Jump to content


Photo

[RESOLVED] Avira log


  • You cannot start a new topic
  • Please log in to reply
147 replies to this topic

#1 Man'n'Black-4xp

Man'n'Black-4xp

    The XP In The Ointment

  • Members
  • 1,933 posts
  • 167 topics
    • Time Online: 9d 22h 40m 54s
  • Joined November 28, 2010
  • Skin: IP.Board
  • Local time: 08:03 PM
  • Zodiac:Aquarius
  • Gender:Male
  • Location:Midwest
  • OS:Windows XP
  • Country:
Offline

Posted 17 December 2010 - 04:12 AM

Avira AntiVir Personal
Report file date: Thursday, December 16, 2010 17:58

Scanning for 2261081 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : WIR-47971040CF0

Version information:
BUILD.DAT : 10.0.0.607 31826 Bytes 11/30/2010 19:17:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 12/1/2010 00:13:17
AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 18:57:04
LUKE.DLL : 10.0.3.2 104296 Bytes 12/1/2010 00:13:24
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 05:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 15:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 21:36:05
VBASE002.VDF : 7.11.0.1 2048 Bytes 12/14/2010 21:36:05
VBASE003.VDF : 7.11.0.2 2048 Bytes 12/14/2010 21:36:05
VBASE004.VDF : 7.11.0.3 2048 Bytes 12/14/2010 21:36:05
VBASE005.VDF : 7.11.0.4 2048 Bytes 12/14/2010 21:36:05
VBASE006.VDF : 7.11.0.5 2048 Bytes 12/14/2010 21:36:06
VBASE007.VDF : 7.11.0.6 2048 Bytes 12/14/2010 21:36:06
VBASE008.VDF : 7.11.0.7 2048 Bytes 12/14/2010 21:36:06
VBASE009.VDF : 7.11.0.8 2048 Bytes 12/14/2010 21:36:06
VBASE010.VDF : 7.11.0.9 2048 Bytes 12/14/2010 21:36:06
VBASE011.VDF : 7.11.0.10 2048 Bytes 12/14/2010 21:36:06
VBASE012.VDF : 7.11.0.11 2048 Bytes 12/14/2010 21:36:06
VBASE013.VDF : 7.11.0.52 128000 Bytes 12/16/2010 23:26:30
VBASE014.VDF : 7.11.0.53 2048 Bytes 12/16/2010 23:26:30
VBASE015.VDF : 7.11.0.54 2048 Bytes 12/16/2010 23:26:30
VBASE016.VDF : 7.11.0.55 2048 Bytes 12/16/2010 23:26:30
VBASE017.VDF : 7.11.0.56 2048 Bytes 12/16/2010 23:26:31
VBASE018.VDF : 7.11.0.57 2048 Bytes 12/16/2010 23:26:31
VBASE019.VDF : 7.11.0.58 2048 Bytes 12/16/2010 23:26:31
VBASE020.VDF : 7.11.0.59 2048 Bytes 12/16/2010 23:26:31
VBASE021.VDF : 7.11.0.60 2048 Bytes 12/16/2010 23:26:31
VBASE022.VDF : 7.11.0.61 2048 Bytes 12/16/2010 23:26:32
VBASE023.VDF : 7.11.0.62 2048 Bytes 12/16/2010 23:26:32
VBASE024.VDF : 7.11.0.63 2048 Bytes 12/16/2010 23:26:32
VBASE025.VDF : 7.11.0.64 2048 Bytes 12/16/2010 23:26:32
VBASE026.VDF : 7.11.0.65 2048 Bytes 12/16/2010 23:26:32
VBASE027.VDF : 7.11.0.66 2048 Bytes 12/16/2010 23:26:32
VBASE028.VDF : 7.11.0.67 2048 Bytes 12/16/2010 23:26:32
VBASE029.VDF : 7.11.0.68 2048 Bytes 12/16/2010 23:26:33
VBASE030.VDF : 7.11.0.69 2048 Bytes 12/16/2010 23:26:33
VBASE031.VDF : 7.11.0.73 20992 Bytes 12/16/2010 23:26:33
Engineversion : 8.2.4.126
AEVDF.DLL : 8.1.2.1 106868 Bytes 12/1/2010 00:13:13
AESCRIPT.DLL : 8.1.3.48 1286524 Bytes 12/13/2010 21:52:33
AESCN.DLL : 8.1.7.2 127349 Bytes 12/1/2010 00:13:12
AESBX.DLL : 8.1.3.2 254324 Bytes 12/1/2010 00:13:12
AERDL.DLL : 8.1.9.2 635252 Bytes 12/1/2010 00:13:12
AEPACK.DLL : 8.2.4.5 512375 Bytes 12/16/2010 23:26:45
AEOFFICE.DLL : 8.1.1.10 201084 Bytes 12/1/2010 00:13:11
AEHEUR.DLL : 8.1.2.57 3142008 Bytes 12/16/2010 23:26:43
AEHELP.DLL : 8.1.16.0 246136 Bytes 12/13/2010 21:52:18
AEGEN.DLL : 8.1.5.0 397685 Bytes 12/13/2010 21:52:17
AEEMU.DLL : 8.1.3.0 393589 Bytes 12/1/2010 00:13:06
AECORE.DLL : 8.1.19.0 196984 Bytes 12/13/2010 21:52:15
AEBB.DLL : 8.1.1.0 53618 Bytes 12/1/2010 00:13:05
AVWINLL.DLL : 10.0.0.0 19304 Bytes 12/1/2010 00:13:17
AVPREF.DLL : 10.0.0.0 44904 Bytes 12/1/2010 00:13:16
AVREP.DLL : 10.0.0.8 62209 Bytes 6/17/2010 20:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 12/1/2010 00:13:17
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 12/1/2010 00:13:17
AVARKT.DLL : 10.0.22.6 231784 Bytes 12/1/2010 00:13:14
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 12/1/2010 00:13:15
SQLITE3.DLL : 3.6.19.0 355688 Bytes 6/17/2010 20:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 12/1/2010 00:13:17
NETNT.DLL : 10.0.0.0 11624 Bytes 6/17/2010 20:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 19:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 12/1/2010 00:13:38

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: E:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, E:, G:, H:, I:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Thursday, December 16, 2010 17:58

Starting search for hidden objects.

The scan of running processes will be started
Scan process 'spider.exe' - '23' Module(s) have been scanned
Scan process 'msdtc.exe' - '39' Module(s) have been scanned
Scan process 'dllhost.exe' - '60' Module(s) have been scanned
Scan process 'dllhost.exe' - '44' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'avscan.exe' - '65' Module(s) have been scanned
Scan process 'avcenter.exe' - '60' Module(s) have been scanned
Scan process 'AAWTray.exe' - '18' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '41' Module(s) have been scanned
Scan process 'unsecapp.exe' - '35' Module(s) have been scanned
Scan process 'AAWService.exe' - '92' Module(s) have been scanned
Scan process 'alg.exe' - '32' Module(s) have been scanned
Scan process 'WDDMService.exe' - '24' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '14' Module(s) have been scanned
Scan process 'avshadow.exe' - '24' Module(s) have been scanned
Scan process 'svchost.exe' - '40' Module(s) have been scanned
Scan process 'sprtlisten.exe' - '27' Module(s) have been scanned
Scan process 'jqs.exe' - '32' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '32' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '44' Module(s) have been scanned
Scan process 'avguard.exe' - '54' Module(s) have been scanned
Scan process 'psi.exe' - '84' Module(s) have been scanned
Scan process 'BTTray.exe' - '43' Module(s) have been scanned
Scan process 'ISUSPM.exe' - '21' Module(s) have been scanned
Scan process 'avgnt.exe' - '43' Module(s) have been scanned
Scan process 'svchost.exe' - '33' Module(s) have been scanned
Scan process 'sched.exe' - '51' Module(s) have been scanned
Scan process 'spoolsv.exe' - '59' Module(s) have been scanned
Scan process 'Explorer.EXE' - '96' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'svchost.exe' - '31' Module(s) have been scanned
Scan process 'svchost.exe' - '162' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '50' Module(s) have been scanned
Scan process 'lsass.exe' - '57' Module(s) have been scanned
Scan process 'services.exe' - '26' Module(s) have been scanned
Scan process 'winlogon.exe' - '65' Module(s) have been scanned
Scan process 'csrss.exe' - '12' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Boot sector 'G:\'
[INFO] No virus was found!
Boot sector 'H:\'
[INFO] No virus was found!
Boot sector 'I:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '1773' files ).


