Where does the updates get saved… Can we reuse them the next time we install the antivirus software???
Antivirus softwares and even windows have an option for automatic updates. Where do they actually get saved in my computer… Can they be saved and reused the next time we install the software?? This will save my time in updating each time i install OS… Help me>>>>>>>>
DDS Log:
DDS (Ver_10-03-17.01) - NTFSx86
Run by Shortdilla at 18:12:59.18 on Sat 08/21/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.516 [GMT -4:00]
AV: avast! Antivirus On-access scanning enabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
============== Running Processes ===============
C:\WINDOWS.1\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS.1\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS.1\System32\wltrysvc.exe
C:\WINDOWS.1\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS.1\system32\spoolsv.exe
svchost.exe
C:\WINDOWS.1\system32\bmwebcfg.exe
C:\WINDOWS.1\system32\dldtcoms.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS.1\Explorer.EXE
C:\WINDOWS.1\AGRSMMSG.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS.1\system32\bcmntray.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS.1\system32\igfxpers.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Dell V305\dldtmon.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Dell V305\dldtMsdMon.exe
C:\Program Files\AVGT\antivirusGT.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS.1\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Shortdilla.MR1750.000\My Documents\Downloads\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.yahoo.com/
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [AVGT] c:\program files\avgt\antivirusGT.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe
mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe
mRun: [Broadcom Wireless Manager UI] c:\windows.1\system32\bcmntray
mRun: [SoundMAXPnP] c:\program files\analog devices\soundmax\SMax4PNP.exe
mRun: [SoundMAX] “c:\program files\analog devices\soundmax\smax4.exe” /tray
mRun: [WatchDog] c:\program files\intervideo\dvd check\DVDCheck.exe
mRun: [igfxtray] c:\windows.1\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows.1\system32\hkcmd.exe
mRun: [igfxpers] c:\windows.1\system32\igfxpers.exe
mRun: []
mRun: [RoxWatchTray] “c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe”
mRun: [YSearchProtection] “c:\program files\yahoo!\search protection\SearchProtection.exe”
mRun: [QuickTime Task] “c:\program files\quicktime\qttask.exe” -atboottime
mRun: [Adobe Reader Speed Launcher] “c:\program files\adobe\reader 9.0\reader\Reader_sl.exe”
mRun: [Adobe ARM] “c:\program files\common files\adobe\arm\1.0\AdobeARM.exe”
mRun: [dldtmon.exe] “c:\program files\dell v305\dldtmon.exe”
mRun: [dldtamon] “c:\program files\dell v305\dldtamon.exe”
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
StartupFolder: c:\docume~1\shortd~1.000\startm~1\programs\startup\xfire.lnk - c:\program files\xfire\Xfire.exe
StartupFolder: c:\docume~1\alluse~1.1\startm~1\programs\startup\dvdche~1.lnk - c:\program files\intervideo\dvd check\DVDCheck.exe
StartupFolder: c:\docume~1\alluse~1.1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: bmnet.dll
Trusted Zone: nexon.net\combatarms
DPF: Microsoft XML Parser for Java - file://c:\windows.1\java\classes\xmldso.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1237325560109
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1237326235875
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows.1\system32\WPDShServiceObj.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\shortd~1.000\applic~1\mozilla\firefox\profiles\80rbkfaf.default
FF - plugin: c:\documents and settings\all users.windows.1\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\windows.1\system32\c2mp\npdivx32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows.1\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref(“ui.use_native_colors”, true);
c:\program files\mozilla firefox\greprefs\all.js - pref(“ui.use_native_popup_windows”, false);
c:\program files\mozilla firefox\greprefs\all.js - pref(“browser.enable_click_image_resizing”, true);
c:\program files\mozilla firefox\greprefs\all.js - pref(“accessibility.browsewithcaret_shortcut.enabled”, true);
