Tech Support banner

Unknown Virus. Pc keeps restarting

Jump to Latest Follow

Status
Not open for further replies.
1 - 2 of 2 Posts
D

·
Registered
Joined
·
2 Posts
Discussion Starter #1
Hi. Right now, my pc cannot work at all when it is run normally. I am using SafeMode with Networking in order to EVEN go online.

I did The 5 Steps before Posting a Log, but none of the scan works for me because it keeps restarting (even with the safe mode), so i cannot complete any of the scans (Panda ActiveScan and Deckard's System Scanner (DSS) ). I did install Spyware Blaster and IE-Spyad.

The problem now is I can't do ANYTHING when run normally. My desktop background was changed to "Warning! Your Pc has been affected by Spyware..." (something like that.) It restarts whenever I do something, for example the scans.

None of the scans work, so i just followed the For users running Windows 95, 98 or ME , but I am XP user. HijackThis is the only program that works for right now. I don't want to just type these without putting ANYTHING on, so here is the HijackThis Log.

Logfile of HijackThis v1.99.1
Scan saved at 16:30, on 2008-05-26
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\vbpdtvdp.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator.REVIVE\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
F2 - REG:system.ini: UserInit=C:\WINNT\system32\userinit.exe,C:\WINNT\System32\vbpdtvdp.exe,
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: del.icio.us - {981FE6A8-260C-4930-960F-C3BC82746CB0} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas .exe" /minimized
O4 - HKLM\..\Run: [70d24acb] rundll32.exe "C:\WINNT\System32\lkndqppq.dll",b
O4 - HKLM\..\Run: [{69e19b6b-2461-cd25-fbe0-6eb154e637ea}] C:\WINNT\System32\Rundll32.exe "C:\WINNT\System32\{c3108565-a275-e98e-7f09-fae52e9c23c4}.dll" DllInit
O4 - HKLM\..\Run: [BM73e17957] Rundll32.exe "C:\WINNT\System32\fkwfmpwt.dll",s
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Deewoo.lnk = C:\WINNT\system32\scntrkdm .exe
O4 - Startup: DW_Start.lnk = C:\WINNT\system32\jqwnw64s .exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: IEEE 802.11g USB Wireless LAN Utility.lnk = C:\Program Files\Wireless LAN\WlanUtil.exe
O4 - Global Startup: NDAS Device Management.lnk = C:\Program Files\NDAS\System\ndasmgmt.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin11USA.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: MsSecurity Updated (MsSecurity1.209.4) - Unknown owner - C:\WINNT\winself.exe

Here is my scan.
Thanks.
 
D

·
Registered
Joined
·
2 Posts
Discussion Starter #2
Bump

I reformatted my C-Drive Only. The virus should be gone, but my pc still freezes. No restarting problem, at least not right now.

I can finally scan, but sometimes my pc freezes.

Here is the Deckard's System scanner:

Deckard's System Scanner v20071014.68
Run by Administrator on 2008-05-30 16:14:36
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
9: 2008-05-30 23:14:38 UTC - RP9 - Deckard's System Scanner Restore Point
8: 2008-05-29 05:56:53 UTC - RP8 - System Checkpoint
7: 2008-05-28 04:57:50 UTC - RP7 - Norton Security Online post configuration restore point
6: 2008-05-28 04:19:41 UTC - RP6 - Installed Windows Installer KB893803v2.
5: 2008-05-28 04:11:41 UTC - RP5 - Installed Microsoft Office Professional Edition 2003


-- First Restore Point --
1: 2008-05-28 03:50:29 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-05-30 16:17:14
Platform: Windows XP Service Pack 1 (5.01.2600)
MSIE: Internet Explorer (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\system32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\explorer.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\mixer.exe
C:\Program Files\Airlink101\Airlink101 WLAN Monitor\WlanMon.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\wuauclt.exe
C:\Documents and Settings\Administrator\Desktop\dss.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.my.yahoo.com/
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [Airlink101 Airlink101 WLAN Monitor] C:\Program Files\Airlink101\Airlink101 WLAN Monitor\WLANmon.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NVMCTRAY.DLL,NvTaskbarInit
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\Web\related.htm
O9 - Extra 'Tools' menuitem: @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\Web\related.htm
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe


--
End of file - 2966 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 ANIO (ANIO Service) - c:\winnt\system32\anio.sys <Not Verified; Alpha Networks Inc.; ANIO (NT5) Driver>
R2 npkcrypt - d:\nexon\npkcrypt.sys <Not Verified; INCA Internet Co., Ltd.; nProtect KeyCrypt Driver>
R3 rt2870 (Ralink 802.11n USB Wireless LAN Card Driver) - c:\winnt\system32\drivers\rt2870.sys <Not Verified; Ralink Technology, Corp.; Ralink 802.11n Wireless Adapters>

S3 dump_wmimmc - d:\nexon\gameguard\dump_wmimmc.sys (file missing)
S3 NPPTNT2 - c:\winnt\system32\npptnt2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S2 ANIWZCSdService (ANIWZCSd Service) - c:\program files\ani\aniwzcs2 service\aniwzcsds.exe <Not Verified; Wireless Service; ANIWZCS2 Service Launcher (NT)>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Files created between 2008-04-30 and 2008-05-30 -----------------------------

2008-05-30 16:10:49 0 d-------- C:\ZonedOut
2008-05-30 16:10:08 0 d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-30 16:10:04 0 d-------- C:\Program Files\SpywareBlaster
2008-05-29 21:26:40 0 d-------- C:\Program Files\Panda Security
2008-05-28 23:35:29 0 d-------- C:\Program Files\Common Files\HP
2008-05-28 23:35:28 0 d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-05-28 23:35:27 0 d-------- C:\Program Files\Hewlett-Packard
2008-05-28 23:34:56 0 d-------- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-05-28 23:30:44 7262 -----n--- C:\WINNT\hpomdl21.dat
2008-05-28 23:30:44 142919 --a------ C:\WINNT\hpoins21.dat
2008-05-28 23:06:24 0 d------c- C:\WINNT\System32\DRVSTORE
2008-05-28 23:06:19 0 d-------- C:\Program Files\HP
2008-05-28 23:05:31 0 d---s---- C:\Documents and Settings\Administrator\UserData
2008-05-28 19:45:18 0 d-------- C:\Documents and Settings\Administrator\Application Data\Nexon
2008-05-28 19:44:52 4682 --a------ C:\WINNT\System32\npptNT2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>
2008-05-28 19:44:45 0 d-------- C:\Program Files\Common Files\INCA Shared
2008-05-28 19:11:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Azureus
2008-05-28 19:11:28 0 d-------- C:\Documents and Settings\Administrator\Application Data\Azureus
2008-05-28 17:50:27 0 d-------- C:\Documents and Settings\Administrator\Application Data\Media Player Classic
2008-05-27 22:03:48 0 d-------- C:\Documents and Settings\Administrator\Application Data\Yahoo!
2008-05-27 21:52:33 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2008-05-27 21:52:21 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-05-27 21:51:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-05-27 21:51:16 65536 --a------ C:\WINNT\System32\YCRWin32.dll <Not Verified; ; YCRWin32 Module>
2008-05-27 21:50:43 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia
2008-05-27 21:50:43 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-05-27 21:50:39 1160 --a------ C:\WINNT\mozver.dat
2008-05-27 21:47:11 0 --a------ C:\WINNT\nsreg.dat
2008-05-27 21:47:09 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
2008-05-27 21:15:06 0 d-------- C:\Program Files\Yahoo!
2008-05-27 21:13:29 0 d-------- C:\Program Files\Microsoft.NET
2008-05-27 21:13:27 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-05-27 21:12:59 0 d-------- C:\WINNT\SHELLNEW
2008-05-27 21:09:53 0 dr-h----- C:\MSOCache
2008-05-27 21:05:55 3284 --a------ C:\WINNT\System32\ANIWZCS{547B3D67-CF7F-4374-B180-B60676B79C29}
2008-05-27 21:03:40 14 --a------ C:\WINNT\System32\ANIWZCSUSERNAME{547B3D67-CF7F-4374-B180-B60676B79C29}
2008-05-27 21:03:39 0 d---s---- C:\WINNT\System32\Microsoft
2008-05-27 21:03:15 302080 --a------ C:\WINNT\lwd.exe <Not Verified; TODO: <Company name>; TODO: <Product name>>
2008-05-27 21:03:08 258048 --a------ C:\WINNT\System32\wnicapi.dll <Not Verified; Wireless Service; WNICAPI Dynamic Link Library>
2008-05-27 21:03:08 229376 --a------ C:\WINNT\System32\WlanApp.dll <Not Verified; ANI; WlanApp Dynamic Link Library>
2008-05-27 21:03:08 1327189 --a------ C:\WINNT\System32\odSupp_M.dll <Not Verified; Funk Software, Inc.; Odyssey Supplicant Toolkit>
2008-05-27 21:03:08 217088 --a------ C:\WINNT\System32\aIPH.dll <Not Verified; Alpha Networks Inc.; IPH Dynamic Link Library>
2008-05-27 21:03:07 49152 --a------ C:\WINNT\System32\JJAKEn.dll <Not Verified; ; JJAKEn Dynamic Link Library>
2008-05-27 21:03:07 49152 --a------ C:\WINNT\System32\AQCKGen.dll <Not Verified; Alpha Networks Inc.; AQuickKey Generator>
2008-05-27 21:03:07 679936 --a------ C:\WINNT\System32\ANIWZCS2.dll <Not Verified; Wireless Service; ANIWZCS Dynamic Link Library>
2008-05-27 21:03:07 45115 --a------ C:\WINNT\System32\ANICtl.dll <Not Verified; Alpha Networks Inc.; DevCtrl Dynamic Link Library>