Starting the file scan:

Begin scan in 'C:\'
Begin scan in 'E:\' <SimpleDrive>
Begin scan in 'G:\' <WDprt1games>
G:\System Volume Information\_restore{8D12E375-91C0-4FC8-A471-0BDF31870CFB}\RP22\A0004007.exe
[DETECTION] Is the TR/Crypt.ZPACK.Gen2 Trojan
Begin scan in 'H:\' <WDprt2pixal>
Begin scan in 'I:\' <WDprt3misc>

Beginning disinfection:
G:\System Volume Information\_restore{8D12E375-91C0-4FC8-A471-0BDF31870CFB}\RP22\A0004007.exe
[DETECTION] Is the TR/Crypt.ZPACK.Gen2 Trojan
[NOTE] The file was moved to the quarantine directory under the name '478d7805.qua'.


End of the scan: Thursday, December 16, 2010 21:43
Used time: 3:42:18 Hour(s)

The scan has been done completely.

10123 Scanned directories
345417 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
345416 Files not concerned
3585 Archives were scanned
0 Warnings
1 Notes
376919 Objects were scanned with rootkit scan
0 Hidden objects were found
Posted Image

#2 Man'n'Black-4xp Re: [RESOLVED] Avira log

Man'n'Black-4xp

    The XP In The Ointment

  • Topic Starter
  • Members
  • 1,933 posts
  • 167 topics
    • Time Online: 9d 22h 40m 54s
  • Joined November 28, 2010
  • Skin: IP.Board
  • Local time: 08:03 PM
  • Zodiac:Aquarius
  • Gender:Male
  • Location:Midwest
  • OS:Windows XP
  • Country:
Offline

Posted 17 December 2010 - 04:14 AM

I ran this after Avira's routine check graabbed that bug



Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5322

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/16/2010 9:59:07 PM
mbam-log-2010-12-16 (21-59-07).txt

Scan type: Quick scan
Objects scanned: 128286
Time elapsed: 6 minute(s), 14 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Posted Image

#3 Broni Re: [RESOLVED] Avira log

Broni

    Administrator - Malware Annihilator

  • Administrators
  • 35,568 posts
  • 2,103 topics
    • Time Online: 213d 6h 49m 6s
  • Joined October 04, 2004
  • Age: 60
  • Skin: Smartest wide
  • Local time: 06:03 PM
  • Zodiac:Virgo
  • Gender:Male
  • Location:Daly City, CA
  • OS:Windows 8
  • Country:
Online

Posted 17 December 2010 - 04:37 AM

Please, complete ALL steps listed here: http://www.smartestc...ease-read-this/

p22003266.jpg  p22003279.jpgp4279089.jpg


#4 Man'n'Black-4xp Re: [RESOLVED] Avira log

Man'n'Black-4xp

    The XP In The Ointment

  • Topic Starter
  • Members
  • 1,933 posts
  • 167 topics
    • Time Online: 9d 22h 40m 54s
  • Joined November 28, 2010
  • Skin: IP.Board
  • Local time: 08:03 PM
  • Zodiac:Aquarius
  • Gender:Male
  • Location:Midwest
  • OS:Windows XP
  • Country:
Offline

Posted 17 December 2010 - 04:41 AM

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2010-12-16 22:35:36
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 IC35L060AVV207-0 rev.V22OA66A
Running: 30lkn22i.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kwlyrfow.sys


---- Devices - GMER 1.0.15 ----

Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)

AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip Lbd.sys (Boot Driver/Lavasoft AB)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp Lbd.sys (Boot Driver/Lavasoft AB)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp Lbd.sys (Boot Driver/Lavasoft AB)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp Lbd.sys (Boot Driver/Lavasoft AB)

---- EOF - GMER 1.0.15 ----
Posted Image

#5 Man'n'Black-4xp Re: [RESOLVED] Avira log

Man'n'Black-4xp

    The XP In The Ointment

  • Topic Starter
  • Members
  • 1,933 posts
  • 167 topics
    • Time Online: 9d 22h 40m 54s
  • Joined November 28, 2010
  • Skin: IP.Board
  • Local time: 08:03 PM
  • Zodiac:Aquarius
  • Gender:Male
  • Location:Midwest
  • OS:Windows XP
  • Country:
Offline

Posted 17 December 2010 - 04:45 AM

MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x000001fd

Kernel Drivers (total 138):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806EE000 \WINDOWS\system32\hal.dll
0xF7987000 \WINDOWS\system32\KDCOM.DLL
0xF7897000 \WINDOWS\system32\BOOTVID.dll
0xF75A8000 ACPI.sys
0xF7989000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF7597000 pci.sys
0xF75F7000 isapnp.sys
0xF7A4F000 pciide.sys
0xF7707000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF798B000 intelide.sys
0xF7607000 MountMgr.sys
0xF74D8000 ftdisk.sys
0xF798D000 dmload.sys
0xF74B2000 dmio.sys
0xF770F000 PartMgr.sys
0xF7617000 VolSnap.sys
0xF749A000 atapi.sys
0xF7627000 disk.sys
0xF7637000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF747A000 fltmgr.sys
0xF7423000 SYMDS.SYS
0xF7411000 sr.sys
0xF7647000 Lbd.sys
0xF7B36000 SYMEFA.SYS
0xF787A000 CBUFS.sys
0xF7863000 KSecDD.sys
0xBA773000 Ntfs.sys
0xBA746000 NDIS.sys
0xBA72C000 Mup.sys
0xBA71B000 bdisk.sys
0xBA6B4000 cbvd.sys
0xF7577000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB9BD3000 \SystemRoot\system32\DRIVERS\ialmnt5.sys
0xB9BBF000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF775F000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB9B9B000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF7767000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB9B83000 \SystemRoot\system32\DRIVERS\Rtnicxp.sys
0xF776F000 \SystemRoot\system32\DRIVERS\fdc.sys
0xF7567000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF7777000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF777F000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF7557000 \SystemRoot\system32\DRIVERS\serial.sys
0xBA627000 \SystemRoot\system32\DRIVERS\serenum.sys
0xB9B6F000 \SystemRoot\system32\DRIVERS\parport.sys
0xF7547000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7537000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF7527000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB9B4C000 \SystemRoot\system32\DRIVERS\ks.sys
0xF7787000 \SystemRoot\system32\drivers\InCDPass.sys
0xF7517000 \SystemRoot\system32\drivers\InCDRm.sys
0xB9AC6000 \SystemRoot\system32\drivers\smwdm.sys
0xB9AA2000 \SystemRoot\system32\drivers\portcls.sys
0xF7507000 \SystemRoot\system32\drivers\drmk.sys
0xF79AB000 \SystemRoot\system32\drivers\aeaudio.sys
0xB99C0000 \SystemRoot\system32\DRIVERS\btkrnl.sys
0xF7AA3000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF74F7000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xBA61B000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB99A9000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xBA5AB000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xBA59B000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF778F000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB98F8000 \SystemRoot\system32\DRIVERS\psched.sys
0xBA58B000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF779F000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF77A7000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB9803000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xBA57B000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF79B1000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB97A5000 \SystemRoot\system32\DRIVERS\update.sys
0xBA5FF000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF77FF000 \SystemRoot\system32\DRIVERS\btport.sys
0xF7687000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF76D7000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF79C9000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF780F000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xB9959000 \SystemRoot\System32\Drivers\btwusb.sys
0xB9949000 \SystemRoot\system32\drivers\NAV\1201000.025\SRTSPX.SYS
0xB11B7000 \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
0xF79DF000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7AC1000 \SystemRoot\System32\Drivers\Null.SYS
0xF79E1000 \SystemRoot\System32\Drivers\Beep.SYS
0xF773F000 \SystemRoot\System32\drivers\vga.sys
0xF79E3000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF79E5000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xB98F4000 \SystemRoot\System32\Drivers\InCDrec.SYS
0xB117B000 \SystemRoot\system32\drivers\InCDFs.sys
0xF7747000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF774F000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB98F0000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xB1168000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xB110F000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xB10B6000 \SystemRoot\system32\drivers\NAV\1201000.025\SYMTDI.SYS
0xB108E000 \SystemRoot\system32\DRIVERS\netbt.sys
0xB106C000 \SystemRoot\System32\drivers\afd.sys
0xB9939000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF7757000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0xB1041000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xB98E0000 \SystemRoot\SYSTEM32\DRIVERS\OMCI.SYS
0xB0FD1000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xB9919000 \SystemRoot\System32\Drivers\Fips.SYS
0xB0FAB000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xB95B3000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xB95A3000 \SystemRoot\system32\DRIVERS\LVCD.sys
0xB0F98000 \SystemRoot\system32\DRIVERS\LVCam2.dll
0xB0F30000 \SystemRoot\system32\DRIVERS\LVCodek2.dll
0xB9593000 \SystemRoot\system32\DRIVERS\STREAM.SYS
0xB0F0A000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xB9523000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xB960B000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xB1349000 \SystemRoot\system32\DRIVERS\wdcsam.sys
0xB0C3F000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF79BB000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB95D7000 \SystemRoot\System32\drivers\Dxapi.sys
0xF77F7000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xB13CD000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF020000 \SystemRoot\System32\ialmdnt5.dll
0xBF012000 \SystemRoot\System32\ialmrnt5.dll
0xBF03F000 \SystemRoot\System32\ialmdev5.DLL
0xBF05E000 \SystemRoot\System32\ialmdd5.DLL
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xB0BB2000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xB0B92000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB08E6000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xB080D000 \SystemRoot\System32\Drivers\Udfs.SYS
0xB07F8000 \SystemRoot\system32\drivers\wdmaud.sys
0xB9979000 \SystemRoot\system32\drivers\sysaudio.sys
0xB05E5000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xF7A05000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xB04D9000 \??\C:\WINDOWS\system32\drivers\PfModNT.sys
0xB0385000 \SystemRoot\system32\DRIVERS\srv.sys
0xAFF6A000 \SystemRoot\System32\Drivers\HTTP.sys
0xAEC07000 \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kwlyrfow.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 35):
0 System Idle Process
4 System
688 C:\WINDOWS\system32\smss.exe
756 csrss.exe
780 C:\WINDOWS\system32\winlogon.exe
824 C:\WINDOWS\system32\services.exe
840 C:\WINDOWS\system32\lsass.exe
1020 C:\WINDOWS\system32\svchost.exe
1128 svchost.exe
1224 C:\WINDOWS\system32\svchost.exe
1340 svchost.exe
1600 svchost.exe
1812 C:\WINDOWS\system32\spoolsv.exe
1872 E:\Program Files\Avira\AntiVir Desktop\sched.exe
2024 svchost.exe
656 E:\Program Files\Avira\AntiVir Desktop\avguard.exe
672 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
708 C:\Program Files\Bonjour\mDNSResponder.exe
800 C:\Program Files\Java\jre6\bin\jqs.exe
1192 C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
1468 C:\WINDOWS\system32\svchost.exe
1564 E:\Program Files\Avira\AntiVir Desktop\avshadow.exe
1264 wdfmgr.exe
520 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
2604 alg.exe
1152 C:\WINDOWS\system32\dllhost.exe
3836 msdtc.exe
2508 C:\WINDOWS\explorer.exe
2836 E:\Program Files\Avira\AntiVir Desktop\avgnt.exe
2784 C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe
3384 E:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
3300 E:\Program Files\Secunia\PSI\psi.exe
932 E:\Program Files\Mozilla Firefox\Mozilla Firefox 4.0 Beta 7\firefox.exe
1368 C:\Documents and Settings\Administrator\Desktop\MBRCheck.exe
2720 C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\agent.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\E: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS)
\\.\G: --> \\.\PhysicalDrive2 at offset 0x00000000`00007e00 (NTFS)
\\.\H: --> \\.\PhysicalDrive2 at offset 0x0000004d`922df200 (NTFS)
\\.\I: --> \\.\PhysicalDrive2 at offset 0x00000099`5318fa00 (NTFS)

PhysicalDrive0 Model Number: IC35L060AVV207-0, Rev: V22OA66A
PhysicalDrive1 Model Number: STECHSimple Drive, Rev: 1.04
PhysicalDrive2 Model Number: WDMy Book 1110, Rev: 1030

Size Device Name MBR Status
--------------------------------------------
37 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
149 GB \\.\PhysicalDrive1 RE: Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
930 GB \\.\PhysicalDrive2 RE: Unknown MBR code
SHA1: 639AC5CDF8A5CF3245975932C6A4215450A7B98F


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!
Posted Image

#6 Broni Re: [RESOLVED] Avira log

Broni

    Administrator - Malware Annihilator

  • Administrators
  • 35,568 posts
  • 2,103 topics
    • Time Online: 213d 6h 49m 6s
  • Joined October 04, 2004
  • Age: 60
  • Skin: Smartest wide
  • Local time: 06:03 PM
  • Zodiac:Virgo
  • Gender:Male
  • Location:Daly City, CA
  • OS:Windows 8
  • Country:
Online

Posted 17 December 2010 - 04:48 AM

So far, all good :)
Go on....

p22003266.jpg  p22003279.jpgp4279089.jpg


#7 Man'n'Black-4xp Re: [RESOLVED] Avira log

Man'n'Black-4xp

    The XP In The Ointment

  • Topic Starter
  • Members
  • 1,933 posts
  • 167 topics
    • Time Online: 9d 22h 40m 54s
  • Joined November 28, 2010
  • Skin: IP.Board
  • Local time: 08:03 PM
  • Zodiac:Aquarius
  • Gender:Male
  • Location:Midwest
  • OS:Windows XP
  • Country:
Offline

Posted 17 December 2010 - 04:49 AM

STEP 4.
Please, download DDS from one of the 2 mirrors and save it to your desktop.

Mirror 1
Mirror 2


BAD LINKS
Posted Image

#8 Broni Re: [RESOLVED] Avira log

Broni

    Administrator - Malware Annihilator

  • Administrators
  • 35,568 posts
  • 2,103 topics
    • Time Online: 213d 6h 49m 6s
  • Joined October 04, 2004
  • Age: 60
  • Skin: Smartest wide
  • Local time: 06:03 PM
  • Zodiac:Virgo
  • Gender:Male
  • Location:Daly City, CA
  • OS:Windows 8
  • Country:
Online

Posted 17 December 2010 - 04:54 AM

They work just fine for me...
Zipped DDS attached

p22003266.jpg  p22003279.jpgp4279089.jpg


#9 Man'n'Black-4xp Re: [RESOLVED] Avira log

Man'n'Black-4xp

    The XP In The Ointment

  • Topic Starter
  • Members
  • 1,933 posts
  • 167 topics
    • Time Online: 9d 22h 40m 54s
  • Joined November 28, 2010
  • Skin: IP.Board
  • Local time: 08:03 PM
  • Zodiac:Aquarius
  • Gender:Male
  • Location:Midwest
  • OS:Windows XP
  • Country:
Offline

Posted 17 December 2010 - 04:59 AM

dds.scr

this what i keep getting or a pif txt
Posted Image

#10 Broni Re: [RESOLVED] Avira log

Broni

    Administrator - Malware Annihilator

  • Administrators
  • 35,568 posts
  • 2,103 topics
    • Time Online: 213d 6h 49m 6s
  • Joined October 04, 2004
  • Age: 60
  • Skin: Smartest wide
  • Local time: 06:03 PM
  • Zodiac:Virgo
  • Gender:Male
  • Location:Daly City, CA
  • OS:Windows 8
  • Country:
Online

Posted 17 December 2010 - 05:11 AM

Double click on the file to run it.

p22003266.jpg  p22003279.jpgp4279089.jpg


#11 Man'n'Black-4xp Re: [RESOLVED] Avira log

Man'n'Black-4xp

    The XP In The Ointment

  • Topic Starter
  • Members
  • 1,933 posts
  • 167 topics
    • Time Online: 9d 22h 40m 54s
  • Joined November 28, 2010
  • Skin: IP.Board
  • Local time: 08:03 PM
  • Zodiac:Aquarius
  • Gender:Male
  • Location:Midwest
  • OS:Windows XP
  • Country:
Offline

Posted 17 December 2010 - 05:14 AM

DDS (Ver_10-12-12.02) - NTFSx86
Run by Administrator at 23:12:48.82 on Thu 12/16/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1534.774 [GMT -6:00]

AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
AV: Norton AntiVirus Online *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
E:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
E:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
E:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe
E:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
E:\Program Files\Secunia\PSI\psi.exe
E:\Program Files\Mozilla Firefox\Mozilla Firefox 4.0 Beta 7\firefox.exe
I:\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://sn133w.snt133.mail.live.com/default.aspx?wa=wsignin1.0
uWindow Title = Windows Internet Explorer provided by Microsoft
uInternet Settings,ProxyOverride = *.local
BHO: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - No File
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - c:\program files\wot\WOT.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\program files\wot\WOT.dll
TB: Reasonable Antiphishing 2.0: {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll
uRun: [ISUSPM] "c:\documents and settings\all users\application data\flexnet\connect\11\ISUSPM.exe" -scheduler
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [avgnt] "e:\program files\avira\antivir desktop\avgnt.exe" /min
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\secuni~1.lnk - e:\program files\secunia\psi\psi.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - e:\program files\widcomm\bluetooth software\BTTray.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - e:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.3.13.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
Notify: igfxcui - igfxsrvc.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\6d716cf2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.smartestcomputing.us.com/index
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\nuance\pdf reader\bin\nppdf.dll
FF - plugin: c:\program files\nuance\pdf reader\bin\nppdf.dll
FF - plugin: e:\program files\quicktime\plugins\npqtplugin.dll
FF - plugin: e:\program files\quicktime\plugins\npqtplugin2.dll
FF - plugin: e:\program files\quicktime\plugins\npqtplugin3.dll
FF - plugin: e:\program files\quicktime\plugins\npqtplugin4.dll
FF - plugin: e:\program files\quicktime\plugins\npqtplugin5.dll
FF - plugin: e:\program files\quicktime\plugins\npqtplugin6.dll
FF - plugin: e:\program files\quicktime\plugins\npqtplugin7.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - e:\program files\mozilla firefox\mozilla firefox 4.0 beta 7\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Photobucket Uploader em:version=1.3>: pbupload@photobucket.com - %profile%\extensions\pbupload@photobucket.com
FF - Ext: Search Engine Security: {197573FA-9BF9-11DF-9D68-A441DFD72085} - %profile%\extensions\{197573FA-9BF9-11DF-9D68-A441DFD72085}

============= SERVICES / DRIVERS ===============

R0 bdisk;COMODO Disk Raw Access Filter;c:\windows\system32\drivers\bdisk.sys [2010-12-2 73416]
R0 CBUfs;CBUFS;c:\windows\system32\drivers\cbufs.sys [2010-12-2 123240]
R0 cbvd;Comodo Encrypted Virtual Disk;c:\windows\system32\drivers\CBVD.sys [2010-12-2 428248]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-12-14 64288]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nav\1201000.025\SymDS.sys [2010-11-9 339504]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nav\1201000.025\SymEFA.sys [2010-11-9 666672]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;e:\program files\avira\antivir desktop\sched.exe [2010-12-13 135336]
R2 AntiVirService;Avira AntiVir Guard;e:\program files\avira\antivir desktop\avguard.exe [2010-12-13 267944]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-12-12 61960]
R2 sprtlisten;SupportSoft Listener Service;c:\program files\common files\supportsoft\bin\sprtlisten.exe [2008-1-8 1213728]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2009-10-14 98304]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2010-10-4 11520]
S1 avgio;avgio;e:\program files\avira\antivir desktop\avgio.sys [2010-12-13 11608]
S1 BHDrvx86;BHDrvx86;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\bashdefs\20101123.003\bhdrvx86.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\bashdefs\20101123.003\BHDrvx86.sys [?]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nav\1201000.025\Ironx86.sys [2010-11-9 134704]
S2 COSService.exe;Comodo Online Storage Service;e:\my works\back it up\comodo\comodo backup\cosservice.exe --> e:\my works\back it up\comodo\comodo backup\COSService.exe [?]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-12-3 1389400]
S2 NAV;Norton AntiVirus;"c:\program files\norton antivirus\engine\18.1.0.37\ccsvchst.exe" /s "nav" /m "c:\program files\norton antivirus\engine\18.1.0.37\dimaster.dll" /prefetch:1 --> c:\program files\norton antivirus\engine\18.1.0.37\ccSvcHst.exe [?]
S2 SynchronizationService.exe;Comodo BackUp Service;e:\my works\back it up\comodo\comodo backup\synchronizationservice.exe --> e:\my works\back it up\comodo\comodo backup\SynchronizationService.exe [?]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336]
S3 IDSxpx86;IDSxpx86;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\ipsdefs\20101208.001\idsxpx86.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\ipsdefs\20101208.001\IDSxpx86.sys [?]
S3 NAVENG;NAVENG;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\virusdefs\20101208.002\naveng.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\virusdefs\20101208.002\NAVENG.SYS [?]
S3 NAVEX15;NAVEX15;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\virusdefs\20101208.002\navex15.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\virusdefs\20101208.002\NAVEX15.SYS [?]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-7-7 14904]
S3 reparse;Reparse;c:\windows\system32\drivers\cbreparse.sys [2010-12-2 427608]
S4 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\western digital\wd smartware\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]

=============== Created Last 30 ================

2010-12-17 04:15:35 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-12-14 20:19:59 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-12-14 20:19:52 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-12-14 20:12:31 -------- d-----w- c:\docume~1\admini~1\locals~1\applic~1\Sunbelt Software
2010-12-14 18:53:36 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-14 08:05:09 -------- d-----w- c:\program files\Bonjour
2010-12-14 07:52:41 159744 -c--a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2010-12-14 07:52:41 159744 -c--a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2010-12-14 07:52:41 159744 -c--a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2010-12-14 07:52:41 159744 -c--a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2010-12-14 07:52:41 159744 -c--a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2010-12-14 07:52:41 159744 -c--a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2010-12-14 07:52:41 159744 -c--a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2010-12-13 22:03:59 -------- d-----w- c:\windows\system32\wbem\repository\FS
2010-12-13 22:03:59 -------- d-----w- c:\windows\system32\wbem\Repository
2010-12-13 22:03:31 -------- d-----w- c:\docume~1\alluse~1\applic~1\Avira
2010-12-13 22:03:31 -------- d-----w- c:\docume~1\admini~1\applic~1\Avira
2010-12-13 21:49:16 -------- d-----w- c:\docume~1\alluse~1\applic~1\Avira(2)
2010-12-13 08:23:48 201344 ----a-w- c:\windows\system32\drivers\sfi.dat
2010-12-13 06:33:14 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2010-12-13 06:33:14 1060864 ----a-w- c:\windows\system32\mfc71.dll
2010-12-12 06:04:54 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-12-12 04:46:50 -------- d-----w- c:\docume~1\admini~1\applic~1\GetRightToGo
2010-12-12 04:32:32 -------- dc----w- c:\docume~1\alluse~1\applic~1\Boxtools
2010-12-09 23:32:49 -------- dc-h--w- c:\docume~1\alluse~1\applic~1\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
2010-12-09 23:32:04 -------- d-----w- c:\program files\Lavasoft
2010-12-04 23:15:42 -------- d-----w- c:\docume~1\admini~1\applic~1\Skinux
2010-12-04 09:36:01 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-12-04 09:36:01 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-12-04 09:35:59 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-12-04 09:35:59 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-12-04 09:31:52 62976 -c----w- c:\windows\system32\dllcache\cdrom.sys
2010-12-04 09:31:52 465920 -c----w- c:\windows\system32\dllcache\imapi2fs.dll
2010-12-04 09:31:52 465920 ------w- c:\windows\system32\imapi2fs.dll
2010-12-04 09:31:52 317952 -c----w- c:\windows\system32\dllcache\imapi2.dll
2010-12-04 09:31:52 317952 ------w- c:\windows\system32\imapi2.dll
2010-12-04 04:43:58 -------- d-----w- c:\program files\Speccy
2010-12-03 18:53:25 -------- d-----w- c:\docume~1\admini~1\applic~1\DonationCoder
2010-12-03 18:52:02 -------- dc----w- c:\docume~1\alluse~1\applic~1\DonationCoder
2010-12-03 07:22:48 -------- d-----w- c:\docume~1\admini~1\locals~1\applic~1\Mozilla
2010-12-03 07:02:16 -------- d-----w- c:\docume~1\admini~1\locals~1\applic~1\PCHealth
2010-12-02 12:59:52 73416 ----a-w- c:\windows\system32\drivers\bdisk.sys
2010-12-02 12:59:44 123240 ----a-w- c:\windows\system32\drivers\cbufs.sys
2010-12-02 12:59:38 428248 ----a-w- c:\windows\system32\drivers\CBVD.sys
2010-12-02 12:59:32 573856 ----a-w- c:\windows\system32\drivers\vdbus.sys
2010-12-02 12:59:26 427608 ----a-w- c:\windows\system32\drivers\cbreparse.sys
2010-12-02 08:21:31 -------- d-----w- c:\windows\system32\XPSViewer
2010-12-02 08:20:08 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-12-02 08:19:35 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-12-02 08:19:35 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-12-02 08:19:35 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-12-02 08:19:35 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-12-02 08:19:35 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-12-02 08:19:35 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-12-02 08:19:35 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-12-02 08:19:35 117760 ------w- c:\windows\system32\prntvpt.dll
2010-12-02 06:45:41 178 ----a-w- c:\windows\system32\systemkc.sys
2010-12-02 06:45:41 178 ----a-w- C:\rootdrv.drv
2010-12-02 06:45:34 602 ----a-w- c:\windows\pscw9561.sys
2010-12-01 21:57:57 -------- dc----w- c:\windows\ie8updates
2010-12-01 21:57:10 -------- d-----w- c:\program files\MSXML 4.0
2010-12-01 15:54:43 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-12-01 15:54:13 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2010-12-01 15:54:12 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2010-12-01 15:53:56 138496 -c----w- c:\windows\system32\dllcache\afd.sys
2010-12-01 15:53:45 357248 -c----w- c:\windows\system32\dllcache\srv.sys
2010-12-01 15:53:11 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2010-12-01 15:53:02 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-12-01 15:52:42 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-12-01 15:52:42 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-12-01 15:52:23 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-12-01 10:37:29 218112 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-12-01 10:36:26 2189952 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-12-01 10:36:26 2146304 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-12-01 10:36:25 2066816 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-12-01 10:36:25 2024448 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-12-01 10:35:45 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-12-01 10:35:44 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-12-01 10:35:41 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-12-01 10:35:41 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-12-01 10:35:31 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-12-01 10:35:31 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-12-01 10:35:24 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-12-01 10:33:16 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2010-12-01 10:33:14 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2010-12-01 10:26:52 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-12-01 10:19:29 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-12-01 10:19:29 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-12-01 10:19:29 110592 -c----w- c:\windows\system32\dllcache\services.exe
2010-12-01 10:19:28 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-12-01 10:19:28 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-12-01 10:19:28 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-12-01 10:19:28 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-12-01 10:19:27 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-12-01 10:10:25 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-12-01 10:09:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-12-01 09:58:15 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2010-12-01 09:58:15 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-12-01 07:08:53 -------- d-----w- c:\windows\system32\PreInstall
2010-12-01 07:08:25 -------- d--h--w- c:\windows\$hf_mig$
2010-12-01 06:09:45 -------- d-----w- c:\windows\system32\SoftwareDistribution
2010-12-01 06:09:31 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-12-01 05:40:56 9728 ------w- c:\windows\system32\ativdaxx.ax
2010-12-01 05:37:07 -------- d-----w- c:\windows\ServicePackFiles
2010-12-01 05:36:36 294912 ------w- c:\program files\windows media player\dlimport.exe
2010-12-01 05:36:29 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2010-12-01 01:58:19 -------- d-----w- c:\docume~1\admini~1\locals~1\applic~1\Apple
2010-12-01 01:57:25 -------- d-----w- c:\docume~1\admini~1\locals~1\applic~1\Apple Computer
2010-12-01 01:39:52 -------- d-----w- c:\program files\WOT
2010-11-30 04:38:28 -------- d-----w- c:\program files\ESET
2010-11-30 03:12:45 472808 ------w- c:\windows\system32\deployJava1.dll
2010-11-29 23:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 23:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-28 23:44:45 -------- d-sh--r- C:\cmdcons
2010-11-27 22:45:22 -------- d-----w- c:\docume~1\admini~1\applic~1\Malwarebytes
2010-11-27 22:45:04 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-27 22:45:02 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-27 22:45:02 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-11-26 19:41:23 161296 ------w- c:\windows\system32\drivers\tmcomm.sys
2010-11-26 07:20:59 -------- d-----w- c:\program files\Defraggler
2010-11-25 21:40:57 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-11-25 08:23:41 -------- d-----w- c:\docume~1\admini~1\locals~1\applic~1\WeatherBug
2010-11-25 08:23:26 -------- d-----w- c:\docume~1\admini~1\applic~1\WeatherBug
2010-11-25 08:23:18 18944 -c----r- c:\docume~1\admini~1\applic~1\microsoft\installer\{8f018a9e-56de-4a79-a5ef-25f413f1d538}\IconBB6A16301.exe
2010-11-24 05:21:50 -------- d-----w- c:\program files\common files\DTI
2010-11-18 18:12:44 81920 -c----w- c:\windows\system32\dllcache\isign32.dll
2010-11-18 07:30:28 -------- d-----w- c:\program files\SystemRequirementsLab
2010-11-18 04:37:43 -------- d-----w- c:\docume~1\admini~1\applic~1\DriverCure
2010-11-18 04:37:42 -------- d-----w- c:\docume~1\admini~1\applic~1\ParetoLogic
2010-11-17 05:50:00 -------- d-----w- c:\docume~1\admini~1\applic~1\RegistryKeys
2010-11-17 05:45:46 -------- d-----w- c:\docume~1\admini~1\applic~1\com.w3i.FlipToast
2010-11-17 05:44:11 -------- dc----w- c:\program files\FlipToast

