|
|
#1
29th Mar 2009, 08:59
|
||||||||||||
|
||||||||||||
|
Firstly I'm assuming this is the right place to put this.
I went into the Control Panel and Performance and found a couple of performance issues saying:
Starting Slowly: http://i7.photobucket.com/albums/y27...tartslowly.jpg Shutting Down: http://i7.photobucket.com/albums/y27...downslowly.jpg I also ran hijackthis and got this message: http://i7.photobucket.com/albums/y27...rormessage.jpg This is probably a really stupid question but how do I rectify these? If you guys could point me in the right direction that would be great.
__________________
__________________
Euro Championships tip = Spain & Torres<- Damn I should have placed a bet on them Make Poverty History Justice for the 96 <- Please take a look My System: HistoryGirls Self Build!
|
|
#2
29th Mar 2009, 11:19
|
|||
|
|||
|
With Vista you have to right click the HJT icon and choose 'Run as Administrator'.
Have you done any maintenance lately? Disk cleanup, defrag?
__________________
 |
|
#3
30th Mar 2009, 10:11
|
|||
|
|||
|
Yeah I have I've run disk cleanup and defrag recently would that be what was is causing the problems?
New HijackThis Log: Quote:
__________________
Euro Championships tip = Spain & Torres<- Damn I should have placed a bet on them Make Poverty History Justice for the 96 <- Please take a look |
|
#4
30th Mar 2009, 10:30
|
|||
|
|||
|
Open HijackThis and select Do a system scan only.
Place a check mark next to the following entries: (if there)
Important: Close all windows except for HijackThis and then click Fix checked. Exit HijackThis. ---------- Download ComboFix© by sUBs from one of the below links. Be sure top save it to the Desktop. Link #1 Link #2 **Note: It is important that it is saved directly to your Desktop Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting ComboFix. Temporarily disable your antivirus, and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them. Double click combofix.exe & follow the prompts. When finished ComboFix will produce a log for you. Post the ComboFix log in your next reply. Important: Do not mouseclick ComboFix's window while it is running. That may cause it to stall. Remember to re-enable your antivirus and antispyware protection when ComboFix is complete. If you have problems with ComboFix usage, see How to use ComboFix
__________________
|
|
#5
30th Mar 2009, 11:37
|
|||
|
|||
|
Firstly thanks for the help and advice. I've done what you said HJT and that was fine. However I've done as the link says regarding disabling the AVG resident shield, yet despite this when I try and run combofix it, it still says AVG anti-virus is running so I'm not quite sure why.
Would you suggest maybe restarting my system?
__________________
Euro Championships tip = Spain & Torres<- Damn I should have placed a bet on them Make Poverty History Justice for the 96 <- Please take a look |
|
#6
30th Mar 2009, 13:39
|
|||
|
|||
|
AVG and Combofix have that issue. Just run ComboFix anyway. If AVG tries to block it then just allow it to run.
__________________
|
|
#7
30th Mar 2009, 14:21
|
|||
|
|||
|
Right ok all done. Log as requested.
Quote:
__________________
Euro Championships tip = Spain & Torres<- Damn I should have placed a bet on them Make Poverty History Justice for the 96 <- Please take a look |
|
#8
30th Mar 2009, 15:17
|
|||
|
|||
|
Delete these files/folders, as follows:
1. Go to Start > Run > type Notepad.exe and click OK to open Notepad. It must be Notepad, not Wordpad. 2. Copy the text in the below code box by highlighting all the text and pressing Ctrl+C Code:
KillAll::
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1865685-0291-11dc-b943-806e6f6e6963}]
Firefox::
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1178131&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - Web Search
4. Then click File > Save 5. Name the file CFScript.txt - Save the file to your Desktop 6. Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!  ComboFix will begin to execute, just follow the prompts. After reboot (in case it asks to reboot), it will produce a log for you. Post that log (Combofix.txt) in your next reply. Note: Do not mouseclick ComboFix's window while it is running. That may cause your system to freeze ---------- Download the Norton Removal Tool (SymNRT) to your Desktop. Once downloaded please close ALL open browsers, also save any work because this may require a restart.
---------- Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to infect your system. First install the new Sun Java Runtime Environment Be sure to close all browser windows before beginning the install. Remove the old version(s) Download JavaRa
Additional Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer. ---------- Download ATF Cleaner by Atribune to your Desktop. Alternate download link Note: Vista users must use Run As Administrator
Note that your system will run slower for a reboot or two after having used this tool so don't panic. Important: Restart the computer before continuing. ---------- How is the computer running now?
