Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91987 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

[Resolved] ScriptInocUI Class


  • This topic is locked This topic is locked
40 replies to this topic

#31 cortspop

cortspop

    Authentic Member

  • Authentic Member
  • PipPip
  • 162 posts

Posted 21 November 2009 - 10:54 AM

Here is the error msg I get when I try to install. Local machine: installation failed Installation: Error: Action failed for registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows: creating registry key.... Access is denied.

    Advertisements

Register to Remove


#32 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,156 posts

Posted 21 November 2009 - 12:29 PM

cortspop, Please post a new set of DDS logs.

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#33 cortspop

cortspop

    Authentic Member

  • Authentic Member
  • PipPip
  • 162 posts

Posted 21 November 2009 - 05:19 PM

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-06-26.01) Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume2 Install Date: 12/24/2005 12:43:04 PM System Uptime: 11/21/2009 8:56:09 AM (9 hours ago) Motherboard: Dell Computer Corp. | | 0TC666 Processor: Intel® Celeron® CPU 2.53GHz | Microprocessor | 2527/533mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 71 GiB total, 53.271 GiB free. D: is CDROM () ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP1006: 9/17/2009 9:16:22 PM - Software Distribution Service 3.0 RP1007: 9/18/2009 9:00:21 AM - Software Distribution Service 3.0 RP1008: 9/18/2009 9:23:05 PM - Software Distribution Service 3.0 RP1009: 9/19/2009 9:00:20 AM - Software Distribution Service 3.0 RP1010: 9/20/2009 9:17:20 AM - Software Distribution Service 3.0 RP1011: 9/20/2009 8:55:39 PM - Software Distribution Service 3.0 RP1012: 9/21/2009 9:00:22 AM - Software Distribution Service 3.0 RP1013: 9/21/2009 8:24:47 PM - Software Distribution Service 3.0 RP1014: 9/22/2009 9:00:22 AM - Software Distribution Service 3.0 RP1015: 9/23/2009 9:00:25 AM - Software Distribution Service 3.0 RP1016: 9/23/2009 9:46:47 PM - Software Distribution Service 3.0 RP1017: 9/24/2009 9:00:19 AM - Software Distribution Service 3.0 RP1018: 9/24/2009 9:36:38 PM - Software Distribution Service 3.0 RP1019: 9/25/2009 9:00:26 AM - Software Distribution Service 3.0 RP1020: 9/25/2009 10:38:11 PM - Software Distribution Service 3.0 RP1021: 9/26/2009 10:04:52 PM - Installed Java™ 6 Update 15 RP1022: 9/26/2009 11:21:33 PM - Software Distribution Service 3.0 RP1023: 9/27/2009 9:00:25 AM - Software Distribution Service 3.0 RP1024: 9/27/2009 9:58:43 PM - Software Distribution Service 3.0 RP1025: 9/28/2009 9:00:22 AM - Software Distribution Service 3.0 RP1026: 9/28/2009 9:46:20 PM - Software Distribution Service 3.0 RP1027: 9/29/2009 9:00:25 AM - Software Distribution Service 3.0 RP1028: 9/29/2009 9:48:03 PM - Software Distribution Service 3.0 RP1029: 9/30/2009 9:00:21 AM - Software Distribution Service 3.0 RP1030: 9/30/2009 9:41:22 PM - Software Distribution Service 3.0 RP1031: 10/1/2009 9:00:23 AM - Software Distribution Service 3.0 RP1032: 10/2/2009 9:00:21 AM - Software Distribution Service 3.0 RP1033: 10/3/2009 9:00:29 AM - Software Distribution Service 3.0 RP1034: 10/4/2009 9:00:24 AM - Software Distribution Service 3.0 RP1035: 10/5/2009 8:15:20 AM - Avg8 Update RP1036: 10/5/2009 8:17:14 AM - Avg8 Update RP1037: 10/5/2009 9:00:18 AM - Software Distribution Service 3.0 RP1038: 10/5/2009 6:58:47 PM - Software Distribution Service 3.0 RP1039: 10/6/2009 9:00:23 AM - Software Distribution Service 3.0 RP1040: 10/7/2009 8:34:31 AM - Avg8 Update RP1041: 10/7/2009 9:00:16 AM - Software Distribution Service 3.0 RP1042: 10/7/2009 8:50:57 PM - Software Distribution Service 3.0 RP1043: 10/8/2009 9:00:21 AM - Software Distribution Service 3.0 RP1044: 10/8/2009 9:18:20 PM - Software Distribution Service 3.0 RP1045: 10/9/2009 9:00:24 AM - Software Distribution Service 3.0 RP1046: 10/9/2009 9:40:25 PM - Software Distribution Service 3.0 RP1047: 10/10/2009 9:00:17 AM - Software Distribution Service 3.0 RP1048: 10/10/2009 10:25:15 PM - Software Distribution Service 3.0 RP1049: 10/11/2009 8:51:44 PM - Software Distribution Service 3.0 RP1050: 10/12/2009 9:00:20 AM - Software Distribution Service 3.0 RP1051: 10/12/2009 8:37:44 PM - Software Distribution Service 3.0 RP1052: 10/13/2009 9:00:24 AM - Software Distribution Service 3.0 RP1053: 10/13/2009 7:45:24 PM - Software Distribution Service 3.0 RP1054: 10/14/2009 8:38:37 PM - System Checkpoint RP1055: 10/14/2009 9:23:35 PM - Software Distribution Service 3.0 RP1056: 10/15/2009 8:48:30 PM - Software Distribution Service 3.0 RP1057: 10/16/2009 9:00:25 AM - Software Distribution Service 3.0 RP1058: 10/16/2009 9:27:57 PM - Software Distribution Service 3.0 RP1059: 10/17/2009 9:00:19 AM - Software Distribution Service 3.0 RP1060: 10/17/2009 9:11:44 AM - Avg8 Update RP1061: 10/17/2009 11:41:36 PM - Software Distribution Service 3.0 RP1062: 10/18/2009 8:01:03 PM - Software Distribution Service 3.0 RP1063: 10/19/2009 9:00:20 AM - Software Distribution Service 3.0 RP1064: 10/20/2009 9:00:26 AM - Software Distribution Service 3.0 RP1065: 10/20/2009 8:18:02 PM - Software Distribution Service 3.0 RP1066: 10/21/2009 8:09:13 AM - Avg8 Update RP1067: 10/21/2009 9:00:21 AM - Software Distribution Service 3.0 RP1068: 10/21/2009 7:55:11 PM - Software Distribution Service 3.0 RP1069: 10/22/2009 9:00:22 AM - Software Distribution Service 3.0 RP1070: 10/22/2009 8:44:21 PM - Software Distribution Service 3.0 RP1071: 10/23/2009 9:00:21 AM - Software Distribution Service 3.0 RP1072: 10/23/2009 4:38:57 PM - Software Distribution Service 3.0 RP1073: 10/23/2009 9:54:50 PM - Software Distribution Service 3.0 RP1074: 10/24/2009 8:05:08 AM - Software Distribution Service 3.0 RP1075: 10/25/2009 5:27:54 PM - System Checkpoint RP1076: 10/25/2009 9:14:16 PM - Software Distribution Service 3.0 RP1077: 10/26/2009 9:00:20 AM - Software Distribution Service 3.0 RP1078: 10/26/2009 9:04:32 PM - Software Distribution Service 3.0 RP1079: 10/27/2009 9:00:25 AM - Software Distribution Service 3.0 RP1080: 10/28/2009 9:00:26 AM - Software Distribution Service 3.0 RP1081: 10/28/2009 8:38:01 PM - Software Distribution Service 3.0 RP1082: 10/29/2009 9:00:22 AM - Software Distribution Service 3.0 RP1083: 10/29/2009 9:47:05 PM - Software Distribution Service 3.0 RP1084: 10/30/2009 9:00:22 AM - Software Distribution Service 3.0 RP1085: 10/30/2009 9:53:45 PM - Software Distribution Service 3.0 RP1086: 10/31/2009 8:25:07 PM - Software Distribution Service 3.0 RP1087: 11/1/2009 10:00:26 AM - Software Distribution Service 3.0 RP1088: 11/1/2009 9:54:39 PM - Software Distribution Service 3.0 RP1089: 11/2/2009 10:00:22 AM - Software Distribution Service 3.0 RP1090: 11/2/2009 10:29:57 PM - Software Distribution Service 3.0 RP1091: 11/3/2009 10:00:22 AM - Software Distribution Service 3.0 RP1092: 11/3/2009 10:55:13 AM - Avg8 Update RP1093: 11/3/2009 9:06:13 PM - Installed Java™ 