2008-05-27 21:02:57 36864 --a------ C:\WINNT\System32\ANIOApi.dll <Not Verified; Alpha Networks Inc.; ANIO Helper DLL API library>
2008-05-27 21:02:57 48128 --a------ C:\WINNT\System32\ANIO64.sys <Not Verified; Alpha Networks Inc.; ANIO (NT5) Driver>
2008-05-27 21:02:57 11904 --a------ C:\WINNT\System32\anio4.sys <Not Verified; ANI; ANIO (NDIS4) Driver>
2008-05-27 21:02:57 28195 --a------ C:\WINNT\System32\ANIO.sys <Not Verified; Alpha Networks Inc.; ANIO (NT5) Driver>
2008-05-27 21:02:57 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-27 21:02:57 0 d-------- C:\Program Files\ANI
2008-05-27 21:02:53 0 d-------- C:\Program Files\Airlink101
2008-05-27 21:02:27 0 d-------- C:\WINNT\Downloaded Installations
2008-05-27 20:56:07 0 d-------- C:\WINNT\nview
2008-05-27 20:55:15 0 d-------- C:\Program Files\Common Files\InstallShield
2008-05-27 20:54:08 0 d-------- C:\WUTemp
2008-05-27 20:50:23 0 d--hs---- C:\WINNT\Installer
2008-05-27 20:50:21 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2008-05-27 20:50:11 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-05-27 20:50:11 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-05-27 20:50:11 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-05-27 20:50:11 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2008-05-27 20:50:11 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-05-27 20:50:11 5767168 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-05-27 20:50:11 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-05-27 20:50:11 0 dr------- C:\Documents and Settings\Administrator\My Documents
2008-05-27 20:50:11 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-05-27 20:50:11 0 dr------- C:\Documents and Settings\Administrator\Favorites
2008-05-27 20:50:11 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-05-27 20:50:11 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2008-05-27 20:50:11 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-05-27 20:50:02 0 d--hs---- C:\System Volume Information
2008-05-27 20:49:53 0 d-------- C:\WINNT\Prefetch
2008-05-27 20:49:53 229376 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2008-05-27 20:49:53 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-05-27 20:49:53 0 d---s---- C:\Documents and Settings\LocalService\Cookies
2008-05-27 20:49:53 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-05-27 20:49:53 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-05-27 20:49:52 229376 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-05-27 20:49:52 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-05-27 20:49:52 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2008-05-27 20:49:52 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-05-27 20:49:52 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-05-27 20:47:09 0 d-------- C:\WINNT\System32\xircom
2008-05-27 20:47:09 0 d-------- C:\Program Files\microsoft frontpage
2008-05-27 20:46:57 229376 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-05-27 20:46:51 0 -rahs---- C:\MSDOS.SYS
2008-05-27 20:46:51 0 -rahs---- C:\IO.SYS
2008-05-27 20:46:51 0 --a------ C:\CONFIG.SYS
2008-05-27 20:46:51 0 --a------ C:\AUTOEXEC.BAT
2008-05-27 20:46:14 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-05-27 20:46:07 0 dr------- C:\WINNT\Offline Web Pages
2008-05-27 20:46:07 0 d---s---- C:\WINNT\Downloaded Program Files
2008-05-27 20:45:44 0 d-------- C:\WINNT\System32\DirectX
2008-05-27 20:45:01 0 d---s---- C:\WINNT\Tasks
2008-05-27 20:44:58 0 d-------- C:\Program Files\Common Files\MSSoap
2008-05-27 20:44:53 0 d-------- C:\WINNT\System32\Macromed
2008-05-27 20:44:53 0 d-------- C:\WINNT\srchasst
2008-05-27 20:44:51 0 d-------- C:\Program Files\Movie Maker
2008-05-27 20:44:48 0 d-------- C:\WINNT\PCHealth
2008-05-27 20:44:47 0 d-------- C:\WINNT\System32\Restore
2008-05-27 20:44:15 21640 --a------ C:\WINNT\System32\emptyregdb.dat
2008-05-27 20:44:13 0 d-------- C:\WINNT\Registration
2008-05-27 20:44:11 0 d--h----- C:\Program Files\WindowsUpdate
2008-05-27 20:44:11 0 d-------- C:\Program Files\Online Services
2008-05-27 20:44:08 0 d-------- C:\Program Files\Messenger
2008-05-27 20:44:03 0 d-------- C:\Program Files\MSN Gaming Zone
2008-05-27 20:43:23 0 d-------- C:\Program Files\Windows NT
2008-05-27 20:43:20 0 d-------- C:\WINNT\System32\MsDtc
2008-05-27 20:43:20 0 d-------- C:\WINNT\System32\Com
2008-05-27 12:38:15 0 d-------- C:\Program Files\Common Files\ODBC
2008-05-27 12:38:13 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-05-27 12:38:12 0 dr------- C:\Program Files
2008-05-27 12:38:12 0 d-------- C:\Program Files\Common Files
2008-05-27 12:37:53 0 d--h----- C:\Documents and Settings\Default User\Templates