__________________
|
|
#9
31st Mar 2009, 09:25
|
|||
|
|||
|
New ComboFix Log:
ComboFix 09-03-29.04 - CHLOE 2009-03-31 16:37:20.2 - NTFSx86 Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.1.1033.18.2046.1173 [GMT 1:00] Running from: c:\users\CHLOE\Desktop\ComboFix.exe Command switches used :: c:\users\CHLOE\Desktop\CFScript.txt AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) FW: ZoneAlarm Firewall *enabled* * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2009-02-28 to 2009-03-31 ))))))))))))))))))))))))))))))) . 2009-03-31 17:15 . 2009-03-31 17:15 45,056 --a------ c:\windows\System32\acovcnt.exe 2009-03-30 22:26 . 2009-03-30 22:26 <DIR> d-------- c:\program files\MediaMonkey 2009-03-29 16:23 . 2008-06-20 02:14 781,344 --a------ c:\windows\System32\PresentationNative_v0300.dll 2009-03-29 16:23 . 2008-06-20 02:14 622,080 --a------ c:\windows\System32\icardagt.exe 2009-03-29 16:23 . 2008-06-20 02:14 326,160 --a------ c:\windows\System32\PresentationHost.exe 2009-03-29 16:23 . 2008-06-20 02:14 105,016 --a------ c:\windows\System32\PresentationCFFRasterizerNativ e_v0300.dll 2009-03-29 16:23 . 2008-06-20 02:14 97,800 --a------ c:\windows\System32\infocardapi.dll 2009-03-29 16:23 . 2008-06-20 02:14 43,544 --a------ c:\windows\System32\PresentationHostProxy.dll 2009-03-29 16:23 . 2008-06-20 02:14 37,384 --a------ c:\windows\System32\infocardcpl.cpl 2009-03-29 16:23 . 2008-06-20 02:14 11,264 --a------ c:\windows\System32\icardres.dll 2009-03-29 16:15 . 2008-07-27 19:03 282,112 --a------ c:\windows\System32\mscoree.dll 2009-03-29 16:15 . 2008-07-27 19:03 96,760 --a------ c:\windows\System32\dfshim.dll 2009-03-29 16:15 . 2008-07-27 19:03 41,984 --a------ c:\windows\System32\netfxperf.dll 2009-03-29 16:14 . 2008-07-27 19:03 158,720 --a------ c:\windows\System32\mscorier.dll 2009-03-29 16:14 . 2008-07-27 19:03 83,968 --a------ c:\windows\System32\mscories.dll 2009-03-29 13:52 . 2009-03-29 13:53 <DIR> d-------- c:\program files\Defraggler 2009-03-29 13:26 . 2008-02-23 05:38 170,496 --a------ c:\windows\System32\tcpipcfg.dll 2009-03-29 13:26 . 2008-02-23 03:41 22,528 --a------ c:\windows\System32\netiougc.exe 2009-03-29 13:25 . 2009-02-16 00:10 1,221,512 --a------ c:\windows\System32\zpeng25.dll 2009-03-17 21:57 . 2009-03-17 21:57 <DIR> d-------- c:\program files\Microsoft 2009-03-17 21:56 . 2009-03-17 21:56 <DIR> d-------- c:\windows\PCHEALTH 2009-03-16 22:43 . 2009-03-28 22:36 <DIR> d--h----- C:\$AVG8.VAULT$ 2009-03-16 20:59 . 2009-03-16 20:59 25 --a------ c:\windows\cdplayer.ini 2009-03-14 00:34 . 2008-12-05 05:32 428,544 --a------ c:\windows\System32\EncDec.dll 2009-03-14 00:34 . 2008-12-05 05:32 293,376 --a------ c:\windows\System32\psisdecd.dll 2009-03-14 00:34 . 2008-12-05 05:31 217,088 --a------ c:\windows\System32\psisrndr.ax 2009-03-14 00:34 . 2008-12-05 05:31 177,664 --a------ c:\windows\System32\mpg2splt.ax 2009-03-14 00:34 . 2008-12-05 05:31 80,896 --a------ c:\windows\System32\MSNP.ax 2009-03-14 00:29 . 2009-03-14 00:29 <DIR> d-------- c:\programdata\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3} 2009-03-14 00:29 . 2009-03-14 00:29 <DIR> d-------- c:\program files\iTunes 2009-03-14 00:29 . 2009-03-14 00:29 <DIR> d-------- c:\program files\iPod 2009-03-14 00:29 . 2008-04-17 13:12 107,368 --a------ c:\windows\System32\GEARAspi.dll 2009-03-14 00:29 . 2009-01-15 13:19 23,848 --a------ c:\windows\System32\drivers\GEARAspiWDM.sys 2009-03-14 00:26 . 2009-03-14 00:27 <DIR> d-------- c:\program files\QuickTime 2009-03-12 23:39 . 2009-03-12 23:39 <DIR> d-------- c:\programdata\Kontiki 2009-03-12 23:39 . 2009-03-12 23:39 <DIR> d-------- c:\program files\Kontiki 2009-03-12 23:39 . 2009-03-12 23:39 <DIR> d-------- c:\program files\Channel4 2009-03-12 23:38 . 2009-03-12 23:38 <DIR> d-------- c:\programdata\Channel4 2009-03-11 22:33 . 2009-03-31 17:16 <DIR> d-------- c:\users\CHLOE\Tracing 2009-03-11 22:22 . 