Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Several Issues on Computer

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Several Issues on Computer

Unread postby shinybeast » November 30th, 2009, 11:48 am

Hello Spain1492,

The Google hijacking disappeared after the ComboFix run. The computer appears to be starting and running faster.


Glad to hear it. :thumbright:

A bit of work to do.


CFScript

  1. Close any open browsers.
  2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  3. Open notepad (Start > Run... > type notepad and press enter)
    Copy the text in the code box below and paste it into notepad.

    Code: Select all
    Registry::
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "20800:TCP"=-
    "20800:UDP"=-
    
    Driver::
    Lbd
    nenum13E
    
    DDS::
    mRun: [Malwarebytes Anti-Malware (reboot)]
    
    SkipFix::
    

  4. Save this as CFScript.txt in the same location as ComboFix.exe (should be your Desktop)

    Image
  5. Refering to the picture above, drag CFScript.txt and drop it into ComboFix.exe
  6. When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

*Do not forget to enable your protection programs before you connect to the internet!*


We uninstalled the old Java earlier, so let's install the latest Java Runtime Environment.

Install Java Runtime Environment

  • Click here to visit Sun Java download page
  • Scroll down the page a bit and click Image under Image
  • Select your platform and agree to the license agreement (after having read it, of course) by clicking the checkbox. Click Continue.
  • Click the link (jre-6u17-windows-i586-p.exe) under Available Files and download the offline installer to your desktop.
  • Close any programs you may have running, including web browsers.
  • From your desktop, double-click on the download to install the newest version.
  • Reboot your computer.


TFC (Temp File Cleaner)

  • Click here to download TFC by OldTimer and save it to your desktop.
    NOTE: Save any unsaved work. TFC will close all open application windows.
  • Double-click TFC.exe to run the program.
  • If prompted, click Yes to reboot.

Note: TFC should not take longer than a couple of minutes, and may only take a few seconds. Only if needed will you be prompted to reboot.


ESET Online Scanner

Note: You will need to disable your Anti-Virus, how to do so can be read here.

  • Please go here then click on: Image
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


In your next reply please include the combofix log (C:\ComboFix.txt), the ESET log and a new HijackThis log.
User avatar
shinybeast
Retired Graduate
 
Posts: 1187
Joined: October 29th, 2008, 6:56 pm
Location: -5 hrs GMT (EST)
Advertisement
Register to Remove

Re: Several Issues on Computer

Unread postby Spain1492 » December 1st, 2009, 7:11 am

Hi Shinybeast,

I forgot to mention that the My Document folder use to open up on start up has now disappeared.

Here are the requested log files:

ComboFix log:

ComboFix 09-11-27.05 - XXXXXXXXX 11/30/2009 21:23.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.223 [GMT -8:00]
Running from: c:\documents and settings\XXXXXXXXX\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\XXXXXXXXX\Desktop\CFScript.txt
AV: AVG Internet Security *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
- REDUCED FUNCTIONALITY MODE -
.

((((((((((((((((((((((((( Files Created from 2009-11-01 to 2009-12-01 )))))))))))))))))))))))))))))))
.