2008-05-27 12:37:53 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-05-27 12:37:53 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-05-27 12:37:53 0 d--h----- C:\Documents and Settings\Default User\Recent
2008-05-27 12:37:53 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2008-05-27 12:37:53 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-05-27 12:37:53 0 d-------- C:\Documents and Settings\Default User\My Documents
2008-05-27 12:37:53 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-05-27 12:37:53 0 d-------- C:\Documents and Settings\Default User\Favorites
2008-05-27 12:37:53 0 d-------- C:\Documents and Settings\Default User\Desktop
2008-05-27 12:37:53 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-05-27 12:37:53 0 d--h----- C:\Documents and Settings\All Users\Templates
2008-05-27 12:37:53 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-05-27 12:37:53 0 d-------- C:\Documents and Settings\All Users\Favorites
2008-05-27 12:37:53 0 dr------- C:\Documents and Settings\All Users\Documents
2008-05-27 12:37:53 0 d-------- C:\Documents and Settings\All Users\Desktop
2008-05-27 12:37:12 0 d-------- C:\WINNT\System32\CatRoot2
2008-05-27 12:37:12 0 d-------- C:\WINNT\System32\CatRoot
2008-05-27 12:37:07 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-05-27 12:37:07 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-05-27 12:37:07 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-05-27 12:37:07 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-05-27 12:36:55 0 d-------- C:\Documents and Settings
2008-05-27 12:32:46 0 d-------- C:\WINNT
2008-05-27 12:32:46 0 d-------- C:\WINNT\WinSxS
2008-05-27 12:32:46 0 dr------- C:\WINNT\Web
2008-05-27 12:32:46 0 d-------- C:\WINNT\twain_32
2008-05-27 12:32:46 0 d-------- C:\WINNT\system32
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\wins
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\wbem
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\usmt
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\spool
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\ShellExt
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\Setup
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\ras
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\oobe
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\npp
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\mui
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\inetsrv
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\IME
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\icsxml
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\ias
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\export
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\drivers
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\drivers\etc
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\drivers\disdn
2008-05-27 12:32:46 0 dr-hs--c- C:\WINNT\System32\dllcache
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\dhcp
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\config
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\3com_dmi
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\3076
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\2052
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\1054
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\1042
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\1041
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\1037
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\1033
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\1031
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\1028
2008-05-27 12:32:46 0 d-------- C:\WINNT\System32\1025
2008-05-27 12:32:46 0 d-------- C:\WINNT\system
2008-05-27 12:32:46 0 d-------- C:\WINNT\security
2008-05-27 12:32:46 0 d-------- C:\WINNT\Resources
2008-05-27 12:32:46 0 d-------- C:\WINNT\repair
2008-05-27 12:32:46 0 d-------- C:\WINNT\mui
2008-05-27 12:32:46 0 d-------- C:\WINNT\msapps
2008-05-27 12:32:46 0 d-------- C:\WINNT\msagent
2008-05-27 12:32:46 0 d-------- C:\WINNT\Media
2008-05-27 12:32:46 0 d-------- C:\WINNT\java
2008-05-27 12:32:46 0 d--h----- C:\WINNT\inf
2008-05-27 12:32:46 0 d-------- C:\WINNT\ime
2008-05-27 12:32:46 0 d-------- C:\WINNT\Help
2008-05-27 12:32:46 0 dr--s---- C:\WINNT\Fonts
2008-05-27 12:32:46 0 d-------- C:\WINNT\Driver Cache
2008-05-27 12:32:46 0 d-------- C:\WINNT\Debug
2008-05-27 12:32:46 0 d-------- C:\WINNT\Cursors
2008-05-27 12:32:46 0 d-------- C:\WINNT\Connection Wizard
2008-05-27 12:32:46 0 d-------- C:\WINNT\Config
2008-05-27 12:32:46 0 d-------- C:\WINNT\AppPatch
2008-05-27 12:32:46 0 d-------- C:\WINNT\addins