2009-03-11 22:22 <DIR> d-------- c:\program files\Windows Live SkyDrive 2009-03-11 22:22 . 2009-03-17 21:57 <DIR> d-------- c:\program files\Windows Live 2009-03-11 21:57 . 2009-03-11 21:57 <DIR> d-------- c:\program files\Common Files\Windows Live 2009-03-11 13:13 . 2009-03-11 21:47 <DIR> d-------- c:\program files\Amazon 2009-03-11 13:13 . 2009-03-11 13:13 107,272 --a------ c:\windows\System32\drivers\avgtdix.sys 2009-03-11 02:09 . 2009-01-15 04:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb 2009-03-11 02:09 . 2009-01-15 07:11 827,392 --a------ c:\windows\System32\wininet.dll 2009-03-11 02:05 . 2008-12-16 04:29 8,147,456 --a------ c:\windows\System32\wmploc.DLL 2009-03-11 02:05 . 2008-12-16 06:31 7,680 --a------ c:\windows\System32\spwmp.dll 2009-03-11 02:05 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\msdxm.ocx 2009-03-11 02:05 . 2008-12-16 06:31 4,096 --a------ c:\windows\System32\dxmasf.dll 2009-03-11 02:03 . 2008-12-16 03:42 288,768 --a------ c:\windows\System32\drivers\srv.sys 2009-03-11 02:03 . 2008-11-27 05:43 268,288 --a------ c:\windows\System32\schannel.dll 2009-03-11 02:02 . 2009-02-09 04:10 2,033,152 --a------ c:\windows\System32\win32k.sys 2009-02-06 19:52 . 2009-02-06 19:52 49,504 --a------ c:\windows\System32\sirenacm.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )) . 2009-03-31 16:15 --------- d---a-w c:\programdata\TEMP 2009-03-31 16:14 350,195 ---ha-w c:\windows\system32\drivers\vsconfig.xml 2009-03-29 14:42 --------- d-----w c:\programdata\Spybot - Search & Destroy 2009-03-29 14:42 --------- d-----w c:\program files\Spybot - Search & Destroy 2009-03-29 14:42 --------- d-----w c:\program files\CCleaner 2009-03-19 16:48 --------- d-----w c:\users\CHLOE\AppData\Roaming\uTorrent 2009-03-16 19:58 --------- d-----w c:\program files\Common Files\Real 2009-03-13 23:29 --------- d-----w c:\programdata\Apple Computer 2009-03-13 23:29 --------- d-----w c:\program files\Common Files\Apple 2009-03-13 23:27 --------- d-----w c:\program files\Bonjour 2009-03-12 22:24 --------- d-----w c:\program files\Google 2009-03-11 23:07 --------- d-----w c:\program files\Microsoft Silverlight 2009-03-11 23:05 --------- d-----w c:\program files\Windows Mail 2009-03-11 12:13 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys 2009-03-11 11:52 --------- d-----w c:\programdata\avg8 2009-02-15 23:11 293,528 ----a-w c:\windows\system32\drivers\vsdatant.sys 2009-01-14 20:20 55,232 ----a-w c:\users\CHLOE\AppData\Roaming\GDIPFONTCACHEV1.DAT 2008-12-31 21:51 13,025 ----a-w c:\users\CHLOE\AppData\Roaming\nvModes.dat 2008-12-31 14:32 174 --sha-w c:\program files\desktop.ini 2008-11-19 15:31 81,920 ----a-w c:\users\CHLOE\AppData\Roaming\ezpinst.exe 2008-11-19 15:31 47,360 ----a-w c:\users\CHLOE\AppData\Roaming\pcouffin.sys 2007-05-31 18:23 77,160 ----a-w c:\users\CHLOE\DSETUP.dll 2007-05-31 18:23 503,144 ----a-w c:\users\CHLOE\DXSETUP.exe 2007-05-31 18:23 1,673,576 ----a-w c:\users\CHLOE\dsetup32.dll . ((((((((((((((((((((((((((((( SnapShot@2009-03-30_22.13.33.29 ))))))))))))))))))))))))))))))))))))))))) . + 2009-03-31 16:14:31 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat + 2009-03-31 16:14:31 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat - 2009-03-30 21:07:56 1,048,576 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT + 2009-03-31 16:15:44 1,048,576 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT - 2009-03-30 21:07:56 1,048,576 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.D AT + 2009-03-31 16:15:44 1,048,576 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.D AT - 2009-03-30 21:07:06 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at + 2009-03-31 16:14:35 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\History\History.IE5\index.d at - 2009-03-30 21:07:06 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-03-31 16:14:35 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-03-30 21:07:06 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat + 2009-03-31 16:14:35 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\R oaming\Microsoft\Windows\Cookies\index.dat - 2009-03-30 19:05:35 126,818 ----a-w c:\windows\System32\perfc007.dat + 2009-03-31 15:21:23 126,818 ----a-w c:\windows\System32\perfc007.dat - 2009-03-30 19:05:35 119,076 ----a-w c:\windows\System32\perfc009.dat + 2009-03-31 15:21:23 119,076 ----a-w c:\windows\System32\perfc009.dat - 2009-03-30 19:05:35 127,578 ----a-w c:\windows\System32\perfc00C.dat + 2009-03-31 15:21:23 127,578 ----a-w c:\windows\System32\perfc00C.dat - 2009-03-30 19:05:35 124,352 ----a-w c:\windows\System32\perfc010.dat + 2009-03-31 15:21:23 124,352 ----a-w c:\windows\System32\perfc010.dat - 2009-03-30 19:05:35 130,866 ----a-w c:\windows\System32\perfc013.dat + 2009-03-31 15:21:23 130,866 ----a-w c:\windows\System32\perfc013.dat - 2009-03-30 19:05:35 130,272 ----a-w c:\windows\System32\perfc019.dat + 2009-03-31 15:21:23 130,272 ----a-w c:\windows\System32\perfc019.dat - 2009-03-30 19:05:35 620,942 ----a-w c:\windows\System32\perfh007.dat + 2009-03-31 15:21:23 620,942 ----a-w c:\windows\System32\perfh007.dat - 2009-03-30 19:05:35 644,794 ----a-w c:\windows\System32\perfh009.dat + 2009-03-31 15:21:23 644,794 ----a-w c:\windows\System32\perfh009.dat - 2009-03-30 19:05:35 672,380 ----a-w c:\windows\System32\perfh00C.dat + 2009-03-31 15:21:23 672,380 ----a-w c:\windows\System32\perfh00C.dat - 2009-03-30 19:05:35 666,234 ----a-w c:\windows\System32\perfh010.dat + 2009-03-31 15:21:23 666,234 ----a-w c:\windows\System32\perfh010.dat - 2009-03-30 19:05:35 669,852 ----a-w c:\windows\System32\perfh013.dat + 2009-03-31 15:21:23 669,852 ----a-w c:\windows\System32\perfh013.dat - 2009-03-30 19:05:35 657,990 ----a-w c:\windows\System32\perfh019.dat + 2009-03-31 15:21:23 657,990 ----a-w c:\windows\System32\perfh019.dat - 2009-03-30 19:03:55 17,414 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3600620296-2450975610-132854369-1000_UserData.bin + 2009-03-31 16:17:14 18,026 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3600620296-2450975610-132854369-1000_UserData.bin - 2009-03-30 19:03:55 81,750 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics _SystemData.bin + 2009-03-31 16:17:14 81,884 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics _SystemData.bin - 2009-03-30 19:03:54 68,204 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnos tics_SystemData.bin + 2009-03-31 15:15:30 68,346 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnos tics_SystemData.bin . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run] "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run] "ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2007-05-15 33136] "IFXSPMGT"="c:\windows\system32\ifxspmgt.exe" [2007-02-26 677408] "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-16 981384] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-01 857648] [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=APSHook.dll avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.ac3filter"= ac3filter.acm [HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa] Notification Packages REG_MULTI_SZ scecli ASWLNPkg [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Wind ows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4oD] --a------ 2007-04-23 12:23 1032640 c:\program files\Kontiki\KHost.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-06-12 02:38 34672 d:\program files\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver] --a------ 2007-05-15 05:12 37232 c:\windows\ASScrProlog.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA] --a------ 2006-11-02 16:27 61440 c:\program files\ASUS\ATK Media\DMedia.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY] --a------ 2009-03-11 13:13 1601304 c:\progra~1\AVG\AVG8\avgtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS] -ra------ 2003-12-21 22:11 17920 c:\progra~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe] --a------ 2008-01-19 08:33 125952 c:\windows\ehome\ehtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] --a----t- 2009-03-17 22:06 133104 c:\users\CHLOE\AppData\Local\Google\Update\GoogleU pdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2009-03-11 14:52 342312 c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] --a------ 2009-02-06 19:51 3885408 c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] --a------ 2007-04-04 12:40 8429568 c:\windows\System32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] --a------ 2007-04-04 12:40 81920 c:\windows\System32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc] --a------ 2007-04-04 12:40 86016 c:\windows\System32\nvsvc.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2009-01-05 17:18 413696 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock] --a------ 2007-09-02 13:58 495616 c:\program files\RocketDock\RocketDock.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] -rahs---- 2009-03-05 16:07 2260480 c:\program files\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2008-06-10 04:27 144784 c:\program files\Java\jre1.6.0_07\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2009-03-16 20:58 198160 c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] --a------ 2008-01-19 08:38 1008184 c:\program files\Windows Defender\MSASCui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] --a------ 2008-01-19 08:33 202240 c:\program files\Windows Media Player\wmpnscfg.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] --a------ 2005-07-15 22:48 479232 c:\program files\Google\Gmail Notifier\gnotify.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] --a------ 2007-02-15 10:07 4390912 c:\windows\RtHDVCpl.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpo licy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules] "{71E74FA5-D1FA-4A82-9121-AE2CACB2ED04}"= Profile=Private|c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{2FE2345B-5C77-485E-9855-FC6024DE75EC}"= Profile=Private|c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{CC9CFD37-6799-47CF-9AEE-1063F21C5548}"= Profile=Private|c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{3D44E6E8-68F3-42F0-B97E-1081F1354874}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire 4.12.15 "{B2393435-26B3-4482-A391-C964F3370D66}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire 4.12.15 "{1B1039C9-3AEF-4B2E-85CA-DA79FB7CDBD3}"= Disabled:c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{F9EC3544-5A35-4D84-A067-E7167563791A}"= Disabled:c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{A9CE85F3-F9BA-4875-B169-9DEF59911C8A}"= Disabled:c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "TCP Query User{0FAAFA32-F5A3-4C35-9AFD-A648E4B3016E}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent "UDP Query User{CDC85196-C503-4F00-82DC-B95F8D021895}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent "TCP Query User{5D761702-BEB7-4B94-B693-1A7EF8E441ED}c:\\program files\\easy webtv & radio\\easywebtv.exe"= UDP:c:\program files\easy webtv & radio\easywebtv.exe:Web TV\Radio\Media "UDP Query User{A7E2F9B1-976E-49B1-960A-8FE671DECB26}c:\\program files\\easy webtv & radio\\easywebtv.exe"= TCP:c:\program files\easy webtv & radio\easywebtv.exe:Web TV\Radio\Media "{978D57EE-8CEF-4E88-B3CC-472590D8A602}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{038AD6DB-57BA-4294-B6BE-DC5AC329D87A}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "TCP Query User{20F3997A-2406-42BC-9A96-17DBA8717938}c:\\program files\\soulseek\\slsk.exe"= UDP:c:\program files\soulseek\slsk.exe:SoulSeek "UDP Query User{EBEDABDC-8DFA-4EA4-83A0-5D79C8A2BE45}c:\\program files\\soulseek\\slsk.exe"= TCP:c:\program files\soulseek\slsk.exe:SoulSeek "TCP Query User{A2D20908-089C-441B-B9C8-C8811AFCAB9E}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire "UDP Query User{0B6B64F6-D6E9-4D1D-B83A-E6E85E360C05}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire "{2E890455-237D-4ABA-BE37-B5E6E1862834}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{DDAAC8F6-7557-495A-82B3-EBFF9330A2CC}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{5131D757-BC24-44C9-8EA5-E268DFC6DCAC}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "TCP Query User{4C52E1A6-D998-41D5-8E99-27F21E3CA7CB}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox "UDP Query User{80235B6B-2462-4AC3-8A59-7534841DE76B}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox "TCP Query User{049DD1E6-8191-4983-A59D-240E79B46042}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent "UDP Query User{9A00A32D-A675-4425-8F5E-1528AAB521FB}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent "TCP Query User{348698D9-5A1D-4E1C-AC00-DBDC43BE0ACF}c:\\program files\\soulseek\\slsk.exe"= UDP:c:\program files\soulseek\slsk.exe:SoulSeek "UDP Query User{60AFF659-3A7C-488C-9CCA-0A8589DD32FA}c:\\program files\\soulseek\\slsk.exe"= TCP:c:\program files\soulseek\slsk.exe:SoulSeek "TCP Query User{3EF98A58-7B3C-42B1-8A5A-CF7DEF59C2A7}c:\\program files\\sopcast\\sopcast.exe"= UDP:c:\program files\sopcast\sopcast.exe:SopCast Main Application "UDP Query User{D8A0735D-6D19-4482-A90A-35A9D023DEBE}c:\\program files\\sopcast\\sopcast.exe"= TCP:c:\program files\sopcast\sopcast.exe:SopCast Main Application "TCP Query User{7B392C25-D64F-4897-B5CC-5C9B83106BB0}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox "UDP Query User{9990806D-9198-4760-93E7-C65D44E1FE8A}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox "TCP Query User{9998DAB7-D775-4620-A491-D752230551A3}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{B9293167-A4DC-43ED-893B-B5B1B89F9988}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{B04F6C2B-953A-469D-AFD8-4F3AE27A4941}c:\\users\\chloe\\appdata\\roaming\\s opcast\\adv\\sopadver.exe"= UDP:c:\users\chloe\appdata\roaming\sopcast\adv\sop adver.exe:sopadver.exe "UDP Query User{914B6A2A-9A2A-43A8-B4EA-BB1EEDC476B5}c:\\users\\chloe\\appdata\\roaming\\s opcast\\adv\\sopadver.exe"= TCP:c:\users\chloe\appdata\roaming\sopcast\adv\sop adver.exe:sopadver.exe "TCP Query User{69F8C35B-6614-4033-B40E-59012B10975A}c:\\program files\\bearflix\\bearflix.exe"= UDP:c:\program files\bearflix\bearflix.exe:BearFlix "UDP Query User{89ABF64F-F79E-456D-9136-82A8675A3E17}c:\\program files\\bearflix\\bearflix.exe"= TCP:c:\program files\bearflix\bearflix.exe:BearFlix "{8D76BC83-ABC9-406B-8945-366EA3B7074B}"= UDP:c:\program files\SmartFTP Client\SmartFTP.exe:SmartFTP Client "{9FC79C86-3E66-4A61-AA2A-FAB0C61E0453}"= TCP:c:\program files\SmartFTP Client\SmartFTP.exe:SmartFTP Client "TCP Query User{9FF9F89E-5323-45DB-89F0-BA37B84180EE}c:\\program files\\tvants\\tvants.exe"= UDP:c:\program files\tvants\tvants.exe:TVAnts "UDP Query User{C10505B7-BDD4-49BB-93E6-E73B8E6C4E33}c:\\program files\\tvants\\tvants.exe"= TCP:c:\program files\tvants\tvants.exe:TVAnts "TCP Query User{A9E241F3-D69C-4E67-938B-33C91AB576A1}c:\\program files\\tvuplayer\\tvuplayer.exe"= UDP:c:\program files\tvuplayer\tvuplayer.exe:TVU Player Component "UDP Query User{D3542B64-2CF9-4C20-B6CB-1D9096FF27EB}c:\\program files\\tvuplayer\\tvuplayer.exe"= TCP:c:\program files\tvuplayer\tvuplayer.exe:TVU Player Component "{F8B68D6E-3A24-4B31-8261-FB3CA92B5740}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "TCP Query User{4E95BA55-EDF5-491D-9059-F11FF353A128}c:\\users\\chloe\\appdata\\roaming\\s opcast\\adv\\sopadver.exe"= UDP:c:\users\chloe\appdata\roaming\sopcast\adv\sop adver.exe:sopadver.exe "UDP Query User{55C79E39-F1AC-45C7-8F99-995A835F089A}c:\\users\\chloe\\appdata\\roaming\\s opcast\\adv\\sopadver.exe"= TCP:c:\users\chloe\appdata\roaming\sopcast\adv\sop adver.exe:sopadver.exe "TCP Query User{A3EF2380-6740-4FD5-913E-D67F54A54B11}c:\\program files\\sopcast\\sopcast.exe"= UDP:c:\program files\sopcast\sopcast.exe:SopCast Main Application "UDP Query User{E9C164FD-CB41-4D08-9DBA-BDDB929D1C86}c:\\program files\\sopcast\\sopcast.exe"= TCP:c:\program files\sopcast\sopcast.exe:SopCast Main Application "TCP Query User{C1148110-2D5B-4810-8651-98FBFD3A6751}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{F15683E5-A578-47EE-BEB1-4541978254F4}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{CCA39E89-B85B-41BA-9A33-CA6DB37579E4}d:\\program files\\clue.exe"= UDP:d:\program files\clue.exe:Clue "UDP Query User{39F3C83F-DCF0-43B4-B149-19F3630B3078}d:\\program files\\clue.exe"= TCP:d:\program files\clue.exe:Clue "{01834D55-82B5-480D-BEFF-52EDB82BB8B5}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{90ECB35B-6897-4166-A35A-04BC39978BA9}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe "{504F647E-1476-4948-AA42-DC1DF85CA9A8}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe "{CC411EBB-9ACA-4217-9994-ABB961E83B3C}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In) "{031AA3B5-F93B-4E4B-9ED7-66C6B9FFF3E8}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In) "{1D54F818-ABAC-418F-8F39-17EA7664FABE}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{3C9FFAF4-40EA-450F-A906-D34D3E2EFA72}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{6AC9F5D1-C3AC-4878-8740-8A3E10F857E2}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{77045B5E-EC2E-4749-AC23-32130CD39567}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes "{00BE12C0-42CB-4B64-AA07-80A45C05B97C}"= Disabled:UDP:c:\program files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008 "{0A529C81-B8E4-4809-A54B-B5141A997A78}"= Disabled:TCP:c:\program files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008 [HKLM\~\services\sharedaccess\parameters\firewallpo licy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile] "EnableFirewall"= 0 (0x0) R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [2008-12-24 325128] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [2009-03-11 107272] R1 ItSDisk;ItSDisk;c:\windows\System32\drivers\itsdis k.sys [2006-05-16 23496] R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows \System32\drivers\psd.sys [2007-01-23 39080] R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [2008-08-07 21504] R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [2008-08-07 21504] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-03-11 903960] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-03-11 298264] R2 HDDlife HDD Access service;HDDlife HDD Access service;c:\program files\BinarySense\HDDlife 3\hldasvc.exe [2007-08-09 816376] R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2007-07-15 1153368] R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\System32\StkCSrv.exe [2007-02-07 24576] R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\System32\drivers\atl01v32.sy s [2007-03-15 48128] R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\System32\drivers\StkCMini.sys [2007-02-13 1245056] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ Cognizance REG_MULTI_SZ ASBroker ASChannel [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\H] \shell\AutoRun\command - H:\LaunchU3.exe [HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{1a4a90a1-32d4-11dc-aa3d-001bfc03310e}] \shell\AutoRun\command - H:\LaunchU3.exe . Contents of the 'Scheduled Tasks' folder 2009-01-11 c:\windows\Tasks\Defrag Job #00.job - c:\program files\DiskTrix\UltimateDefrag\UDefrag.exe [] 2009-03-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3600620296-2450975610-132854369-1000.job - c:\users\CHLOE\AppData\Local\Google\Update\GoogleU pdate.exe [2009-03-17 22:06] 2009-03-30 c:\windows\Tasks\User_Feed_Synchronization-{5963E371-2796-42F4-9A54-042DA9F406BC}.job - c:\windows\system32\msfeedssync.exe [2008-01-19 08:33] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.co.uk/ uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 FF - ProfilePath - c:\users\CHLOE\AppData\Roaming\Mozilla\Firefox\Pro files\ppnzryw9.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1178131&SearchSource=3&q= FF - prefs.js: browser.search.selectedEngine - Web Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/ FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector .dll FF - component: c:\program files\Real\RealPlayer\browserrecord\components\npr pbrowserrecordplugin.dll FF - component: c:\users\CHLOE\AppData\Roaming\Mozilla\Firefox\Pro files\ppnzryw9.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes. dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\users\CHLOE\AppData\Local\Google\Update\1.2.141 .5\npGoogleOneClick7.dll FF - plugin: d:\program files\Reader\browser\nppdf32.dll ---- FIREFOX POLICIES ---- FF - user.js: general.useragent.extra.zencast - Creative ZENcast v1.02.08); user_pref(general.useragent.extra.zencast, Creative ZENcast v2.00.07. ************************************************** ************************ catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-03-31 17:16:10 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... „10ûÿét0ûÿ3ö9sHu [1166747253] 0x75636F44 „10ûÿét0ûÿ3ö9sHu [1166747253] 0x6F6D6D6F scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************** ************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'lsass.exe'(704) c:\program files\ASUS Security Center\ASUS Security Protect Manager\bin\ASWLNPkg.dll c:\program files\ASUS Security Center\ASUS Security Protect Manager\bin\ItMsg.dll - - - - - - - > 'Explorer.exe'(3304) c:\program files\RocketDock\RocketDock.dll c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\SFSShell.dll c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItMsg.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\System32\audiodg.exe c:\windows\System32\ZoneLabs\vsmon.exe c:\windows\System32\wlanext.exe c:\program files\ATK Hotkey\ASLDRSrv.exe c:\program files\ATKGFNEX\GFNEXSrv.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Intel\Wireless\Bin\EvtEng.exe c:\progra~1\AVG\AVG8\avgrsx.exe c:\progra~1\AVG\AVG8\avgnsx.exe c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe c:\windows\System32\IFXTCS.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\System32\IfxPsdSv.exe c:\windows\System32\PSIService.exe c:\program files\Intel\Wireless\Bin\RegSrvc.exe c:\program files\ASUS\NB Probe\SPM\spmgr.exe c:\program files\AVG\AVG8\avgcsrvx.exe c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\asghost.exe c:\program files\ATK Hotkey\HControl.exe c:\program files\ATKOSD2\ATKOSD2.exe c:\program files\Wireless Console 2\wcourier.exe c:\program files\ASUS\Splendid\ACMON.exe c:\program files\P4G\BatteryLife.exe c:\windows\System32\ACEngSvr.exe c:\program files\ATK Hotkey\ATKOSD.exe c:\windows\System32\IfxUAGUI.exe c:\program files\Infineon\Security Platform Software\PSDrt.exe c:\program files\Infineon\Security Platform Software\SpTNA.exe c:\windows\System32\wbem\WMIADAP.exe c:\windows\System32\dllhost.exe . ************************************************** ************************ . Completion time: 2009-03-31 17:23:29 - machine was rebooted ComboFix-quarantined-files.txt 2009-03-31 16:23:16 ComboFix2.txt 2009-03-30 21:16:26 Pre-Run: 39,213,060,096 bytes free Post-Run: 38,632,595,456 bytes free Current=1 Default=1 Failed=0 LastKnownGood=41 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18, 19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35 ,36,37,38,39,40,41 396 --- E O F --- 2009-03-29 15:30:34
__________________
Euro Championships tip = Spain & Torres<- Damn I should have placed a bet on them Make Poverty History Justice for the 96 <- Please take a look |
|
#10
31st Mar 2009, 09:48
|
|||
|
|||
|
Regarding the Norton removal I've never installed norton on here so why is symantec listed?
__________________
Euro Championships tip = Spain & Torres<- Damn I should have placed a bet on them Make Poverty History Justice for the 96 <- Please take a look |
