Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Need help with google copy-book.com redirect [Solved]

Started by ace101 , Dec 12 2008 04:27 PM

  • This topic is locked This topic is locked

#31
Jimmy2012
Posted 23 December 2008 - 02:41 PM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello ace101,

ok done that, but I can't see any log at C:\ComboFix.txt ?

Did you re-download ComboFix and run another scan with it?
  • 0

Advertisements

#32
ace101
Posted 23 December 2008 - 02:45 PM

ace101

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Hello ace101,

ok done that, but I can't see any log at C:\ComboFix.txt ?

Did you re-download ComboFix and run another scan with it?


Hi, nope I used the same combofix while fixing this problem in the thread we had.
  • 0

#33
Jimmy2012
Posted 23 December 2008 - 02:50 PM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello ace101,
The ComboFix you have please delete it and re-download it, and then run another scan with it. :)
  • 0

#34
ace101
Posted 23 December 2008 - 03:26 PM

ace101

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Hello ace101,
The ComboFix you have please delete it and re-download it, and then run another scan with it. :)


Hi, I have done another scan and here is the log:

ComboFix 08-12-23.01 - ADMIN 2008-12-23 20:56:30.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2395 [GMT 0:00]
Running from: c:\documents and settings\ADMIN\Desktop\ComboFix.exe
* Created a new restore point
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\ADMIN\Local Settings\Temporary Internet Files\fbk.sts
c:\windows\system32\gdwmxdcg.dll
c:\windows\system32\zaflsp.dll
.
---- Previous Run -------
.
c:\program files\uninst-Echospace.exe
c:\program files\uninst-Starglow.exe

.
((((((((((((((((((((((((( Files Created from 2008-11-23 to 2008-12-23 )))))))))))))))))))))))))))))))
.

2008-12-23 20:53 . 2008-12-23 21:08 <DIR> d-------- C:\ComboFix
2008-12-23 18:25 . 2008-12-23 18:25 <DIR> d-------- C:\_OTMoveIt
2008-12-23 18:25 . 2008-12-23 18:25 <DIR> d-------- C:\_OTMoveIt
2008-12-22 22:12 . 2008-12-22 22:12 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-22 22:12 . 2008-12-22 22:12 <DIR> d-------- c:\documents and settings\ADMIN\Application Data\Malwarebytes
2008-12-22 22:12 . 2008-12-22 22:12 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-22 22:12 . 2008-12-03 19:59 38,496 --a------ c:\windows\SYSTEM32\DRIVERS\mbamswissarmy.sys
2008-12-22 22:12 . 2008-12-03 19:59 15,504 --a------ c:\windows\SYSTEM32\DRIVERS\mbam.sys
2008-12-22 17:22 . 2008-12-23 12:47 <DIR> d-------- c:\program files\iTunes
2008-12-22 17:22 . 2008-12-22 17:23 <DIR> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-22 14:23 . 2008-12-22 14:23 <DIR> d-------- c:\documents and settings\LocalService\Application Data\SACore
2008-12-22 14:13 . 2008-12-22 14:13 <DIR> d-------- c:\documents and settings\All Users\Application Data\SiteAdvisor
2008-12-21 18:40 . 2008-12-21 18:41 <DIR> drahs---- C:\cmdcons
2008-12-21 01:05 . 2008-12-21 01:05 <DIR> d-------- C:\rsit
2008-12-21 01:05 . 2008-12-21 01:05 <DIR> d-------- C:\rsit
2008-12-20 12:58 . 2008-12-23 20:24 10,827 --a------ c:\windows\SYSTEM32\Config.MPF
2008-12-20 12:51 . 2008-12-20 12:51 <DIR> d-------- c:\program files\McAfee.com
2008-12-20 12:51 . 2008-12-22 00:19 <DIR> d-------- c:\program files\Common Files\McAfee
2008-12-20 12:51 . 2008-06-27 06:08 207,656 --a------ c:\windows\SYSTEM32\DRIVERS\mfehidk.sys
2008-12-20 12:51 . 2008-06-02 14:55 120,136 --a------ c:\windows\SYSTEM32\DRIVERS\Mpfp.sys
2008-12-20 12:51 . 2008-06-27 06:08 79,240 --a------ c:\windows\SYSTEM32\DRIVERS\mfeavfk.sys
2008-12-20 12:51 . 2008-06-27 06:08 40,488 --a------ c:\windows\SYSTEM32\DRIVERS\mfesmfk.sys
2008-12-20 12:51 . 2008-06-27 06:08 35,240 --a------ c:\windows\SYSTEM32\DRIVERS\mfebopk.sys
2008-12-20 12:51 . 2008-06-20 05:41 34,152 --a------ c:\windows\SYSTEM32\DRIVERS\mferkdk.sys
2008-12-20 12:49 . 2008-12-20 12:49 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg7
2008-12-12 16:13 . 2008-12-12 16:13 <DIR> d-------- c:\program files\Alwil Software
2008-12-12 11:18 . 2008-12-12 11:18 87,336 --a------ c:\windows\SYSTEM32\dns-sd.exe
2008-12-12 11:11 . 2008-12-12 11:11 61,440 --a------ c:\windows\SYSTEM32\dnssd.dll
2008-11-29 14:40 . 2008-11-29 14:40 <DIR> d-------- c:\program files\iolo

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-23 21:08 --------- d-----w c:\documents and settings\All Users\Application Data\Kontiki
2008-12-23 18:30 --------- d-----w c:\program files\McAfee
2008-12-23 14:16 --------- d-----w c:\program files\XoftSpySE
2008-12-23 04:18 --------- d-----w c:\program files\DAEMON Tools Pro
2008-12-23 01:01 --------- d-----w c:\program files\LogMeIn
2008-12-22 17:25 --------- d-----w c:\program files\Bonjour
2008-12-22 17:22 --------- d-----w c:\program files\iPod
2008-12-22 17:19 --------- d-----w c:\program files\QuickTime
2008-12-22 17:17 --------- d-----w c:\program files\Common Files\Apple
2008-12-22 14:04 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-22 14:04 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-22 12:08 --------- d-----w c:\documents and settings\All Users\Application Data\McAfee
2008-12-22 00:13 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-12-20 12:49 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2008-12-18 19:41 --------- d--h--w c:\documents and settings\ADMIN\Application Data\IFViewer
2008-12-17 19:53 --------- d-----w c:\program files\Dl_cats
2008-12-13 06:40 3,593,216 ----a-w c:\windows\SYSTEM32\DLLCACHE\mshtml.dll
2008-12-12 20:25 --------- d-----w c:\program files\Flash EXE Builder 1.0
2008-11-29 15:27 --------- d-----w c:\program files\Corel
2008-11-29 15:27 --------- d-----w c:\program files\Common Files\Corel
2008-11-29 15:18 --------- d-----w c:\program files\Macromedia
2008-11-29 15:18 --------- d-----w c:\program files\Common Files\Macromedia
2008-11-29 14:54 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-29 14:53 --------- d-----w c:\program files\Logitech
2008-11-29 14:53 --------- d-----w c:\program files\Common Files\LogiShrd
2008-11-29 14:53 --------- d-----w c:\documents and settings\All Users\Application Data\LogiShrd
2008-11-29 14:42 --------- d-----w c:\documents and settings\ADMIN\Application Data\iolo
2008-11-29 14:41 --------- d-----w c:\documents and settings\All Users\Application Data\iolo
2008-11-24 23:21 935,776 ----a-w c:\windows\SYSTEM32\Incinerator.dll
2008-11-22 21:31 --------- d-----w c:\documents and settings\All Users\Application Data\Logitech
2008-11-21 17:03 --------- d-----w c:\program files\WAV to MP3 Encoder
2008-11-20 23:17 --------- d-----w c:\program files\Trend Micro
2008-11-20 17:34 --------- d-----w c:\program files\Rapidown
2008-11-20 17:34 --------- d-----w c:\program files\MP3 Stream Creator
2008-11-18 11:51 8,192 ----a-w c:\windows\SYSTEM32\smrgdf.exe
2008-11-16 19:19 --------- d-----w c:\documents and settings\ADMIN\Application Data\Azureus
2008-11-16 19:17 --------- d-----w c:\program files\Azureus
2008-11-16 19:17 --------- d-----w c:\documents and settings\All Users\Application Data\Azureus
2008-11-16 19:14 27,904 ----a-w c:\windows\system32\drivers\ndisprot.sys
2008-11-16 19:08 --------- d--h--w c:\documents and settings\ADMIN\Application Data\FVSTemp
2008-11-16 19:04 --------- d--h--w c:\documents and settings\ADMIN\Application Data\IFBuilder
2008-11-16 17:44 --------- d-----w c:\program files\Chameleon Flash Pro edition
2008-11-15 00:35 --------- d-----w c:\program files\DivX
2008-11-01 13:15 --------- d-----w c:\program files\Vimicro
2008-10-28 23:18 410,976 ----a-w c:\windows\SYSTEM32\deploytk.dll
2008-10-28 23:18 --------- d-----w c:\program files\Java
2008-10-28 22:30 --------- d-----w c:\program files\Kontiki
2008-10-28 22:30 --------- d-----w c:\program files\Channel4
2008-10-28 22:29 --------- d-----w c:\documents and settings\All Users\Application Data\Channel4
2008-10-28 17:30 --------- d-----w c:\program files\Diskeeper Corporation
2008-10-28 17:30 --------- d-----w c:\documents and settings\All Users\Application Data\Diskeeper Corporation
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-24 11:21 455,296 ------w c:\windows\SYSTEM32\DLLCACHE\mrxsmb.sys
2008-10-23 12:36 286,720 ----a-w c:\windows\SYSTEM32\gdi32.dll
