Free Antivirus Forum - Learn about antivirus, firewalls and personal security
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Can't download HijackThis or any antispyware
   
BullGuard Antivirus Forum > Virus Removal > Removal Tools > Can't download HijackThis or any antispyware  
Forum Quick Jump
 
New Topic Post reply to : Can't download HijackThis or any antispyware Printable version of : Can't download HijackThis or any antispyware
[ << Previous Thread | Next Thread >> ]

branch155
New Member


Date Joined Dec 2008
Total Posts : 33
  		   Posted 3-19-2009 2:40 (GMT +2)    Quote: Can't download HijackThis or any antispywareAlert an admin about: Can't download HijackThis or any antispyware
My daughter's PC has some sort of virus. I can't download any antivirus or antimalware programs, HijackThis won't download, and spybot won't run.

I need help on getting to square 1.

Thanks in advance.
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 17352
  		   Posted 3-19-2009 8:24 (GMT +2)    Quote: Can't download HijackThis or any antispywareAlert an admin about: Can't download HijackThis or any antispyware
Hello smile
 
 
See if you download and run ->
 
Download LopSD by Eric_71 and save it to your desktop.
Lop S&D will only run on Windows XP and Windows Vista

Disable your antivirus and antimalware programs so they do not interfere with the running of Lop S&D.
 Double-click LopSD.exe
If you are using Windows Vista, right-click on LopSD.exe icon and select 'Run as administrator' to perform this scan.
  • Choose the language by typing of the corresponding letter and press Enter
  • Click OK at the informative window
  • Type 2 to choose Option 2 (Fix + Hosts), then press Enter
  • Wait until the end of the scan
  • A report will be generated, post the contents of it in your next reply.

Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 

branch155
New Member


Date Joined Dec 2008
Total Posts : 33
  		   Posted 3-20-2009 12:26 (GMT +2)    Quote: Can't download HijackThis or any antispywareAlert an admin about: Can't download HijackThis or any antispyware
Here's the log:


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-56 )
BIOS : BIOS Version 1.7.0
USER : Administrator ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:59 Go)
D:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : ( Thu 03/19/2009|18:10 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ FIX

-
[ Hosts file ] .. Restored!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Deleted! - C:\Program Files\Viewpoint
Deleted! - C:\DOCUME~1\ADMINI~1\APPLIC~1\Viewpoint
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing folders in APPLIC~1

[10/11/2008|06:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> acccore
[01/26/2008|03:14] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Adobe
[09/01/2008|10:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Apple Computer
[02/01/2007|12:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> ATI
[05/19/2007|08:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> CyberLink
[02/01/2007|10:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Identities
[04/30/2007|07:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Leadertech
[03/18/2009|05:47] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> LimeWire
[02/01/2007|12:35] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Macromedia
[07/04/2008|09:23] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Microsoft
[03/03/2009|04:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Move Networks
[06/25/2008|09:57] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Mozilla
[08/26/2008|07:29] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> MySpace
[09/03/2008|07:16] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Sun
[11/13/2007|09:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> U3

[12/25/2008|02:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> {3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[10/11/2008|06:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> acccore
[02/17/2008|09:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[10/11/2008|06:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL
[10/11/2008|06:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL OCP
[01/13/2008|03:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
[09/01/2008|10:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[03/15/2009|08:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> avg8
[02/01/2007|12:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InstallShield
[05/25/2007|09:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Kodak
[03/29/2008|05:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Lavasoft
[03/18/2009|09:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Malwarebytes
[11/09/2008|12:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[02/01/2007|12:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Sonic
[03/18/2009|08:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy
[06/10/2008|07:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[02/01/2007|01:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage

[02/01/2007|10:44] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft

[11/09/2008|12:35] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft

[07/04/2008|09:23] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft

--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[03/04/2009 05:49 PM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[03/18/2009 09:43 PM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[08/04/2004 06:00 AM][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Program Files

