New Posts  All Forums:Forum Nav:

Wareout infection?

post #1 of 13
Thread Starter 
I think I may have a wareout infection as my links keep getting redirected once in a while and my pc has slowed down considerably, this is on an old dell inspiron. Here is my Hijack this log, if anyone can help. I've already scanned with malware bytes,spybot and avg and they have all "fixed" the problems they could find, but malware bytes did say that there were 2 problems it could not fix.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:05:00 PM, on 7/22/2011
Platform: Windows XP SP3, v.6055 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.3311)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgfws.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UTSCSI.EXE
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgam.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\iTunes\iTunes.exe
C:\Documents and Settings\Hari\Desktop\HijackThis.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Hari\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\WINDOWS\system32\UTSCSI.EXE
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--

please help, I dont want to have to reformat
Main PC
(13 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500K Msi P67A - G45 Asus Direct CU HD5850 CF 4GB Kingston HyperX DDR3 1600mhz 
Hard DriveOptical DriveMonitorPower
Ocz Vertex 2 60GB/WD 320GB 7200RPM sata drive Lg DVD RW I Inc 28"(27.5) Corsair HX650W 
Case
Lian Li A05NB 
  hide details  
Reply
Main PC
(13 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500K Msi P67A - G45 Asus Direct CU HD5850 CF 4GB Kingston HyperX DDR3 1600mhz 
Hard DriveOptical DriveMonitorPower
Ocz Vertex 2 60GB/WD 320GB 7200RPM sata drive Lg DVD RW I Inc 28"(27.5) Corsair HX650W 
Case
Lian Li A05NB 
  hide details  
Reply
post #2 of 13
Pasta from another thread:

You may have a bootsector/MBR rootkit thats invisible to any AV run from your system, even in safe mode.

Boot directly off MS Standalone System Sweeper and scan your bootdrive offline. Make sure to get the right 32bit/64bit version depending on your OS.

http://connect.microsoft.com/systemsweeper
Nehalem
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 950 @ 4.3GHz Evga X58 3SLI 2X SLI Evga GTX 275 FTWs 756/1620/1296 6GB Mushkin Blackline 1600MHz 78720591T 
Hard DriveMonitorPower
OCZ Vertex2 60GB Sony FW900 Corsair 850TX 
  hide details  
Reply
Nehalem
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 950 @ 4.3GHz Evga X58 3SLI 2X SLI Evga GTX 275 FTWs 756/1620/1296 6GB Mushkin Blackline 1600MHz 78720591T 
Hard DriveMonitorPower
OCZ Vertex2 60GB Sony FW900 Corsair 850TX 
  hide details  
Reply
post #3 of 13
I would first try to use IE8, I have an XP license that installs IE6 and I always have to update to IE8 because the other is so slow...

if you still experience problems, try what djk11 recommended
All Bite, No Bark
(14 items)
 
K9 UN1T
(33 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i7 7700k GIGABYTE Aorus GA-Z270X-Gaming EVGA GTX 1070 Hybrid Gaming 16 GB G-Skill DDR4-3000 
Hard DriveCoolingOSMonitor
Samsuning 960 Evo m.2 PCIe SSD Corsair H100 Windows 10 Professional x64 27" Samsung S27D590C Curved 1080p monitor 
MonitorKeyboardPowerCase
27" AOC I2757FH 1080p monitor Coolermaster QuickFire TK Coolermaster V750 Corsair H440 Black/Red 
MouseMouse Pad
Fallout 4 Steelseries Rival Hyena Agenda 18" mouse mat 
CPUMotherboardGraphicsGraphics
i5-3570k ASRock Z77 Extreme6 Gigabyte GTX 770 Superclocked Windforce Gigabyte GTX 770 Superclocked Windforce 
RAMRAMHard DriveHard Drive
Kingston HyperX T1 G-Skill Ripjaws Sandisk SSD Hitachi Desktar 
Hard DriveHard DriveOptical DriveCooling
Seagate Barracuda Green Western Digital Asus DVD-RW Corsair H100 
CoolingCoolingCoolingOS
Corsair SP 120 Quiet Edition (x2) Bitfenix Spectre Pro LED 140mm White/Red Bitfenix Spectre Pro LED 120mm White/Red (x2) Windows 8.1 Pro 
MonitorMonitorKeyboardPower
AOC I2757Fh 27" IPS LED 1080p monitor Dell E207WFP 20.5'' TFT LCD monitor CM Storm QuickFire TK Cooler Master V-750 Modular 80 Plus Gold 
CaseMouseMouse PadAudio
Cooler Master Storm Stryker Roccat Savu HyenaAgenda 18'' gaming mat JVC HA RX700 
AudioAudioAudioAudio
Logitech G930 Wireless Headset Sound Blaster Z JVC RX-6000V 500W receiver Bose Acoustimass 3 Series III 
OtherOtherOtherOther
SMK LINK Bluetooth 4.0 +EDR Adaptor Logysis Red 12" CCFL Belkin n52te speedpad Logitech Wireless Gamepad F710 
Other
Logitech Extreme 3D Pro 
CPUGraphicsGraphicsRAM
Intel i7 6820HK Intel(R) HD Graphics 530 Nvidia GeForce 980m Hynix DDR4 2133 
Hard DriveOSMonitorPower
1TB HGST 7K1000 7200RPM Windows 10 x64 Home Edition IGZO-IPS TrueLife 400 nits UHD display Dell 240W AC Adapter 
CaseMouseAudio
Alienware 17 R3 Logitech G502 Proteus Core Creative Sound Blaster Recon3Di 
  hide details  
Reply
All Bite, No Bark
(14 items)
 