==================== Find3M ====================

2010-11-20 04:32:41 21840 -c---tw- c:\windows\system32\SIntfNT.dll
2010-11-20 04:32:41 17212 -c---tw- c:\windows\system32\SIntf32.dll
2010-11-20 04:32:41 12067 -c---tw- c:\windows\system32\SIntf16.dll
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-13 07:03:34 1409 ------w- c:\windows\QTFont.for
2010-11-13 02:55:07 398744 ------r- c:\windows\system32\cpnprt2.cid
2010-11-10 00:25:01 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ------w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-08 06:36:43 28672 ------w- c:\windows\system32\qttask.exe
2010-10-07 18:23:02 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-10-07 18:23:02 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2010-10-07 18:23:02 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-10-07 18:23:02 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-09-18 18:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll

============= FINISH: 23:13:59.95 ===============
Posted Image

#12 Man'n'Black-4xp Re: [RESOLVED] Avira log

Man'n'Black-4xp

    The XP In The Ointment

  • Topic Starter
  • Members
  • 1,933 posts
  • 167 topics
    • Time Online: 9d 22h 40m 54s
  • Joined November 28, 2010
  • Skin: IP.Board
  • Local time: 08:03 PM
  • Zodiac:Aquarius
  • Gender:Male
  • Location:Midwest
  • OS:Windows XP
  • Country:
Offline

Posted 17 December 2010 - 05:15 AM

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 10/2/2010 10:00:12 PM
System Uptime: 12/16/2010 5:14:25 PM (6 hours ago)

Motherboard: Dell Computer Corp. | | 0U1324
Processor: Intel® Celeron® CPU 2.00GHz | Microprocessor | 1995/400mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 20 GiB total, 11.218 GiB free.
D: is CDROM (CDFS)
E: is FIXED (NTFS) - 149 GiB total, 130.452 GiB free.
F: is CDROM (UDF)
G: is FIXED (NTFS) - 310 GiB total, 306.437 GiB free.
H: is FIXED (NTFS) - 303 GiB total, 300.761 GiB free.
I: is FIXED (NTFS) - 318 GiB total, 309.517 GiB free.

==== Disabled Device Manager Items =============

Class GUID:
Description: Ethernet Controller
Device ID: PCI\VEN_8086&DEV_100E&SUBSYS_01511028&REV_02\4&1C660DD6&0&60F0
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_8086&DEV_100E&SUBSYS_01511028&REV_02\4&1C660DD6&0&60F0
Service:

==== System Restore Points ===================

RP127: 12/14/2010 5:52:54 PM - shitloads of A\V updates
RP128: 12/15/2010 7:10:30 PM - System Checkpoint
RP129: 12/15/2010 7:12:21 PM - foxy beta test

==== Installed Programs ======================

Ad-Aware
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
American Greetings CreataCard Select 6
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Avira AntiVir Personal - Free Antivirus
Bluetooth by hp
Boggle
Bonjour
Bookworm Adventures Deluxe 1.0
CCleaner
Chuzzle Deluxe 1.01
Coupon Printer for Windows
Defraggler
Dell ResourceCD
DVD Suite
Dynex DX-E102 PCI 10/100Mb Network Adapter
ESET Online Scanner v3
FlipToast
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
Intel® Extreme Graphics 2 Driver
Java Auto Updater
Java™ 6 Update 22
LG ODD Auto Firmware Update
LightScribe 1.6.43.1
Logitech QuickCam
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Age of Empires Gold
Microsoft Age of Empires II
Microsoft Age of Empires II: The Conquerors Expansion
Microsoft Encarta Encyclopedia Standard 2003
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Web Publishing Wizard 1.52
Monopoly by Parker Brothers
Monopoly Here & Now Edition
Mozilla Firefox (3.6.12)
Mozilla Firefox 4.0b7 (x86 en-GB)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 7 Essentials
neroxml
Nuance PDF Reader
Plants vs. Zombies
PowerDVD
PowerProducer
Print Screen W95&NT
Process Tamer 2.11.01
QuickTime
Reasonable Anti-Phishing 2.1
Rimu Schematic version 2.0
Risk (remove only)
RollerCoaster Tycoon 2
RollerCoaster Tycoon 2: Time Twister
RollerCoaster Tycoon 2: Wacky Worlds
RollerCoaster Tycoon Deluxe
Samsung Master
SCRABBLE
Secunia PSI
SecurDisc Viewer
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Shockwave
SoundMAX
Speccy
System Requirements Lab for Intel
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WD SmartWare
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 8
Windows Media Format Runtime
Windows XP Service Pack 3
WinZip
Works Suite OS Pack
WOT for Internet Explorer
Yahtzee
Zuma Deluxe 1.0

==== Event Viewer Messages From Past Week ========

12/14/2010 4:05:57 AM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/14/2010 4:03:52 AM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
12/14/2010 4:03:52 AM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/13/2010 4:58:36 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avgio BHDrvx86 eeCtrl SRTSP SymIRON
12/13/2010 4:49:00 PM, error: Service Control Manager [7000] - The Norton AntiVirus service failed to start due to the following error: The system cannot find the path specified.
12/13/2010 4:05:45 PM, error: Service Control Manager [7000] - The Comodo Online Storage Service service failed to start due to the following error: The system cannot find the file specified.
12/13/2010 4:05:45 PM, error: Service Control Manager [7000] - The Comodo BackUp Service service failed to start due to the following error: The system cannot find the file specified.
12/13/2010 2:05:44 AM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Norton AntiVirus service, but this action failed with the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
12/13/2010 2:03:44 AM, error: Service Control Manager [7031] - The Norton AntiVirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/13/2010 12:41:11 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
12/13/2010 12:41:11 AM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/13/2010 12:36:20 AM, error: Service Control Manager [7000] - The Comodo Online Storage Service service failed to start due to the following error: Access is denied.
12/13/2010 12:36:20 AM, error: Service Control Manager [7000] - The Comodo BackUp Service service failed to start due to the following error: Access is denied.
12/12/2010 12:09:42 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avgio BHDrvx86 SRTSP SymIRON
12/11/2010 6:23:34 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: avgio
12/11/2010 6:22:47 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system. .
12/11/2010 6:22:47 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL. Reference error message: The operation completed successfully. .
12/11/2010 6:22:47 PM, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.
12/11/2010 6:22:27 PM, error: Dhcp [1002] - The IP address lease 192.168.0.2 for the Network Card with network address 0019E064F2D0 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
12/11/2010 11:56:42 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx86 SRTSP SymIRON
12/11/2010 11:56:24 PM, error: SRTSP [5] - Error loading Symantec real time Anti-Virus driver.
12/11/2010 11:56:24 PM, error: SRTSP [4] - Error loading virus definitions.
12/10/2010 4:25:09 AM, error: Service Control Manager [7034] - The WD SmartWare Drive Manager service terminated unexpectedly. It has done this 1 time(s).
12/10/2010 4:25:09 AM, error: Service Control Manager [7034] - The SupportSoft Listener Service service terminated unexpectedly. It has done this 1 time(s).
12/10/2010 4:25:09 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
12/10/2010 4:25:09 AM, error: Service Control Manager [7031] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

==== End Of File ===========================
Posted Image

#13 Broni Re: [RESOLVED] Avira log

Broni

    Administrator - Malware Annihilator

  • Administrators
  • 35,568 posts
  • 2,103 topics
    • Time Online: 213d 6h 49m 6s
  • Joined October 04, 2004
  • Age: 60
  • Skin: Smartest wide
  • Local time: 06:03 PM
  • Zodiac:Virgo
  • Gender:Male
  • Location:Daly City, CA
  • OS:Windows 8
  • Country:
Online

Posted 17 December 2010 - 06:04 AM

You're running two AV programs, Avira and Norton.
I don't see Norton in Add\Remove, so I assume some leftovers.
Run Norton Removal Tool: http://us.norton.com...0080710133834EN

When done...

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Please, never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  • Double click on combofix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AVG Remover to uninstall it: http://www.avg.com/u.../download-tools
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.



Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.pif
Rkill.exe

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

p22003266.jpg  p22003279.jpgp4279089.jpg


#14 Man'n'Black-4xp Re: [RESOLVED] Avira log

Man'n'Black-4xp

    The XP In The Ointment

  • Topic Starter
  • Members
  • 1,933 posts
  • 167 topics
    • Time Online: 9d 22h 40m 54s
  • Joined November 28, 2010
  • Skin: IP.Board
  • Local time: 08:03 PM
  • Zodiac:Aquarius
  • Gender:Male
  • Location:Midwest
  • OS:Windows XP
  • Country:
Offline

Posted 17 December 2010 - 06:16 AM

Run Norton Removal Tool: http://us.norton.com...0080710133834EN

this has been run 3x all ready you want a 4th one?
Posted Image

#15 Broni Re: [RESOLVED] Avira log

Broni

    Administrator - Malware Annihilator

  • Administrators
  • 35,568 posts
  • 2,103 topics
    • Time Online: 213d 6h 49m 6s
  • Joined October 04, 2004
  • Age: 60
  • Skin: Smartest wide
  • Local time: 06:03 PM
  • Zodiac:Virgo
  • Gender:Male
  • Location:Daly City, CA
  • OS:Windows 8
  • Country:
Online

Posted 17 December 2010 - 06:19 AM

I wasn't aware of you running the tool already.
In that case, proceed with Combofix and we'll start removing Norton manually.

p22003266.jpg  p22003279.jpgp4279089.jpg


#16 Man'n'Black-4xp Re: [RESOLVED] Avira log

Man'n'Black-4xp

    The XP In The Ointment

  • Topic Starter
  • Members
  • 1,933 posts
  • 167 topics
    • Time Online: 9d 22h 40m 54s
  • Joined November 28, 2010
  • Skin: IP.Board
  • Local time: 08:03 PM
  • Zodiac:Aquarius
  • Gender:Male
  • Location:Midwest
  • OS:Windows XP
  • Country:
Offline

Posted 17 December 2010 - 06:33 AM

In that case, proceed with Combofix and we'll start removing Norton manually.

combo fix freaked out concerning norton,still pro ced?
I ve poted about norton removal a couple of times, {still unresolved} about its refusal to go away.
Posted Image

#17 Man'n'Black-4xp Re: [RESOLVED] Avira log

Man'n'Black-4xp

    The XP In The Ointment

  • Topic Starter
  • Members
  • 1,933 posts
  • 167 topics
    • Time Online: 9d 22h 40m 54s
  • Joined November 28, 2010
  • Skin: IP.Board
  • Local time: 08:03 PM
  • Zodiac:Aquarius
  • Gender:Male
  • Location:Midwest
  • OS:Windows XP
  • Country:
Offline

Posted 17 December 2010 - 07:02 AM

This all junk that has been "removed"




R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nav\1201000.025\SymDS.sys [2010-11-9 339504]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nav\1201000.025\SymEFA.sys [2010-11-9 666672]S1 BHDrvx86;BHDrvx86;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\bashdefs\20101123.003\bhdrvx86.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\bashdefs\20101123.003\BHDrvx86.sys [?]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nav\1201000.025\Ironx86.sys [2010-11-9 134704]
S2 COSService.exe;Comodo Online Storage Service;e:\my works\back it up\comodo\comodo backup\cosservice.exe --> e:\my works\back it up\comodo\comodo backup\COSService.exe [?]S2 NAV;Norton AntiVirus;"c:\program files\norton antivirus\engine\18.1.0.37\ccsvchst.exe" /s "nav" /m "c:\program files\norton antivirus\engine\18.1.0.37\dimaster.dll" /prefetch:1 --> c:\program files\norton antivirus\engine\18.1.0.37\ccSvcHst.exe [?]
S2 SynchronizationService.exe;Comodo BackUp Service;e:\my works\back it up\comodo\comodo backup\synchronizationservice.exe --> e:\my works\back it up\comodo\comodo backup\SynchronizationService.exe [?]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336]
S3 IDSxpx86;IDSxpx86;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\ipsdefs\20101208.001\idsxpx86.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\ipsdefs\20101208.001\IDSxpx86.sys [?]
S3 NAVENG;NAVENG;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\virusdefs\20101208.002\naveng.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\virusdefs\20101208.002\NAVENG.SYS [?]
S3 NAVEX15;NAVEX15;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\virusdefs\20101208.002\navex15.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\virusdefs\20101208.002\NAVEX15.SYS [?]


Posted Image

#18 Man'n'Black-4xp Re: [RESOLVED] Avira log

Man'n'Black-4xp

    The XP In The Ointment

  • Topic Starter
  • Members
  • 1,933 posts
  • 167 topics
    • Time Online: 9d 22h 40m 54s
  • Joined November 28, 2010
  • Skin: IP.Board
  • Local time: 08:03 PM
  • Zodiac:Aquarius
  • Gender:Male
  • Location:Midwest
  • OS:Windows XP
  • Country:
Offline

Posted 17 December 2010 - 07:18 AM

Re-ran norton remover
Posted Image

#19 Man'n'Black-4xp Re: [RESOLVED] Avira log

Man'n'Black-4xp

    The XP In The Ointment

  • Topic Starter
  • Members
  • 1,933 posts
  • 167 topics
    • Time Online: 9d 22h 40m 54s
  • Joined November 28, 2010
  • Skin: IP.Board
  • Local time: 08:03 PM
  • Zodiac:Aquarius
  • Gender:Male
  • Location:Midwest
  • OS:Windows XP
  • Country:
Offline

Posted 17 December 2010 - 07:42 AM

ComboFix ran fine this time,though I'll bet norton will pop up again.....



ComboFix 10-12-16.02 - Administrator 12/17/2010 1:23.3.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1534.959 [GMT -6:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrator\Recent\Thumbs.db

.
((((((((((((((((((((((((( Files Created from 2010-11-17 to 2010-12-17 )))))))))))))))))))))))))))))))
.