[07/04/2008|10:58] C:\Program Files\<DIR> Adobe
[10/11/2008|06:33] C:\Program Files\<DIR> AIM6
[10/11/2008|06:33] C:\Program Files\<DIR> AOL
[12/25/2008|02:44] C:\Program Files\<DIR> Apple Software Update
[02/01/2007|11:57] C:\Program Files\<DIR> ATI Technologies
[06/10/2008|08:07] C:\Program Files\<DIR> AVG
[12/25/2008|02:45] C:\Program Files\<DIR> Bonjour
[02/01/2007|12:04] C:\Program Files\<DIR> Broadcom
[03/18/2009|08:56] C:\Program Files\<DIR> CCleaner
[03/18/2009|09:49] C:\Program Files\<DIR> Common Files
[02/01/2007|10:40] C:\Program Files\<DIR> ComPlus Applications
[02/01/2007|12:02] C:\Program Files\<DIR> CONEXANT
[02/01/2007|12:28] C:\Program Files\<DIR> CyberLink
[02/01/2007|12:06] C:\Program Files\<DIR> Dell
[02/01/2007|12:04] C:\Program Files\<DIR> DIFX
[06/28/2008|08:10] C:\Program Files\<DIR> InstallShield Installation Information
[02/12/2009|08:35] C:\Program Files\<DIR> Internet Explorer
[12/25/2008|02:46] C:\Program Files\<DIR> iPod
[12/25/2008|02:46] C:\Program Files\<DIR> iTunes
[03/12/2009|09:10] C:\Program Files\<DIR> Java
[03/04/2008|08:44] C:\Program Files\<DIR> Kodak
[09/01/2008|09:54] C:\Program Files\<DIR> LimeWire
[03/18/2009|09:54] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[02/14/2009|12:59] C:\Program Files\<DIR> Messenger
[02/01/2007|12:31] C:\Program Files\<DIR> Microsoft ActiveSync
[05/15/2007|07:30] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[02/01/2007|10:45] C:\Program Files\<DIR> microsoft frontpage
[01/15/2009|09:47] C:\Program Files\<DIR> Microsoft Office
[02/01/2007|12:31] C:\Program Files\<DIR> Microsoft Visual Studio
[02/01/2007|02:22] C:\Program Files\<DIR> Microsoft Works
[02/01/2007|12:31] C:\Program Files\<DIR> Microsoft.NET
[02/14/2009|12:55] C:\Program Files\<DIR> Movie Maker
[03/19/2009|06:08] C:\Program Files\<DIR> Mozilla Firefox
[02/01/2007|02:33] C:\Program Files\<DIR> MSBuild
[01/15/2009|09:47] C:\Program Files\<DIR> MSECache
[02/01/2007|10:39] C:\Program Files\<DIR> MSN
[02/01/2007|10:40] C:\Program Files\<DIR> MSN Gaming Zone
[05/27/2007|07:01] C:\Program Files\<DIR> MSXML 4.0
[08/15/2007|08:15] C:\Program Files\<DIR> MSXML 6.0
[08/26/2008|07:29] C:\Program Files\<DIR> MySpace
[02/14/2009|12:52] C:\Program Files\<DIR> NetMeeting
[02/01/2007|10:40] C:\Program Files\<DIR> Online Services
[02/14/2009|12:52] C:\Program Files\<DIR> Outlook Express
[02/14/2009|11:58] C:\Program Files\<DIR> PopCap Games
[06/28/2008|08:10] C:\Program Files\<DIR> Pradis6
[12/25/2008|02:45] C:\Program Files\<DIR> QuickTime
[02/01/2007|02:29] C:\Program Files\<DIR> Reference Assemblies
[02/01/2007|12:13] C:\Program Files\<DIR> Roxio
[02/01/2007|11:59] C:\Program Files\<DIR> SigmaTel
[02/14/2009|12:26] C:\Program Files\<DIR> Spybot - Search & Destroy
[09/01/2008|09:57] C:\Program Files\<DIR> Sun
[06/10/2008|07:43] C:\Program Files\<DIR> Symantec
[02/01/2007|01:27] C:\Program Files\<DIR> Synaptics
[02/01/2007|10:58] C:\Program Files\<DIR> Uninstall Information
[02/01/2007|02:28] C:\Program Files\<DIR> Windows Media Connect 2
[02/14/2009|12:52] C:\Program Files\<DIR> Windows Media Player
[02/14/2009|12:52] C:\Program Files\<DIR> Windows NT
[02/01/2007|10:43] C:\Program Files\<DIR> WindowsUpdate
[02/01/2007|10:45] C:\Program Files\<DIR> xerox