c:\program files\mozilla firefox\greprefs\all.js - pref(“javascript.options.mem.high_water_mark”, 32);
c:\program files\mozilla firefox\greprefs\all.js - pref(“javascript.options.mem.gc_frequency”, 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref(“network.IDN.whitelist.lu”, true);
c:\program files\mozilla firefox\greprefs\all.js - pref(“network.IDN.whitelist.nu”, true);
c:\program files\mozilla firefox\greprefs\all.js - pref(“network.IDN.whitelist.nz”, true);
c:\program files\mozilla firefox\greprefs\all.js - pref(“network.IDN.whitelist.امارات”, true);
c:\program files\mozilla firefox\greprefs\all.js - pref(“network.IDN.whitelist.السعودية”, true);
c:\program files\mozilla firefox\greprefs\all.js - pref(“network.IDN.whitelist.рф”, true);
c:\program files\mozilla firefox\greprefs\all.js - pref(“network.IDN.whitelist.الاردن”, true);
c:\program files\mozilla firefox\greprefs\all.js - pref(“network.IDN.whitelist.tel”, true);
c:\program files\mozilla firefox\greprefs\all.js - pref(“network.auth.force-generic-ntlm”, false);
c:\program files\mozilla firefox\greprefs\all.js - pref(“network.proxy.type”, 5);
c:\program files\mozilla firefox\greprefs\all.js - pref(“network.buffer.cache.count”, 24);
c:\program files\mozilla firefox\greprefs\all.js - pref(“network.buffer.cache.size”, 4096);
c:\program files\mozilla firefox\greprefs\all.js - pref(“dom.ipc.plugins.timeoutSecs”, 45);
c:\program files\mozilla firefox\greprefs\all.js - pref(“svg.smil.enabled”, false);
c:\program files\mozilla firefox\greprefs\all.js - pref(“ui.trackpoint_hack.enabled”, -1);
c:\program files\mozilla firefox\greprefs\all.js - pref(“browser.formfill.debug”, false);
c:\program files\mozilla firefox\greprefs\all.js - pref(“browser.formfill.agedWeight”, 2);
c:\program files\mozilla firefox\greprefs\all.js - pref(“browser.formfill.bucketSize”, 1);
c:\program files\mozilla firefox\greprefs\all.js - pref(“browser.formfill.maxTimeGroupings”, 25);
c:\program files\mozilla firefox\greprefs\all.js - pref(“browser.formfill.timeGroupingSize”, 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref(“browser.formfill.boundaryWeight”, 25);
c:\program files\mozilla firefox\greprefs\all.js - pref(“browser.formfill.prefixWeight”, 5);
c:\program files\mozilla firefox\greprefs\all.js - pref(“accelerometer.enabled”, true);
c:\program files\mozilla firefox\greprefs\all.js - pref(“html5.enable”, false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref(“security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr
ef”, true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref(“security.ssl.renego_unrestricted_hosts”, “”);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref(“security.ssl.treat_unsafe_negotiation_as_broken”, false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref(“security.ssl.require_safe_negotiation”, false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref(“security.ssl3.rsa_seed_sha”, true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref(“app.update.download.backgroundInterval”, 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref(“app.update.url.manual”, “http://www.firefox.com”);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref(“browser.search.param.yahoo-fr-ja”, “mozff”);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref(“extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name”, “chrome://browser/locale/browser.properties”);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref(“extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description”, “chrome://browser/locale/browser.properties”);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref(“xpinstall.whitelist.add”, “addons.mozilla.org”);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref(“xpinstall.whitelist.add.36”, “getpersonas.com”);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref(“lightweightThemes.update.enabled”, true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref(“browser.allTabs.previews”, false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref(“plugins.hide_infobar_for_outdated_plugin”, false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref(“plugins.update.notifyUser”, false