2009-11-30 04:41 . 2009-12-01 04:38 154224 ----a-w- c:\documents and settings\XXXXXXXXX\Local Settings\Application Data\prvlcl.dat
2009-11-28 11:40 . 2004-03-29 05:45 73600 ----a-r- c:\windows\system32\drivers\viamraid_2.sys
2009-11-23 09:22 . 2009-10-16 20:13 1115392 ----a-w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar\IEToolbar.dll
2009-11-23 08:12 . 2009-11-23 08:13 -------- d-----w- c:\program files\ERUNT
2009-11-21 19:08 . 2009-11-11 05:59 877848 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.exe
2009-11-21 19:08 . 2009-11-11 05:59 1657112 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.dll
2009-11-18 04:02 . 2009-09-10 22:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-18 04:02 . 2009-11-18 04:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-18 04:02 . 2009-09-10 22:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-14 08:19 . 2009-11-14 08:19 -------- d-----w- c:\program files\FriendFinder
2009-11-13 05:20 . 2009-11-11 05:59 4026136 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgui.exe
2009-11-13 05:20 . 2009-11-11 05:59 2016536 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgtray.exe
2009-11-13 05:20 . 2009-11-11 05:59 1257240 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgfrw.exe
2009-11-13 05:20 . 2009-11-13 05:20 3963648 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgcorex.dll
2009-11-13 05:20 . 2009-11-11 05:59 600344 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgnsx.exe
2009-11-13 05:20 . 2009-11-13 05:20 497944 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgchjwx.dll
2009-11-12 03:49 . 2009-11-03 05:33 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-11 13:36 . 2009-11-11 13:36 -------- d-----w- c:\documents and settings\XXXXXXXXX\Application Data\Malwarebytes
2009-11-11 13:36 . 2009-11-11 13:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-11 06:02 . 2009-11-11 06:02 -------- d-----w- c:\documents and settings\XXXXXXXXX\Local Settings\Application Data\AVG Security Toolbar
2009-11-11 06:00 . 2009-11-11 07:06 -------- d-----w- C:\$AVG
2009-11-11 06:00 . 2009-11-11 06:00 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-11-11 06:00 . 2009-11-11 06:00 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-11-11 06:00 . 2009-12-01 04:34 -------- d-----w- c:\windows\system32\drivers\Avg
2009-11-11 06:00 . 2009-11-23 09:22 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2009-11-11 05:59 . 2009-11-11 05:59 25608 ----a-w- c:\windows\system32\drivers\AVGIDSxx.sys
2009-11-11 05:59 . 2009-11-11 05:59 161800 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2009-11-11 05:59 . 2009-11-11 05:59 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-11-11 05:59 . 2009-11-11 05:59 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-11-11 05:58 . 2009-11-11 05:58 50968 ----a-w- c:\windows\system32\avgfwdx.dll
2009-11-11 05:58 . 2009-11-11 05:58 30104 ----a-w- c:\windows\system32\drivers\avgfwdx.sys
2009-11-11 05:58 . 2009-11-28 07:22 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2009-11-10 08:16 . 2009-11-10 08:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Sunbelt
2009-11-07 08:46 . 2009-11-07 19:17 472064 ----a-w- C:\RootRepeal.exe
2009-11-07 08:40 . 2009-11-07 08:43 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-11-04 14:07 . 2009-11-04 14:07 -------- d-sh--w- c:\documents and settings\Administrator.MARK\IETldCache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-01 04:28 . 2007-08-05 21:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Juno DSL
2009-11-23 08:55 . 2005-05-05 06:24 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-23 08:38 . 2005-05-05 06:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-23 08:29 . 2005-09-09 03:26 -------- d-----w- c:\program files\Lavasoft
2009-11-23 08:29 . 2008-02-15 08:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-11-14 06:15 . 2004-03-10 06:58 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-12 04:26 . 2008-03-23 01:03 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-12 04:25 . 2005-08-07 19:05 -------- d-----w- c:\program files\SpywareBlaster
2009-11-12 04:19 . 2006-04-11 08:18 -------- d-----w- c:\program files\TweakNow RegCleaner
2009-11-11 05:58 . 2009-03-12 10:42 -------- d-----w- c:\program files\AVG
2009-11-10 14:50 . 2004-04-04 18:56 -------- d-----w- c:\program files\Common Files\Real
2009-11-10 07:59 . 2004-03-13 07:29 60856 ----a-w- c:\documents and settings\XXXXXXXXX\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-10 07:46 . 2006-03-08 02:35 -------- d-----w- c:\program files\ItsDeductible2005
2009-11-10 07:45 . 2009-10-26 07:14 -------- d-----w- c:\documents and settings\XXXXXXXXX\Application Data\SUPERAntiSpyware.com
2009-11-10 07:42 . 2004-03-10 06:52 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-10 07:29 . 2005-03-23 06:00 -------- d-----w- c:\program files\ItsDeductibleEX
2009-11-07 08:49 . 2007-12-25 01:22 -------- d-----w- c:\documents and settings\All Users\Application Data\HP
2009-11-03 04:42 . 2009-10-03 03:29 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-26 07:14 . 2009-10-26 07:14 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-10-24 09:34 . 2009-10-24 09:34 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-10-24 01:54 . 2004-03-11 16:37 -------- d-----w- c:\program files\Juno
2009-10-14 06:47 . 2009-10-14 06:47 -------- d-----w- c:\program files\Common Files\AnswerWorks 5.0
2009-10-14 06:44 . 2005-03-23 05:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Intuit
2009-10-14 06:43 . 2004-03-12 08:11 -------- d-----w- c:\program files\Common Files\Intuit
2009-10-14 06:40 . 2004-03-12 08:11 -------- d-----w- c:\program files\TurboTax
2009-10-13 02:52 . 2009-10-13 02:52 -------- d-----w- c:\program files\Buka
2009-09-11 14:18 . 2003-03-31 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2004-12-25 19:47 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-11-28_12.12.32 )))))))))))))))))))))))))))))))))))))))))
.
- 2003-03-31 12:00 . 2009-11-01 22:34 68156 c:\windows\system32\perfc009.dat
+ 2003-03-31 12:00 . 2009-11-30 04:15 68156 c:\windows\system32\perfc009.dat
+ 2003-03-31 12:00 . 2009-11-30 04:15 435260 c:\windows\system32\perfh009.dat
- 2003-03-31 12:00 . 2009-11-01 22:34 435260 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-10-16 20:13 1115392 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1115392]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1115392]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-06-21 1207080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"sealmon"="c:\program files\SealedMedia\SoftSEAL\sealmon.exe" [2001-04-05 65536]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 4.0\apdproxy.exe" [2005-09-09 57344]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-04 866584]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-12-28 282624]
"JunoDSL"="c:\program files\Juno DSL\ConnectionCenter.exe" [2007-09-17 1058304]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2003-03-31 44032]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-02 7618560]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2009-11-13 2020120]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"Anvshell"="anvshell.exe" - c:\windows\anvshell.exe [2003-05-29 348160]
"LiveNote"="livenote.exe" - c:\windows\livenote.exe [2002-07-11 40960]
"Logitech Utility"="Logi_MwX.Exe" - c:\windows\LOGI_MWX.EXE [2003-03-04 19968]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-06-02 1519616]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2004-09-16 69632]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-23 39264]

