|
|
#1
7th Jul 2009, 04:45
|
||||||||||||
|
||||||||||||
|
Hi all, been having a few issue`s with the pc in the last week,
Firstly my mouse went dead so i replaced it only to find i cant now cut and paste, then i find i cant use I.E. it just closes itself, i have configuered the firewall for full access but again everytime i use it, it opens then just closes again, also i have been trying to update a few drivers but everytime i click to download the drivers absolutly nothing happens, apart from the pointer changing to the egg timer/thinking about then back as normal, have again tried to allow it through the firewall but still no luck in getting the drivers to download, im also finding that aol will just close more than usual and the system will freeze when two apps are used tried to run Adware 2008 but it wounldnt run so uninstalled it and again couldnt re-install it as i cant seem to download anything, ran the antivirus just tracking cookies found ran super antispyware again it reported just cookies ran malwarebytes with no results any ideas on what is wrong with with xp? have included logs below SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 07/06/2009 at 02:33 PM Application Version : 4.26.1006 Core Rules Database Version : 3973 Trace Rules Database Version: 1913 Scan type : Complete Scan Total Scan Time : 00:06:57 Memory items scanned : 598 Memory threats detected : 0 Registry items scanned : 5842 Registry threats detected : 0 File items scanned : 0 File threats detected : 18 Adware.Tracking Cookie C:\Documents and Settings\richard\Cookies\richard@ads.aol.co[1].txt C:\Documents and Settings\richard\Cookies\richard@serving-sys[1].txt C:\Documents and Settings\richard\Cookies\richard@tacoda[1].txt C:\Documents and Settings\richard\Cookies\richard@at.atwola[2].txt C:\Documents and Settings\richard\Cookies\richard@msnportal.112.2o7[1].txt C:\Documents and Settings\richard\Cookies\richard@doubleclick[1].txt C:\Documents and Settings\richard\Cookies\richard@advertising[2].txt C:\Documents and Settings\richard\Cookies\richard@ads.pointroll[2].txt C:\Documents and Settings\richard\Cookies\richard@bs.serving-sys[1].txt C:\Documents and Settings\richard\Cookies\richard@atwola[1].txt C:\Documents and Settings\richard\Cookies\richard@ad.yieldmanager[2].txt C:\Documents and Settings\richard\Cookies\richard@uk.at.atwola[1].txt C:\Documents and Settings\richard\Cookies\richard@tribalfusion[2].txt C:\Documents and Settings\richard\Cookies\richard@revsci[1].txt C:\Documents and Settings\richard\Cookies\richard@2o7[1].txt C:\Documents and Settings\richard\Cookies\richard@mediaplex[1].txt C:\Documents and Settings\richard\Cookies\richard@apmebf[1].txt C:\Documents and Settings\richard\Cookies\richard@atdmt[1].txt Malwarebytes' Anti-Malware 1.09 Database version: 563 Scan type: Quick Scan Objects scanned: 69493 Time elapsed: 31 minute(s), 56 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:04:58, on 07/07/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16850) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\PC Tools Firewall Plus\FWService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ATKKBService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Norton GoBack\GBPoll.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\System32\SnoopFreeSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\ThreatFire\TFService.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\SnoopFreeUI.exe C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\ThreatFire\TFTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\System32\alg.exe C:\Program Files\WinTV\Ir.exe C:\Program Files\Belkin\Bluetooth Software\BTTray.exe C:\Program Files\Norton GoBack\GBTray.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe C:\Program Files\Common Files\AOL\1200492464\ee\aolsoftware.exe c:\program files\common files\aol\1200492464\ee\services\antiSpywareApp\ve r2_0_32_1\AOLSP Scheduler.exe c:\program files\common files\aol\1200492464\ee\aolsoftware.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Trend Micro\juice.exe\juice.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.aol.co.uk/web?isinit=true&query=%s R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file) O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O4 - HKLM\..\Run: [SnoopFreeUI] SnoopFreeUI.exe O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton GoBack\GBTray.exe O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/Driver...sysreqlab3.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/Driver...reqlab_nvd.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/comput...up/qdiagcc.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/...?1187434012359 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/micr...?1187434203140 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1187434176625 O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/...osticsxp2k.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton GoBack\GBPoll.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Snoop Free Service (SnoopFreeSvc) - Unknown owner - C:\WINDOWS\System32\SnoopFreeSvc.exe O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe -- End of file - 10095 bytes
__________________
__________________
If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization. A computer once beat me at chess But it was no match for me at kick boxing.
 My System: redden137
|
|
#2
7th Jul 2009, 17:29
|
|||
|
|||
|
Quote:
 Uninstall that version to make sure the new one installs with no issues. Download Malwarebytes' Anti-Malware (MBAM) Alternate MBAM download link
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. ---------- Download DDS from |HERE| or |HERE| or |HERE| and save it to your desktop. Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it) * XP users Double click on dds to run it. * If your antivirus or firewall try to block DDS then please allow it to run. * When finished DDS will open two (2) logs. 1) DDS.txt 2) Attach.txt * Save both logs to your desktop. * Please copy and paste the entire contents of both logs in your next reply. Note: DDS will instruct you to post the Attach.txt log as an attachment. Please just post it as you would any other log by copy and pasting it into the reply.
__________________
 |
|
#3
9th Jul 2009, 05:28
|
|||
|
|||
|
Have enclosed updated malwarebytes log
Malwarebytes' Anti-Malware 1.38 Database version: 2397 Windows 5.1.2600 Service Pack 3 09/07/2009 13:02:50 mbam-log-2009-07-09 (13-02-50).txt Scan type: Quick Scan Objects scanned: 163228 Time elapsed: 43 minute(s), 30 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 3 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\dcads (Adware.Dcads) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CLASSES_ROOT\regfile\shell\open\command\(defa ult) (Broken.OpenCommand) -> Bad: (regedit.exe"%1" %*) Good: (regedit.exe "%1") -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: c:\WINDOWS\system32\dcads-remove.exe (Adware.Dcads) -> Quarantined and deleted successfully. and here are the other two requested logs DDS DDS (Ver_09-06-26.01) - NTFSx86 Run by richard at 13:17:53.43 on 09/07/2009 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1434 [GMT 1:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: PC Tools Firewall Plus *enabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52} ============== Running Processes =============== C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost -k DcomLaunch C:\Program Files\PC Tools Firewall Plus\FWService.exe C:\WINDOWS\system32\svchost -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\Explorer.EXE C:\WINDOWS\ATKKBService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\svchost.exe -k bthsvcs C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Norton GoBack\GBPoll.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\System32\SnoopFreeSvc.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\ThreatFire\TFService.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\SnoopFreeUI.exe C:\WINDOWS\System32\alg.exe C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\ThreatFire\TFTray.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\WinTV\Ir.exe C:\Program Files\Belkin\Bluetooth Software\BTTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Norton GoBack\GBTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\AOL 9.0a\waol.exe C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe C:\Program Files\AOL 9.0a\shellmon.exe C:\Program Files\Common Files\AOL\aoltpspd.exe C:\Program Files\Common Files\AOL\1200492464\ee\aolsoftware.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter c:\program files\common files\aol\1200492464\ee\services\antiSpywareApp\ve r2_0_32_1\AOLSP Scheduler.exe c:\program files\common files\aol\1200492464\ee\aolsoftware.exe C:\Documents and Settings\richard\Local Settings\Temporary Internet Files\Content.IE5\MO0AFRHY\dds[1].scr C:\WINDOWS\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uSearch Bar = uWindow Title = Microsoft Internet Explorer uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:en-US&ie=utf8&oe=utf8 mWindow Title = Microsoft Internet Explorer uSearchURL,(Default) = hxxp://search.aol.co.uk/web?isinit=true&query=%s uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - mWinlogon: Userinit=c:\windows\system32\userinit.exe BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File BHO: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - No File BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_02\bin\ssv.dll BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll TB: AOL Toolbar: {4982d40a-c53b-4615-b15b-b5b5e98d167c} - c:\program files\aol toolbar\toolbar.dll TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background mRun: [SnoopFreeUI] SnoopFreeUI.exe mRun: [00PCTFW] "c:\program files\pc tools firewall plus\FirewallGUI.exe" -s mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [ThreatFire] c:\program files\threatfire\TFTray.exe mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\aut ost~1.lnk - c:\program files\wintv\Ir.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\btt ray.lnk - c:\program files\belkin\bluetooth software\BTTray.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpd igi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\nor ton~1.lnk - c:\program files\norton goback\GBTray.exe IE: &AOL Toolbar search - c:\program files\aol toolbar\toolbar.dll/SEARCH.HTML IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000 IE: Send To &Bluetooth - c:\program files\belkin\bluetooth software\btsendto_ie_ctx.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\belkin\bluetooth software\btsendto_ie.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_02\bin\ssv.dll IE: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - c:\program files\aol toolbar\toolbar.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/common/asusTek_sys_ctrl.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - hxxp://aolcc.aolsvc.aol.co.uk/computercheckup/qdiagcc.cab DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1187434012359 DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1187434203140 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1187434176625 DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-6u2-windows-i586-jc.cab DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: {F26EBD7A-0F91-44E4-B42E-6AD6DBBF70C2} = 205.188.146.145 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Handler: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - c:\windows\system32\BTXPPanel.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll Notify: avgrsstarter - avgrsstx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, ============= SERVICES / DRIVERS =============== R0 SnoopFree;SnoopFree Driver;c:\windows\system32\drivers\SnopFree.sys [2007-8-17 9472] R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMo n.sys [2009-3-5 51984] R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSy sMon.sys [2009-3-5 46864] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-3-5 327688] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-3-5 27784] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-3-5 108552] R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctg ntdi.sys [2009-5-9 159600] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-4-28 9968] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-4-28 72944] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-3-5 298776] R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2007-8-30 66048] R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [2009-5-9 73840] R2 PCToolsFirewallPlus;PC Tools Firewall Plus;c:\program files\pc tools firewall plus\FWService.exe [2009-5-8 146800] R2 SnoopFreeSvc;Snoop Free Service;System32\SnoopFreeSvc.exe --> System32\SnoopFreeSvc.exe [?] R2 ThreatFire;ThreatFire;c:\program files\threatfire\tfservice.exe service --> c:\program files\threatfire\TFService.exe service [?] R3 HCWU2DTD;Hauppauge Nova USB2 DVB-T TV Receiver;c:\windows\system32\drivers\hcwu2dtd.sys [2007-8-17 57472] R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplf w.sys [2009-5-9 95640] R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNe tMon.sys [2009-3-5 33552] R3 Video3D;ASUS Video3D Service;c:\windows\system32\drivers\Video3D32.sys [2007-11-6 10752] S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2009-6-1 8704] S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2009-6-1 3072] S3 HCWU2DTL;Hauppauge Nova-USB2-T Adapter Firmware Loader;c:\windows\system32\drivers\hcwu2dtl.sys [2007-8-17 17920] S3 musbehco;musbehco;\??