K9 UN1T
(33 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i7 7700k GIGABYTE Aorus GA-Z270X-Gaming EVGA GTX 1070 Hybrid Gaming 16 GB G-Skill DDR4-3000 
Hard DriveCoolingOSMonitor
Samsuning 960 Evo m.2 PCIe SSD Corsair H100 Windows 10 Professional x64 27" Samsung S27D590C Curved 1080p monitor 
MonitorKeyboardPowerCase
27" AOC I2757FH 1080p monitor Coolermaster QuickFire TK Coolermaster V750 Corsair H440 Black/Red 
MouseMouse Pad
Fallout 4 Steelseries Rival Hyena Agenda 18" mouse mat 
CPUMotherboardGraphicsGraphics
i5-3570k ASRock Z77 Extreme6 Gigabyte GTX 770 Superclocked Windforce Gigabyte GTX 770 Superclocked Windforce 
RAMRAMHard DriveHard Drive
Kingston HyperX T1 G-Skill Ripjaws Sandisk SSD Hitachi Desktar 
Hard DriveHard DriveOptical DriveCooling
Seagate Barracuda Green Western Digital Asus DVD-RW Corsair H100 
CoolingCoolingCoolingOS
Corsair SP 120 Quiet Edition (x2) Bitfenix Spectre Pro LED 140mm White/Red Bitfenix Spectre Pro LED 120mm White/Red (x2) Windows 8.1 Pro 
MonitorMonitorKeyboardPower
AOC I2757Fh 27" IPS LED 1080p monitor Dell E207WFP 20.5'' TFT LCD monitor CM Storm QuickFire TK Cooler Master V-750 Modular 80 Plus Gold 
CaseMouseMouse PadAudio
Cooler Master Storm Stryker Roccat Savu HyenaAgenda 18'' gaming mat JVC HA RX700 
AudioAudioAudioAudio
Logitech G930 Wireless Headset Sound Blaster Z JVC RX-6000V 500W receiver Bose Acoustimass 3 Series III 
OtherOtherOtherOther
SMK LINK Bluetooth 4.0 +EDR Adaptor Logysis Red 12" CCFL Belkin n52te speedpad Logitech Wireless Gamepad F710 
Other
Logitech Extreme 3D Pro 
CPUGraphicsGraphicsRAM
Intel i7 6820HK Intel(R) HD Graphics 530 Nvidia GeForce 980m Hynix DDR4 2133 
Hard DriveOSMonitorPower
1TB HGST 7K1000 7200RPM Windows 10 x64 Home Edition IGZO-IPS TrueLife 400 nits UHD display Dell 240W AC Adapter 
CaseMouseAudio
Alienware 17 R3 Logitech G502 Proteus Core Creative Sound Blaster Recon3Di 
  hide details  
Reply
post #4 of 13
that isn't going to help. do what Djk11 says. IT might be a Rootkit or something. Just hope you don't have the indestructible one tongue.gif
Epic Rig
(9 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II X6 1090T 890FXA-GD70 (MS-7640) Radeon HD 5670 G. Skill 
RAMHard DriveHard DriveOptical Drive
G. Skill WD Green Seagate Samsung Blu Ray reader 
Monitor
i inc 28 inch monitor 
  hide details  
Reply
Epic Rig
(9 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II X6 1090T 890FXA-GD70 (MS-7640) Radeon HD 5670 G. Skill 
RAMHard DriveHard DriveOptical Drive
G. Skill WD Green Seagate Samsung Blu Ray reader 
Monitor
i inc 28 inch monitor 
  hide details  
Reply
post #5 of 13
Tick these
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