c:\documents and settings\XXXXXXXXX\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-9-9 113664]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HOTSYNCSHORTCUTNAME.lnk - c:\program files\Palm\Hotsync.exe [2004-6-9 471040]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"EditLevel"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-11-11 06:00 12464 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DVD@ccess.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\DVD@ccess.lnk
backup=c:\windows\pss\DVD@ccess.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk
backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^VIA RAID TOOL.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\VIA RAID TOOL.lnk
backup=c:\windows\pss\VIA RAID TOOL.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\Juno\\bin\\juno.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"443:UDP"= 443:UDP:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:ooVoo UDP port 37675

R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [11/10/2009 9:59 PM 25608]
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [11/10/2009 9:59 PM 161800]
R1 ANVIOCTL;ANVIOCTL;c:\windows\system32\drivers\anvioctl.sys [3/9/2004 11:40 PM 233280]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [11/10/2009 9:59 PM 333192]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [11/10/2009 9:59 PM 360584]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [11/11/2009 7:49 PM 93360]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [11/10/2009 9:59 PM 285392]
R2 avgfws9;AVG Firewall;c:\program files\AVG\AVG9\avgfws9.exe [11/10/2009 9:59 PM 2304192]
R2 AVGIDSAgent;AVG9IDSAgent;c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [11/10/2009 9:59 PM 5832712]
R2 DVDAccss;DVDAccss;c:\windows\system32\drivers\DVDAccss.sys [2/28/2007 2:18 PM 29156]
R2 IntuitUpdateService;Intuit Update Service;c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe [10/10/2008 4:45 AM 13088]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [11/10/2009 9:58 PM 30104]
R3 AVGIDSDriverxpx;AVG9IDSDriver;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys [11/10/2009 9:59 PM 122376]
R3 AVGIDSFilterxpx;AVG9IDSFilter;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys [11/10/2009 9:59 PM 30216]
R3 AVGIDSShimxpx;AVG9IDSShim;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys [11/10/2009 9:59 PM 25736]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 5:19 PM 13592]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [11/10/2009 9:58 PM 30104]
S3 nenum13E;nenum13E;\??\c:\docume~1\XXXXXX~1\LOCALS~1\Temp\nenum13E.sys --> c:\docume~1\XXXXXX~1\LOCALS~1\Temp\nenum13E.sys [?]
S3 SaiH0464;SaiH0464;c:\windows\system32\drivers\SaiH0464.sys [8/21/2005 3:28 PM 56576]
S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [12/31/2004 4:46 PM 167424]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://my.juno.com/
uSearchURL,(Default) = hxxp://my.juno.com/s/search?action=mini ... n=54436872
IE: Display All Images with Full Quality - c:\program files\Juno\qsacc\appres.dll/228
IE: Display Image with Full Quality - c:\program files\Juno\qsacc\appres.dll/227
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: orionfirst.com\server
Trusted Zone: turbotax.com
FF - ProfilePath - c:\documents and settings\XXXXXXXXX\Application Data\Mozilla\Firefox\Profiles\t8qa403o.default\
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\XXXXXXXXX\Application Data\Mozilla\Firefox\Profiles\t8qa403o.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp071101000055.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-30 21:26
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2760)
c:\windows\system32\WININET.dll
c:\program files\Logitech\MouseWare\System\LgWndHk.dll
c:\program files\Common Files\Logitech\Scrolling\LgMsgHk.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-11-30 21:37
ComboFix-quarantined-files.txt 2009-12-01 05:36
ComboFix2.txt 2009-11-28 12:26