2010-12-17 07:05 . 2010-12-17 07:05 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2010-12-17 04:15 . 2010-12-03 09:05 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-12-14 20:19 . 2010-12-03 09:05 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-12-14 20:19 . 2010-12-14 20:19 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-12-14 20:12 . 2010-12-14 20:12 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Sunbelt Software
2010-12-14 18:53 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-14 08:05 . 2010-12-14 08:17 -------- d-----w- c:\program files\Bonjour
2010-12-14 07:52 . 2010-12-14 07:52 159744 -c--a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin7.dll
2010-12-14 07:52 . 2010-12-14 07:52 159744 -c--a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin6.dll
2010-12-14 07:52 . 2010-12-14 07:52 159744 -c--a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll
2010-12-14 07:52 . 2010-12-14 07:52 159744 -c--a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll
2010-12-14 07:52 . 2010-12-14 07:52 159744 -c--a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll
2010-12-14 07:52 . 2010-12-14 07:52 159744 -c--a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll
2010-12-14 07:52 . 2010-12-14 07:52 159744 -c--a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin.dll
2010-12-14 07:51 . 2010-12-14 07:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-12-14 07:50 . 2010-12-14 07:50 -------- d-----w- c:\documents and settings\Administrator\Application Data\Apple Computer
2010-12-13 22:03 . 2010-12-13 22:03 -------- d-----w- c:\windows\system32\wbem\Repository
2010-12-13 22:03 . 2010-12-13 22:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2010-12-13 22:03 . 2010-12-13 22:03 -------- d-----w- c:\documents and settings\Administrator\Application Data\Avira
2010-12-13 08:23 . 2010-12-13 22:04 201344 ----a-w- c:\windows\system32\drivers\sfi.dat
2010-12-13 08:02 . 2010-12-13 08:02 -------- d-----w- c:\windows\system32\config\systemprofile\IETldCache
2010-12-13 08:00 . 2010-12-13 08:00 -------- d-----w- c:\windows\system32\config\systemprofile\PrivacIE
2010-12-13 06:33 . 2010-12-13 06:33 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2010-12-13 06:33 . 2010-12-13 06:33 1060864 ----a-w- c:\windows\system32\mfc71.dll
2010-12-12 06:04 . 2010-12-01 00:48 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-12-12 06:04 . 2010-12-01 00:13 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-12-12 06:04 . 2010-06-17 20:27 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-12-12 06:04 . 2010-06-17 20:27 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-12-12 04:46 . 2010-12-12 04:47 -------- d-----w- c:\documents and settings\Administrator\Application Data\GetRightToGo
2010-12-12 04:32 . 2010-12-13 22:59 -------- dc----w- c:\documents and settings\All Users\Application Data\Boxtools
2010-12-09 23:32 . 2010-12-14 20:11 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
2010-12-09 23:32 . 2010-12-09 23:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2010-12-09 23:32 . 2010-12-09 23:32 -------- d-----w- c:\program files\Lavasoft
2010-12-04 23:15 . 2010-12-04 23:15 -------- d-----w- c:\documents and settings\Administrator\Application Data\Skinux
2010-12-04 09:36 . 2008-04-14 11:42 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-12-04 09:36 . 2001-08-18 04:36 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-12-04 09:35 . 2008-04-14 06:15 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-12-04 09:35 . 2008-04-14 06:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-12-04 09:31 . 2008-05-02 13:25 465920 -c----w- c:\windows\system32\dllcache\imapi2fs.dll
2010-12-04 09:31 . 2008-05-02 13:25 465920 ------w- c:\windows\system32\imapi2fs.dll
2010-12-04 09:31 . 2008-05-02 13:25 317952 -c----w- c:\windows\system32\dllcache\imapi2.dll
2010-12-04 09:31 . 2008-05-02 13:25 317952 ------w- c:\windows\system32\imapi2.dll
2010-12-04 09:31 . 2008-05-02 10:49 62976 -c----w- c:\windows\system32\dllcache\cdrom.sys
2010-12-04 04:43 . 2010-12-04 04:44 -------- d-----w- c:\program files\Speccy
2010-12-03 18:53 . 2010-12-03 18:53 -------- d-----w- c:\documents and settings\Administrator\Application Data\DonationCoder
2010-12-03 18:52 . 2010-12-03 18:52 -------- dc----w- c:\documents and settings\All Users\Application Data\DonationCoder
2010-12-03 07:22 . 2010-12-03 07:22 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2010-12-03 07:02 . 2010-12-03 07:02 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\PCHealth
2010-12-02 12:59 . 2010-12-02 12:59 73416 ----a-w- c:\windows\system32\drivers\bdisk.sys
2010-12-02 12:59 . 2010-12-02 12:59 123240 ----a-w- c:\windows\system32\drivers\cbufs.sys
2010-12-02 12:59 . 2010-12-02 12:59 428248 ----a-w- c:\windows\system32\drivers\CBVD.sys
2010-12-02 12:59 . 2010-12-02 12:59 573856 ----a-w- c:\windows\system32\drivers\vdbus.sys
2010-12-02 12:59 . 2010-12-02 12:59 427608 ----a-w- c:\windows\system32\drivers\cbreparse.sys
2010-12-02 08:21 . 2010-12-02 08:21 -------- d-----w- c:\windows\system32\XPSViewer
2010-12-02 08:21 . 2010-12-02 08:21 -------- d-----w- c:\program files\MSBuild
2010-12-02 08:20 . 2010-12-02 08:20 -------- d-----w- c:\program files\Reference Assemblies
2010-12-02 08:20 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-12-02 08:19 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-12-02 08:19 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-12-02 08:19 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-12-02 08:19 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-12-02 08:19 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-12-02 08:19 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-12-02 08:19 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-12-02 08:19 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-12-02 06:45 . 2010-12-12 08:57 178 ----a-w- c:\windows\system32\systemkc.sys
2010-12-02 06:45 . 2010-12-12 08:57 178 ----a-w- C:\rootdrv.drv
2010-12-02 06:45 . 2010-12-02 06:45 602 ----a-w- c:\windows\pscw9561.sys
2010-12-01 21:57 . 2010-12-14 20:34 -------- dc----w- c:\windows\ie8updates
2010-12-01 21:57 . 2010-12-01 21:57 -------- d-----w- c:\program files\MSXML 4.0
2010-12-01 15:54 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-12-01 15:54 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2010-12-01 15:54 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2010-12-01 15:53 . 2008-08-14 10:04 138496 -c----w- c:\windows\system32\dllcache\afd.sys
2010-12-01 15:53 . 2010-08-26 13:39 357248 -c----w- c:\windows\system32\dllcache\srv.sys
2010-12-01 15:53 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2010-12-01 15:53 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-12-01 15:52 . 2010-08-27 08:02 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-12-01 15:52 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-12-01 15:52 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-12-01 10:37 . 2010-07-12 12:55 218112 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-12-01 10:36 . 2010-04-28 02:25 2189952 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-12-01 10:36 . 2010-04-27 13:59 2146304 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-12-01 10:36 . 2010-04-27 13:05 2066816 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-12-01 10:36 . 2010-04-27 13:05 2024448 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-12-01 10:35 . 2010-11-06 00:26 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-12-01 10:35 . 2010-11-06 00:26 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-12-01 10:35 . 2010-11-06 00:26 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-12-01 10:35 . 2010-11-06 00:26 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-12-01 10:35 . 2010-11-06 00:26 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-12-01 10:35 . 2010-11-06 00:26 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-12-01 10:35 . 2010-11-06 00:26 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-12-01 10:33 . 2008-05-01 14:33 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2010-12-01 10:33 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2010-12-01 10:26 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-12-01 10:19 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-12-01 10:19 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-12-01 10:19 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2010-12-01 10:19 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-12-01 10:19 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-12-01 10:19 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-12-01 10:19 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-12-01 10:19 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-12-01 10:10 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-12-01 10:09 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-12-01 09:58 . 2010-08-26 12:52 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-12-01 09:58 . 2010-08-16 08:45 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2010-12-01 07:08 . 2010-12-14 20:34 -------- d--h--w- c:\windows\$hf_mig$
2010-12-01 06:09 . 2008-04-14 11:42 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-12-01 05:40 . 2008-04-14 11:42 9728 ------w- c:\windows\system32\ativdaxx.ax
2010-12-01 05:37 . 2010-12-01 05:41 -------- d-----w- c:\windows\ServicePackFiles
2010-12-01 05:36 . 2008-04-14 11:42 294912 ------w- c:\program files\Windows Media Player\dlimport.exe
2010-12-01 05:36 . 2008-04-14 11:42 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2010-12-01 01:59 . 2010-12-14 08:05 -------- d-----w- c:\program files\Common Files\Apple
2010-12-01 01:58 . 2010-12-01 01:58 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Apple
2010-12-01 01:58 . 2010-12-01 01:58 -------- d-----w- c:\program files\Apple Software Update
2010-12-01 01:58 . 2010-12-01 01:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-12-01 01:57 . 2010-12-01 01:57 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Apple Computer
2010-12-01 01:39 . 2010-12-01 01:39 -------- d-----w- c:\program files\WOT
2010-11-30 04:38 . 2010-11-30 04:38 -------- d-----w- c:\program files\ESET
2010-11-30 03:13 . 2010-11-30 03:13 -------- d-----w- c:\program files\Common Files\Java
2010-11-30 03:12 . 2010-09-15 10:50 472808 ------w- c:\windows\system32\deployJava1.dll
2010-11-29 23:38 . 2010-11-29 23:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 23:38 . 2010-11-29 23:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-27 22:45 . 2010-11-27 22:45 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-20 04:32 . 2010-10-04 08:04 21840 -c---tw- c:\windows\system32\SIntfNT.dll
2010-11-20 04:32 . 2010-10-04 08:04 17212 -c---tw- c:\windows\system32\SIntf32.dll
2010-11-20 04:32 . 2010-10-04 08:04 12067 -c---tw- c:\windows\system32\SIntf16.dll
2010-11-18 18:12 . 2010-10-03 02:52 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-13 07:03 . 2010-11-13 07:03 1409 ------w- c:\windows\QTFont.for
2010-11-13 02:55 . 2010-11-13 02:55 398744 ------r- c:\windows\system32\cpnprt2.cid
2010-11-06 00:26 . 2004-08-12 13:33 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26 . 2004-08-12 13:21 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26 . 2004-08-12 13:20 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2004-08-12 13:19 385024 ------w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2004-08-12 13:24 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2004-08-12 13:17 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25 . 2004-08-12 13:33 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-08 06:36 . 2010-10-08 06:36 28672 ------w- c:\windows\system32\qttask.exe
2010-10-07 18:23 . 2010-10-07 18:23 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-10-07 18:23 . 2010-10-07 18:23 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2010-10-07 18:23 . 2010-10-07 18:23 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-10-07 18:23 . 2010-10-07 18:23 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-09-18 18:23 . 2004-08-12 13:21 974848 ----a-w- c:\windows\system32\mfc42u.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSDriveOverlayIcon]
@="{5FDACB62-6B7B-4116-9403-C5E0D3852A57}"
[HKEY_CLASSES_ROOT\CLSID\{5FDACB62-6B7B-4116-9403-C5E0D3852A57}]
2010-12-02 12:59 627120 ----a-w- e:\my works\back it up\comodo\COMODO BackUp\ShellExtension_3.0.171317.130.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\documents and settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-06 222496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-03-15 155648]
"avgnt"="e:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-12-01 281768]

