.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\LClock\LClock.exe

C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe

C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe

C:\Program Files\Comodo\Firewall\cpf.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://inside.dean.edu/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8118

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - C:\PROGRA~1\IDA\idaiehlp.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll

O3 - Toolbar: IDA Bar - {C70E30C7-140A-4166-A2E8-43557E62B41A} - C:\Program Files\IDA\idabar.dll

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe

O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"

O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"

O8 - Extra context menu item: Download all by Net Transport - C:\Program Files\Internet\NetTransport\NTAddList.html

O8 - Extra context menu item: Download ALL with IDA - C:\Program Files\IDA\idaieall.htm

O8 - Extra context menu item: Download by Net Transport - C:\Program Files\Internet\NetTransport\NTAddLink.html

O8 - Extra context menu item: Download with IDA - C:\Program Files\IDA\idaie.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\npjpi150_10.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe

O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - https://h50203.www5.hp.com/HPISWeb/Customer...DataManager.CAB

O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlmanager.akamaitools.com.edgesuite...vex-2.0.6.0.cab

O16 - DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} (Rhapsody Player Engine) - http://forms.real.com/real/player/download...ne_Inst_Win.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/downl...lscbase5059.cab

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...902/mcfscan.cab

O18 - Protocol: x-excid - {9D6CC632-1337-4A33-9214-2DA092E776F4} - c:\WINDOWS\Downloaded Program Files\mimectl.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: SysEnforce - Unknown owner - C:\PROGRA~1\TRISNA~1\SSI\SYSENF~1.EXE (file missing)

O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

Link to comment
Share on other sites

Ad-Aware Full Scan.. More to come

Ad-Aware SE Settings

===========================

Set : Search for negligible risk entries

Set : Search for low-risk threats

Set : Safe mode (always request confirmation)

Set : Scan active processes

Set : Scan registry

Set : Deep-scan registry

Set : Scan my IE Favorites for banned URLs

Set : Scan within archives

Set : Scan my Hosts file

Extended Ad-Aware SE Settings

===========================

Set : Unload recognized processes & modules during scan

Set : Obtain command line of scanned processes

Set : Run scan as background process (Low CPU usage)

Set : Ignore spanned files when scanning cab archives

Set : Scan registry for all users instead of current user only

Set : Automatically check all objects in results lists

Set : Always try to unload modules before deletion

Set : During removal, unload Explorer and IE if necessary

Set : Let Windows remove files in use at next reboot

Set : Delete quarantined objects after restoring

Set : Block pop-ups aggressively

Set : Automatically select problematic objects in results lists

Set : Reanalyze results after scanning before displaying results lists

Set : Include basic Ad-Aware settings in log file

Set : Include additional Ad-Aware settings in log file

Set : Include reference summary in log file

Set : Create log file for removal operations

Set : Include module list in log file

Set : Include alternate data stream details in log file

Set : Limit drive selection to fixed drives

Set : Use gridlines in results lists

Set : Show detail tooltips in results lists

Set : Suppress WebUpdate confirmation dialogs

12-2-2006 10:08:23 PM - Scan started. (Full System Scan)

MRU List Object Recognized!

Location: : C:\Documents and Settings\Administrator\recent

Description : list of recently opened documents

MRU List Object Recognized!

Location: : S-1-5-21-1614895754-1788223648-839522115-500\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru

Description : list of recent programs opened

MRU List Object Recognized!

Location: : S-1-5-21-1614895754-1788223648-839522115-500\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru

Description : list of recently saved files, stored according to file extension

MRU List Object Recognized!

Location: : S-1-5-21-1614895754-1788223648-839522115-500\software\microsoft\windows\currentversion\explorer\runmru

Description : mru list for items opened in start | run

Listing running processes

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]

ModuleName : \SystemRoot\System32\smss.exe

Command Line : n/a

ProcessID : 764

ThreadCreationTime : 12-3-2006 1:07:08 AM

BasePriority : Normal

Scanning Module:\SystemRoot\System32\smss.exe...

Scanning Module:C:\WINDOWS\system32\ntdll.dll...

#:2 [csrss.exe]

ModuleName : \??\C:\WINDOWS\system32\csrss.exe

Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh

ProcessID : 836

ThreadCreationTime : 12-3-2006 1:07:10 AM

BasePriority : Normal

Scanning Module:\??\C:\WINDOWS\system32\csrss.exe...

Scanning Module:C:\WINDOWS\system32\CSRSRV.dll...

Scanning Module:C:\WINDOWS\system32\basesrv.dll...

Scanning Module:C:\WINDOWS\system32\winsrv.dll...

Scanning Module:C:\WINDOWS\system32\GDI32.dll...

Scanning Module:C:\WINDOWS\system32\KERNEL32.dll...

Scanning Module:C:\WINDOWS\system32\USER32.dll...

Scanning Module:C:\WINDOWS\system32\sxs.dll...

Scanning Module:C:\WINDOWS\system32\ADVAPI32.dll...

Scanning Module:C:\WINDOWS\system32\RPCRT4.dll...

Scanning Module:C:\WINDOWS\system32\Apphelp.dll...

Scanning Module:C:\WINDOWS\system32\VERSION.dll...

#:3 [winlogon.exe]

ModuleName : \??\C:\WINDOWS\system32\winlogon.exe

Command Line : winlogon.exe

ProcessID : 864

ThreadCreationTime : 12-3-2006 1:07:13 AM

BasePriority : High

Scanning Module:\??\C:\WINDOWS\system32\winlogon.exe...

Scanning Module:C:\WINDOWS\system32\AUTHZ.dll...

Scanning Module:C:\WINDOWS\system32\msvcrt.dll...

Scanning Module:C:\WINDOWS\system32\CRYPT32.dll...