6 Update 17 RP1094: 11/3/2009 10:07:41 PM - Software Distribution Service 3.0 RP1095: 11/4/2009 6:43:44 AM - Software Distribution Service 3.0 RP1096: 11/4/2009 6:50:16 AM - Software Distribution Service 3.0 RP1097: 11/4/2009 10:00:21 AM - Software Distribution Service 3.0 RP1098: 11/4/2009 9:00:25 PM - Software Distribution Service 3.0 RP1099: 11/5/2009 10:00:25 AM - Software Distribution Service 3.0 RP1100: 11/5/2009 9:54:56 PM - Software Distribution Service 3.0 RP1101: 11/6/2009 9:08:10 AM - Avg8 Update RP1102: 11/6/2009 10:00:19 AM - Software Distribution Service 3.0 RP1103: 11/7/2009 10:01:13 AM - Software Distribution Service 3.0 RP1104: 11/7/2009 8:31:20 PM - Software Distribution Service 3.0 RP1105: 11/8/2009 9:15:29 AM - Software Distribution Service 3.0 RP1106: 11/9/2009 9:00:24 AM - Software Distribution Service 3.0 RP1107: 11/10/2009 9:00:29 AM - Software Distribution Service 3.0 RP1108: 11/10/2009 5:04:02 PM - Installed AVG Free 9.0 RP1109: 11/10/2009 8:26:39 PM - Installed AVG Free 9.0 RP1110: 11/10/2009 8:45:44 PM - Software Distribution Service 3.0 RP1111: 11/11/2009 11:07:35 AM - Installed AVG Free 9.0 RP1112: 11/11/2009 8:58:29 PM - Installed AVG Free 9.0 RP1113: 11/11/2009 9:01:03 PM - Software Distribution Service 3.0 RP1114: 11/12/2009 9:00:22 AM - Software Distribution Service 3.0 RP1115: 11/12/2009 10:10:47 PM - Software Distribution Service 3.0 RP1116: 11/13/2009 9:00:22 AM - Software Distribution Service 3.0 RP1117: 11/13/2009 10:32:08 PM - Installed AVG Free 9.0 RP1118: 11/13/2009 11:03:26 PM - Software Distribution Service 3.0 RP1119: 11/14/2009 9:55:05 PM - Software Distribution Service 3.0 RP1120: 11/15/2009 9:01:32 AM - Software Distribution Service 3.0 RP1121: 11/15/2009 8:40:19 PM - Software Distribution Service 3.0 RP1122: 11/16/2009 9:00:26 AM - Software Distribution Service 3.0 RP1123: 11/16/2009 8:36:26 PM - Software Distribution Service 3.0 RP1124: 11/17/2009 9:00:31 AM - Software Distribution Service 3.0 RP1125: 11/17/2009 8:57:07 PM - Software Distribution Service 3.0 RP1126: 11/18/2009 9:00:23 AM - Software Distribution Service 3.0 RP1127: 11/19/2009 9:00:26 AM - Software Distribution Service 3.0 RP1128: 11/19/2009 7:36:48 PM - Installed AVG Free 9.0 RP1129: 11/19/2009 8:10:21 PM - Installed AVG Free 9.0 RP1130: 11/19/2009 10:10:38 PM - Software Distribution Service 3.0 RP1131: 11/20/2009 9:00:26 AM - Software Distribution Service 3.0 RP1132: 11/20/2009 4:40:03 PM - Installed AVG Free 9.0 RP1133: 11/20/2009 11:39:45 PM - Software Distribution Service 3.0 RP1134: 11/21/2009 9:00:15 AM - Software Distribution Service 3.0 RP1135: 11/21/2009 10:47:51 AM - Installed AVG 9.0 ==== Installed Programs ====================== 32 Bit HP CIO Components Installer Acrobat.com Adobe AIR Adobe Flash Player 10 ActiveX Adobe Reader 9.2 AOLIcon aspi AT&T Internet Security Wizard 1.5.11 AT&T Toolbar ATT-PRT22 AudibleManager AVG 8.5 BellSouth Application Management BufferChm CCHelp CCScore Copy CR2 Creative MediaSource Creative MuVo NX-TX Creative System Information Critical Update for Windows Media Player 11 (KB959772) Dell Digital Jukebox Driver Dell Driver Reset Tool Dell Game Console Dell Media Experience Dell Photo Printer 720 Dell Photo Printer 720 Logger Dell Support Center (Support Software) Dell System Restore DellSupport Destination Component DeviceDiscovery DeviceManagementQFolder Digital Content Portal DJ_AIO_03_F2200_ProductContext DJ_AIO_03_F2200_Software DJ_AIO_03_F2200_Software_Min ERUNT 1.1j ESSAdpt