Phped updating code explorer tree Israel girl chatsex phone number

6854933580_2c8b688306_z

Ok, Im going to give a step by step of what happened, because any of it could be important. If this rundll process is left running, if i change the reg entry from a 4 to a 2, it changes it back to a 4 within 20 seconds. This rundll runs as a process under the thread for svchost netsvcs.

Then I'll post the logs i made from DDS and GMER. So, to sum up, shortly after boot my antivirus gets disabled, windows security center gets disabled, something goofs up teatimer because it doesnt notice the REG changes and when i shut down, it spits out multiple errors at me.

2011-01-29 -------- d-----w- c:\program files\Common Files\Component One Shared 2011-01-18 .

2011-01-18 -------- d-----w- c:\program files\Core Services 2011-01-16 .

phped updating code explorer tree-75phped updating code explorer tree-75phped updating code explorer tree-33phped updating code explorer tree-12

2010-07-12 3072 ----a-w- c:\windows\sqlite20072011-01-16 .

Please refer to ================= FIREFOX =================== FF - Profile Path - c:\docume~1\rich\applic~1\mozilla\firefox\profiles\km47pz7k.default\ FF - prefs.js: network.- 0 FF - component: c:\documents and settings\rich\application data\mozilla\firefox\profiles\km47pz7k.default\extensions\components\FF - component: c:\documents and settings\rich\application data\mozilla\firefox\profiles\km47pz7k.default\extensions\platform\winnt\components\Color FF - component: c:\documents and settings\rich\application data\mozilla\firefox\profiles\km47pz7k.default\extensions\[email protected]\components\DTToolbar FF - component: c:\documents and settings\rich\application data\mozilla\firefox\profiles\km47pz7k.default\extensions\[email protected]\platform\winnt_x86-msvc\components\FF - component: c:\program files\free download manager\firefox\extension\components\FF - component: c:\program files\mozilla firefox\extensions\[email protected]\components\FF - component: c:\program files\mozilla firefox\extensions\[email protected]\components\FF - plugin: c:\documents and settings\rich\application data\move networks\plugins\npqmp071701000002FF - plugin: c:\documents and settings\rich\local settings\application data\google\update

2010-07-12 3072 ----a-w- c:\windows\sqlite20072011-01-16 .

Please refer to ================= FIREFOX =================== FF - Profile Path - c:\docume~1\rich\applic~1\mozilla\firefox\profiles\km47pz7k.default\ FF - prefs.js: network.- 0 FF - component: c:\documents and settings\rich\application data\mozilla\firefox\profiles\km47pz7k.default\extensions\\components\FF - component: c:\documents and settings\rich\application data\mozilla\firefox\profiles\km47pz7k.default\extensions\\platform\winnt\components\Color FF - component: c:\documents and settings\rich\application data\mozilla\firefox\profiles\km47pz7k.default\extensions\[email protected]\components\DTToolbar FF - component: c:\documents and settings\rich\application data\mozilla\firefox\profiles\km47pz7k.default\extensions\[email protected]\platform\winnt_x86-msvc\components\FF - component: c:\program files\free download manager\firefox\extension\components\FF - component: c:\program files\mozilla firefox\extensions\[email protected]\components\FF - component: c:\program files\mozilla firefox\extensions\[email protected]\components\FF - plugin: c:\documents and settings\rich\application data\move networks\plugins\npqmp071701000002FF - plugin: c:\documents and settings\rich\local settings\application data\google\update\1.2.183.39\np Google One Click8FF - plugin: c:\documents and settings\rich\local settings\application data\yahoo!

\browserplus\2.5.1\plugins\npybrowserplus_2.5.1FF - plugin: c:\program files\mozilla firefox\plugins\FF - plugin: c:\program files\unity\webplayer\loader\np Unity3D32FF - Ext: Default: - c:\program files\mozilla firefox\extensions\ FF - Ext: Java Console: - c:\program files\mozilla firefox\extensions\ FF - Ext: Anti-Banner: Kav Anti [email protected] c:\program files\mozilla firefox\extensions\Kav Anti [email protected] - Ext: Kaspersky URL Advisor: [email protected] c:\program files\mozilla firefox\extensions\[email protected] - Ext: Colorful Tabs: - %profile%\extensions\ FF - Ext: Link Status: - %profile%\extensions\ FF - Ext: Fox Tab: - %profile%\extensions\ FF - Ext: Firebug: [email protected] %profile%\extensions\[email protected] - Ext: Color Zilla: - %profile%\extensions\ FF - Ext: Measure It: - %profile%\extensions\ FF - Ext: Last Pass: [email protected] %profile%\extensions\[email protected] - Ext: Yahoo!

DLL IE: - - c:\program files\kaspersky lab\kaspersky internet security 2011\IE: - - c:\progra~1\spybot~1\LSP: %SYSTEMROOT%\system32\nv DPF: - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1DPF: - hxxp://com/update/1.6.0/jinstall-1_6_0_14-windows-i586DPF: - hxxp://com/update/1.6.0/jinstall-1_6_0_14-windows-i586DPF: - hxxp://com/update/1.6.0/jinstall-1_6_0_14-windows-i586Handler: avgsecuritytoolbar - - Handler: groove Local GWS - - c:\program files\microsoft office\office12\Groove System Handler: intu-help-qb2 - - c:\program files\intuit\quickbooks 2009\Help Async Pluggable Handler: qbwc - - c:\windows\system32\Handler: skype4com - - c:\progra~1\common~1\skype\SKYPE4~1. SASWin Logon - c:\program files\superantispyware\SASWINLO. DLL Notify: klogon - c:\windows\system32\Notify: WBSrv - c:\program files\stardock\object desktop\windowblinds\App Init_DLLs: wbsys.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\SSODL: WPDSh Service Obj - - c:\windows\system32\WPDSh Service STS: Fences Shl Ext Class: - c:\program files\stardock\fences\Fences SEH: Groove GFS Stub Execution Hook: - c:\program files\microsoft office\office12\Groove Shell SEH: Windows Desktop Search Namespace Manager: - c:\program files\windows desktop search\MSNLNamespace SEH: SABShell Execute Hook Class: - c:\program files\superantispyware\SASSEH.

DLL Hosts: 127.0.0.1 2.193 2.193 69.1 2.124 multiple HOSTS entries found.

2011-01-29 114243 ----a-w- c:\windows\system32\drivers\2011-01-29 .

||

2010-07-12 3072 ----a-w- c:\windows\sqlite20072011-01-16 .Please refer to ================= FIREFOX =================== FF - Profile Path - c:\docume~1\rich\applic~1\mozilla\firefox\profiles\km47pz7k.default\ FF - prefs.js: network.- 0 FF - component: c:\documents and settings\rich\application data\mozilla\firefox\profiles\km47pz7k.default\extensions\\components\FF - component: c:\documents and settings\rich\application data\mozilla\firefox\profiles\km47pz7k.default\extensions\\platform\winnt\components\Color FF - component: c:\documents and settings\rich\application data\mozilla\firefox\profiles\km47pz7k.default\extensions\[email protected]\components\DTToolbar FF - component: c:\documents and settings\rich\application data\mozilla\firefox\profiles\km47pz7k.default\extensions\[email protected]\platform\winnt_x86-msvc\components\FF - component: c:\program files\free download manager\firefox\extension\components\FF - component: c:\program files\mozilla firefox\extensions\[email protected]\components\FF - component: c:\program files\mozilla firefox\extensions\[email protected]\components\FF - plugin: c:\documents and settings\rich\application data\move networks\plugins\npqmp071701000002FF - plugin: c:\documents and settings\rich\local settings\application data\google\update\1.2.183.39\np Google One Click8FF - plugin: c:\documents and settings\rich\local settings\application data\yahoo!\browserplus\2.5.1\plugins\npybrowserplus_2.5.1FF - plugin: c:\program files\mozilla firefox\plugins\FF - plugin: c:\program files\unity\webplayer\loader\np Unity3D32FF - Ext: Default: - c:\program files\mozilla firefox\extensions\ FF - Ext: Java Console: - c:\program files\mozilla firefox\extensions\ FF - Ext: Anti-Banner: Kav Anti [email protected] c:\program files\mozilla firefox\extensions\Kav Anti [email protected] - Ext: Kaspersky URL Advisor: [email protected] c:\program files\mozilla firefox\extensions\[email protected] - Ext: Colorful Tabs: - %profile%\extensions\ FF - Ext: Link Status: - %profile%\extensions\ FF - Ext: Fox Tab: - %profile%\extensions\ FF - Ext: Firebug: [email protected] %profile%\extensions\[email protected] - Ext: Color Zilla: - %profile%\extensions\ FF - Ext: Measure It: - %profile%\extensions\ FF - Ext: Last Pass: [email protected] %profile%\extensions\[email protected] - Ext: Yahoo!DLL IE: - - c:\program files\kaspersky lab\kaspersky internet security 2011\IE: - - c:\progra~1\spybot~1\LSP: %SYSTEMROOT%\system32\nv DPF: - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1DPF: - hxxp://com/update/1.6.0/jinstall-1_6_0_14-windows-i586DPF: - hxxp://com/update/1.6.0/jinstall-1_6_0_14-windows-i586DPF: - hxxp://com/update/1.6.0/jinstall-1_6_0_14-windows-i586Handler: avgsecuritytoolbar - - Handler: groove Local GWS - - c:\program files\microsoft office\office12\Groove System Handler: intu-help-qb2 - - c:\program files\intuit\quickbooks 2009\Help Async Pluggable Handler: qbwc - - c:\windows\system32\Handler: skype4com - - c:\progra~1\common~1\skype\SKYPE4~1. SASWin Logon - c:\program files\superantispyware\SASWINLO. DLL Notify: klogon - c:\windows\system32\Notify: WBSrv - c:\program files\stardock\object desktop\windowblinds\App Init_DLLs: wbsys.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\SSODL: WPDSh Service Obj - - c:\windows\system32\WPDSh Service STS: Fences Shl Ext Class: - c:\program files\stardock\fences\Fences SEH: Groove GFS Stub Execution Hook: - c:\program files\microsoft office\office12\Groove Shell SEH: Windows Desktop Search Namespace Manager: - c:\program files\windows desktop search\MSNLNamespace SEH: SABShell Execute Hook Class: - c:\program files\superantispyware\SASSEH.DLL Hosts: 127.0.0.1 2.193 2.193 69.1 2.124 multiple HOSTS entries found.2011-01-29 114243 ----a-w- c:\windows\system32\drivers\2011-01-29 .