fix

Enter msconfig in the searchbox then startup tab disable these two entries
igfxtray.exe
reader_sl.exe

Download this and run it.

When your done go to filehippo.com and download latest java and Adobe Acrobat. Reader, and plugins.
Go to the the windows uninstaller. Uninstall older java versions first. If theres more than 1 uninstall all of them. Same with Adobe.
Then install those updates.
Run Ccleaner

Please consider a better antivirus. Use mse, avira or avast. AVG is poor
post #6 of 13
Thread Starter 
I just used avg in safemode after reading another thread, I cannot find those two entries in the startup, I only have igfxpers. Does that matter?
Main PC
(13 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500K Msi P67A - G45 Asus Direct CU HD5850 CF 4GB Kingston HyperX DDR3 1600mhz 
Hard DriveOptical DriveMonitorPower
Ocz Vertex 2 60GB/WD 320GB 7200RPM sata drive Lg DVD RW I Inc 28"(27.5) Corsair HX650W 
Case
Lian Li A05NB 
  hide details  
Reply
Main PC
(13 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500K Msi P67A - G45 Asus Direct CU HD5850 CF 4GB Kingston HyperX DDR3 1600mhz 
Hard DriveOptical DriveMonitorPower
Ocz Vertex 2 60GB/WD 320GB 7200RPM sata drive Lg DVD RW I Inc 28"(27.5) Corsair HX650W 
Case
Lian Li A05NB 
  hide details  
Reply
post #7 of 13
Thread Starter 
oh and what do i do after i completed the freefixer scan?
Main PC
(13 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500K Msi P67A - G45 Asus Direct CU HD5850 CF 4GB Kingston HyperX DDR3 1600mhz 
Hard DriveOptical DriveMonitorPower
Ocz Vertex 2 60GB/WD 320GB 7200RPM sata drive Lg DVD RW I Inc 28"(27.5) Corsair HX650W 
Case
Lian Li A05NB 
  hide details  
Reply
Main PC
(13 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500K Msi P67A - G45 Asus Direct CU HD5850 CF 4GB Kingston HyperX DDR3 1600mhz 
Hard DriveOptical DriveMonitorPower
Ocz Vertex 2 60GB/WD 320GB 7200RPM sata drive Lg DVD RW I Inc 28"(27.5) Corsair HX650W 
Case
Lian Li A05NB 
  hide details  
Reply
post #8 of 13
Quote:
Originally Posted by peacepcf;14315099 
oh and what do i do after i completed the freefixer scan?
sorry post its log
Quote:
Originally Posted by peacepcf;14315025 
I just used avg in safemode after reading another thread, I cannot find those two entries in the startup, I only have igfxpers. Does that matter?
untick it. it does not have to run at start up
Edited by Spooony - 7/24/11 at 1:06am
post #9 of 13
Thread Starter 
FreeFixer v0.58 log
http://www.freefixer.com/
Operating system: Windows XP Service Pack 3, v.6055
Log dated 2011-07-23 02:33


BootExecute (1 whitelisted)
C:\WINDOWS\system32\C:\PROGRA~1\AVG\AVG10\avgchsvx.exe (file is missing)
C:\WINDOWS\system32\C:\PROGRA~1\AVG\AVG10\avgrsx.exe (file is missing)

Internet Explorer toolbars (3 whitelisted)
HKCU\..\Toolbar\WebBrowser\{EF99BD32-C1FB-11D2-892F-0090271D4F88} - - (no file specified)

Basic Internet Explorer settings
HKCU\..\Desktop\General, Wallpaper = C:\Documents and Settings\Hari\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

Registry Startups (9 whitelisted)
HKLM\..\Run, IntelZeroConfig = "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
HKLM\..\Run, IntelWireless = "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
HKLM\..\Run, QuickTime Task = "C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKCU\..\Run, Google Update = "C:\Documents and Settings\Hari\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