Scanning Module:C:\WINDOWS\system32\MSASN1.dll...

Scanning Module:C:\WINDOWS\system32\NDdeApi.dll...

Scanning Module:C:\WINDOWS\system32\PROFMAP.dll...

Scanning Module:C:\WINDOWS\system32\NETAPI32.dll...

Scanning Module:C:\WINDOWS\system32\USERENV.dll...

Scanning Module:C:\WINDOWS\system32\PSAPI.DLL...

Scanning Module:C:\WINDOWS\system32\REGAPI.dll...

Scanning Module:C:\WINDOWS\system32\Secur32.dll...

Scanning Module:C:\WINDOWS\system32\SETUPAPI.dll...

Scanning Module:C:\WINDOWS\system32\WINSTA.dll...

Scanning Module:C:\WINDOWS\system32\WINTRUST.dll...

Scanning Module:C:\WINDOWS\system32\IMAGEHLP.dll...

Scanning Module:C:\WINDOWS\system32\WS2_32.dll...

Scanning Module:C:\WINDOWS\system32\WS2HELP.dll...

Scanning Module:C:\WINDOWS\system32\IMM32.DLL...

Scanning Module:C:\WINDOWS\system32\MSGINA.dll...

Scanning Module:C:\WINDOWS\system32\SHELL32.dll...

Scanning Module:C:\WINDOWS\system32\SHLWAPI.dll...

Scanning Module:C:\WINDOWS\system32\COMCTL32.dll...

Scanning Module:C:\WINDOWS\system32\ODBC32.dll...

Scanning Module:C:\WINDOWS\system32\comdlg32.dll...

Scanning Module:C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll...

Scanning Module:C:\WINDOWS\system32\odbcint.dll...

Scanning Module:C:\WINDOWS\system32\SHSVCS.dll...

Scanning Module:C:\WINDOWS\system32\sfc.dll...

Scanning Module:C:\WINDOWS\system32\sfc_os.dll...

Scanning Module:C:\WINDOWS\system32\ole32.dll...

Scanning Module:C:\WINDOWS\system32\msctfime.ime...

Scanning Module:C:\WINDOWS\system32\WINSCARD.DLL...

Scanning Module:C:\WINDOWS\system32\WTSAPI32.dll...

Scanning Module:C:\WINDOWS\system32\uxtheme.dll...

Scanning Module:C:\WINDOWS\system32\WINMM.dll...

Scanning Module:C:\WINDOWS\system32\Ati2evxx.dll...

Scanning Module:C:\WINDOWS\system32\rsaenh.dll...

Scanning Module:C:\WINDOWS\system32\cscdll.dll...

Scanning Module:C:\WINDOWS\system32\WlNotify.dll...

Scanning Module:C:\WINDOWS\system32\WINSPOOL.DRV...

Scanning Module:C:\WINDOWS\system32\MPR.dll...

Scanning Module:C:\WINDOWS\system32\WgaLogon.dll...

Scanning Module:C:\WINDOWS\system32\OLEAUT32.dll...

Scanning Module:C:\WINDOWS\system32\NTMARTA.DLL...

Scanning Module:C:\WINDOWS\system32\WLDAP32.dll...

Scanning Module:C:\WINDOWS\system32\SAMLIB.dll...

Scanning Module:C:\WINDOWS\system32\CLBCATQ.DLL...

Scanning Module:C:\WINDOWS\system32\COMRes.dll...

Scanning Module:C:\WINDOWS\system32\cscui.dll...

Scanning Module:C:\WINDOWS\system32\MPRAPI.dll...

Scanning Module:C:\WINDOWS\system32\ACTIVEDS.dll...

Scanning Module:C:\WINDOWS\system32\adsldpc.dll...

Scanning Module:C:\WINDOWS\system32\ATL.DLL...

Scanning Module:C:\WINDOWS\system32\rtutils.dll...

Scanning Module:C:\WINDOWS\system32\xpsp2res.dll...

Scanning Module:C:\WINDOWS\system32\msv1_0.dll...

Scanning Module:C:\WINDOWS\system32\iphlpapi.dll...

Scanning Module:C:\WINDOWS\system32\wdmaud.drv...

Scanning Module:C:\WINDOWS\system32\msacm32.drv...

Scanning Module:C:\WINDOWS\system32\MSACM32.dll...

Scanning Module:C:\WINDOWS\system32\midimap.dll...

Scanning Module:C:\WINDOWS\system32\wbem\wbemprox.dll...

Scanning Module:C:\WINDOWS\system32\wbem\wbemcomn.dll...

Scanning Module:C:\WINDOWS\system32\wbem\wbemsvc.dll...

Scanning Module:C:\WINDOWS\system32\wbem\fastprox.dll...

Scanning Module:C:\WINDOWS\system32\MSVCP60.dll...

Scanning Module:C:\WINDOWS\system32\NTDSAPI.dll...

Scanning Module:C:\WINDOWS\system32\DNSAPI.dll...

Scanning Module:C:\WINDOWS\system32\Cabinet.dll...

#:4 [services.exe]

ModuleName : C:\WINDOWS\system32\services.exe

Command Line : C:\WINDOWS\system32\services.exe

ProcessID : 912

ThreadCreationTime : 12-3-2006 1:07:13 AM

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Services and Controller app

InternalName : services.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : services.exe

Scanning Module:C:\WINDOWS\system32\services.exe...

Scanning Module:C:\WINDOWS\system32\SCESRV.dll...

Scanning Module:C:\WINDOWS\system32\umpnpmgr.dll...

Scanning Module:C:\WINDOWS\system32\NCObjAPI.DLL...

Scanning Module:C:\WINDOWS\system32\ShimEng.dll...

Scanning Module:C:\WINDOWS\AppPatch\AcAdProc.dll...