Pre-Run: 84,275,892,224 bytes free
Post-Run: 84,239,753,216 bytes free

- - End Of File - - 2941B5F55E4381D8DBDB962AE1DD52FC


ESET log:


C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\atapi.sys.vir Win32/Olmarik.OF virus
C:\System Volume Information\_restore{E38E4FCB-E58A-4FC5-8353-5DD10A31DDF8}\RP188\A0027738.exe Win32/Adware.WinAntiVirus application
C:\System Volume Information\_restore{E38E4FCB-E58A-4FC5-8353-5DD10A31DDF8}\RP208\A0041981.dll Win32/Toolbar.MyWebSearch application
C:\System Volume Information\_restore{E38E4FCB-E58A-4FC5-8353-5DD10A31DDF8}\RP208\A0041984.DLL Win32/Toolbar.MyWebSearch application
C:\System Volume Information\_restore{E38E4FCB-E58A-4FC5-8353-5DD10A31DDF8}\RP222\A0044703.exe a variant of Win32/AdInstaller application


Hijack This log:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:02:46 AM, on 12/1/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgfws9.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.juno.com/s/search?action=mini ... search_dsl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.juno.com/s/search?action=mini ... search_dsl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.juno.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://my.juno.com/s/search?action=mini ... n=54436872
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://my.juno.com/s/search?action=mini ... n=54436872
R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\Juno DSL\SearchEnh1.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Pop-up Blocker - {4224FF33-C2EB-4039-B8C8-6EED565B9D96} - C:\Program Files\Juno DSL\PopupBlocker.dll
O2 - BHO: X1IEHook Class - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files\Juno\qsacc\X1IEBHO.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Juno DSL - {8E613EAF-E16E-415C-BD39-F71D6A3B5518} - C:\Program Files\Juno DSL\Toolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Anvshell] anvshell.exe
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [sealmon] C:\Program Files\SealedMedia\SoftSEAL\sealmon.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [JunoDSL] "C:\Program Files\Juno DSL\ConnectionCenter.exe"
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Display All Images with Full Quality - res://C:\Program Files\Juno\qsacc\appres.dll/228
O8 - Extra context menu item: Display Image with Full Quality - res://C:\Program Files\Juno\qsacc\appres.dll/227
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O12 - Plugin for .spdf: C:\Program Files\Internet Explorer\PLUGINS\npLoader.dll
O15 - Trusted Zone: http://*.turbotax.com
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 8898 bytes
Spain1492
Active Member
 
Posts: 11
Joined: November 13th, 2009, 3:02 am

Re: Several Issues on Computer

Unread postby shinybeast » December 1st, 2009, 2:46 pm

Hello Spain1492,

The ESET detections will be removed when we clean up.

I forgot to mention that the My Document folder use to open up on start up has now disappeared.


I do not quite follow you. Did you have explorer set to open My Documents folder at startup? Combofix resets the start menu and desktop to default because malware sometimes makes changes. Is the My Documents folder still there and contain your documents (Start > My Documents)? Do you remember how you enabled it to open before?
User avatar
shinybeast
Retired Graduate
 
Posts: 1187
Joined: October 29th, 2008, 6:56 pm
Location: -5 hrs GMT (EST)

Re: Several Issues on Computer

Unread postby Spain1492 » December 2nd, 2009, 12:22 am

The My Documents folder started to open up on start up at the same time I started having issues with Google. I did not want this to happen. Once I ran ComboFix, it stopped. I prefer that it does not open on start up.
Spain1492
Active Member
 
Posts: 11
Joined: November 13th, 2009, 3:02 am

Re: Several Issues on Computer

Unread postby shinybeast » December 2nd, 2009, 1:03 am

OK. I get it. It's a good thing. :)

I'll have some final instructions once they get approved.