--------------------\\ Listing Folders in C:\Program Files\Common Files

[02/17/2008|09:03] C:\Program Files\Common Files\<DIR> Adobe
[10/11/2008|06:32] C:\Program Files\Common Files\<DIR> AOL
[09/01/2008|10:17] C:\Program Files\Common Files\<DIR> Apple
[08/15/2008|09:17] C:\Program Files\Common Files\<DIR> Blizzard Entertainment
[02/01/2007|12:31] C:\Program Files\Common Files\<DIR> DESIGNER
[02/01/2007|12:16] C:\Program Files\Common Files\<DIR> InstallShield
[05/25/2007|09:48] C:\Program Files\Common Files\<DIR> Kodak
[02/01/2007|12:32] C:\Program Files\Common Files\<DIR> L&H
[01/15/2009|09:47] C:\Program Files\Common Files\<DIR> Microsoft Shared
[02/01/2007|10:42] C:\Program Files\Common Files\<DIR> MSSoap
[02/01/2007|04:29] C:\Program Files\Common Files\<DIR> ODBC
[02/01/2007|12:14] C:\Program Files\Common Files\<DIR> Roxio Shared
[02/01/2007|10:42] C:\Program Files\Common Files\<DIR> Services
[02/01/2007|12:12] C:\Program Files\Common Files\<DIR> Sonic Shared
[02/01/2007|04:29] C:\Program Files\Common Files\<DIR> SpeechEngines
[02/01/2007|12:13] C:\Program Files\Common Files\<DIR> SureThing Shared
[06/10/2008|07:45] C:\Program Files\Common Files\<DIR> Symantec Shared
[02/14/2009|12:52] C:\Program Files\Common Files\<DIR> System
[02/01/2007|12:14] C:\Program Files\Common Files\<DIR> TiVo Shared
[06/28/2008|08:08] C:\Program Files\Common Files\<DIR> Zondervan

--------------------\\ Process

( 51 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

No Lop folder found !

--------------------\\ Searching within the Registry

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme


--------------------\\ Searching for other infections


No other infections found !

[F:15][D:11]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
[F:14][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies
[F:146][D:5]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Thu 03/19/2009|18:25 - Option :

--------------------\\ Scan completed at 18:25:45
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 17352
  		   Posted 3-20-2009 6:35 (GMT +2)    Quote: Can't download HijackThis or any antispywareAlert an admin about: Can't download HijackThis or any antispyware
 
Please download Combofix: Http://download.bleepingcomputer.com/subs/combofix.exe  <<< Rightclick - save as
 
And save to the desktop.  Save it as - mike.exe

Close all other browser windows.
 
Please connect all your external hard drive/flash drive before running Combofix, if you have any
 
 
Double-click on the combofix icon found on your desktop.
 
Please note, that once you start combofix you should not click anywhere on the combofix window as it can cause the program to stall. In fact, when combofix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.  

 When finished, it will produce a logfile located at C:\combofix.txt.

Post the contents of that log in your next reply.

Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 

branch155
New Member


Date Joined Dec 2008
Total Posts : 33
  		   Posted 3-20-2009 2:23 (GMT +2)    Quote: Can't download HijackThis or any antispywareAlert an admin about: Can't download HijackThis or any antispyware
Here's the Combofix log:

ComboFix 09-03-19.01 - Administrator 2009-03-20 8:04:44.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.1503 [GMT -4:00]
Running from: c:\documents and settings\Administrator\Desktop\mike.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
FW: Norton Internet Worm Protection *disabled*
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\UACoyxexqjs.sys
c:\windows\system32\lowsec
c:\windows\system32\lowsec\local.ds
c:\windows\system32\lowsec\user.ds
c:\windows\system32\sdra64.exe
c:\windows\system32\UAChdylqpqm.dat
c:\windows\system32\UAChsaorink.dll
c:\windows\system32\uacinit.dll
c:\windows\system32\UACkhkkewgl.dll
c:\windows\system32\UACkkdlirkc.dll
c:\windows\system32\UAClflukkjd.log
c:\windows\system32\UACnmuyybiv.dll
c:\windows\system32\UACpbefvmxu.log
c:\windows\system32\UACpdyijgob.dll
c:\windows\system32\UACphhbcjnj.log

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_UACd.sys


((((((((((((((((((((((((( Files Created from 2009-02-20 to 2009-03-20 )))))))))))))))))))))))))))))))
.