2008-10-23 12:36 286,720 ------w c:\windows\SYSTEM32\DLLCACHE\gdi32.dll
2008-10-16 14:13 202,776 ----a-w c:\windows\SYSTEM32\wuweb.dll
2008-10-16 14:13 202,776 ----a-w c:\windows\SYSTEM32\DLLCACHE\wuweb.dll
2008-10-16 14:13 1,809,944 ----a-w c:\windows\SYSTEM32\wuaueng.dll
2008-10-16 14:13 1,809,944 ----a-w c:\windows\SYSTEM32\DLLCACHE\wuaueng.dll
2008-10-16 14:12 561,688 ----a-w c:\windows\SYSTEM32\wuapi.dll
2008-10-16 14:12 561,688 ----a-w c:\windows\SYSTEM32\DLLCACHE\wuapi.dll
2008-10-16 14:12 323,608 ----a-w c:\windows\SYSTEM32\wucltui.dll
2008-10-16 14:12 323,608 ----a-w c:\windows\SYSTEM32\DLLCACHE\wucltui.dll
2008-10-16 14:09 92,696 ----a-w c:\windows\SYSTEM32\DLLCACHE\cdm.dll
2008-10-16 14:09 92,696 ----a-w c:\windows\SYSTEM32\cdm.dll
2008-10-16 14:09 51,224 ----a-w c:\windows\SYSTEM32\wuauclt.exe
2008-10-16 14:09 51,224 ----a-w c:\windows\SYSTEM32\DLLCACHE\wuauclt.exe
2008-10-16 14:09 43,544 ----a-w c:\windows\SYSTEM32\wups2.dll
2008-10-16 14:08 34,328 ----a-w c:\windows\SYSTEM32\wups.dll
2008-10-16 14:08 34,328 ----a-w c:\windows\SYSTEM32\DLLCACHE\wups.dll
2008-10-16 14:06 268,648 ----a-w c:\windows\SYSTEM32\mucltui.dll
2008-10-16 14:06 208,744 ----a-w c:\windows\SYSTEM32\muweb.dll
2008-10-16 13:11 70,656 ------w c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe
2008-10-16 13:11 13,824 ------w c:\windows\SYSTEM32\DLLCACHE\ieudinit.exe
2008-10-15 16:34 337,408 ------w c:\windows\SYSTEM32\DLLCACHE\netapi32.dll
2008-10-15 07:06 633,632 ------w c:\windows\SYSTEM32\DLLCACHE\iexplore.exe
2008-10-15 07:04 161,792 ------w c:\windows\SYSTEM32\DLLCACHE\ieakui.dll
2008-10-03 10:02 247,326 ----a-w c:\windows\SYSTEM32\strmdll.dll
2008-10-03 10:02 247,326 ------w c:\windows\SYSTEM32\DLLCACHE\strmdll.dll
2008-09-30 16:43 1,286,152 ----a-w c:\windows\SYSTEM32\msxml4.dll
2008-09-24 10:32 28,672 ----a-w c:\windows\SYSTEM32\iolobtdfg.exe
2008-01-26 22:26 2,025 ----a-w c:\program files\tcshineppro.log
2008-01-26 15:17 3,920 ----a-w c:\program files\mbsuite21.log
2008-01-26 15:16 6,844 ----a-w c:\program files\mbsuite20.log
2007-04-16 23:31 87,608 ----a-w c:\documents and settings\ADMIN\Application Data\ezpinst.exe
2007-04-16 23:31 47,360 ----a-w c:\documents and settings\ADMIN\Application Data\pcouffin.sys
2007-04-08 13:27 56 --sha-w c:\documents and settings\All Users\Application Data\dc64vg9.sys
2006-09-02 11:53 836 ----a-w c:\documents and settings\ADMIN\Application Data\ViewerApp.dat
2006-07-15 17:19 24,192 ----a-w c:\documents and settings\ADMIN\usbsermptxp.sys
2006-07-15 17:19 22,768 ----a-w c:\documents and settings\ADMIN\usbsermpt.sys
2006-05-03 17:22 114,545,029 ----a-w c:\documents and settings\ADMIN\Tom Tom 5 Mobile.zip
2006-04-28 22:06 650,880 ----a-w c:\documents and settings\ADMIN\Desktop.zip
2003-11-03 17:07 499,712 ----a-w c:\program files\msvcp71.dll
2003-11-03 17:07 348,160 ----a-w c:\program files\msvcr71.dll
2003-05-30 09:22 344,064 ----a-r c:\program files\msvcr70.dll
2002-01-05 03:40 487,424 ----a-w c:\program files\msvcp70.dll
2007-03-17 20:25 122,880 ----a-w c:\program files\mozilla firefox\plugins\lwf215p.dll
2007-08-09 13:08 8,784 ----a-w c:\program files\mozilla firefox\plugins\ractrlkeyhook.dll
2007-08-09 13:10 245,408 ----a-w c:\program files\mozilla firefox\plugins\unicows.dll
2008-04-14 00:12 50,688 --sha-w c:\windows\twain_32.dll
2008-09-08 21:11 6,840 --sha-w c:\windows\SYSTEM32\KGyGaAvL.sys
2008-04-14 00:11 1,028,096 --sha-w c:\windows\SYSTEM32\mfc42.dll
2008-04-14 00:12 57,344 --sha-w c:\windows\SYSTEM32\msvcirt.dll
2008-04-14 00:12 413,696 --sha-w c:\windows\SYSTEM32\msvcp60.dll
2008-04-14 00:12 343,040 --sha-w c:\windows\SYSTEM32\msvcrt.dll
2008-04-14 00:12 551,936 --sha-w c:\windows\SYSTEM32\oleaut32.dll
2008-04-14 00:12 84,992 --sha-w c:\windows\SYSTEM32\olepro32.dll
2008-04-14 00:12 11,776 --sha-w c:\windows\SYSTEM32\regsvr32.exe
2008-09-04 17:59 32,768 --sha-w c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\MSHist012008090420080905\index.dat
.

((((((((((((((((((((((((((((( snapshot_2008-12-22_ 0.49.42.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-12-22 17:25:48 86,016 ----a-r c:\windows\Installer\{07287123-B8AC-41CE-8346-3D777245C35B}\PrntWzrdIco.exe
+ 2008-12-22 17:23:43 102,400 ----a-r c:\windows\Installer\{318AB667-3230-41B5-A617-CB3BF748D371}\iTunesIco.exe
- 2008-12-22 00:23:32 32,768 ----a-w c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\index.dat
+ 2008-12-23 18:24:49 32,768 ----a-w c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\index.dat
- 2008-12-22 00:23:45 32,768 ----a-w c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-12-23 18:24:49 32,768 ----a-w c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-12-22 00:23:45 32,768 ----a-w c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-12-23 18:24:49 32,768 ----a-w c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-12-23 18:30:05 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_69c.dat
+ 2008-12-23 18:30:12 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_8bc.dat
+ 2008-12-23 18:32:46 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_8e0.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Google Update"="c:\documents and settings\ADMIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-02 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Application Accelerator\iaanotif.exe" [2004-06-29 135168]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"ISUSScheduler"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" [2005-02-16 81920]
"dlccmon.exe"="c:\program files\Dell Photo AIO Printer 924\dlccmon.exe" [2005-07-22 425984]
"DLCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [2005-06-07 69632]
"zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2008-07-11 641208]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"AsioReg"="CTASIO.DLL" [2003-02-20 c:\windows\SYSTEM32\CTASIO.DLL]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 c:\windows\SYSTEM32\narrator.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\\WINDOWS\\system32\\logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
2005-01-31 14:13 49152 c:\progra~1\COMMON~1\Stardock\MCPStub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2007-11-27 18:14 176128 c:\progra~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv41"= IR41_32.DLL
"VIDC.MJPG"= Pvmjpg21.dll
"VIDC.PIM1"= pclepim1.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk
backup=c:\windows\pss\Adobe Acrobat Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^ADMIN^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\documents and settings\ADMIN\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^ADMIN^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^ADMIN^Start Menu^Programs^Startup^VirtualExpander.lnk]
backup=c:\windows\pss\VirtualExpander.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
--a------ 2008-04-21 12:38 684032 c:\program files\Adaptec\Easy CD Creator 5\DirectCD\Directcd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 22:16 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
--a------ 2008-08-14 06:58 611712 c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO]
--a------ 2008-08-15 04:46 378224 c:\progra~1\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDog305]
--a------ 2005-08-05 14:15 61440 c:\windows\VM305_STI.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreateCD50]
--a------ 2008-04-21 12:38 131157 c:\progra~1\COMMON~1\ADAPTE~1\CreateCD\CREATE~1.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
--a------ 2005-05-31 05:33 122941 c:\windows\SYSTEM32\dla\tfswctrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
--a----t- 2008-09-02 22:58 133104 c:\documents and settings\ADMIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2007-08-24 06:00 33648 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 13:20 290088 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
--a------ 2008-02-28 14:31 63048 c:\program files\LogMeIn\x86\LogMeInSystray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogonStudio]
--a------ 2002-09-03 17:38 987187 c:\program files\WinCustomize\LogonStudio\LogonStudio.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
--a------ 2005-08-12 16:16 1121792 c:\program files\McAfee\SpamKiller\MSKDetct.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
--a------ 2007-08-08 08:25 1828136 c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 14:57 153136 c:\program files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCTV 300i Antenna Power]
--a------ 2005-07-06 19:09 90112 c:\program files\Pinnacle\Shared Files\drivers\Tools\PCTV 300i Antenna Power.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
--a------ 2004-03-10 14:26 406016 c:\windows\SYSTEM32\PSDrvCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMCS]
--a------ 2006-04-27 15:47 65536 c:\program files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-11-04 10:30 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sclauncher]
--a------ 2007-01-30 10:30 94208 c:\program files\SimpleCenter\bin\win\sclauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra------ 2007-02-20 13:06 741376 c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-08-28 09:18 3660848 c:\program files\Veoh Networks\Veoh\VeohClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
--a------ 2003-02-20 16:45 28672 c:\windows\SYSTEM32\CTHELPER.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\MSMSGS.EXE"=
"c:\\Program Files\\Java\\jre1.5.0_03\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre1.5.0_05\\bin\\javaw.exe"=
"c:\\WINDOWS\\SYSTEM32\\MMC.EXE"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\WINDOWS\\SYSTEM32\\DPVSETUP.EXE"=
"c:\\WINDOWS\\SYSTEM32\\dlcccoms.exe"=
"c:\\WINDOWS\\SYSTEM32\\SPOOL\\DRIVERS\\W32X86\\3\\dlccPSWX.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\XoftSpySE\\XoftSpy.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Adobe\\Adobe After Effects CS3\\Support Files\\AfterFX.exe"=
"c:\\Program Files\\Kontiki\\KService.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\TVersity\\Media Server\\MediaServer.exe"=
"c:\\Program Files\\Nero\\Nero8\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=
"c:\\Program Files\\ATI Technologies\\ATI.ACE\\CLI.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\WINDOWS\\PCHEALTH\\HELPCTR\\BINARIES\\helpctr.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"135:TCP"= 135:TCP:TCP Port 135
"5000:TCP"= 5000:TCP:TCP Port 5000
"5001:TCP"= 5001:TCP:TCP Port 5001
"5002:TCP"= 5002:TCP:TCP Port 5002
"5003:TCP"= 5003:TCP:TCP Port 5003
"5004:TCP"= 5004:TCP:TCP Port 5004
"5005:TCP"= 5005:TCP:TCP Port 5005
"5006:TCP"= 5006:TCP:TCP Port 5006
"5007:TCP"= 5007:TCP:TCP Port 5007
"5008:TCP"= 5008:TCP:TCP Port 5008
"5009:TCP"= 5009:TCP:TCP Port 5009
"5010:TCP"= 5010:TCP:TCP Port 5010
"5011:TCP"= 5011:TCP:TCP Port 5011
"5012:TCP"= 5012:TCP:TCP Port 5012
"5013:TCP"= 5013:TCP:TCP Port 5013
"5014:TCP"= 5014:TCP:TCP Port 5014
"5015:TCP"= 5015:TCP:TCP Port 5015
"5016:TCP"= 5016:TCP:TCP Port 5016
"5017:TCP"= 5017:TCP:TCP Port 5017
"5018:TCP"= 5018:TCP:TCP Port 5018
"5019:TCP"= 5019:TCP:TCP Port 5019
"5020:TCP"= 5020:TCP:TCP Port 5020
"54321:TCP"= 54321:TCP:Azureus
"54321:UDP"= 54321:UDP:Azureus
"51414:TCP"= 51414:TCP:Limwire
"41952:TCP"= 41952:TCP:Media server
"5353:TCP"= 5353:TCP:*:Disabled:Adobe CSI CS4
"3703:TCP"= 3703:TCP:*:Disabled:Adobe Version Cue CS4 Server
"3704:TCP"= 3704:TCP:*:Disabled:Adobe Version Cue CS4 Server
"51000:TCP"= 51000:TCP:*:Disabled:Adobe Version Cue CS4 Server
"51001:TCP"= 51001:TCP:*:Disabled:Adobe Version Cue CS4 Server

R0 BootScreen;BootScreen;\SystemRoot\\SystemRoot\System32\drivers\vidstub.sys []
R2 Cepstral License Server;Cepstral License Server;"c:\program files\Cepstral\bin\CepstralLicSrv.exe" [2007-08-21 57344]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2008-11-29 595824]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2008-11-29 595824]
R2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys [2008-02-28 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\c:\windows\system32\drivers\LMIRfsDriver.sys [2008-09-01 45848]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\McAfee\SiteAdvisor\McSACore.exe" [2008-12-22 206096]
R3 3xHybrid;Pinnacle PCTV 300i Stereo DVB-T;c:\windows\system32\DRIVERS\3xHybrid.sys [2006-02-28 827008]
R3 LCcfltr;Logitech USB Filter Driver;c:\windows\system32\Drivers\LCcFltr.Sys [2006-09-17 14095]
R3 pctvnet;Pinnacle PCTV Ethernet Driver;c:\windows\system32\DRIVERS\pctvnet.sys [2006-02-28 9340]
S2 0150511230056676mcinstcleanup;McAfee Application Installer Cleanup (0150511230056676);c:\windows\TEMP\015051~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service []
S2 713xTVCard;SAA7134 TV Card;c:\windows\system32\DRIVERS\SAA713x.sys [2005-03-15 277504]
S2 BT848;BtCap, WDM Video Capture;c:\windows\system32\drivers\BT848.sys [2005-02-06 265512]
S2 BTTUNER;BtTuner, WDM TvTuner;c:\windows\system32\drivers\BTTUNER.sys [2005-02-06 18944]
S2 BTXBAR;BtXBar, WDM Crossbar;c:\windows\system32\drivers\BTXBAR.sys [2005-02-06 13308]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;"c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe" -win32service [2008-08-15 284016]
S3 avera800;AVerMedia DVB-T BDA Video Capture(A800);c:\windows\system32\Drivers\avera800.sys [2006-01-21 41600]
S3 BTCAMDRV;Mobiola Web Camera driver;c:\windows\system32\DRIVERS\BTCamDrv.sys [2006-12-21 219264]
S3 HDR1USB;Nokia Music Player HDR-1™;c:\windows\system32\Drivers\hdr1usb.sys [2001-06-01 19008]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2008-01-22 33792]
S3 Ndisprot;ArcNet NDIS Protocol Driver;\??\c:\windows\system32\drivers\Ndisprot.sys [2008-11-16 27904]
S3 ramirr;ramirr;c:\windows\system32\DRIVERS\ramirr.sys []
S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM);c:\windows\system32\DRIVERS\sea1bus.sys [2008-05-24 61536]
S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter;c:\windows\system32\DRIVERS\sea1mdfl.sys [2008-05-24 9360]
S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver;c:\windows\system32\DRIVERS\sea1mdm.sys [2008-05-24 97088]
S3 sea1mgmt;Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\sea1mgmt.sys [2008-05-24 88624]
S3 sea1nd5;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS);c:\windows\system32\DRIVERS\sea1nd5.sys [2008-05-24 18704]
S3 sea1obex;Sony Ericsson Device 0A1 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\sea1obex.sys [2008-05-24 86432]
S3 sea1unic;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM);c:\windows\system32\DRIVERS\sea1unic.sys [2008-05-24 90800]
S3 ZSMC0305;VIMICRO USB PC Camera V;c:\windows\system32\Drivers\usbVM305.sys [2007-10-17 392316]
S4 LMIRfsClientNP;LMIRfsClientNP; []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0d8b5438-7dc3-11dd-8f07-00308d000000}]
\Shell\AutoRun\command - G:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{655b9aee-d39d-11d9-a96a-0090d0b47572}]
\Shell\AutoRun\command - FlashDrive