Scanning Module:C:\WINDOWS\system32\eventlog.dll...

#:5 [lsass.exe]

ModuleName : C:\WINDOWS\system32\lsass.exe

Command Line : C:\WINDOWS\system32\lsass.exe

ProcessID : 924

ThreadCreationTime : 12-3-2006 1:07:13 AM

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : LSA Shell (Export Version)

InternalName : lsass.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : lsass.exe

Scanning Module:C:\WINDOWS\system32\lsass.exe...

Scanning Module:C:\WINDOWS\system32\LSASRV.dll...

Scanning Module:C:\WINDOWS\system32\SAMSRV.dll...

Scanning Module:C:\WINDOWS\system32\cryptdll.dll...

Scanning Module:C:\WINDOWS\AppPatch\AcGenral.DLL...

Scanning Module:C:\WINDOWS\system32\msprivs.dll...

Scanning Module:C:\WINDOWS\system32\kerberos.dll...

Scanning Module:C:\WINDOWS\system32\netlogon.dll...

Scanning Module:C:\WINDOWS\system32\w32time.dll...

Scanning Module:C:\WINDOWS\system32\schannel.dll...

Scanning Module:C:\WINDOWS\system32\wdigest.dll...

Scanning Module:C:\WINDOWS\system32\scecli.dll...

Scanning Module:C:\WINDOWS\system32\ipsecsvc.dll...

Scanning Module:C:\WINDOWS\system32\oakley.DLL...

Scanning Module:C:\WINDOWS\system32\WINIPSEC.DLL...

Scanning Module:C:\WINDOWS\system32\mswsock.dll...

Scanning Module:C:\WINDOWS\system32\hnetcfg.dll...

Scanning Module:C:\WINDOWS\System32\wshtcpip.dll...

Scanning Module:C:\WINDOWS\system32\pstorsvc.dll...

Scanning Module:C:\WINDOWS\system32\psbase.dll...

Scanning Module:C:\WINDOWS\system32\dssenh.dll...

#:6 [svchost.exe]

ModuleName : C:\WINDOWS\system32\svchost.exe

Command Line : C:\WINDOWS\system32\svchost -k DcomLaunch

ProcessID : 1072

ThreadCreationTime : 12-3-2006 1:07:14 AM

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

Scanning Module:C:\WINDOWS\system32\svchost.exe...

Scanning Module:c:\windows\system32\rpcss.dll...

Scanning Module:c:\windows\system32\termsrv.dll...

Scanning Module:c:\windows\system32\ICAAPI.dll...

Scanning Module:c:\windows\system32\mstlsapi.dll...

#:7 [svchost.exe]

ModuleName : C:\WINDOWS\system32\svchost.exe

Command Line : C:\WINDOWS\system32\svchost -k rpcss

ProcessID : 1152

ThreadCreationTime : 12-3-2006 1:07:14 AM

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

Scanning Module:C:\WINDOWS\System32\winrnr.dll...

Scanning Module:C:\WINDOWS\system32\rasadhlp.dll...

#:8 [svchost.exe]

ModuleName : C:\WINDOWS\System32\svchost.exe

Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs

ProcessID : 1188

ThreadCreationTime : 12-3-2006 1:07:14 AM

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

Scanning Module:c:\windows\system32\dhcpcsvc.dll...

Scanning Module:c:\windows\system32\wzcsvc.dll...

Scanning Module:c:\windows\system32\WMI.dll...

Scanning Module:c:\windows\system32\ESENT.dll...

Scanning Module:C:\WINDOWS\system32\CRYPTUI.dll...

Scanning Module:C:\WINDOWS\system32\WININET.dll...

Scanning Module:C:\WINDOWS\system32\Normaliz.dll...

Scanning Module:C:\WINDOWS\system32\iertutil.dll...

Scanning Module:C:\WINDOWS\System32\RASAPI32.dll...

Scanning Module:C:\WINDOWS\System32\rasman.dll...

Scanning Module:C:\WINDOWS\System32\TAPI32.dll...

Scanning Module:C:\WINDOWS\System32\WZCSAPI.DLL...

Scanning Module:c:\windows\system32\schedsvc.dll...

Scanning Module:C:\WINDOWS\System32\MSIDLE.DLL...

Scanning Module:c:\windows\system32\audiosrv.dll...

Scanning Module:c:\windows\system32\wkssvc.dll...

Scanning Module:c:\windows\system32\cryptsvc.dll...

Scanning Module:c:\windows\system32\certcli.dll...

Scanning Module:c:\windows\system32\dmserver.dll...

Scanning Module:c:\windows\system32\ersvc.dll...

Scanning Module:c:\windows\system32\es.dll...

Scanning Module:c:\windows\pchealth\helpctr\binaries\pchsvc.dll...

Scanning Module:c:\windows\system32\srvsvc.dll...

Scanning Module:c:\windows\system32\netman.dll...

Scanning Module:c:\windows\system32\netshell.dll...

Scanning Module:c:\windows\system32\credui.dll...

Scanning Module:c:\windows\system32\seclogon.dll...

Scanning Module:c:\windows\system32\sens.dll...

Scanning Module:c:\windows\system32\srsvc.dll...

Scanning Module:c:\windows\system32\POWRPROF.dll...

Scanning Module:c:\windows\system32\trkwks.dll...

Scanning Module:c:\windows\system32\wbem\wmisvc.dll...

Scanning Module:C:\WINDOWS\system32\VSSAPI.DLL...

Scanning Module:c:\windows\system32\wuauserv.dll...

Scanning Module:C:\WINDOWS\system32\wuaueng.dll...

Scanning Module:C:\WINDOWS\System32\ADVPACK.dll...

Scanning Module:C:\WINDOWS\System32\SHFOLDER.dll...

