Home > General > UACekodrtvvim.dll

UACekodrtvvim.dll

Cam Video IM;c:\windows\System32\drivers\V0220Dev.sys [25/01/2008 21:21 146112] S3 V0220Vfx;V0220VFX;c:\windows\System32\drivers\V0220Vfx.sys [25/01/2008 21:21 6272] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bthsvcs REG_MULTI_SZ BthServ [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}] c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,LaunchINFSectionEx c:\program files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12 . Do not install more than one antivirus program because they will conflict with each other. scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background uRun:

c:\windows\System32\audiodg.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\windows\System32\drivers\XAudio.exe c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe c:\program files\Hewlett-Packard\HP Health Check\HPHC_Service.exe c:\windows\System32\igfxsrvc.exe Click on Export To Export the log and save it to your desktop. Save it to your desktop. * Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. I've run malwarebytes which fixesallsortsof problem but I'm now left with UACekodrtvvim.dll which is can not remove here are the requested logs DDS (Ver_09-07-30.01) - NTFSx86 Run by lizzy at 9:54:13.67 http://www.techsupportforum.com/forums/f100/uacekodrtvvim-dll-413071.html

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper. ----------------------------------------------------------------------- I am sorry to inform you that one or Cam Manager] c:\program files\creative\creative live! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - c:\program files\windows live\family safety\fssbho.dll The system returned: (22) Invalid argument The remote host or network may be down.

Your cache administrator is webmaster. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all Generated Mon, 16 Jan 2017 21:18:00 GMT by s_hp87 (squid/3.5.23) ERROR The requested URL could not be retrieved The following error was encountered while trying to retrieve the URL: http://0.0.0.5/ Connection Please attach the contents of that log to your reply, along with a new HijackThis log. * Turn off the real time scanner of any existing antivirus program while performing the

Navigate on Control Panel. Generated Mon, 16 Jan 2017 21:18:00 GMT by s_hp87 (squid/3.5.23) ERROR The requested URL could not be retrieved The following error was encountered while trying to retrieve the URL: http://0.0.0.7/ Connection Generated Mon, 16 Jan 2017 21:18:00 GMT by s_hp87 (squid/3.5.23) Please try the request again.

Please try the request again. scanning hidden autostart entries ... Click on Disinfect Please ignore the offer to buy the program. Click Scan Wait for the scan to finish Use notepad to open the logfile located at C:\Program Files\Eset\Eset Online Scanner\log.txt Copy and paste that log as a reply to this topic

I'm a member of U.N.I.T.E and A.S.A.P 09-15-2009, 06:21 AM #11 windysurfer Registered Member Join Date: Sep 2009 Posts: 7 OS: Vista basic PC seems a litle slow Before posting for help, uninstall any such applications. If you do not update your antivirus software then it will not be able to catch new malware that may have come out. I'm a member of U.N.I.T.E and A.S.A.P 09-13-2009, 12:04 PM #5 windysurfer Registered Member Join Date: Sep 2009 Posts: 7 OS: Vista basic report attached cheers Windy Attached

If you install the cracked software, you are running executable files from these dubious, unknown sources. Please include the C:\ComboFix.txt in your next reply for further review Mark __________________ To accomplish great things, we must not only act, but also dream; not only plan, but also believe.If The system returned: (22) Invalid argument The remote host or network may be down. Mark __________________ To accomplish great things, we must not only act, but also dream; not only plan, but also believe.If I have been helping you and do not reply within 24

This allows hackers to remotely control your computer, steal critical system information and download and execute files. The system returned: (22) Invalid argument The remote host or network may be down. Click on Register Choose the option you like most, but we recommend the Free Registration. Cam Video IM;c:\windows\system32\drivers\V0220Dev.sys [2008-1-25 146112] S3 V0220Vfx;V0220VFX;c:\windows\system32\drivers\V0220Vfx.sys [2008-1-25 6272] =============== Created Last 30 ================ 2009-09-15 09:43

--d----- c:\program files\Trend Micro 2009-09-15 07:35 28,544 a------- c:\windows\system32\drivers\pavboot.sys 2009-09-15 07:35 --d----- c:\program

Generated Mon, 16 Jan 2017 21:18:00 GMT by s_hp87 (squid/3.5.23) ERROR The requested URL could not be retrieved The following error was encountered while trying to retrieve the URL: http://0.0.0.6/ Connection Referring to the Forum Rules which you should have read at the time of Registering at this forum, TSF does not support illegal activity. Visiting cracksites/warezsites - and other questionable/illegal sites is always a risk.

You can continue using the Internet by opening another window in your browser.

ESET NOD32 Antivirus Quote: This is the main reason your computer is infected. mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=74&bd=smb&pf=laptop IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Cam Manager\CTLCMgr.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Windows Live\Family The system returned: (22) Invalid argument The remote host or network may be down.

Please stay with me until given the 'all clear' even if symptoms seemingly abate. Please attach it in your next reply. I'm a member of U.N.I.T.E and A.S.A.P 09-14-2009, 01:07 PM #7 windysurfer Registered Member Join Date: Sep 2009 Posts: 7 OS: Vista basic Not sure this is right You can find instructions HERE.

Find: Java(TM) SE Runtime Environment 6 Then Outdated java runtimes: (Older versions have vulnerabilities that malicious sites can use to exploit and infect your system) After you uninstall you outdated java, c:\$recycle.bin\S-1-5-21-2365545147-1999384947-2466353664-500 c:\$recycle.bin\S-1-5-21-3004094700-1292148700-1120296016-500 c:\$recycle.bin\S-1-5-21-4104075854-417722434-1675085535-500 c:\recycler\S-1-5-21-3535440522-1292371665-3163502587-500 c:\windows\Installer\181e3a.msi F:\Autorun.inf . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_UACd.sys -------\Service_UACd.sys ((((((((((((((((((((((((( Files Created from 2009-08-13 to 2009-09-13 ))))))))))))))))))))))))))))))) . 2009-09-13 14:29 . 2009-09-13 14:48 -------- d-----w- c:\users\lizzy\AppData\Local\temp 2009-09-13 I'm a member of U.N.I.T.E and A.S.A.P 09-13-2009, 09:02 AM #3 windysurfer Registered Member Join Date: Sep 2009 Posts: 7 OS: Vista basic Hi Sorry for the delay If it finds any malware it can disinfect, the Disinfect button will be enabled.

Completion time: 2009-09-13 15:53 - machine was rebooted ComboFix-quarantined-files.txt 2009-09-13 14:53 Pre-Run: 45,400,686,592 bytes free Post-Run: 45,035,732,992 bytes free 278 --- E O F --- 2009-09-13 14:07 cheers Windy 09-13-2009, Good job. cam\live! scanning hidden files ...

Your cache administrator is webmaster.