ESSANUP ESSBrwr ESSCAM ESSCDBK ESScore ESSgui ESShelp ESSini ESSPCD ESSTUTOR ESSvpaht ESSvpot F2200 F2200_Help FastAccess® DSL Help Center 4.3 FP3 Player Garmin USB Drivers Garmin WebUpdater Get High Speed Internet! Google Toolbar for Internet Explorer Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB970653-v3) HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3 HP Imaging Device Functions 10.0 HP Photosmart Essential 2.5 HP Smart Web Printing HP Update HPSSupply Intel® 537EP V9x DF PCI Modem Intel® Extreme Graphics 2 Driver Intel® PRO Network Adapters and Drivers Intel® PROSet for Wired Connections Internet Explorer Default Page Java™ 6 Update 17 Kodak EasyShare software KSU Learn2 Player (Uninstall Only) LimeWire 5.1.2 Macromedia Flash Player Malwarebytes' Anti-Malware Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB953297) Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2000 Premium Microsoft Plus! Digital Media Edition Installer Microsoft Plus! Photo Story 2 LE Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Modem Event Monitor Modem Helper Modem On Hold Move Networks Media Player for Internet Explorer MSXML 4.0 SP2 (KB925672) MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) Musicmatch® Jukebox MuVo Driver NetZeroInstallers Notifier OTtBP PCDLNCH Photo Click Picasa 3 PSSWCORE Qualxserve Service Agreement QuickBooks Simple Start Special Edition QuickTime RealPlayer Scan Security Update for CAPICOM (KB931906) Security Update for Step By Step Interactive Training (KB898458) Security Update for Step By Step Interactive Training (KB923723) Security Update for Windows Internet Explorer 7 (KB928090) Security Update for Windows Internet Explorer 7 (KB929969) Security Update for Windows Internet Explorer 7 (KB931768) Security Update for Windows Internet Explorer 7 (KB933566) Security Update for Windows Internet Explorer 7 (KB937143) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB939653) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 8 (KB969897) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB972260) Security Update for Windows Internet Explorer 8 (KB974455) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player 10 (KB911565) Security Update for Windows Media Player 10 (KB917734) Security Update for Windows Media Player 10 (KB936782) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) SFR SFR2 Shop for HP Supplies SmartWebPrintingOC Spelling Dictionaries Support For Adobe Reader 9 Status Toolbox TrayApp Unity Web Player UnloadSupport Update for Windows Internet Explorer 8 (KB971930) Update for Windows Internet Explorer 8 (KB976749) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB973815) VideoToolkit01 Visioneer 3100b Scanner Driver Visioneer PaperPort 6.1 WebCyberCoach 3.2 Dell WebFldrs XP WebReg Webshots Desktop Webshots Toolbar Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0) Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage v1.3.0254.0 Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Media Format 11 runtime Windows Media Player 10 Windows Media Player 11 Windows XP Service Pack 3 WordPerfect Office 12 Yahoo! Install Manager ==== Event Viewer Messages From Past Week ======== 11/18/2009 8:16:05 PM, error: Service Control Manager [7034] - The SupportSoft Sprocket Service (dellsupportcenter) service terminated unexpectedly. It has done this 1 time(s). 11/18/2009 8:16:05 PM, error: Service Control Manager [7034] - The AVG Free8 E-mail Scanner service terminated unexpectedly. It has done this 1 time(s). 11/18/2009 8:16:04 PM, error: Service Control Manager [7034] - The ScsiAccess service terminated unexpectedly. It has done this 1 time(s). 11/18/2009 8:16:04 PM, error: Service Control Manager [7034] - The McciCMService service terminated unexpectedly. It has done this 1 time(s). 11/18/2009 8:16:02 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s). 11/18/2009 8:16:01 PM, error: Service Control Manager [7034] - The LexBce Server service terminated unexpectedly. It has done this 1 time(s). 11/18/2009 8:16:01 PM, error: Service Control Manager [7034] - The Creative Service for CDROM Access service terminated unexpectedly. It has done this 1 time(s). 11/18/2009 8:16:01 PM, error: Service Control Manager [7031] - The AVG Free8 WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. 11/16/2009 9:00:57 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Flash Player (KB923789). 11/16/2009 7:27:19 PM, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting. ==== End Of File =========================== DDS (Ver_09-06-26.01) - NTFSx86 Run by Marty Sellers at 17:15:03.15 on Sat 11/21/2009 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.175 [GMT -6:00] AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE svchost.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\WINDOWS\system32\svchost.exe -k hpdevmgmt C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\system32\ScsiAccess.EXE C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe C:\progra~1\vision~1\paperp~1\pptd40nt.exe C:\WINDOWS\twain_32\paprport\3100b\flatbed.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Fisher-Price\FP3 Player\sspnotifier.exe C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe C:\Program Files\AT&T\Internet Security Wizard\ISW.exe C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe C:\Program Files\DellSupport\DSAgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Dell Photo Printer 720\dlbcserv.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\Webshots\webshots.scr C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Marty Sellers\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.weather.com/outlook/travel/businesstraveler/local/38834?lswe=38834&lwsa=WeatherLocalUndeclared&from=whatwhere uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search/msie?p={searchTerms}&ei=UTF-8 uDefault_Search_URL = hxxp://www.google.com/ie uInternet Connection Wizard,ShellNext = hxxp://www.dell4me.com/myway uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: H - No File uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: AT&&T Toolbar: {4e7bd74f-2b8d-469e-94be-fd60bb9aae29} - c:\progra~1\atttoo~1\ATTTOO~1.DLL BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: AT&&T Toolbar: {4e7bd74f-2b8d-469e-94be-fd60bb9aae29} - c:\progra~1\atttoo~1\ATTTOO~1.DLL TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File TB: {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - No File TB: {C17590D2-ECB4-4B15-8820-F58798DCC118} - No File TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [Creative Detector] c:\program files\creative\mediasource\detector\CTDetect.exe /R uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [MMTray] "c:\program files\musicmatch\musicmatch jukebox\mm_tray.exe" mRun: [PaperPort PTD] c:\progra~1\vision~1\paperp~1\pptd40nt.exe mRun: [PP3100b] c:\windows\twain_32\paprport\3100b\flatbed.exe mRun: [MimBoot] c:\progra~1\musicm~1\musicm~3\mimboot.exe mRun: [igfxtray] c:\windows\system32\igfxtray.exe mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe mRun: [igfxpers] c:\windows\system32\igfxpers.exe mRun: [SSP Notifier] c:\program files\fisher-price\fp3 player\sspnotifier.exe mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe" mRun: [ISW.exe] "c:\program files\at&t\internet security wizard\ISW.exe" /AUTORUN mRun: [HelpCenter4.1] c:\program files\fastaccessdsl\helpcenter43\bin\sprtcmd.exe /P HelpCenter4.1 mRun: [FastAccess Help] c:\program files\bellsouth application management\content\..