Scanning Module:C:\WINDOWS\System32\WINHTTP.dll...

Scanning Module:C:\WINDOWS\System32\mspatcha.dll...

Scanning Module:c:\windows\system32\browser.dll...

Scanning Module:C:\WINDOWS\system32\comsvcs.dll...

Scanning Module:C:\WINDOWS\system32\colbact.DLL...

Scanning Module:C:\WINDOWS\system32\MTXCLU.DLL...

Scanning Module:C:\WINDOWS\system32\WSOCK32.dll...

Scanning Module:C:\WINDOWS\System32\CLUSAPI.DLL...

Scanning Module:C:\WINDOWS\System32\RESUTILS.DLL...

Scanning Module:c:\windows\system32\ipnathlp.dll...

Scanning Module:C:\WINDOWS\System32\Wbem\wbemcore.dll...

Scanning Module:C:\WINDOWS\System32\Wbem\esscli.dll...

Scanning Module:C:\WINDOWS\system32\wbem\wmiutils.dll...

Scanning Module:C:\WINDOWS\system32\wbem\repdrvfs.dll...

Scanning Module:C:\WINDOWS\system32\wbem\wmiprvsd.dll...

Scanning Module:C:\WINDOWS\system32\wbem\wbemess.dll...

Scanning Module:C:\WINDOWS\system32\netcfgx.dll...

Scanning Module:C:\WINDOWS\system32\upnp.dll...

Scanning Module:C:\WINDOWS\system32\SSDPAPI.dll...

Scanning Module:C:\WINDOWS\System32\rasmans.dll...

Scanning Module:C:\WINDOWS\System32\msi.dll...

Scanning Module:c:\windows\system32\tapisrv.dll...

Scanning Module:C:\WINDOWS\System32\rastapi.dll...

Scanning Module:C:\WINDOWS\System32\unimdm.tsp...

Scanning Module:C:\WINDOWS\System32\uniplat.dll...

Scanning Module:C:\WINDOWS\System32\unimdmat.dll...

Scanning Module:C:\WINDOWS\system32\modemui.dll...

Scanning Module:C:\WINDOWS\System32\kmddsp.tsp...

Scanning Module:C:\WINDOWS\System32\ndptsp.tsp...

Scanning Module:C:\WINDOWS\System32\ipconf.tsp...

Scanning Module:C:\WINDOWS\System32\h323.tsp...

Scanning Module:C:\WINDOWS\System32\hidphone.tsp...

Scanning Module:C:\WINDOWS\System32\HID.DLL...

Scanning Module:C:\WINDOWS\System32\rasppp.dll...

Scanning Module:C:\WINDOWS\System32\ntlsapi.dll...

Scanning Module:C:\WINDOWS\System32\raschap.dll...

Scanning Module:C:\WINDOWS\System32\rastls.dll...

Scanning Module:C:\WINDOWS\System32\RASDLG.dll...

Scanning Module:C:\WINDOWS\system32\wbem\ncprov.dll...

#:9 [evteng.exe]

ModuleName : C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

Command Line : "C:\Program Files\Intel\Wireless\Bin\EvtEng.exe"

ProcessID : 1228

ThreadCreationTime : 12-3-2006 1:07:14 AM

BasePriority : Normal

FileVersion : 10.5.0.20

ProductVersion : 10.5.0.1

ProductName : Intel® PROSet/Wireless Event Log

CompanyName : Intel Corporation

FileDescription : Intel® PROSet/Wireless Event Log

InternalName : EvtEng

LegalCopyright : Copyright © Intel Corporation 1999-2006

OriginalFilename : EvtEng.EXE

Scanning Module:C:\Program Files\Intel\Wireless\Bin\EvtEng.exe...

Scanning Module:C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll...

Scanning Module:C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL...

Scanning Module:C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll...

Scanning Module:C:\WINDOWS\system32\OLEACC.dll...

Scanning Module:C:\Program Files\Intel\Wireless\Bin\DbEngine.dll...

Scanning Module:C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll...

Scanning Module:C:\Program Files\Intel\Wireless\Bin\IntStngs.dll...

Scanning Module:C:\Program Files\Intel\Wireless\Bin\MurocApi.dll...

Scanning Module:C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll...

Scanning Module:C:\Program Files\Common Files\System\ado\msado15.dll...

Scanning Module:C:\WINDOWS\system32\MSDART.DLL...

Scanning Module:C:\Program Files\Common Files\System\Ole DB\oledb32.dll...

Scanning Module:C:\Program Files\Common Files\System\Ole DB\OLEDB32R.DLL...

Scanning Module:C:\Program Files\Common Files\System\Ole DB\msdasql.dll...

Scanning Module:C:\Program Files\Common Files\System\Ole DB\MSDATL3.dll...

Scanning Module:C:\Program Files\Common Files\System\Ole DB\MSDASQLR.DLL...

Scanning Module:C:\WINDOWS\system32\odbcjt32.dll...

Scanning Module:C:\WINDOWS\system32\msjet40.dll...

Scanning Module:C:\WINDOWS\system32\mswstr10.dll...

Scanning Module:C:\WINDOWS\system32\odbcji32.dll...

Scanning Module:C:\WINDOWS\system32\msjter40.dll...

Scanning Module:C:\WINDOWS\system32\MSJINT40.DLL...

Scanning Module:C:\WINDOWS\system32\odbccp32.dll...

Scanning Module:C:\Program Files\Common Files\System\msadc\msadce.dll...

Scanning Module:C:\Program Files\Common Files\System\msadc\msadcer.dll...

#:10 [explorer.exe]

ModuleName : C:\WINDOWS\Explorer.EXE

Command Line : C:\WINDOWS\Explorer.EXE

ProcessID : 1500

ThreadCreationTime : 12-3-2006 1:07:15 AM

BasePriority : Normal

FileVersion : 6.00.2900.2649 (xpsp.050406-1732)

ProductVersion : 6.00.2900.2649

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Windows Explorer

InternalName : explorer

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : EXPLORER.EXE

Scanning Module:C:\WINDOWS\Explorer.EXE...

Scanning Module:C:\WINDOWS\system32\BROWSEUI.dll...

Scanning Module:C:\WINDOWS\system32\SHDOCVW.dll...

Scanning Module:C:\WINDOWS\system32\themeui.dll...

Scanning Module:C:\WINDOWS\system32\MSIMG32.dll...

Scanning Module:C:\Program Files\Comodo\Firewall\appguard.dll...

Scanning Module:C:\WINDOWS\system32\LINKINFO.dll...

Scanning Module:C:\WINDOWS\system32\ntshrui.dll...

Scanning Module:C:\WINDOWS\system32\urlmon.dll...

Scanning Module:C:\WINDOWS\system32\ieframe.dll...

Scanning Module:C:\WINDOWS\system32\MLANG.dll...

Scanning Module:C:\Program Files\LClock\LC.dll...

Scanning Module:C:\WINDOWS\system32\webcheck.dll...

Scanning Module:C:\WINDOWS\system32\stobject.dll...

Scanning Module:C:\WINDOWS\system32\BatMeter.dll...

Scanning Module:C:\WINDOWS\system32\WPDShServiceObj.dll...

Scanning Module:C:\WINDOWS\system32\PortableDeviceTypes.dll...

Scanning Module:C:\WINDOWS\system32\PortableDeviceApi.dll...

Scanning Module:C:\WINDOWS\system32\wzcdlg.dll...

Scanning Module:C:\WINDOWS\System32\drprov.dll...

Scanning Module:C:\WINDOWS\System32\ntlanman.dll...

Scanning Module:C:\WINDOWS\System32\NETUI0.dll...

Scanning Module:C:\WINDOWS\System32\NETUI1.dll...

Scanning Module:C:\WINDOWS\System32\NETRAP.dll...

Scanning Module:C:\WINDOWS\System32\davclnt.dll...

Scanning Module:C:\WINDOWS\system32\browselc.dll...

Scanning Module:C:\WINDOWS\system32\DUSER.dll...

Scanning Module:C:\WINDOWS\system32\ShellExt\AUDIOS~1.DLL...

Scanning Module:C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll...

Scanning Module:C:\WINDOWS\system32\erasext.dll...

Scanning Module:C:\WINDOWS\system32\ERASER.dll...

Scanning Module:C:\Program Files\7-Zip\7-zip.dll...

Scanning Module:C:\WINDOWS\system32\xpsp1res.dll...

Scanning Module:C:\WINDOWS\system32\actxprxy.dll...

Scanning Module:C:\WINDOWS\system32\wmvcore.dll...

Scanning Module:C:\WINDOWS\system32\WMASF.DLL...

Scanning Module:C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll...

Scanning Module:C:\WINDOWS\system32\ShellExt\SelectAll.dll...

Scanning Module:C:\WINDOWS\system32\ShellExt\HiddenFilesToggle.dll...

Scanning Module:C:\WINDOWS\system32\ShellExt\FileExtToggle.dll...

Scanning Module:C:\WINDOWS\system32\ShellExt\BrowserBack.dll...

Scanning Module:C:\WINDOWS\system32\zipfldr.dll...

Scanning Module:C:\WINDOWS\system32\MSISIP.DLL...

Scanning Module:C:\WINDOWS\system32\wshext.dll...

Scanning Module:C:\WINDOWS\system32\MFC42.DLL...

Scanning Module:C:\PROGRA~1\MICROS~3\OFFICE11\MCPS.DLL...

#:11 [s24evmon.exe]

ModuleName : C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

Command Line : "C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe"

ProcessID : 1584

ThreadCreationTime : 12-3-2006 1:07:16 AM

BasePriority : Normal

FileVersion : 10.5.0.34

ProductVersion : 10.5.0.1

ProductName : Intel® PROSet/Wireless Service

CompanyName : Intel Corporation

FileDescription : Wireless Management Service

InternalName : S24EvMon

LegalCopyright : Copyright © Intel Corporation 1999-2006

OriginalFilename : S24EvMon.exe

Scanning Module:C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe...

Scanning Module:C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL...

#:12 [svchost.exe]

ModuleName : C:\WINDOWS\system32\svchost.exe

Command Line : C:\WINDOWS\system32\svchost.exe -k NetworkService

ProcessID : 1624

ThreadCreationTime : 12-3-2006 1:07:16 AM

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

Scanning Module:c:\windows\system32\dnsrslvr.dll...

#:13 [svchost.exe]

ModuleName : C:\WINDOWS\system32\svchost.exe

Command Line : C:\WINDOWS\system32\svchost.exe -k LocalService

ProcessID : 1728

ThreadCreationTime : 12-3-2006 1:07:16 AM

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

Scanning Module:c:\windows\system32\lmhsvc.dll...

Scanning Module:c:\windows\system32\webclnt.dll...

Scanning Module:c:\windows\system32\regsvc.dll...

Scanning Module:c:\windows\system32\ssdpsrv.dll...

#:14 [wltrysvc.exe]

ModuleName : C:\WINDOWS\System32\wltrysvc.exe

Command Line : C:\WINDOWS\System32\wltrysvc.exe C:\WINDOWS\System32\bcmwltry.exe

ProcessID : 1896

ThreadCreationTime : 12-3-2006 1:07:17 AM

BasePriority : Normal

Scanning Module:C:\WINDOWS\System32\wltrysvc.exe...

#:15 [bcmwltry.exe]

ModuleName : C:\WINDOWS\System32\bcmwltry.exe

Command Line : C:\WINDOWS\System32\bcmwltry.exe

ProcessID : 1908

ThreadCreationTime : 12-3-2006 1:07:17 AM

BasePriority : Normal

FileVersion : 3.140.16.0

ProductVersion : 3.140.16.0

ProductName : Broadcom 802.11 Network Adapter Wireless Network Controller

CompanyName : Broadcom Corporation

FileDescription : Broadcom 802.11 Network Adapter Wireless Network Controller

InternalName : bcmwltry.exe

LegalCopyright : 1998-2005, Broadcom Corporation All Rights Reserved.

OriginalFilename : bcmwltry.exe

Scanning Module:C:\WINDOWS\System32\bcmwltry.exe...

Scanning Module:C:\WINDOWS\System32\CFGMGR32.dll...

Scanning Module:C:\WINDOWS\System32\AegisE5.dll...

Scanning Module:C:\WINDOWS\System32\mfc42u.dll...

Scanning Module:C:\WINDOWS\System32\wltrynt.dll...

#:16 [spoolsv.exe]

ModuleName : C:\WINDOWS\system32\spoolsv.exe

Command Line : C:\WINDOWS\system32\spoolsv.exe

ProcessID : 1972

ThreadCreationTime : 12-3-2006 1:07:17 AM

BasePriority : Normal

FileVersion : 5.1.2600.2696 (xpsp.050610-1527)

ProductVersion : 5.1.2600.2696

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Spooler SubSystem App

InternalName : spoolsv.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : spoolsv.exe

Scanning Module:C:\WINDOWS\system32\spoolsv.exe...

Scanning Module:C:\WINDOWS\system32\SPOOLSS.DLL...

Scanning Module:C:\WINDOWS\system32\localspl.dll...

Scanning Module:C:\WINDOWS\system32\mdimon.dll...

Scanning Module:C:\WINDOWS\system32\tcpmon.dll...

Scanning Module:C:\WINDOWS\system32\usbmon.dll...

Scanning Module:C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll...

Scanning Module:C:\WINDOWS\system32\win32spl.dll...

Scanning Module:C:\WINDOWS\system32\inetpp.dll...

#:17 [sched.exe]

ModuleName : C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

Command Line : "C:\Program Files\AntiVir PersonalEdition Classic\sched.exe"

ProcessID : 196

ThreadCreationTime : 12-3-2006 1:07:17 AM

BasePriority : Normal

Scanning Module:C:\Program Files\AntiVir PersonalEdition Classic\sched.exe...

Scanning Module:C:\Program Files\AntiVir PersonalEdition Classic\MSVCR71.dll...

Scanning Module:C:\Program Files\AntiVir PersonalEdition Classic\MSVCP71.dll...

Scanning Module:C:\Program Files\AntiVir PersonalEdition Classic\schedr.dll...

#:18 [avguard.exe]

ModuleName : C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

Command Line : "C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe"

ProcessID : 208

ThreadCreationTime : 12-3-2006 1:07:17 AM

BasePriority : Normal

Scanning Module:C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe...

Scanning Module:C:\Program Files\AntiVir PersonalEdition Classic\GUARDMSG.DLL...

Scanning Module:C:\Program Files\AntiVir PersonalEdition Classic\AVPREF.DLL...

Scanning Module:C:\Program Files\AntiVir PersonalEdition Classic\SMTPLIB.DLL...

Scanning Module:C:\Program Files\AntiVir PersonalEdition Classic\AVEWIN32.DLL...

Scanning Module:C:\WINDOWS\system32\FLTLIB.DLL...

#:19 [guard.exe]

ModuleName : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

Command Line : n/a

ProcessID : 224

ThreadCreationTime : 12-3-2006 1:07:17 AM

BasePriority : Normal

FileVersion : 7, 5, 0, 47

ProductVersion : 7, 5, 0, 47

ProductName : AVG Anti-Spyware

CompanyName : Anti-Malware Development a.s.

FileDescription : AVG Anti-Spyware guard

InternalName : AVG Anti-Spyware guard

LegalCopyright : Copyright © 2006 Anti-Malware Development a.s.

OriginalFilename : guard.exe

Scanning Module:C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe...

Scanning Module:C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll...

#:20 [cmdagent.exe]

ModuleName : C:\Program Files\Comodo\Firewall\cmdagent.exe

Command Line : n/a

ProcessID : 240

ThreadCreationTime : 12-3-2006 1:07:17 AM

BasePriority : Normal

FileVersion : 2.4.0.18

ProductVersion : 2.4.0.0

ProductName : Comodo Firewall

CompanyName : COMODO

FileDescription : Comodo Agent Service

InternalName : cmdagent

LegalCopyright : Copyright © 2005-2006 COMODO ®. All rights reserved

LegalTrademarks : Copyright © 2005-2006 COMODO ®. All rights reserved

OriginalFilename : cmdagent.exe

Scanning Module:C:\Program Files\Comodo\Firewall\cmdagent.exe...

Scanning Module:C:\Program Files\Comodo\Firewall\dbghelp.dll...

#:21 [regsrvc.exe]

ModuleName : C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

Command Line : "C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe"

ProcessID : 492

ThreadCreationTime : 12-3-2006 1:07:18 AM

BasePriority : Normal

FileVersion : 10.5.0.4

ProductVersion : 10.5.0.1

ProductName : Intel® PROSet/Wireless Registry Service

CompanyName : Intel Corporation

FileDescription : Intel® PROSet/Wireless Registry Service

InternalName : RegSrvc

LegalCopyright : Copyright © Intel Corporation 1999-2006

OriginalFilename : RegSrvc.EXE

Comments : Registry Interface for Intel Wireless Products

Scanning Module:C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe...

#:22 [agrsmmsg.exe]

ModuleName : C:\WINDOWS\AGRSMMSG.exe

Command Line : "C:\WINDOWS\AGRSMMSG.exe"

ProcessID : 1708

ThreadCreationTime : 12-3-2006 1:07:21 AM

BasePriority : Normal

FileVersion : 2.1.51 2.1.51 03/04/2005 12:01:54

ProductVersion : 2.1.51 2.1.51 03/04/2005 12:01:54

ProductName : Agere SoftModem Messaging Applet

CompanyName : Agere Systems

FileDescription : SoftModem Messaging Applet

InternalName : smdmstat.exe

LegalCopyright : Copyright © Agere Systems 1998-2000

OriginalFilename : smdmstat.exe

Scanning Module:C:\WINDOWS\AGRSMMSG.exe...

#:23 [avgas.exe]

ModuleName : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

Command Line : "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

ProcessID : 1760

ThreadCreationTime : 12-3-2006 1:07:21 AM

BasePriority : Normal

FileVersion : 7, 5, 0, 50

ProductVersion : 7, 5, 0, 50

ProductName : AVG Anti-Spyware

CompanyName : Anti-Malware Development a.s.

FileDescription : AVG Anti-Spyware

InternalName : AVG Anti-Spyware

LegalCopyright : Copyright © 2006 Anti-Malware Development a.s.

OriginalFilename : avgas.exe

Scanning Module:C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe...

#:24 [alg.exe]

ModuleName : C:\WINDOWS\System32\alg.exe

Command Line : C:\WINDOWS\System32\alg.exe

ProcessID : 1784

ThreadCreationTime : 12-3-2006 1:07:21 AM

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Application Layer Gateway Service

InternalName : ALG.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : ALG.exe

Scanning Module:C:\WINDOWS\System32\alg.exe...

#:25 [lclock.exe]

ModuleName : C:\Program Files\LClock\LClock.exe

Command Line : "C:\Program Files\LClock\LClock.exe"

ProcessID : 1792

ThreadCreationTime : 12-3-2006 1:07:21 AM

BasePriority : Normal

FileVersion : 1, 0, 0, 1

ProductVersion : 1, 0, 0, 1

ProductName : LClock Application

FileDescription : LClock Application

InternalName : LClock

LegalCopyright : Copyright © 2004

OriginalFilename : LClock.exe

Scanning Module:C:\Program Files\LClock\LClock.exe...

Scanning Module:C:\Program Files\LClock\Calendar.dll...

#:26 [zcfgsvc.exe]

ModuleName : C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

Command Line : "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"

ProcessID : 1800

ThreadCreationTime : 12-3-2006 1:07:21 AM

BasePriority : Normal

FileVersion : 10.5.0.5

ProductVersion : 10.5.0.1

ProductName : ZeroCfgSvc Application

CompanyName : Intel Corporation

FileDescription : ZeroCfgSvc MFC Application

InternalName : ZeroCfgSvc

LegalCopyright : Copyright © Intel Corporation 1999-2006

OriginalFilename : ZeroCfgSvc.EXE

Scanning Module:C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe...

Scanning Module:C:\WINDOWS\system32\oledlg.dll...

#:27 [ifrmewrk.exe]

ModuleName : C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

Command Line : "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

ProcessID : 1812

ThreadCreationTime : 12-3-2006 1:07:21 AM

BasePriority : Normal

FileVersion : 10.5.0.1

ProductVersion : 10.5.0.1

ProductName : Intel® PROSet/Wireless

CompanyName : Intel Corporation

FileDescription : Intel Framework MFC Application

InternalName : Framework

LegalCopyright : Copyright © Intel Corporation 1999-2006

OriginalFilename : iFramewrk.exe

Scanning Module:C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe...

Scanning Module:C:\Program Files\Intel\Wireless\Bin\FrameworkPlugins\ConnMgr.dll...

#:28 [avgnt.exe]

ModuleName : C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

Command Line : "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min

ProcessID : 1820

ThreadCreationTime : 12-3-2006 1:07:21 AM

BasePriority : Normal

Scanning Module:C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe...

Scanning Module:C:\Program Files\AntiVir PersonalEdition Classic\MFC71U.DLL...

Scanning Module:C:\Program Files\AntiVir PersonalEdition Classic\avgcmxp.dll...

#:29 [jusched.exe]

ModuleName : C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe

Command Line : "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"

ProcessID : 1828

ThreadCreationTime : 12-3-2006 1:07:21 AM

BasePriority : Normal

Scanning Module:C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe...

#:30 [dot1xcfg.exe]

ModuleName : C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe

Command Line : "C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe" -Embedding

ProcessID : 2884

ThreadCreationTime : 12-3-2006 1:07:28 AM

BasePriority : Normal

FileVersion : 10.5.0.3

ProductVersion : 10.5.0.1

ProductName : Intel PROSet/Wireless

CompanyName : Intel Corporation

FileDescription : Intel 802.1x Server

InternalName : Dot1xCfg

LegalCopyright : Copyright © Intel Corporation 2006

OriginalFilename : Dot1xCfg.exe

Scanning Module:C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe...

Scanning Module:C:\Program Files\Intel\Wireless\Bin\acAuth.dll...

Scanning Module:C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll...

Scanning Module:C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll...

#:31 [cpf.exe]

ModuleName : C:\Program Files\Comodo\Firewall\cpf.exe

Command Line : n/a

ProcessID : 3552

ThreadCreationTime : 12-3-2006 2:13:59 AM

BasePriority : Normal

FileVersion : 2.4.0.56

ProductVersion : 2.4.0.0

ProductName : Comodo Firewall

CompanyName : COMODO

FileDescription : Comodo Firewall

InternalName : cpf.exe

LegalCopyright : Copyright © 2005-2006 COMODO ®. All rights reserved

OriginalFilename : cpf.exe

Scanning Module:C:\Program Files\Comodo\Firewall\cpf.exe...

Scanning Module:C:\Program Files\Comodo\Firewall\clicapi.dll...

Scanning Module:C:\WINDOWS\system32\RICHED20.DLL...

Scanning Module:C:\WINDOWS\system32\asycfilt.dll...

#:32 [firefox.exe]

ModuleName : C:\Program Files\Mozilla Firefox\firefox.exe

Command Line : "C:\Program Files\Mozilla Firefox\firefox.exe" /prefetch:1

ProcessID : 3196

ThreadCreationTime : 12-3-2006 2:18:49 AM

BasePriority : Normal

Scanning Module:C:\Program Files\Mozilla Firefox\firefox.exe...

Scanning Module:C:\Program Files\Mozilla Firefox\js3250.dll...

Scanning Module:C:\Program Files\Mozilla Firefox\nspr4.dll...

Scanning Module:C:\Program Files\Mozilla Firefox\xpcom_core.dll...

Scanning Module:C:\Program Files\Mozilla Firefox\plc4.dll...

Scanning Module:C:\Program Files\Mozilla Firefox\plds4.dll...

Scanning Module:C:\Program Files\Mozilla Firefox\smime3.dll...

Scanning Module:C:\Program Files\Mozilla Firefox\nss3.dll...

Scanning Module:C:\Program Files\Mozilla Firefox\softokn3.dll...

Scanning Module:C:\Program Files\Mozilla Firefox\ssl3.dll...

Scanning Module:C:\Program Files\Mozilla Firefox\xpcom_compat.dll...

Scanning Module:C:\Program Files\Mozilla Firefox\components\myspell.dll...

Scanning Module:C:\Program Files\Mozilla Firefox\components\jar50.dll...

Scanning Module:C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\qfaservices.dll...

Scanning Module:C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\FULLSOFT.DLL...

Scanning Module:C:\WINDOWS\system32\msimtf.dll...

Scanning Module:C:\WINDOWS\system32\MSCTF.dll...

Scanning Module:C:\Program Files\Mozilla Firefox\freebl3.dll...

Scanning Module:C:\Program Files\Mozilla Firefox\nssckbi.dll...

Scanning Module:C:\Program Files\Mozilla Firefox\components\spellchk.dll...

#:33 [ad-aware.exe]

ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe

Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe"

ProcessID : 3028

ThreadCreationTime : 12-3-2006 3:08:07 AM

BasePriority : Idle

FileVersion : 6.2.0.238

ProductVersion : SE 106

ProductName : Lavasoft Ad-Aware SE

CompanyName : Lavasoft Sweden

FileDescription : Ad-Aware SE Core application

InternalName : Ad-Aware.exe

LegalCopyright : Copyright © Lavasoft AB Sweden

OriginalFilename : Ad-Aware.exe

Comments : All Rights Reserved

Scanning Module:C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe...

Scanning Module:C:\WINDOWS\system32\olepro32.dll...

Scanning Module:C:\WINDOWS\system32\RICHED32.DLL...

Memory scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 4

Started registry scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 4

Started deep registry scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 4

Started Tracking Cookie scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking cookie scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 4

Deep scanning and examining files (C:)

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 4

Scanning Hosts file......

Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

11835 entries scanned.

New critical objects:0

Objects found so far: 4

Performing conditional scans...

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 4

10:13:16 PM Scan Complete

Summary Of This Scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Total scanning time:00:04:52.344

Objects scanned:151919

Objects identified:0

Objects ignored:0

New critical objects:0

Reanalyzing scan result

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

No objects have been removed from the result list.

Link to comment
Share on other sites

Full scan with Spybot with latest definitions... nothing

EDIT: Full scan with AVG found nothing, but i tried to download again and am able to.hmmm.. im skeptical, but if the issues continues ill repost, thanks!

Edited by tvalenti
Link to comment
Share on other sites

For future reference, please attach logs to your post, don't make them so inconceivably long. :hello:

Don't scan with AVG, you have AntiVir installed, which has a much higher detection rate than AVG (and Symantec, believe that?). AVG is a waste of harddrive space and time at this point.

Link to comment
Share on other sites

Well he's using AVG AntiSpyware, not the Anti-Virus.

Ah yes, I keep forgetting AVG bought out Ewido. Anyway, Ad-Aware SE and Spybot pretty much take care of all spyware from my experience (dozens of PCs brought into a tech shop).

Link to comment
Share on other sites

Try Removeit Pro - get it from majorgeeks.com, it's small; fast and cleans things other applications never find. I run avast! in all 7 modes, as well as two firewalls and routinely find stuff that sneaks in [ my eldest son plays online games... ]

Link to comment
Share on other sites

Nevermind.. i restarted everything came back clean... im starting to get frustrated.. i am having the same issue come back tonight though... seems its only an issue with firefox though.. anyone have any suggestions?

Link to comment
Share on other sites

Check out my Anti-Malware package. Get Avast and do a full system scan (including boot time scan), then apply and/or scan with SpywareBlaster, CWShredder, Ad-Aware, Spybot, AVG AntiSpyware, and then post another HijackThis log.

Link to comment
Share on other sites

@Tarun: Ive fixed my issue. I used the programs on your site, but you didnt include the one thing that found 5 various pieces of spyware that all the others DIDNT pickup :) I strongly suggest you add the free online trend micro spyware scanner to your list at housecall.trendmicro.com. Thanks for all your help everyone, and if you smart youll scan with this site too its a miracle!

Thanks guys

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.


×
×
  • Create New...