-- Find3M Report ---------------------------------------------------------------

2008-05-27 12:37:53 62 --ahs---- C:\Documents and Settings\Administrator\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINNT\System32\NvCpl.dll" [11/17/2003 08:33 AM]
"nwiz"="nwiz.exe" [11/17/2003 08:33 AM C:\WINNT\system32\nwiz.exe]
"C-Media Mixer"="Mixer.exe" [10/15/2002 07:00 PM C:\WINNT\mixer.exe]
"Airlink101 Airlink101 WLAN Monitor"="C:\Program Files\Airlink101\Airlink101 WLAN Monitor\WLANmon.exe" [06/18/2007 02:30 PM]
"ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [01/19/2007 11:49 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="C:\WINNT\System32\NVMCTRAY.DLL,NvTaskbarInit" []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 Pml Driver HPZ12 Net Driver HPZ12
HPService HPSLPSVC




-- End of Deckard's System Scanner: finished at 2008-05-30 16:18:31 ------------

If i get the Panda Anti virus to work. I will post on here again

Thanks.
 

Attachments

1 - 2 of 2 Posts
Status
Not open for further replies.
About this Discussion
1 Reply
1 Participant
Last post:
Dualcardz
Tech Support
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Windows XP Support Windows 7 , Windows Vista Support Motherboards, Bios|UEFI & CPU Networking Support Laptop Support
Recommended Communities
Community avatar for Toyota Nation Forum
Toyota Nation Forum
461K+ members
Community avatar for SkyscraperCity
SkyscraperCity
1M+ members
Community avatar for Volkswagen Taos Forum
Volkswagen Taos Forum
NEW!
20+ members
Top