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ce201ed9-5bf3-11dd-8ed8-00308d000000}]
\Shell\AutoRun\command - G:\InstallTomTomHOME.exe

*Newly Created Service* - 0150511230056676MCINSTCLEANUP
.
Contents of the 'Scheduled Tasks' folder

2008-12-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2008-12-23 c:\windows\Tasks\gguzrett.job
- c:\windows\system32\rundll32.exe [2008-04-14 00:12]

2008-12-23 c:\windows\Tasks\GoogleUpdateTaskUser.job
- c:\documents and settings\ADMIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-02 22:58]

2008-12-20 c:\windows\Tasks\McDefragTask.job
- c:\windows\system32\defrag.exe [2008-04-14 00:12]

2008-12-20 c:\windows\Tasks\McQcTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2008-07-09 18:10]

2008-12-23 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2007-10-07 01:55]

2008-07-10 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2007-10-07 01:55]

2008-12-23 c:\windows\Tasks\XoftSpySE 2.job
- c:\program files\XoftSpySE\XoftSpy.exe [2007-07-13 08:43]

2008-12-01 c:\windows\Tasks\XoftSpySE.job
- c:\program files\XoftSpySE\XoftSpy.exe [2007-07-13 08:43]
.
- - - - ORPHANS REMOVED - - - -

BHO-{54f76a23-6334-401e-9459-6a3b94bb0aeb} - c:\windows\system32\zaflsp.dll


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.msn.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = local.,;*.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.skybroadband.com
IE: {{08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.skybroadband.com -
TCP: {88CB960A-5419-4539-B401-B9C1BED697BB} = 90.207.238.99

c:\windows\Downloaded Program Files\Data_Version_Check.ocx - O16 -: {08829741-43FC-4ADB-90E2-9F980695253B}
hxxp://www.hadleyhealthcare.co.uk/Data/Data_Version_Check.ocx
FF - ProfilePath - c:\documents and settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\488wua4w.default\
FF - prefs.js: browser.search.selectedEngine - eBay.co.uk
FF - component: c:\documents and settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\488wua4w.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\EbayAccessService.dll
FF - component: c:\documents and settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\488wua4w.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\EbayFormSubmitObserver.dll
FF - component: c:\documents and settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\488wua4w.default\extensions\[email protected]\components\coolirisstub.dll
FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - plugin: c:\documents and settings\ADMIN\Application Data\Mozilla\Firefox\Profiles\488wua4w.default\extensions\[email protected]\plugins\npRACtrl.dll
FF - plugin: c:\program files\Google\Google Updater\1.4.681.27779\npCIDetect7.dll
FF - plugin: c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.1.0.30716.0.dll
FF - plugin: c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npagent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPinzomia.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPMGWRAP.DLL
FF - plugin: c:\program files\Mozilla Firefox\plugins\npRACtrl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nptnt.dll
FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll

ATTENTION: FIREFOX POLICES IS IN FORCE
FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-23 21:06:55
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(900)
c:\windows\system32\Ati2evxx.dll
c:\progra~1\COMMON~1\Stardock\mcpstub.dll
c:\windows\system32\LMIRfsClientNP.dll
c:\progra~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
.
Completion time: 2008-12-23 21:20:21
ComboFix-quarantined-files.txt 2008-12-23 21:19:29
ComboFix2.txt 2008-12-22 00:51:21
ComboFix3.txt 2008-12-21 19:18:29

Pre-Run: 68,200,583,168 bytes free
Post-Run: 68,240,642,048 bytes free

480 --- E O F --- 2008-12-22 00:14:11


  • 0

#35
Jimmy2012
Posted 23 December 2008 - 03:43 PM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello ace101,

Please post a new HijackThis log in your next reply.
  • 0

#36
ace101
Posted 23 December 2008 - 03:45 PM

ace101

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Hello ace101,

Please post a new HijackThis log in your next reply.


Hi, here it is

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:44:36 PM, on 23-12-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\ADMIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Cepstral\bin\CepstralLicSrv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,;*.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" -start
O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\ADMIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.skybroadband.com (file missing)
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.co.uk/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.euro....iler/SysPro.CAB
O16 - DPF: {08829741-43FC-4ADB-90E2-9F980695253B} (Data_Version_Check.RegProcs) - http://www.hadleyhea...rsion_Check.ocx
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zon...kr.cab56986.cab
O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlmanager.aka...vex-2.0.5.1.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - http://www1.snapfish...shUKActivia.cab
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zon...SS.cab69309.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zon...wn.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zon...1/GAME_UNO1.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.c.../cpcScanner.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zon...ro.cab56649.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com.../crusher-uk.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zon...er.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{88CB960A-5419-4539-B401-B9C1BED697BB}: NameServer = 90.207.238.99
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: McAfee Application Installer Cleanup (0150511230056676) (0150511230056676mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\015051~1.EXE (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Cepstral License Server - Cepstral, LLC - C:\Program Files\Cepstral\bin\CepstralLicSrv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - C:\Program Files\McAfee\Common Framework\FrameworkService.exe (file missing)
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe

--
End of file - 15518 bytes


  • 0

#37
Jimmy2012
Posted 23 December 2008 - 03:57 PM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello ace101,

Logs are looking good. :)



How is your computer running now?
  • 0

#38
ace101
Posted 23 December 2008 - 03:59 PM

ace101

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Hello ace101,

Logs are looking good. :)



How is your computer running now?


Hi, that good to know :)

PC is working great now, all is running fine. :)

Thanks for the help. :)
  • 0

#39
Jimmy2012
Posted 23 December 2008 - 04:05 PM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello ace101,
That's great to hear. :)


Lets go ahead and update a few things and remove the tools used.




Please download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.
  • Open JavaRa.exe again and select Search For Updates.
  • Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.








You are using a old version of Adobe Acrobat Reader, please update it here.








Follow these steps to uninstall Combofix and tools used in the removal of malware
  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    Posted Image








Please download OTCleanIt and save it to your Desktop.
  • Double-click OTCleanIt.exe
  • Click the CleanUp! button to begin removing tools used to clean your computer
  • If you are prompted to Reboot during the cleanup, please select Yes

Please remove any leftover tools used to clean your computer.









The following is a list of tools and utilities that I like to suggest to people. This list is full of great tools and utilities to help you understand how you got infected and how to keep from getting infected again.

1. Spywareguard: Is realtime protection from spyware.

2. Spywareblaster: Helps protect against any bad ActiveX from installing on your computer.

3. SuperAntiSpyware: Use this program to help remove any spyware that may have gotten on your computer.

4. FireFox: This is a great alternate browser over Internet Explorer. Firefox is much more secure then Internet Explorer and also has a bulilt in pop up blocker.

5. ATF Cleaner: This program cleans out your temporary files. This is a great tool that can help speed your computer up.

6. Trillian or Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)

7. Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.


To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein
  • 0

#40
ace101
Posted 23 December 2008 - 04:32 PM

ace101

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Hi, thanks I have installed the new JavaRa, uninstalled cobmofix and ran OTCleanIt.

Also did a windows update, but there nothing new to download, so I'm up-to-date :)

Thanks for ALL you help and the list of applications.

Hope you have a good Christmas & new year. :)

:)
  • 0

Advertisements

#41
Jimmy2012
Posted 23 December 2008 - 08:32 PM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello ace101,

Hope you have a good Christmas & new year.

Thank you, and same to you. :)
  • 0

#42
Jimmy2012
Posted 23 December 2008 - 08:32 PM

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP