Tech Support Forum - View Single Post

ohno · 05-05-2007, 11:34 PM

extra.txt

Deckard's System Scanner v20070426.43
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Core(TM)2 CPU T5600 @ 1.83GHz
CPU 1: Intel(R) Core(TM)2 CPU T5600 @ 1.83GHz
Percentage of Memory in Use: 58%
Physical Memory (total/avail): 1023.29 MiB / 420.95 MiB
Pagefile Memory (total/avail): 2457.69 MiB / 1733.28 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1932.53 MiB

C: is Fixed (NTFS) - 19.53 GiB total, 7.87 GiB free.
D: is Fixed (NTFS) - 69.72 GiB total, 23.29 GiB free.
E: is CDROM (No Media)
F: is Fixed (NTFS) - 37.25 GiB total, 6.31 GiB free.
G: is CDROM (No Media)

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.

AV: AVG 7.5.467 v7.5.467 (GRISOFT)

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\ohno\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=WMD
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\ohno
LOGONSERVER=\\WMD
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\IDM Computer Solutions\UltraEdit-32
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f06
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ohno\LOCALS~1\Temp
TMP=C:\DOCUME~1\ohno\LOCALS~1\Temp
USERDOMAIN=WMD
USERNAME=ohno
USERPROFILE=C:\Documents and Settings\ohno
windir=C:\WINDOWS

-- User Profiles ---------------------------------------------------------------

ohno (admin)
Administrator (admin)

-- Add/Remove Programs ---------------------------------------------------------

Ad-Aware SE Personal --> MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
AVG 7.5 --> C:\Program Files\Grisoft\AVG Free\setup.exe /UNINSTALL
AVG Anti-Rootkit Free --> C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\Uninstall.exe
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Dynasty Warriors 4 Hyper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Documents and Settings\ohno\Application Data\InstallShield Installation Information\{DBFF7A38-F460-419A-A2E7-2D55BD2D9AD4}\setup.exe" -l0x9
Google 更新器 --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 7 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150070}
mIRC --> "F:\storage\nox\mirc.exe" -uninstall
Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Sid Meier's Civilization 4 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Documents and Settings\ohno\Application Data\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x9 -removeonly
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot\unins000.exe"
SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
SyncBack --> "C:\Program Files\SyncBack\unins000.exe"
UltraEdit-32 --> "C:\Program Files\IDM Computer Solutions\UltraEdit-32\Uninstall.exe" "C:\Program Files\IDM Computer Solutions\UltraEdit-32\ueinstall.log" -u
VPN Client --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5624C000-B109-11D4-9DB4-00E0290FCAC5}\Setup.exe" -l0x9 VpnUninstall
三國志11 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{64893225-ADBA-469E-B114-F3B2C1FBBA77}

-- End of Deckard's System Scanner: finished at 2007-05-06 at 15:10:27 ---------

05-05-2007, 11:34 PM	#3 (permalink)
ohno Registered User Join Date: May 2007 Posts: 19 OS: Windows XP	Re: Multiple infections extra.txt Deckard's System Scanner v20070426.43 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Professional (build 2600) SP 2.0 Architecture: X86; Language: English CPU 0: Intel(R) Core(TM)2 CPU T5600 @ 1.83GHz CPU 1: Intel(R) Core(TM)2 CPU T5600 @ 1.83GHz Percentage of Memory in Use: 58% Physical Memory (total/avail): 1023.29 MiB / 420.95 MiB Pagefile Memory (total/avail): 2457.69 MiB / 1733.28 MiB Virtual Memory (total/avail): 2047.88 MiB / 1932.53 MiB C: is Fixed (NTFS) - 19.53 GiB total, 7.87 GiB free. D: is Fixed (NTFS) - 69.72 GiB total, 23.29 GiB free. E: is CDROM (No Media) F: is Fixed (NTFS) - 37.25 GiB total, 6.31 GiB free. G: is CDROM (No Media) -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. FirstRunDisabled is set. AV: AVG 7.5.467 v7.5.467 (GRISOFT) -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\ohno\Application Data CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=WMD ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\ohno LOGONSERVER=\\WMD NUMBER_OF_PROCESSORS=2 OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\bin;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\IDM Computer Solutions\UltraEdit-32 PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0f06 ProgramFiles=C:\Program Files PROMPT=$P$G SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\ohno\LOCALS~1\Temp TMP=C:\DOCUME~1\ohno\LOCALS~1\Temp USERDOMAIN=WMD USERNAME=ohno USERPROFILE=C:\Documents and Settings\ohno windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- ohno (admin) Administrator (admin) -- Add/Remove Programs --------------------------------------------------------- Ad-Aware SE Personal --> MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747} Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001} Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39} Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001} Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D} Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001} AVG 7.5 --> C:\Program Files\Grisoft\AVG Free\setup.exe /UNINSTALL AVG Anti-Rootkit Free --> C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\Uninstall.exe AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe Dynasty Warriors 4 Hyper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Documents and Settings\ohno\Application Data\InstallShield Installation Information\{DBFF7A38-F460-419A-A2E7-2D55BD2D9AD4}\setup.exe" -l0x9 Google 更新器 --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100} J2SE Runtime Environment 5.0 Update 7 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150070} mIRC --> "F:\storage\nox\mirc.exe" -uninstall Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Sid Meier's Civilization 4 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Documents and Settings\ohno\Application Data\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x9 -removeonly Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot\unins000.exe" SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe" SyncBack --> "C:\Program Files\SyncBack\unins000.exe" UltraEdit-32 --> "C:\Program Files\IDM Computer Solutions\UltraEdit-32\Uninstall.exe" "C:\Program Files\IDM Computer Solutions\UltraEdit-32\ueinstall.log" -u VPN Client --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5624C000-B109-11D4-9DB4-00E0290FCAC5}\Setup.exe" -l0x9 VpnUninstall 三國志11 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{64893225-ADBA-469E-B114-F3B2C1FBBA77} -- End of Deckard's System Scanner: finished at 2007-05-06 at 15:10:27 ---------