2009-03-20 08:07 . 2009-03-20 08:07 <DIR> d-------- c:\windows\LastGood
2009-03-19 18:10 . 2009-03-19 18:25 <DIR> d-------- C:\Lop SD
2009-03-18 21:27 . 2009-03-18 21:54 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-03-18 21:27 . 2009-03-18 21:27 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-18 21:27 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-18 21:27 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-03-18 20:56 . 2009-03-18 20:56 <DIR> d-------- c:\program files\CCleaner

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-19 00:57 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-18 21:47 --------- d-----w c:\documents and settings\Administrator\Application Data\LimeWire
2009-03-15 12:14 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-03-13 01:10 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-03-13 01:10 --------- d-----w c:\program files\Java
2009-03-03 20:48 --------- d-----w c:\documents and settings\Administrator\Application Data\Move Networks
2009-02-14 16:26 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-02-14 16:16 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-02-14 16:16 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-02-14 16:16 10,520 ----a-w c:\windows\system32\avgrsstx.dll
2009-02-14 15:58 --------- d-----w c:\program files\PopCap Games
2009-02-09 11:13 1,846,784 ----a-w c:\windows\system32\win32k.sys
2008-12-20 23:15 826,368 ----a-w c:\windows\system32\wininet.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EA756889-2338-43DB-8F07-D1CA6FB9C90D}"= "c:\program files\AOL\AIM Toolbar 5.0\aoltb.dll" [2008-03-07 1090912]

[HKEY_CLASSES_ROOT\clsid\{ea756889-2338-43db-8f07-d1ca6fb9c90d}]
[HKEY_CLASSES_ROOT\AOLTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{371A6A18-2D6A-4DF8-A4AA-61CA349B3C70}]
[HKEY_CLASSES_ROOT\AOLTB.AOLTBSearch]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"Aim6"="c:\program files\AIM6\aim6.exe" [2008-08-06 50472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2005-12-19 1347584]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-11-07 122940]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 49152]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-04 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-04 688218]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 517768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-14 1601304]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-11-07 111936]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-12 148888]
"SigmatelSysTrayApp"="stsystra.exe" [2006-07-27 c:\windows\stsystra.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-04-17 9117696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-13 c:\windows\system32\narrator.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-14 12:16 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R0 atiide;atiide;c:\windows\system32\drivers\atiide.sys [2007-02-01 3456]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-07-04 325128]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-07-04 107272]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-07-05 903960]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-07-05 298264]
S2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\Viewpoint\Common\ViewpointService.exe" --> c:\program files\Viewpoint\Common\ViewpointService.exe [?]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{93ee28d8-91ee-11dc-b254-0019b94d588b}]
\Shell\AutoRun\command - E:\LaunchU3.exe -a
.
Contents of the 'Scheduled Tasks' folder

2009-03-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 13:34]
.
- - - - ORPHANS REMOVED - - - -

BHO-{C9C42510-9B21-41c1-9DCD-8382A2D07C61} - c:\windows\system32\iehelper.dll


.
------- Supplementary Scan -------
.
uStart Page = hxxp://webmail.aol.com/38491/aim/en-us/suite.aspx
uInternet Settings,ProxyOverride = *.local
IE: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.popcap.com/webgames/popcaploader_v10.cab
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7rvjke4p.default\
FF - prefs.js: browser.search.selectedEngine - AIM Search
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.com/?src=aim
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&query=
FF - plugin: c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7rvjke4p.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp071101000055.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-20 08:07:21
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(840)
c:\windows\system32\Ati2evxx.dll
c:\windows\System32\BCMLogon.dll
.
Completion time: 2009-03-20 8:08:37
ComboFix-quarantined-files.txt 2009-03-20 12:08:35

Pre-Run: 63,394,283,520 bytes free
Post-Run: 63,382,347,776 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

165 --- E O F --- 2009-03-19 22:09:31
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 17352
  		   Posted 3-20-2009 3:23 (GMT +2)    Quote: Can't download HijackThis or any antispywareAlert an admin about: Can't download HijackThis or any antispyware
Viewpoint is considered foistware and is not needed on your computer.

 
Download and unzip to own folder on Desktop - http://bellsouthpwp.net/p/r/prprogramsstudios/viewpointkiller.zip
 
Run ViewpointKiller.exe
 
Reboot.
 
ViewpointKiller 1.2 Final

ViewpointKiller does exactly what it's name says: Kills Viewpoint Media Player. Viewpoint Media Player is an adware that displays bandwith eating popup ads in IE and on your desktop. It comes silently with an install of AIM and will be reinstalled by AIM if uninstalled.

ViewpointKiller fixes all of that. It takes off Viewpoint Media Player once and for all.

 

If you can run malwarebyte now, please do. And post the log it produce.

Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 

branch155
New Member


Date Joined Dec 2008
Total Posts : 33
  		   Posted 3-21-2009 1:19 (GMT +2)    Quote: Can't download HijackThis or any antispywareAlert an admin about: Can't download HijackThis or any antispyware
Malwarebytes log:

Malwarebytes' Anti-Malware 1.34
Database version: 1878
Windows 5.1.2600 Service Pack 3

3/20/2009 7:16:26 PM
mbam-log-2009-03-20 (19-16-26).txt

Scan type: Full Scan (C:\|)
Objects scanned: 112097
Time elapsed: 30 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 9
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 11

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F1DED5ED-979D-4C0E-A397-70E29BE34511}\RP0\A0000001.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F1DED5ED-979D-4C0E-A397-70E29BE34511}\RP0\A0000002.dll (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F1DED5ED-979D-4C0E-A397-70E29BE34511}\RP0\A0000003.dll (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F1DED5ED-979D-4C0E-A397-70E29BE34511}\RP0\A0000004.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F1DED5ED-979D-4C0E-A397-70E29BE34511}\RP0\A0000005.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\UAChsaorink.dll.vir (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\UACkhkkewgl.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\UACkkdlirkc.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\UACnmuyybiv.dll.vir (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\UACpdyijgob.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully.
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 17352
  		   Posted 3-21-2009 6:30 (GMT +2)    Quote: Can't download HijackThis or any antispywareAlert an admin about: Can't download HijackThis or any antispyware
You´ve certainly got rid of some infections there smile
 
 
Click here: http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
 
to download HJTinstall.exe
Save HJTinstall.exe to your desktop.

Double click on the HJTinstall.exe icon on your desktop.
By default it will install to C:\Program Files\Trend Micro\Hijack This.
Click I accept
 
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
 
Come back here to this thread and Paste the log in your next reply, and tell how things are running ?

Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 

branch155
New Member


Date Joined Dec 2008
Total Posts : 33
  		   Posted 3-21-2009 7:17 (GMT +2)    Quote: Can't download HijackThis or any antispywareAlert an admin about: Can't download HijackThis or any antispyware
Here's the log. Everything seems to be running fine. Thanks, once again, for your great help!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:15:45 PM, on 3/21/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://webmail.aol.com/38491/aim/en-us/suite.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1170348343968
O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 9853 bytes
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 17352
  		   Posted 3-22-2009 7:17 (GMT +2)    Quote: Can't download HijackThis or any antispywareAlert an admin about: Can't download HijackThis or any antispyware
That´s good news smile
 
However, it looks like you have two antivirus programs running - AVG8 and Norton, it´s not an good idea as they will conflict.
 
Let Me know which one you want to keep ?

Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 
New Topic Post reply to : Can't download HijackThis or any antispyware Printable version of : Can't download HijackThis or any antispyware
 
Forum Information
Currently it is Friday, July 30, 2010 1:59 PM (GMT +2)
There are a total of 79.134 posts in 17.897 threads.
In the last 3 days there were 8 new threads and 53 reply posts. View Active Threads
Who's Online
This forum has 31950 registered members. Please welcome our newest member, Willow.
33 Guest(s), 1 Registered Member(s) are currently online.  Details
tanisstray
5 Latest Threads
Updates more than 6 days old - BG advised upgrade from v8.7 to v9.0 to solve problem (4)30-07-2010 11:44:42 (Alex S.)
Redirect Virus Mozilla (10)30-07-2010 11:03:56 (tanisstray)
Redirected to different sites from links on Google (3)30-07-2010 09:36:16 (Touch)
Iexplore.exe virus causing problems (18)30-07-2010 09:32:14 (Touch)
9.1 is running! (10)30-07-2010 09:15:55 (katrina0)


Need Support? Write to: | Forum Help Manual

Download free trial version of Bullguard