Autostart shortcuts
Adobe Gamma Loader.lnk, , C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

Processes (42 whitelisted)
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\UTSCSI.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\FreeFixer\freefixer.exe

Services (44 whitelisted)
avg8emc, AVG8 E-mail Scanner, c:\progra~1\avg\avg8\avgemc.exe (file is missing)
EvtEng, Intel(R) PROSet/Wireless Event Log, c:\program files\intel\wireless\bin\evteng.exe
RegSrvc, Intel(R) PROSet/Wireless Registry Service, c:\program files\intel\wireless\bin\regsrvc.exe
S24EventMonitor, Intel(R) PROSet/Wireless Service, c:\program files\intel\wireless\bin\s24evmon.exe
UTSCSI, CLCV0, c:\windows\system32\utscsi.exe
WLANKEEPER, Intel(R) PROSet/Wireless SSO Service, c:\program files\intel\wireless\bin\wlkeeper.exe

Explorer.exe Modules (94 whitelisted)
C:\WINDOWS\system32\MSVCR71.dll
C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll

Drivers (31 whitelisted)
AegisP, AEGIS Protocol (IEEE 802.1x) v3.6.0.0, C:\WINDOWS\system32\drivers\aegisp.sys
s24trans, WLAN Transport, C:\WINDOWS\system32\drivers\s24trans.sys

Windows XP Firewall authorized apps (11 whitelisted)
C:\Documents and Settings\Hari\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe

Recently created/modified files (26 whitelisted)
7 minutes, c:\Program Files\FreeFixer\Uninstall.exe
7 minutes, c:\Documents and Settings\Hari\Desktop\freefixersetup.exe
3 hours, c:\Documents and Settings\Hari\Desktop\HijackThis.exe
4 days, c:\Documents and Settings\All Users\Application Data\MFAData\pack\htmlayout.dll

The following errors occurred during the scan:
An unexpected exception occurred in the Firefox Extension Plugin:
Error when using the FindFirstFile system call.
The error occured when opening a find file handle. Initial file/folder: C:\Documents and Settings\Hari\Application Data\Mozilla\Firefox\Profiles\fyts5t7k.default\extensions

System error message: The system cannot find the path specified. Error code: 3.

End of FreeFixer log
Main PC
(13 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500K Msi P67A - G45 Asus Direct CU HD5850 CF 4GB Kingston HyperX DDR3 1600mhz 
Hard DriveOptical DriveMonitorPower
Ocz Vertex 2 60GB/WD 320GB 7200RPM sata drive Lg DVD RW I Inc 28"(27.5) Corsair HX650W 
Case
Lian Li A05NB 
  hide details  
Reply
Main PC
(13 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500K Msi P67A - G45 Asus Direct CU HD5850 CF 4GB Kingston HyperX DDR3 1600mhz 
Hard DriveOptical DriveMonitorPower
Ocz Vertex 2 60GB/WD 320GB 7200RPM sata drive Lg DVD RW I Inc 28"(27.5) Corsair HX650W 
Case
Lian Li A05NB 
  hide details  
Reply
post #10 of 13
Thread Starter 
One of the thinks I was being directed to, was just google.ad.sgdoubleclick.net., but I fixed that by disabling the addon XULRunner after reading the first google post. One of the sites that I was being redirected to before was scour.com if that helps at all. I havent been redirected to it for some time, so its possible that it may have been fixed, but Malware bytes still said there were 2 problems it could not fix.
Main PC
(13 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500K Msi P67A - G45 Asus Direct CU HD5850 CF 4GB Kingston HyperX DDR3 1600mhz 
Hard DriveOptical DriveMonitorPower
Ocz Vertex 2 60GB/WD 320GB 7200RPM sata drive Lg DVD RW I Inc 28"(27.5) Corsair HX650W 
Case
Lian Li A05NB 
  hide details  
Reply
Main PC
(13 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500K Msi P67A - G45 Asus Direct CU HD5850 CF 4GB Kingston HyperX DDR3 1600mhz 
Hard DriveOptical DriveMonitorPower
Ocz Vertex 2 60GB/WD 320GB 7200RPM sata drive Lg DVD RW I Inc 28"(27.5) Corsair HX650W 
Case
Lian Li A05NB 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security