.2.183.39\np Google One Click8FF - plugin: c:\documents and settings\rich\local settings\application data\yahoo!

\browserplus.5.1\plugins\npybrowserplus_2.5.1FF - plugin: c:\program files\mozilla firefox\plugins\FF - plugin: c:\program files\unity\webplayer\loader\np Unity3D32FF - Ext: Default: - c:\program files\mozilla firefox\extensions\ FF - Ext: Java Console: - c:\program files\mozilla firefox\extensions\ FF - Ext: Anti-Banner: Kav Anti [email protected] c:\program files\mozilla firefox\extensions\Kav Anti [email protected] - Ext: Kaspersky URL Advisor: [email protected] c:\program files\mozilla firefox\extensions\[email protected] - Ext: Colorful Tabs: - %profile%\extensions\ FF - Ext: Link Status: - %profile%\extensions\ FF - Ext: Fox Tab: - %profile%\extensions\ FF - Ext: Firebug: [email protected] %profile%\extensions\[email protected] - Ext: Color Zilla: - %profile%\extensions\ FF - Ext: Measure It: - %profile%\extensions\ FF - Ext: Last Pass: [email protected] %profile%\extensions\[email protected] - Ext: Yahoo!

DLL IE: - - c:\program files\kaspersky lab\kaspersky internet security 2011\IE: - - c:\progra~1\spybot~1\LSP: %SYSTEMROOT%\system32\nv DPF: - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1DPF: - hxxp://com/update/1.6.0/jinstall-1_6_0_14-windows-i586DPF: - hxxp://com/update/1.6.0/jinstall-1_6_0_14-windows-i586DPF: - hxxp://com/update/1.6.0/jinstall-1_6_0_14-windows-i586Handler: avgsecuritytoolbar - - Handler: groove Local GWS - - c:\program files\microsoft office\office12\Groove System Handler: intu-help-qb2 - - c:\program files\intuit\quickbooks 2009\Help Async Pluggable Handler: qbwc - - c:\windows\system32\Handler: skype4com - - c:\progra~1\common~1\skype\SKYPE4~1. SASWin Logon - c:\program files\superantispyware\SASWINLO. DLL Notify: klogon - c:\windows\system32\Notify: WBSrv - c:\program files\stardock\object desktop\windowblinds\App Init_DLLs: wbsys.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\SSODL: WPDSh Service Obj - - c:\windows\system32\WPDSh Service STS: Fences Shl Ext Class: - c:\program files\stardock\fences\Fences SEH: Groove GFS Stub Execution Hook: - c:\program files\microsoft office\office12\Groove Shell SEH: Windows Desktop Search Namespace Manager: - c:\program files\windows desktop search\MSNLNamespace SEH: SABShell Execute Hook Class: - c:\program files\superantispyware\SASSEH.

DLL Hosts: 127.0.0.1 2.193 2.193 69.1 2.124 multiple HOSTS entries found.

2011-01-29 114243 ----a-w- c:\windows\system32\drivers11-01-29 .

You must have an account to comment. Please register or login here!