\Start.exe mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" StartupFolder: c:\docume~1\martys~1\startm~1\programs\startup\webshots.lnk - c:\program files\webshots\Launcher.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dlbcserv.lnk - c:\program files\dell photo printer 720\dlbcserv.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodaks~1.lnk - c:\program files\kodak\kodak software updater\7288971\6.1.4.37-7288971l\program\runner.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe IE: &Webshots Photo Search - c:\program files\webshots\WSToolbar4IE.dll/MENUSEARCH.HTM IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll Trusted Zone: taxactonline.com\www Trusted Zone: musicmatch.com\online DPF: {2E12FB00-546B-4EE3-9CC2-057BF02E1C17} - hxxp://community.webshots.com/html/atx/wsaxcontrol.cab DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photos.walmart.com/WalmartActivia.cab DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/27.38/uploader2.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} - hxxp://support.f-secure.com/ols/fscax.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Notify: avgrsstarter - avgrsstx.dll Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ============= SERVICES / DRIVERS =============== R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-7-25 335240] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-7-25 27784] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-7-25 108552] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-7-25 908056] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-7-25 297752] =============== Created Last 30 ================ 2009-11-18 20:16 <DIR> --d----- C:\_OTM 2009-11-17 19:32 <DIR> --d----- C:\Rooter$ 2009-11-09 16:25 <DIR> --d----- c:\docume~1\martys~1\applic~1\AVG8 ==================== Find3M ==================== 2009-10-22 03:19 5,939,712 -------- c:\windows\system32\dllcache\mshtml.dll 2009-10-11 04:17 411,368 a------- c:\windows\system32\deploytk.dll 2009-09-11 08:18 136,192 a------- c:\windows\system32\msv1_0.dll 2009-09-11 08:18 136,192 -------- c:\windows\system32\dllcache\msv1_0.dll 2009-09-04 15:03 58,880 a------- c:\windows\system32\msasn1.dll 2009-09-04 15:03 58,880 -------- c:\windows\system32\dllcache\msasn1.dll 2009-08-29 09:50 348,160 a------- c:\windows\system32\msvcr71.dll 2009-08-28 04:35 173,056 -------- c:\windows\system32\dllcache\ie4uinit.exe 2009-08-26 02:00 247,326 a------- c:\windows\system32\strmdll.dll 2009-08-26 02:00 247,326 -------- c:\windows\system32\dllcache\strmdll.dll 2009-05-11 04:52 17,016,176 a------- c:\documents and settings\marty sellers\ATT_SST_Installer.exe 2005-12-01 23:45 0 a---h--- c:\docume~1\alluse~1\applic~1\gwseh.dat 2008-10-29 16:29 56 ---shr-- c:\windows\system32\80F1DC0D35.sys 2008-10-29 16:29 1,682 a--sh--- c:\windows\system32\KGyGaAvL.sys 2008-09-21 18:20 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008092120080922\index.dat ============= FINISH: 17:15:39.76 ===============

#34 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,156 posts

Posted 21 November 2009 - 10:11 PM

cortspop,

Download ComboFix from one of these locations:

Link 1
Link 2
Link 3

* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link --> http://forums.whatth...ams_t96260.html

  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Posted Image



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.


Notes:

1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
4. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
5. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#35 cortspop

cortspop

    Authentic Member

  • Authentic Member
  • PipPip
  • 162 posts

Posted 22 November 2009 - 10:17 PM

ComboFix 09-11-22.04 - Marty Sellers 11/22/2009 21:48.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.174 [GMT -6:00]
Running from: c:\documents and settings\Marty Sellers\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((( Files Created from 2009-10-23 to 2009-11-23 )))))))))))))))))))))))))))))))
.

2009-11-19 02:16 . 2009-11-19 02:16 -------- d-----w- C:\_OTM
2009-11-18 01:32 . 2009-11-18 01:32 -------- d-----w- C:\Rooter$
2009-11-14 19:08 . 2009-11-14 19:08 -------- d-----w- c:\program files\ERUNT
2009-11-09 22:25 . 2009-11-09 22:25 -------- d-----w- c:\documents and settings\Marty Sellers\Application Data\AVG8
2009-11-04 02:03 . 2009-11-04 02:03 152576 ----a-w- c:\documents and settings\Marty Sellers\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-10-28 00:35 . 2009-10-28 00:35 45056 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\$Staging\sysfiles\kb945060\kb945060.exe
2009-10-28 00:34 . 2009-10-28 00:34 225280 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\$Staging\wtf\start.exe
2009-10-28 00:33 . 2009-10-28 00:33 114688 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\$Registration\KodakCameraAPI_8.0.30.1.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-21 16:46 . 2008-07-25 23:00 -------- d-----w- c:\program files\AVG
2009-11-21 16:44 . 2008-07-25 23:00 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-11-18 01:22 . 2005-12-02 05:32 -------- d-----w- c:\program files\Java
2009-11-07 03:14 . 2005-12-25 05:41 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-11 10:17 . 2009-02-04 02:30 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-11 14:18 . 2004-08-10 18:51 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2004-08-10 18:51 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 15:50 . 2005-12-02 05:37 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-08-29 08:08 . 2004-08-10 18:51 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-26 08:00 . 2004-08-10 18:51 247326 ----a-w- c:\windows\system32\strmdll.dll
2008-10-29 22:29 . 2006-05-02 01:15 56 --sh--r- c:\windows\system32\80F1DC0D35.sys
2008-10-29 22:29 . 2006-05-02 01:15 1682 --sha-w- c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-09-02 16:58 1107200 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-03 102400]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-15 1404928]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2005-12-02 98304]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"MMTray"="c:\program files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [2005-09-09 110592]
"PaperPort PTD"="c:\progra~1\vision~1\paperp~1\pptd40nt.exe" [1999-04-13 29184]
"PP3100b"="c:\windows\twain_32\paprport\3100b\flatbed.exe" [1999-04-21 34304]
"MimBoot"="c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe" [2005-09-09 8192]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"SSP Notifier"="c:\program files\Fisher-Price\FP3 Player\sspnotifier.exe" [2006-04-13 20480]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"ISW.exe"="c:\program files\AT&T\Internet Security Wizard\ISW.exe" [2007-05-03 2061816]
"HelpCenter4.1"="c:\program files\FastAccessDSL\HelpCenter43\bin\sprtcmd.exe" [2007-04-13 198184]
"FastAccess Help"="c:\program files\BellSouth Application Management\content\..\Start.exe" [2007-10-03 108421]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-11-03 2028312]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-08-29 198160]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]

c:\documents and settings\Marty Sellers\Start Menu\Programs\Startup\
Webshots.lnk - c:\program files\Webshots\Launcher.exe [2006-9-8 45056]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
dlbcserv.lnk - c:\program files\Dell Photo Printer 720\dlbcserv.exe [2005-12-24 315392]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2003-6-25 614531]
KODAK Software Updater.lnk - c:\program files\Kodak\KODAK Software Updater\7288971\6.1.4.37-7288971L\Program\runner.exe [2003-6-8 16432]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2004-11-11 806912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-22 20:01 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\att-nap\\McciBrowser.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [7/25/2008 5:00 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [7/25/2008 5:00 PM 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [7/25/2008 5:00 PM 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [7/25/2008 5:00 PM 297752]

--- Other Services/Drivers In Memory ---

*Deregistered* - ppsio2

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.weather.com/outlook/travel/businesstraveler/local/38834?lswe=38834&lwsa=WeatherLocalUndeclared&from=whatwhere
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search/msie?p={searchTerms}&ei=UTF-8
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://www.dell4me.com/myway
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Webshots Photo Search - c:\program files\Webshots\WSToolbar4IE.dll/MENUSEARCH.HTM
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
Trusted Zone: taxactonline.com\www
Trusted Zone: musicmatch.com\online
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe
AddRemove-Dell Game Console - c:\program files\WildTangent\Apps\Dell Game Console\Uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-22 22:05
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2448)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-11-22 22:13
ComboFix-quarantined-files.txt 2009-11-23 04:13

Pre-Run: 57,088,315,392 bytes free
Post-Run: 57,547,825,152 bytes free

- - End Of File - - 2E43F82FB087A79B7D8800A8469E086A

#36 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,156 posts

Posted 23 November 2009 - 11:36 AM

cortspop, Would you please re-run the directions in post #13 but this time all I'd like you to report back here is the first 10 lines of the report. (Just highlight and copy the first 10 lines and paste them here. Don't try to past the whole report).

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#37 cortspop

cortspop

    Authentic Member

  • Authentic Member
  • PipPip
  • 162 posts

Posted 23 November 2009 - 07:21 PM

SystemLook v1.0 by jpshortstuff (29.08.09) Log created at 19:19 on 23/11/2009 by Marty Sellers (Administrator - Elevation successful) ========== reg ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID] "CLBVersion"= 0x0000000010 (16) @="" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\CLSID] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0000002F-0000-0000-C000-000000000046}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000100-0000-0010-8000-00AA006D2EA4}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000101-0000-0010-8000-00AA006D2EA4}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000103-0000-0010-8000-00AA006D2EA4}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000104-0000-0010-8000-00AA006D2EA4}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000105-0000-0010-8000-00AA006D2EA4}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000106-0000-0010-8000-00AA006D2EA4}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000107-0000-0010-8000-00AA006D2EA4}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000108-0000-0010-8000-00AA006D2EA4}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000109-0000-0010-8000-00AA006D2EA4}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000300-0000-0000-C000-000000000046}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000301-A8F2-4877-BA0A-FD2

#38 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,156 posts

Posted 23 November 2009 - 09:38 PM

cortspop,

Apparently the last registry error you got is not uncommon on for AVG. They have made a utility that is supposed to fix this. Please download and run it and see if it helps. "Reset_Access” utility

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#39 cortspop

cortspop

    Authentic Member

  • Authentic Member
  • PipPip
  • 162 posts

Posted 24 November 2009 - 05:52 AM

Success at last!!! I was finally able to install AVG. Thanks so much for your patience and for all of your help!!

#40 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,156 posts

Posted 24 November 2009 - 11:05 AM

cortspop,

Awesome. :woot:

Log looks good :D


Time for some housekeeping
  • Click START then RUN
  • Now type Combofix /Uninstall in the runbox and click OK
  • Note the space between the X and the U, it needs to be there.
The above procedure will:
  • Implement some cleanup procedures.
  • Reset System Restore.

Please re-enable any security that was disabled.

Cleanup

  • Double click on OTM to run it.
  • Click on CleanUp!
  • When done, you will be prompted to restart your computer. Please restart your computer.


The following is my standard advice for the future. Use what you can and pat yourself on the back for what you're already doing.

Please take time to read Preventing Malware - Tools and Practices for Safe Computing. Very important information for your consideration is contained therein.

I would also suggest you read this:
So how did I get infected in the first place?
by Tony Klein


Also: "How to prevent malware"
by miekiemoes

Please respond back that you understand the above and let me know if you have any questions. Otherwise, this thread will be closed Resolved. :thumbup:

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png

    Advertisements

Register to Remove


#41 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,156 posts

Posted 29 November 2009 - 07:21 PM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users