\c:\docume~1\richard\locals~1 \temp\musbehco.sys --> c:\docume~1\richard\locals~1\temp\musbehco.sys [?] S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys --> c:\windows\system32\drivers\rt2870.sys [?] S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys --> c:\windows\system32\drivers\wg111v3.sys [?] S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys --> c:\windows\system32\drivers\wg111v2.sys [?] S3 SaiH5F0D;SaiH5F0D;c:\windows\system32\drivers\SaiH 5F0D.sys [2007-9-21 176640] S3 SaiU5F0D;SaiU5F0D;c:\windows\system32\drivers\SaiU 5F0D.sys [2007-9-21 27264] S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-4-28 7408] S4 KodakSvc;Kodak AiO Device Service;c:\program files\kodak\printer\center\KodakSvc.exe [2008-2-28 18944] ============== File Associations =============== scrfile="%1" %* =============== Created Last 30 ================ 2009-07-09 12:17 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-07-09 12:17 19,096 a------- c:\windows\system32\drivers\mbam.sys 2009-07-09 12:17 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2009-07-08 15:38 <DIR> --d----- c:\program files\common files\HP 2009-07-08 15:31 117,158 a------- c:\windows\hpoins11.dat 2009-07-08 15:28 11,634 a------- c:\windows\hpomdl11.dat 2009-07-08 11:09 102,912 -c------ c:\windows\system32\dllcache\iecompat.dll 2009-07-06 14:01 0 a------- c:\windows\system32\pqtmp.fil 2009-07-05 21:41 <DIR> --d----- c:\temp\FixEngine 2009-07-04 13:53 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_0 1005.Wdf 2009-07-04 13:53 21,504 a------- c:\windows\system32\drivers\hidserv.dll 2009-07-03 21:51 <DIR> --d----- c:\windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP 2009-07-03 13:56 <DIR> --d----- c:\windows\system32\wbem\Repository 2009-07-03 12:49 <DIR> --dsh--- c:\documents and settings\richard\IECompatCache 2009-07-03 11:57 <DIR> --d----- c:\program files\THQ 2009-06-30 01:21 <DIR> --dsh--- c:\documents and settings\richard\PrivacIE 2009-06-28 11:23 <DIR> --dsh--- c:\documents and settings\richard\IETldCache 2009-06-28 11:18 <DIR> --d----- c:\windows\ie8updates 2009-06-28 11:17 <DIR> -cd-h--- c:\windows\ie8 2009-06-10 00:14 54,156 a---h--- c:\windows\QTFont.qfn 2009-06-10 00:14 1,409 a------- c:\windows\QTFont.for ==================== Find3M ==================== 2009-07-09 13:13 196,608 a------- c:\windows\system32\drivers\nStandard.bin 2009-07-06 19:27 8,002,404,352 a--sh--- C:\gobackio.bin 2009-07-03 14:01 327,688 a------- c:\windows\system32\drivers\avgldx86.sys 2009-07-03 14:01 11,952 a------- c:\windows\system32\avgrsstx.dll 2009-06-21 10:46 8,020 a------- c:\windows\system32\d3d9caps.dat 2009-06-19 21:37 46,864 a------- c:\windows\system32\drivers\TfSysMon.sys 2009-06-19 21:37 33,552 a------- c:\windows\system32\drivers\TfNetMon.sys 2009-06-19 21:37 51,984 a------- c:\windows\system32\drivers\TfFsMon.sys 2009-05-13 06:15 915,456 a------- c:\windows\system32\wininet.dll 2009-05-09 01:14 1,418,120 a------- c:\windows\system32\wdfcoinstaller01005.dll 2009-05-07 16:32 345,600 a------- c:\windows\system32\localspl.dll 2009-05-01 00:31 1,657,376 a------- c:\windows\system32\nwiz.exe 2009-05-01 00:31 449,056 a------- c:\windows\system32\nvappbar.exe 2009-05-01 00:31 436,768 a------- c:\windows\system32\keystone.exe 2009-05-01 00:31 1,724,416 a------- c:\windows\system32\nvwdmcpl.dll 2009-05-01 00:31 1,507,328 a------- c:\windows\system32\nview.dll 2009-05-01 00:31 1,101,824 a------- c:\windows\system32\nvwimg.dll 2009-05-01 00:31 466,944 a------- c:\windows\system32\nvshell.dll 2009-04-30 22:02 9,994,240 ac------ c:\windows\system32\nvoglnt.dll 2009-04-30 22:02 1,720,320 ac------ c:\windows\system32\nvcuda.dll 2009-04-30 22:02 663,552 ac------ c:\windows\system32\nvcuvid.dll 2009-04-30 22:02 5,896,320 a------- c:\windows\system32\nv4_disp.dll 2009-04-30 22:02 1,579,630 a------- c:\windows\system32\nvdata.bin 2009-04-30 22:02 1,314,816 a------- c:\windows\system32\nvcuvenc.dll 2009-04-30 22:02 806,912 a------- c:\windows\system32\nvapi.dll 2009-04-30 22:02 457,248 a------- c:\windows\system32\nvudisp.exe 2009-04-30 22:02 143,360 a------- c:\windows\system32\nvcodins.dll 2009-04-30 22:02 143,360 a------- c:\windows\system32\nvcod.dll 2009-04-29 05:56 827,392 a------- c:\windows\system32\wininet(3).dll 2009-04-29 05:56 1,159,680 a------- c:\windows\system32\urlmon(3).dll 2009-04-27 00:42 457,248 a------- c:\windows\system32\NVUNINST.EXE 2009-04-22 00:20 14,311,680 a------- c:\windows\system32\xlive.dll 2009-04-22 00:20 13,642,496 a------- c:\windows\system32\xlivefnt.dll 2009-04-17 13:26 1,847,168 a------- c:\windows\system32\win32k.sys 2009-04-15 15:51 585,216 a------- c:\windows\system32\rpcrt4.dll 2009-03-28 18:58 22,328 a------- c:\docume~1\richard\applic~1\PnkBstrK.sys 2004-10-01 15:00 40,960 a------- c:\program files\Uninstall_CDS.exe 2008-09-09 22:17 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090920080 910\index.dat ============= FINISH: 13:18:38.67 =============== and the attech log UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-06-26.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 16/08/2007 23:03:31 System Uptime: 07/09/2009 13:08:34 (-1440 hours ago) Motherboard: ASUSTeK Computer INC. | | A8N-SLI DELUXE Processor: Dual Core AMD Opteron(tm) Processor 165 | Socket 939 | 1809/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 75 GiB total, 22.742 GiB free. D: is CDROM () J: is CDROM () O: is Removable P: is Removable Q: is Removable R: is Removable ==== Disabled Device Manager Items ============= Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: SM Bus Controller Device ID: PCI\VEN_10DE&DEV_0052&SUBSYS_815A1043&REV_A2\3&241 1E6FE&0&09 Manufacturer: Name: SM Bus Controller PNP Device ID: PCI\VEN_10DE&DEV_0052&SUBSYS_815A1043&REV_A2\3&241 1E6FE&0&09 Service: ==== System Restore Points =================== RP195: 10/04/2009 02:03:33 - Removed GRID RP196: 10/04/2009 02:05:43 - Installed GRID RP197: 10/04/2009 02:38:17 - Installed DirectX RP198: 13/04/2009 08:28:49 - Avg8 Update RP199: 14/04/2009 03:30:12 - Software Distribution Service 3.0 RP200: 15/04/2009 22:48:22 - Software Distribution Service 3.0 RP201: 16/04/2009 15:01:31 - Avg8 Update RP202: 21/04/2009 14:20:26 - Installed Windows XP WgaNotify. RP203: 21/04/2009 18:38:45 - Restore Operation RP204: 21/04/2009 21:08:21 - Removed Crysis(R) SP Demo. RP205: 21/04/2009 21:11:45 - Configured NETGEAR WG111v3 wireless USB 2.0 adapter RP206: 21/04/2009 21:23:51 - Removed PLAYSTATION(R)Network Downloader. RP207: 21/04/2009 21:24:02 - Removed Project64 1.6 RP208: 21/04/2009 21:25:37 - Removed WG111v2 Configuration Utility RP209: 23/04/2009 15:33:31 - System Checkpoint RP210: 27/04/2009 14:29:00 - System Checkpoint RP211: 29/04/2009 17:19:37 - System Checkpoint RP212: 29/04/2009 17:33:05 - Software Distribution Service 3.0 RP213: 05/05/2009 11:15:46 - Avg8 Update RP214: 05/05/2009 11:17:51 - Avg8 Update RP215: 07/05/2009 18:39:41 - Installed DirectX RP216: 07/05/2009 21:52:23 - Removed GRID RP217: 07/05/2009 23:55:33 - Installed Norton GoBack 4.0 (Symantec Corporation) RP218: 09/05/2009 22:47:54 - Restore Operation RP219: 11/05/2009 19:05:00 - Installed DirectX 9.0 RP220: 13/05/2009 14:07:11 - Software Distribution Service 3.0 RP221: 16/05/2009 00:53:34 - Software Distribution Service 3.0 RP222: 16/05/2009 20:35:56 - Avg8 Update RP223: 17/05/2009 12:40:28 - Removed Steam RP224: 17/05/2009 12:44:34 - Installed Steam RP225: 18/05/2009 17:04:00 - System Checkpoint RP226: 18/05/2009 18:03:20 - Installed SUPERAntiSpyware Free Edition RP227: 20/05/2009 11:02:31 - Avg8 Update RP228: 20/05/2009 11:05:27 - Avg8 Update RP229: 21/05/2009 13:32:38 - System Checkpoint RP230: 24/05/2009 10:24:39 - System Checkpoint RP231: 24/05/2009 10:33:11 - Installed The Sims Hot Date RP232: 31/05/2009 11:56:31 - System Checkpoint RP233: 01/06/2009 21:03:39 - Removed Grand Theft Auto IV RP234: 01/06/2009 21:05:02 - Removed Rockstar Games Social Club RP235: 01/06/2009 21:56:40 - Installed Rockstar Games Social Club RP236: 01/06/2009 21:58:06 - Installed Grand Theft Auto IV RP237: 01/06/2009 22:25:23 - Installed Grand Theft Auto IV RP238: 05/06/2009 12:54:43 - System Checkpoint RP239: 11/06/2009 21:25:50 - Software Distribution Service 3.0 RP240: 19/06/2009 11:19:38 - System Checkpoint RP241: 20/06/2009 11:20:49 - System Checkpoint RP242: 25/06/2009 12:59:42 - Installed DirectX RP243: 26/06/2009 20:42:43 - Avg8 Update RP244: 28/06/2009 11:12:56 - Software Distribution Service 3.0 RP245: 29/06/2009 09:51:15 - Avg8 Update RP246: 29/06/2009 09:52:26 - Avg8 Update RP247: 03/07/2009 11:54:48 - Installed Frontlines: Fuel of War RP248: 03/07/2009 11:57:20 - Installed Frontlines: Fuel of War RP249: 03/07/2009 12:48:01 - Installed DirectX RP250: 03/07/2009 13:52:56 - Restore Operation RP251: 03/07/2009 14:00:32 - Avg8 Update RP252: 03/07/2009 14:01:40 - Avg8 Update RP253: 03/07/2009 14:13:02 - Software Distribution Service 3.0 RP254: 03/07/2009 21:47:20 - Installed Frontlines: Fuel of War RP255: 03/07/2009 21:51:10 - Installed DirectX RP256: 04/07/2009 13:53:13 - Software Distribution Service 3.0 RP257: 05/07/2009 13:08:16 - Removed Frontlines: Fuel of War RP258: 05/07/2009 13:19:48 - Installed Frontlines: Fuel of War RP259: 05/07/2009 14:01:46 - Software Distribution Service 3.0 RP260: 05/07/2009 14:37:58 - Removed Ad-Aware RP261: 05/07/2009 15:06:58 - Installed Frontlines: Fuel of War RP262: 08/07/2009 10:54:05 - Software Distribution Service 3.0 RP263: 08/07/2009 15:37:11 - Installed HPSU306Stub ==== Installed Programs ====================== Active Security Monitor 2.0.0.18 Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Photoshop Elements Adobe Reader 8.1.1 Adobe SVG Viewer Adssite Games Collection AiO_Scan_CDA aiofw aioocr aioprnt aioscnnr AiOSoftwareNPI AOL Coach Version 1.0(Build:20040229.1 uk) AOL Toolbar AOL UK (Choose which version to remove) AOL Uninstaller AOL You've Got Pictures Screensaver ASUS Gamer OSD ASUS GamerOSD AP ASUS nVidia Driver AVG 8.5 Belkin Bluetooth Software BufferChm C3100 c3100_Help CCleaner (remove only) center Counter-Strike: Source Creative MediaSource Creative System Information Critical Update for Windows Media Player 11 (KB959772) Crysis WARHEAD(R) Crysis(R) CustomerResearchQFolder Destinations DeviceManagementQFolder DocProc DocProcQFolder Dofus 1.24.0 Dream Of Mirror Online DVD Decrypter (Remove Only) DVD Shrink 3.2 EASEUS Partition Master 3.5 Home Edition eSupportQFolder F.E.A.R. 2: Project Origin Far Cry 2 Fax_CDA Fraps Garry's Mod Google Earth Google Toolbar for Internet Explorer Grand Theft Auto IV Half-Life 2 Hauppauge English Help Files and Resources Hauppauge WinTV Infrared Remote Hauppauge WinTV Scheduler Hauppauge WinTV2000 Help_CTR helptut helpug HijackThis 2.0.2 Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB952287) HP Customer Participation Program 7.0 HP Driver Diagnostics HP Imaging Device Functions 7.0 HP Photosmart Essential HP Photosmart, Officejet and Deskjet 7.0.A HP Software Update HP Solution Center 7.0 HPPhotoSmartExpress HPProductAssistant InCD InstantShareDevicesMFC InterVideo FilterSDK for Hauppauge Java(TM) 6 Update 2 KODAK All-in-One Printer Software ksdip Learn2 Player (Uninstall Only) LiveUpdate 2.5 (Symantec Corporation) Malwarebytes' Anti-Malware MarketResearch Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.0 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Games for Windows - LIVE Microsoft Games for Windows - LIVE Redistributable Microsoft IntelliPoint 6.1 Microsoft IntelliType Pro 6.1 Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Microsoft National Language Support Downlevel APIs Microsoft Office Professional Edition 2003 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 6.0 Parser (KB925673) Need for Speed™ Most Wanted Nero OEM netbrdg Network Play System (Patching) NewCopy_CDA Norton GoBack 4.0 (Symantec Corporation) NVIDIA Drivers NVIDIA PhysX OCR Software by I.R.I.S 7.0 Online Manuals for WinTV (English) OpenAL PanoStandAlone PC Tools Firewall Plus 5.0 PowerQuest PartitionMagic 7.0 ProductContextNPI PunkBuster Services QuickTime Readme RealPlayer Basic Rockstar Games Social Club Scan ScannerCopy Security Update for CAPICOM (KB931906) Security Update for Windows Internet Explorer 7 (KB937143) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB939653) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 8 (KB969897) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows Media Player 9 (KB936782) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB970238) SFR SnoopFree Privacy Shield SolutionCenter Sound Blaster Audigy 4 Status Steam SUPERAntiSpyware Free Edition Symantec Network Drivers Update System Requirements Lab The Sims File Cop The Sims Hot Date ThreatFire Tom Clancy's Rainbow Six Vegas 2 Toolbox TrayApp Uninstall 1.0.0.0 Unload Update for Windows Internet Explorer 8 (KB971930) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Viewpoint Media Player WebFldrs XP WebReg Windows Communication Foundation Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live installer Windows Live Messenger Windows Live Sign-in Assistant Windows Media Format 11 runtime Windows Media Player 11 Windows Presentation Foundation Windows Workflow Foundation Windows XP Service Pack 3 WinPatrol 2007 WinRAR archiver WinSpeedUp 2.52 XML Paper Specification Shared Components Pack 1.0 XviD MPEG-4 Video Codec ==== Event Viewer Messages From Past Week ======== 08/07/2009 17:44:43, error: Service Control Manager [7000] - The PCASp50 NDIS Protocol Driver service failed to start due to the following error: The system cannot find the file specified. 08/07/2009 15:03:01, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service. 06/07/2009 12:58:56, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume I:. 05/07/2009 14:02:30, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 8 for Windows XP. 04/07/2009 07:31:50, error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: Cannot create a file when that file already exists. ==== End Of File ===========================
__________________
If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization. A computer once beat me at chess But it was no match for me at kick boxing.
|
|
#4
9th Jul 2009, 09:56
|
|||
|
|||
|
Go to Add or Remove Programs and uninstall: (if found)
Download ComboFix© by sUBs from one of the below links. Be sure top save it to the Desktop. Link #1 Link #2 **Note: It is important that it is saved directly to your Desktop DO NOT run it yet! Note: the below instructions were created specifically for this user. If you are not this user, DO NOT follow these directions as they could damage the workings of your system Delete these files/folders, as follows: 1. Go to Start > Run > type Notepad.exe and click OK to open Notepad. It must be Notepad, not Wordpad. 2. Copy the text in the below code box by highlighting all the text and pressing Ctrl+C Code:
KillAll::
Driver::
musbehco
File::
c:\docume~1\richard\locals~1 \temp\musbehco.sys
DDS::
uSearch Bar =
BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File
BHO: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - No File
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
4. Then click File > Save 5. Name the file CFScript.txt - Save the file to your Desktop 6. Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!  ComboFix will begin to execute, just follow the prompts. After reboot (in case it asks to reboot), it will produce a log for you. Post that log (Combofix.txt) in your next reply. Note: Do not mouseclick ComboFix's window while it is running. That may cause your system to freeze ---------- Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to infect your system. First install the new Sun Java Runtime Environment Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update. Be sure to close all browser windows before beginning the install. Remove the old version(s) Download JavaRa * Unzip the file and open the JavaRa.exe * Click Remove Older Versions * JavaRa will search for and remove any outdated version of Java and remove any that are found. * Click Additional Tasks * Place a check next to Remove Useless JRE Files and click Go * Exit JavaRa * Delete the JavaRa files from the Desktop Additional Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.
__________________
|
|
#5
9th Jul 2009, 15:13
|
|||
|
|||
|
Didnt find MARKET RESEARCH in add and remove
Combofix log as requested ComboFix 09-07-09.03 - richard 09/07/2009 21:49.1.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1419 [GMT 1:00] Running from: c:\documents and settings\richard\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\richard\Desktop\CFScript.txt AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: PC Tools Firewall Plus *enabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52} FILE :: "c:\docume~1\richard\locals~1 \temp\musbehco.sys" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat c:\program files\Adssite Games Collection c:\program files\Adssite Games Collection\BattlesOfHelicopters.exe c:\program files\Adssite Games Collection\BobAndBill.exe c:\program files\Adssite Games Collection\CrazyBlocks.exe c:\program files\Adssite Games Collection\Lines.exe c:\program files\Adssite Games Collection\uninstall.exe c:\program files\Adssite Games Collection\VideoPool.exe c:\recycler\NPROTECT c:\windows\Installer\14bfcb.msp c:\windows\Installer\14bfe4.msp c:\windows\Installer\14bffd.msp c:\windows\Installer\1d2aeb.msi c:\windows\system32\dumphive.exe c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL\CabSA.inf c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL\desktop.ini c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL\jinstall-6u2.inf c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL\MicrosoftUpdateCatalogWebControl.inf c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL\MsnPUpld.dll c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL\MsnPUpld.inf c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL\muweb.inf c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL\PURen-gb.dll c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL\PURen-us.dll c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL\rufsi.dll c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL\swflash.inf c:\windows\system32\gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, GBIEHABN.DLL, SCPSSSH2.DLL\wuweb.inf c:\windows\system32\SrchSTS.exe c:\windows\system32\VACFix.exe c:\windows\system32\VCCLSID.exe c:\windows\system32\WS2Fix.exe ----- BITS: Possible infected sites ----- hxxp://msxb-d1.vo.llnw.net:3074 . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_MUSBEHCO -------\Service_musbehco ((((((((((((((((((((((((( Files Created from 2009-06-09 to 2009-07-09 ))))))))))))))))))))))))))))))) . 2009-07-09 14:13 . 2009-07-09 14:13 -------- d-----w- c:\windows\048298C9A4D3490B9FF9AB023A9238F3.TMP 2009-07-09 11:17 . 2009-06-17 10:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-07-09 11:17 . 2009-07-09 11:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-07-09 11:17 . 2009-06-17 10:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-07-08 14:38 . 2009-07-08 14:39 -------- d-----w- c:\program files\Common Files\HP 2009-07-08 14:31 . 2009-07-08 14:40 117158 ----a-w- c:\windows\hpoins11.dat 2009-07-08 14:28 . 2006-05-05 23:17 11634 ----a-w- c:\windows\hpomdl11.dat 2009-07-08 10:09 . 2009-06-02 10:12 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll 2009-07-08 10:06 . 2009-04-30 21:22 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2009-07-08 10:06 . 2009-04-30 21:22 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2009-07-05 20:41 . 2009-07-05 21:26 -------- d-----w- c:\temp\FixEngine 2009-07-05 20:38 . 2009-07-05 20:38 10134 ----a-r- c:\documents and settings\richard\Application Data\Microsoft\Installer\{4CCC7F68-A437-4559-A840-F5E010934951}\ARPPRODUCTICON.exe 2009-07-04 12:53 . 2008-04-14 00:11 21504 ----a-w- c:\windows\system32\drivers\hidserv.dll 2009-07-03 20:51 . 2009-07-03 20:51 -------- d-----w- c:\windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP 2009-07-03 12:56 . 2009-07-03 12:56 -------- d-----w- c:\windows\system32\wbem\Repository 2009-07-03 11:49 . 2009-07-03 11:49 -------- d-sh--w- c:\documents and settings\richard\IECompatCache 2009-07-03 10:57 . 2009-07-05 12:09 -------- d-----w- c:\program files\THQ 2009-06-30 21:12 . 2009-06-30 21:12 -------- d-----w- c:\documents and settings\kane\PrivacIE 2009-06-30 00:21 . 2009-06-30 00:21 -------- d-sh--w- c:\documents and settings\richard\PrivacIE 2009-06-28 20:06 . 2009-06-28 20:06 -------- d-----w- c:\documents and settings\kane\IETldCache 2009-06-28 10:29 . 2009-06-28 10:29 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache 2009-06-28 10:23 . 2009-06-28 10:23 -------- d-sh--w- c:\documents and settings\richard\IETldCache 2009-06-28 10:18 . 2009-06-28 10:18 -------- d-----w- c:\windows\ie8updates 2009-06-28 10:17 . 2009-07-08 10:05 -------- dc-h--w- c:\windows\ie8 2009-06-09 23:14 . 2009-06-09 23:14 -------- d-----w- c:\documents and settings\debbie\Local Settings\Application Data\Apple Computer 2009-06-09 22:57 . 2009-06-09 22:57 -------- d-----w- c:\documents and settings\debbie\Application Data\PCToolsFirewallPlus . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )) . 2009-07-09 21:53 . 2007-11-06 18:43 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin 2009-07-09 21:52 . 2008-02-01 15:22 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-07-08 14:37 . 2007-08-17 19:02 -------- d-----w- c:\program files\HP 2009-07-08 09:59 . 2009-03-05 19:53 -------- d-----w- c:\program files\PC Tools Firewall Plus 2009-07-07 12:58 . 2009-04-12 10:32 -------- d-----w- c:\documents and settings\kane\Application Data\DNA 2009-07-07 12:50 . 2009-04-12 10:32 -------- d-----w- c:\program files\DNA 2009-07-07 11:00 . 2008-02-03 11:33 -------- d-----w- c:\program files\Trend Micro 2009-07-07 10:18 . 2009-05-18 17:04 117760 ----a-w- c:\documents and settings\richard\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\ UIREPAIR.DLL 2009-07-06 18:27 . 2009-05-07 22:59 8002404352 --sha-w- C:\gobackio.bin 2009-07-06 18:27 . 2009-05-07 22:55 -------- d-----w- c:\program files\Norton GoBack 2009-07-05 14:02 . 2007-08-17 19:15 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-07-05 13:38 . 2008-01-30 20:13 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2009-07-05 13:38 . 2007-08-17 17:57 -------- d-----w- c:\program files\Lavasoft 2009-07-04 12:53 . 2009-07-04 12:53 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_0 1005.Wdf 2009-07-04 06:31 . 2009-05-18 17:03 -------- d-----w- c:\program files\SUPERAntiSpyware 2009-07-03 14:35 . 2009-03-05 19:52 -------- d-----w- c:\program files\ThreatFire 2009-07-03 13:22 . 2008-12-22 20:10 305928 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-07-03 13:01 . 2009-03-05 20:17 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-07-03 13:01 . 2009-03-05 20:17 327688 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-07-03 13:01 . 2009-03-05 20:17 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-07-03 12:53 . 2008-05-15 15:14 -------- d-----w- c:\program files\Dofus 2009-06-21 09:46 . 2007-11-06 20:40 8020 ----a-w- c:\windows\system32\d3d9caps.dat 2009-06-19 20:37 . 2009-03-05 19:52 46864 ----a-w- c:\windows\system32\drivers\TfSysMon.sys 2009-06-19 20:37 . 2009-03-05 19:52 33552 ----a-w- c:\windows\system32\drivers\TfNetMon.sys 2009-06-19 20:37 . 2009-03-05 19:52 51984 ----a-w- c:\windows\system32\drivers\TfFsMon.sys 2009-06-10 16:33 . 2007-08-18 19:58 -------- d-----w- c:\documents and settings\richard\Application Data\LimeWire 2009-06-01 12:53 . 2009-06-01 12:53 -------- d-----w- c:\program files\EASEUS 2009-05-25 20:49 . 2009-05-23 19:14 773 ----a-w- c:\windows\eReg.dat 2009-05-25 09:31 . 2009-05-25 09:31 -------- d--h--r- c:\documents and settings\kane\Application Data\SecuROM 2009-05-18 18:59 . 2007-11-12 17:27 -------- d-----w- c:\program files\Electronic Arts 2009-05-18 17:03 . 2009-05-18 17:03 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2009-05-18 17:03 . 2009-05-18 17:03 -------- d-----w- c:\documents and settings\richard\Application Data\SUPERAntiSpyware.com 2009-05-17 00:22 . 2008-10-30 21:14 -------- d-----w- c:\program files\AGEIA Technologies 2009-05-17 00:15 . 2008-10-30 20:51 -------- d-----w- c:\program files\SystemRequirementsLab 2009-05-14 20:22 . 2008-12-14 12:57 -------- d-----w- c:\program files\VoyagerModem105Drivers 2009-05-13 05:15 . 2006-02-28 12:00 915456 ----a-w- c:\windows\system32\wininet.dll 2009-05-09 00:14 . 2006-11-02 16:09 1418120 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll 2009-05-09 00:14 . 2009-05-09 00:14 14736 ----a-w- c:\windows\system32\drivers\nuidfltr.sys 2009-05-08 23:23 . 2009-05-08 23:18 73840 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2009-05-08 23:23 . 2009-05-08 23:18 95640 ----a-w- c:\windows\system32\drivers\pctplfw.sys 2009-05-07 15:32 . 2006-02-28 12:00 345600 ----a-w- c:\windows\system32\localspl.dll 2009-05-05 10:17 . 2009-03-05 20:17 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-04-30 23:31 . 2009-04-30 23:31 1657376 ----a-w- c:\windows\system32\nwiz.exe 2009-04-30 23:31 . 2009-04-30 23:31 449056 ----a-w- c:\windows\system32\nvappbar.exe 2009-04-30 23:31 . 2009-04-30 23:31 436768 ----a-w- c:\windows\system32\keystone.exe 2009-04-30 23:31 . 2009-04-30 23:31 466944 ----a-w- c:\windows\system32\nvshell.dll 2009-04-30 23:31 . 2009-04-30 23:31 1724416 ----a-w- c:\windows\system32\nvwdmcpl.dll 2009-04-30 23:31 . 2009-04-30 23:31 1507328 ----a-w- c:\windows\system32\nview.dll 2009-04-30 23:31 . 2009-04-30 23:31 1101824 ----a-w- c:\windows\system32\nvwimg.dll 2009-04-30 21:02 . 2009-04-30 21:02 663552 -c--a-w- c:\windows\system32\nvcuvid.dll 2009-04-30 21:02 . 2009-04-30 21:02 1579630 ----a-w- c:\windows\system32\nvdata.bin 2009-04-30 21:02 . 2009-04-30 21:02 1314816 ----a-w- c:\windows\system32\nvcuvenc.dll 2009-04-30 21:02 . 2008-10-07 13:33 1720320 -c--a-w- c:\windows\system32\nvcuda.dll 2009-04-30 21:02 . 2007-08-16 22:20 457248 ----a-w- c:\windows\system32\nvudisp.exe 2009-04-30 21:02 . 2007-02-23 03:25 9994240 -c--a-w- c:\windows\system32\nvoglnt.dll 2009-04-30 21:02 . 2007-02-23 03:25 806912 ----a-w- c:\windows\system32\nvapi.dll 2009-04-30 21:02 . 2007-02-23 03:25 143360 ----a-w- c:\windows\system32\nvcodins.dll 2009-04-30 21:02 . 2007-02-23 03:25 143360 ----a-w- c:\windows\system32\nvcod.dll 2009-04-30 21:02 . 2006-07-14 19:27 8055584 ----a-w- c:\windows\system32\drivers\nv4_mini.sys 2009-04-30 21:02 . 2006-07-14 19:27 5896320 ----a-w- c:\windows\system32\nv4_disp.dll 2009-04-29 04:56 . 2006-02-28 12:00 827392 ----a-w- c:\windows\system32\wininet(3).dll 2009-04-29 04:56 . 2006-02-28 12:00 1159680 ----a-w- c:\windows\system32\urlmon(3).dll 2009-04-26 23:42 . 2007-08-16 22:20 457248 ----a-w- c:\windows\system32\NVUNINST.EXE 2009-04-23 06:47 . 2009-04-23 06:47 79128 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avgpp.dll 2009-04-23 06:47 . 2009-04-23 06:47 824600 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\prepare\avgcmgr.exe 2009-04-21 23:20 . 2009-04-21 23:20 14311680 ----a-w- c:\windows\system32\xlive.dll 2009-04-21 23:20 . 2009-04-21 23:20 13642496 ----a-w- c:\windows\system32\xlivefnt.dll 2009-04-17 12:26 . 2006-02-28 12:00 1847168 ----a-w- c:\windows\system32\win32k.sys 2009-04-15 14:51 . 2006-02-28 12:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll 2009-04-12 11:52 . 2008-07-25 09:55 34 ----a-w- c:\documents and settings\kane\jagex_runescape_preferences.dat 2004-10-01 14:00 . 2007-08-17 19:35 40960 ----a-w- c:\program files\Uninstall_CDS.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run] "00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2009-05-08 2652056] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-30 13750272] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720] "ThreatFire"="c:\program files\ThreatFire\TFTray.exe" [2009-06-19 259344] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "SnoopFreeUI"="SnoopFreeUI.exe" - c:\windows\SnoopFreeUI.exe [2007-08-17 221184] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Start Menu\Programs\Startup\ AutoStart IR.lnk - c:\program files\WinTV\Ir.exe [2008-2-13 102455] BTTray.lnk - c:\program files\Belkin\Bluetooth Software\BTTray.exe [2004-10-1 565309] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472] Norton GoBack.lnk - c:\program files\Norton GoBack\GBTray.exe [2004-8-13 803976] [hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-12-22 11:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-07-03 13:01 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WebrootSpySweeperService] @="" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"= "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"= "c:\\Program Files\\AOL 9.0\\waol.exe"= "c:\\Program Files\\Common Files\\AOL\\1200492464\\ee\\aolsoftware.exe"= "c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"= "c:\\Program Files\\AOL 9.0a\\waol.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMo n.sys [05/03/2009 20:52 51984] R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSy sMon.sys [05/03/2009 20:52 46864] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [05/03/2009 21:17 327688] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [05/03/2009 21:17 108552] R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctg ntdi.sys [09/05/2009 00:18 159600] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [28/04/2009 11:33 9968] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [28/04/2009 11:33 72944] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [05/03/2009 21:17 298776] R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [30/08/2007 21:03 66048] R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [09/05/2009 00:18 73840] R2 ThreatFire;ThreatFire;c:\program files\ThreatFire\TFService.exe service --> c:\program files\ThreatFire\TFService.exe service [?] R3 HCWU2DTD;Hauppauge Nova USB2 DVB-T TV Receiver;c:\windows\system32\drivers\hcwu2dtd.sys [17/08/2007 21:18 57472] R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplf w.sys [09/05/2009 00:18 95640] R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNe tMon.sys [05/03/2009 20:52 33552] S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [01/06/2009 13:53 8704] S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [01/06/2009 13:53 3072] S3 HCWU2DTL;Hauppauge Nova-USB2-T Adapter Firmware Loader;c:\windows\system32\drivers\hcwu2dtl.sys [17/08/2007 21:18 17920] S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\DRIVERS\rt2870.sys --> c:\windows\system32\DRIVERS\rt2870.sys [?] S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v3.sys --> c:\windows\system32\DRIVERS\wg111v3.sys [?] S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\DRIVERS\wg111v2.sys --> c:\windows\system32\DRIVERS\wg111v2.sys [?] S3 SaiH5F0D;SaiH5F0D;c:\windows\system32\drivers\SaiH 5F0D.sys [21/09/2007 16:59 176640] S3 SaiU5F0D;SaiU5F0D;c:\windows\system32\drivers\SaiU 5F0D.sys [21/09/2007 16:59 27264] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [28/04/2009 11:33 7408] S4 KodakSvc;Kodak AiO Device Service;c:\program files\Kodak\Printer\Center\KodakSvc.exe [28/02/2008 18:57 18944] --- Other Services/Drivers In Memory --- *Deregistered* - mchInjDrv [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP . Contents of the 'Scheduled Tasks' folder 2009-06-29 c:\windows\Tasks\Kodak AiO Scheduled Maintenance.job - c:\program files\Kodak\Printer\Center\Kodak.Statistics.exe [2008-02-28 17:57] 2009-07-08 c:\windows\Tasks\Symantec NetDetect.job - c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2009-05-08 16:26] . - - - - ORPHANS REMOVED - - - - SafeBoot-svcWRSSSDK . ------- Supplementary Scan ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:en-US&ie=utf8&oe=utf8 mWindow Title = Microsoft Internet Explorer uSearchURL,(Default) = hxxp://search.aol.co.uk/web?isinit=true&query=%s IE: &AOL Toolbar search - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTML IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 IE: Send To &Bluetooth - c:\program files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab . ************************************************** ************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-09 22:50 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************** ************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1935655697-1292428093-839522115-1003\Software\Microsoft\SystemCertificates\Address Book*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) [HKEY_USERS\S-1-5-21-1935655697-1292428093-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:a2,98,21,2b,1c,a7,1c,f2,eb,86,e0,ca,8a,1b ,0a,ac,79,d4,a7,ea,07,49,f5, b3,56,64,e1,43,72,d5,7b,59,c7,f0,ed,a3,47,bd,b3,51 ,dd,ed,1e,e5,7e,57,b6,84,\ "??"=hex:cf,55,c7,95,2b,14,4d,f8,66,7b,0c,1b,19,52 ,fe,22 [HKEY_USERS\S-1-5-21-1935655697-1292428093-839522115-1003\Software\SecuROM\License information*] "datasecu"=hex:44,70,8f,93,d0,20,52,7a,f2,29,2d,25 ,1a,40,93,ab,a3,bf,42,a0,f3, 7f,4a,1e,35,a3,df,4f,f4,ce,31,ad,5e,21,37,eb,19,ce ,5f,ac,02,de,33,af,98,5f,\ "rkeysecu"=hex:29,ef,07,75,38,34,24,99,99,ec,ae,2a ,a2,e5,c9,06 [HKEY_LOCAL_MACHINE\software\NETGEAR\WG111v2 Configuration Utility] @DACL=(02 0000) . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1516) c:\program files\SUPERAntiSpyware\SASWINLO.dll c:\windows\system32\WININET.dll c:\program files\ThreatFire\TFWAH.dll c:\program files\ThreatFire\TFNI.dll c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll c:\program files\ThreatFire\TFMon.dll c:\program files\ThreatFire\TFRK.dll - - - - - - - > 'lsass.exe'(1576) c:\program files\ThreatFire\TFWAH.dll - - - - - - - > 'explorer.exe'(5632) c:\windows\system32\WININET.dll c:\windows\SnoopFreeDll.dll c:\windows\system32\ieframe.dll c:\program files\ThreatFire\TFNI.dll c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a 1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll c:\program files\ThreatFire\TFMon.dll c:\program files\ThreatFire\TFRK.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvsvc32.exe c:\program files\PC Tools Firewall Plus\FWService.exe c:\program files\Ahead\InCD\InCDsrv.exe c:\windows\ATKKBService.exe c:\program files\Belkin\Bluetooth Software\bin\btwdins.exe c:\windows\system32\CTSVCCDA.EXE c:\program files\Norton GoBack\GBPoll.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\PnkBstrB.exe c:\windows\system32\SnoopFreeSvc.exe c:\program files\ThreatFire\TFService.exe c:\program files\AVG\AVG8\avgrsx.exe c:\progra~1\AVG\AVG8\avgnsx.exe c:\program files\HP\Digital Imaging\bin\hpqste08.exe . ************************************************** ************************ . Completion time: 2009-07-09 22:56 - machine was rebooted ComboFix-quarantined-files.txt 2009-07-09 21:56 Pre-Run: 24,154,968,064 bytes free Post-Run: 28,926,742,528 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOW S [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Micro soft Windows XP Professional" /noexecute=optin /fastdetect and have updared Java
__________________
If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization. A computer once beat me at chess But it was no match for me at kick boxing.
|
|
#6
9th Jul 2009, 20:17
|
|||
|
|||
|
Go to Start > Run and type notepad.exe then click OK
Copy and paste the below into Notepad and save as fixme.reg to Your Desktop Code:
REGEDIT4 [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService] [-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] Make sure that you tell me if you receive a success message about adding the above to the registry. If you do not get a success message, it did not work. Delete the fixme.reg from the Desktop. ---------- * Click START then RUN * Now type Combofix /u in the runbox * Make sure there's a space between Combofix and /u * Then hit Enter * The above procedure will: * Delete the following: * ComboFix and its associated files and folders. * Reset the clock settings. * Hide file extensions, if required. * Hide System/Hidden files, if required. * Set a new, clean Restore Point. ---------- Clean out your temporary internet files and temp files. Download TFC by OldTimer to your desktop. Double-click TFC.exe to run it. Note: If you are running on Vista, right-click on the file and choose Run As Administrator TFC will close all programs when run, so make sure you have saved all your work before you begin. * Click the Start button to begin the cleaning process. * Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. * Please let TFC run uninterrupted until it is finished. Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning. ---------- Use the Kaspersky Lab Online Scanner In Microsoft Windows Vista, you must open the Web browser using the Run as Administrator command. From the Desktop right click the icon to open the browser and choose Run as Administrator.
When the scan is done, in the Scan is complete window, any infection is displayed. There is no option to clean/disinfect, however, we need to analyze the information on the report. To obtain the report: Click on: Save Report As
 Copy and paste the Kaspersky Online Scanner Report in your next reply. Note for Internet Explorer 7 and 8 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%. If needed, this animation will guide you through the process.
__________________
|
|
#7
11th Jul 2009, 13:07
|
|||
|
|||
|
Hi did the,
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WebrootSpySweeperService] [-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] and i got a Succes Message, deleted Comofik ok. cleaned out the temp files. and heres the online scanner log, KASPERSKY ONLINE SCANNER 7.0 REPORT Saturday, July 11, 2009 Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600) Kaspersky Online Scanner version: 7.0.26.13 Program database last update: Saturday, July 11, 2009 18:11:17 Records in database: 2460577 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: A:\ C:\ D:\ J:\ O:\ P:\ Q:\ R:\ Scan statistics: Files scanned: 81274 Threat name: 0 Infected objects: 0 Suspicious objects: 0 Duration of the scan: 02:28:43 No malware has been detected. The scan area is clean. The selected area was scanned.
__________________
If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization. A computer once beat me at chess But it was no match for me at kick boxing.
|
|
#8
11th Jul 2009, 13:24
|
|||
|
|||
|
Looks like we got everything.
How is the computer running now?
__________________
|
|
#9
11th Jul 2009, 13:56
|
|||
|
|||
|
Hi yep it seems to be alot better,
Its running alot quicker when on the net, booting up pc was slow last time but havnt rebooted yet so ill find out later, can now again copy and paste but havnt tried my old mouse yet I.E. seems to be working fine and with AOL the pages are loading alot quicker have managed to update driver`s that i needed (at last)and can again run multi apps without probs Many thanks your a diamond Evilfantasy, just two questions, should i un-install TFC? and should i install ad-ware or am i protected ok now(remembering to update the protection i have already)
__________________
If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization. A computer once beat me at chess But it was no match for me at kick boxing.
|
|
#10
11th Jul 2009, 16:14
|
|||
|
|||
|
Quote:
Ad-Aware is OK but I think something like PC Tools ThreatFire would be better.
__________________
|