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref(“toolbar.customization.usesheet”, false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref(“dom.ipc.plugins.enabled.nptest.dll”, true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref(“dom.ipc.plugins.enabled.npswf32.dll”, true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref(“dom.ipc.plugins.enabled.npctrl.dll”, true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref(“dom.ipc.plugins.enabled.npqtplugin.dll”, true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref(“dom.ipc.plugins.enabled”, false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref(“browser.taskbar.previews.enable”, false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref(“browser.taskbar.previews.max”, 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref(“browser.taskbar.previews.cachetime”, 20);
============= SERVICES / DRIVERS ===============
R1 aswSP;aswSP;c:\windows.1\system32\drivers\aswSP.sys [2009-7-19 165456]
R2 aswFsBlk;aswFsBlk;c:\windows.1\system32\drivers\aswFsBlk.sys [2009-7-19 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-7-29 40384]
R2 dldt_device;dldt_device;c:\windows.1\system32\dldtcoms.exe -service → c:\windows.1\system32\dldtcoms.exe -service [?]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-7-29 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-7-29 40384]
S2 dldtCATSCustConnectService;dldtCATSCustConnectService;c:\windows.1\system32\spool\drivers\w32x86\3\dldtserv.exe [2010-6-29 98984]
S3 ATTRcAppSvc;AT&T RcAppSvc;c:\program files\at&t\connection software\RcAppSvc.exe [2008-7-10 111896]
=============== Created Last 30 ================
2010-08-21 22:12:12 0 ----a-w- c:\documents and settings\shortdilla.mr1750.000\defogger_reenable
2010-08-21 21:22:57 0 d-----w- c:\docume~1\shortd~1.000\applic~1\GetRightToGo
2010-08-21 19:04:33 0 d-----w- c:\program files\AVGT
2010-07-29 15:24:04 38848 ----a-w- c:\windows.1\avastSS.scr
2010-07-29 15:23:25 0 d-----w- c:\docume~1\alluse~1.1\applic~1\Alwil Software
2010-07-28 21:00:22 226728 ----a-r- c:\windows.1\system32\cpnprt2.cid
2010-07-28 21:00:17 0 d-----w- c:\windows.1\Cache
2010-07-28 21:00:16 0 d-----w- c:\program files\Coupons
==================== Find3M ====================
2010-07-09 19:04:40 41872 ----a-w- c:\windows.1\system32\xfcodec.dll
2010-06-30 12:31:35 149504 ----a-w- c:\windows.1\system32\schannel.dll
2010-06-24 12:22:03 916480 ----a-w- c:\windows.1\system32\wininet.dll
2010-06-23 13:44:04 1851904 ----a-w- c:\windows.1\system32\win32k.sys
2010-06-17 14:03:00 80384 ----a-w- c:\windows.1\system32\iccvid.dll
2010-06-14 07:41:45 1172480 ----a-w- c:\windows.1\system32\msxml3.dll
============= FINISH: 18:13:25.34 ===============
Malwarebytes' Anti-Malware 1.42 Database version: 3452 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702well you are using a VERY old version of Malwarebytes 1.42 latest version is 1.50.1 the database you are scanning with is 3452 and latest is 6081
so update Malwarebytes and try again
Malwarebytes can have up to 10 updates on a day…
I have Avast Antivirus, so I have no clue how this made it onto my computer....No security program have 100% detection
The MBAM log you are posting is dated 8/21/2010 6:00:28 PM ???
and DDS log 18:12:59.18 on Sat 08/21/2010
are you posting the wrong logs or is your computer time totally wrong ???
OBS: your version of Malwarebytes was released Date: 03 December, 2009 ;D
Each anti-virus software gets automatically updated once u connect to the internet.
These updates files are saved in a special folder usually named as ‘Updates’ or something similiar. Go to the location where the anti-virus has installed itself (My Computer/c:/program files/) and check for the ‘updates’ or a similiar name.
If u want to save that file then copy it onto another drive which u use as a backup during formatting…and simply paste its contents back into the folder of the freshly-re-installed software .
That should work.
u can also change the location where the updates get stored by tweaking the settings found in the updates menu of the software and this directly save ur updates onto another drive and avoid copying its contents again and again after each update.
.