c:\documents and settings\Administrator\Start Menu\Programs\Startup\
Secunia PSI.lnk - e:\program files\Secunia\PSI\psi.exe [2010-7-21 965176]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - e:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-12-6 576104]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^FlipToast.lnk]
path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\FlipToast.lnk
backup=c:\windows\pss\FlipToast.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WDDMStatus.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WDDMStatus.lnk
backup=c:\windows\pss\WDDMStatus.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WDSmartWare.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WDSmartWare.lnk
backup=c:\windows\pss\WDSmartWare.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boxoft Tools]
2010-12-10 22:42 2990592 ----a-w- c:\documents and settings\All Users\Application Data\Boxtools\Boxofttoolbox.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-03-15 10:37 118784 ------w- c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2007-05-15 22:55 1057328 -c--a-w- e:\program files\Nero 7\InCD\InCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2006-12-06 05:55 54832 -c--a-w- e:\program files\CyberLink\PowerDVD\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LGODDFU]
2006-08-17 20:45 249856 -c--a-w- e:\program files\DvD\lg_fwupdate\fwupdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2007-04-19 20:26 484904 -c----w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]
2001-09-24 16:39 98304 -c----w- c:\program files\Common Files\Logitech\QCDriver\LVComS.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 11:42 1695232 --sh--w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 22:57 153136 -c----w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nuance PDF Reader-reminder]
2008-11-03 19:02 328992 -c----w- c:\program files\Nuance\PDF Reader\Ereg\Ereg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 23:38 421888 -c--a-w- e:\program files\quicktime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2006-11-23 22:10 56928 -c----w- e:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
2007-05-15 22:55 1628208 -c--a-w- e:\program files\Nero 7\InCD\NBHGui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WDSmartWareBackgroundService"=2 (0x2)
"NBService"=3 (0x3)
"LightScribeService"=2 (0x2)
"InCDsrv"=2 (0x2)
"RichVideo"=2 (0x2)
"NMIndexingService"=3 (0x3)
"lxcf_device"=3 (0x3)
"btwdins"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"g:\\program files\\games 'n' sh**\\Microsoft Games\\Age of Empires II\\age2_x1\\AGE2_X1.ICD"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

R0 bdisk;COMODO Disk Raw Access Filter;c:\windows\system32\drivers\bdisk.sys [12/2/2010 6:59 AM 73416]
R0 CBUfs;CBUFS;c:\windows\system32\drivers\cbufs.sys [12/2/2010 6:59 AM 123240]
R0 cbvd;Comodo Encrypted Virtual Disk;c:\windows\system32\drivers\CBVD.sys [12/2/2010 6:59 AM 428248]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [12/14/2010 2:19 PM 64288]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;e:\program files\Avira\AntiVir Desktop\sched.exe [12/13/2010 3:49 PM 135336]
R2 sprtlisten;SupportSoft Listener Service;c:\program files\Common Files\supportsoft\bin\sprtlisten.exe [1/8/2008 2:02 PM 1213728]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [10/14/2009 3:31 PM 98304]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [10/4/2010 1:54 AM 11520]
S2 COSService.exe;Comodo Online Storage Service;e:\my works\back it up\comodo\COMODO BackUp\COSService.exe --> e:\my works\back it up\comodo\COMODO BackUp\COSService.exe [?]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [12/3/2010 3:05 AM 1389400]
S2 SynchronizationService.exe;Comodo BackUp Service;e:\my works\back it up\comodo\COMODO BackUp\SynchronizationService.exe --> e:\my works\back it up\comodo\COMODO BackUp\SynchronizationService.exe [?]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [12/18/2009 11:58 AM 11336]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [7/7/2010 8:05 AM 14904]
S3 reparse;Reparse;c:\windows\system32\drivers\cbreparse.sys [12/2/2010 6:59 AM 427608]
S4 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [6/16/2009 10:58 AM 20480]

--- Other Services/Drivers In Memory ---

*Deregistered* - Lavasoft Kernexplorer

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 20:23 452136 -c----w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-12-17 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-12-03 09:05]

2010-12-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://sn133w.snt133.mail.live.com/default.aspx?wa=wsignin1.0
uInternet Settings,ProxyOverride = *.local
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\6d716cf2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.smartestcomputing.us.com/index
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - e:\program files\Mozilla Firefox\Mozilla Firefox 4.0 Beta 7\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: Photobucket Uploader em:version=1.3>: pbupload@photobucket.com - %profile%\extensions\pbupload@photobucket.com
FF - Ext: Search Engine Security: {197573FA-9BF9-11DF-9D68-A441DFD72085} - %profile%\extensions\{197573FA-9BF9-11DF-9D68-A441DFD72085}
.
- - - - ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)
MSConfigStartUp-LXCFCATS - c:\windows\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-17 01:31
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1659004503-1647877149-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,41,b3,4c,96,d6,fb,f2,47,9a,06,78,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,41,b3,4c,96,d6,fb,f2,47,9a,06,78,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,41,b3,4c,96,d6,fb,f2,47,9a,06,78,\

[HKEY_USERS\S-1-5-21-1659004503-1647877149-839522115-500\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2010-12-17 01:35:13
ComboFix-quarantined-files.txt 2010-12-17 07:35

Pre-Run: 11,951,607,808 bytes free
Post-Run: 11,914,584,064 bytes free

- - End Of File - - 5E5A5FF0EA0906BEBC4BE0CB889AEFD1
Posted Image

#20 Man'n'Black-4xp Re: [RESOLVED] Avira log

Man'n'Black-4xp

    The XP In The Ointment

  • Topic Starter
  • Members
  • 1,933 posts
  • 167 topics
    • Time Online: 9d 22h 40m 54s
  • Joined November 28, 2010
  • Skin: IP.Board
  • Local time: 08:03 PM
  • Zodiac:Aquarius
  • Gender:Male
  • Location:Midwest
  • OS:Windows XP
  • Country:
Offline

Posted 17 December 2010 - 07:55 AM

still alot of junk in there...........

h - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\6d716cf2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.smartestcomputing.us.com/index
FF - prefs.js: network.proxy.type - 0


Does this earn me any browny points?
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users