Talk to you soon.
User avatar
shinybeast
Retired Graduate
 
Posts: 1187
Joined: October 29th, 2008, 6:56 pm
Location: -5 hrs GMT (EST)

Re: Several Issues on Computer

Unread postby shinybeast » December 2nd, 2009, 12:43 pm

Hello Spain1492,


Uninstall ComboFix

Click Start, click Run..., copy the bolded text below and paste it in the Open: box and click OK.

ComboFix /Uninstall

ComboFix will uninstall and clean up after itself.


You can delete the DDS file from your desktop.


ERUNT/ERDNT in combination with the Recovery Console can potentially get you out of a jam in the future. I definitely recommend you keep the recovery console and recommend you keep ERUNT/ERDNT as well. Check out the documentation that came with it to learn how to backup and restore the registry from the Recovery Console should Windows fail to boot in any form.


Your logs are clean!


Implementing the following suggestions will greatly reduce your chances of malware problems in the future.

Update Windows

It is important to keep Windows and Microsoft programs updated to close vulnerabilities as they are discovered.

I suggest that you occasionally visit Microsoft Update and install all important updates. Please visit Microsoft Update as soon as possible as described below.

Close all windows and temporarily disable your anti-virus (usually through a tray icon)

Use Internet Explorer to visit this site: http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-US

Once the page loads follow instructions to install all critical updates. You may need to repeat this process until fully updated.


Keep installed programs up to date

Anti-virus
Most important is keeping your anti-virus software up to date. An out of date anti-virus is not much better than no anti-virus. If your anti-virus is not set to update automatically (preferred), it is imperative that you occasionally update it manually. You usually can accomplish this through a tray icon.

Update Other Vulnerable Software
Malware writers are increasingly targeting vulnerabilities in commonly used applications. There are several online sites which will scan your computer for outdated software. I've listed two below. I recommend occasionally visiting and scanning your computer to detect vulnerable software that should be updated.
F-Secure Health Check - requires Internet Explorer
Secunia Online Software Inspector


Best Practices for Email and Downloaded Files.

  • Do not read emails from unknown sources.
  • Make it a habit to never open email attachments from anyone, including people you know, unless you absolutely have to. If you need to open an attachment, scan it with your anti-virus before you open it.
  • Do not use Peer to Peer software to "share" media and software. You will get more than you expected and the "bonus" will not be something you want and will bring you back seeking help.
  • Do not use keygens or hacked software. First, it is stealing. Second, it is almost always infected with something. If you cannot afford to buy something, there is likely a free alternative that will be a good substitute. Search around and seek out advice from a trusted forum. Most will be glad to tell you of their favorite free program that performs the job you want done.


Additional Protection Programs

The programs listed below are excellent for improving your computer's security.

WinPatrol by Bill Pytlovany - "WinPatrol is a multi-purpose utility designed to increase performance and protect against unwanted changes." Information on it's many features can be found here

MVPS Hosts file - A replacement HOSTS file that redirects known malicious and ad serving sites to the localhost, thus preventing connection to them.
Note: MVPS Hosts file can sometimes slow down the computer so read the information on the site to mitigate this effect.

I encourage you to check out Tony Klein's article "How did I get infected in the first place?"
and miekiemoes' article "How to prevent Malware:"

If you have any questions about these suggestions, I would be happy to answer them.

Regards,
shinybeast

I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.
User avatar
shinybeast
Retired Graduate
 
Posts: 1187
Joined: October 29th, 2008, 6:56 pm
Location: -5 hrs GMT (EST)

Re: Several Issues on Computer

Unread postby Spain1492 » December 3rd, 2009, 2:24 am

Thank you very much Shinybeast! I have read the post and executing the final steps. My computer and I appreciate the time you took to help us!
Spain1492
Active Member
 
Posts: 11
Joined: November 13th, 2009, 3:02 am

Re: Several Issues on Computer

Unread postby shinybeast » December 3rd, 2009, 3:10 am

You're very welcome. :)

Hope that "old" socket A keeps chugging along.
Stay safe.

Shinybeast
User avatar
shinybeast
Retired Graduate
 
Posts: 1187
Joined: October 29th, 2008, 6:56 pm
Location: -5 hrs GMT (EST)

Re: Several Issues on Computer

Unread postby NonSuch » December 6th, 2009, 11:45 pm

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27300
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 28 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware