Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Malwarebytes - iexplore.exe outgoing IP request - won't stop

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Malwarebytes - iexplore.exe outgoing IP request - won't stop

Unread postby PaulG » August 18th, 2011, 6:02 pm

Hi, there,

First of all I want to say that I'm very grateful for the existance of this forum. I have 14 years in tech support but it's not been too network/internet-focused, so it's nice to get some second "hands" on this, even if virtual. :-)

I got the Win 7 Security 2011 virus several days ago. I had to manually remove it with reg settings becasue my sweepers weren't cleaning it. I had multiple instances and found the ramdom character .exe files it was leaving in various places.

It seems to be gone now.

However, since then, every time I open Internet Explorer, MalwareBytes (I paid for teh version that allows for active scanning) pops up a message saying something to the extent of -

"Suspicsious outgoing process blocked - iexplore.exe - " with a port that changes and an IP address that I don't recognize. I really don't care about the IP or where it goes - jsut wondering why something is trying to use it for an outgoing process. I had my main email account hacked at the same time, so I'm suspecting some kind of keylogger or even a rootkit.

What else can I do?

Thanks so much. Logs to follow.

=================================
.
DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_20
Run by Paul at 17:24:53 on 2011-08-18
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6078.3837 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\WTouch\WTouchService.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\WTouch\WTouchUser.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\SysWOW64\astsrv.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\crypserv.exe
C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\Windows\SysWOW64\nlssrv32.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Pen_Tablet.exe
C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
C:\Program Files\Focusrite\VRM Box\VRMService.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\WTablet\Pen_TabletUser.exe
C:\Windows\system32\Pen_Tablet.exe
C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\Evoluent\VMouse\V4\EvoMouseExec.exe
C:\Program Files (x86)\MagicTune Premium\GammaTray.exe
C:\Program Files (x86)\Nuance\NaturallySpeaking11\Program\natspeak.exe
C:\Program Files (x86)\Spartan\Spartan.exe
C:\Windows\SysWOW64\DeltaIITray.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Common Files\Nuance\NaturallySpeaking11\dgnuiasvr.exe
C:\Program Files (x86)\Common Files\Nuance\NaturallySpeaking11\dgnuiasvr_x64.exe
C:\Program Files (x86)\Nuance\NaturallySpeaking11\Program\dnsspserver.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\RapidBIT\cidaemon.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10t_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://youhaveangels.com/
uURLSearchHooks: H - No File
BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RoboForm BHO: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: MAGIX Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: MAGIX Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
mRun: [M-Audio Taskbar Icon] C:\Windows\system32\DeltaIITray.exe
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [TrayServer] C:\Program Files (x86)\MAGIX\Movie_Edit_Pro_17_Plus_Download_Version\TrayServer_en.exe
StartupFolder: C:\Users\Paul\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DRAGON~1.LNK - C:\Program Files (x86)\Nuance\NaturallySpeaking11\Program\natspeak.exe
StartupFolder: C:\Users\Paul\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Spartan.lnk - C:\Program Files (x86)\Spartan\Spartan.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\EVOLUE~1.LNK - C:\Windows\Installer\{0F8F4447-1F0B-4703-9BD5-53F0274CE856}\_B5CB566BBFE908A7621D0F.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMMAT~1.LNK - C:\Program Files (x86)\MagicTune Premium\GammaTray.exe
uPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)
mPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Download All Links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\WPLauncher.hta
IE: RoboForm Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223} - C:\Program Files (x86)\Bonjour\ExplorerPlugin.dll
LSP: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: line6.net
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net ... plugin.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} - hxxp://www-cdn.freerealms.com/gamedata/ ... cab?v=1035
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/v ... .2.5.0.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/softwa ... Plugin.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FFFFFFFF-CAFE-BABE-BABE-00AA0055595A} - hxxp://networksolutionsemailpopwizard.c ... itchEC.exe
TCP: DhcpNameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{45E3F1CC-8C60-4AFD-A048-3CBB8465B311} : DhcpNameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{97B02717-AE94-4BE3-B0F9-9F8B53AFBDDA} : DhcpNameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{B6136640-6FD7-4CB2-B2C6-FAE5732505F9} : DhcpNameServer = 65.32.5.111 65.32.5.112
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
Notify: WBSrv - C:\PROGRA~2\Stardock\OBJECT~2\WINDOW~1\wbsrv.dll
SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\PROGRA~2\COMMON~1\Stardock\mcpcore.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO-X64: IDM Helper - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO-X64: RoboForm BHO - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: MAGIX Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB-X64: MAGIX Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
mRun-x64: [M-Audio Taskbar Icon] C:\Windows\system32\DeltaIITray.exe
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [TrayServer] C:\Program Files (x86)\MAGIX\Movie_Edit_Pro_17_Plus_Download_Version\TrayServer_en.exe
IE-X64: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE-X64: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE-X64: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
SSODL-X64: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\PROGRA~2\COMMON~1\Stardock\mcpcore.dll
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\pvne8or0.default\
FF - prefs.js: browser.startup.homepage - hxxp://igoogle.com/
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\np_IEGetPlugin.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\PACE Anti-Piracy\iLok\NPPaceILok.dll
FF - plugin: C:\Program Files (x86)\Sony Online Entertainment\npsoe.dll
FF - plugin: C:\Program Files (x86)\Sony Online Entertainment\npsoeact.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
FF - plugin: C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll
FF - plugin: C:\Users\Paul\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Users\Paul\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: C:\Users\Paul\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Paul\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
============= SERVICES / DRIVERS ===============
.
R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]
R0 pctDS;PC Tools Data Store;C:\Windows\system32\drivers\pctDS64.sys --> C:\Windows\system32\drivers\pctDS64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 Magic Tune;MagicTune;C:\Windows\System32\drivers\MTiCtwl.sys [2011-6-22 14080]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-8-15 136360]
R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-8-15 269480]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2010-7-23 296808]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-8-27 1253376]
R2 IDMWFP;IDMWFP;C:\Windows\system32\DRIVERS\idmwfp.sys --> C:\Windows\system32\DRIVERS\idmwfp.sys [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2009-11-27 366640]
R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2010-9-7 202048]
R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2009-7-17 4948992]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\nlssrv32.exe [2010-10-11 64512]
R2 PaceLicenseDServices;PACE License Services;C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2010-11-8 2647552]
R2 TabletServicePen;TabletServicePen;C:\Windows\system32\Pen_Tablet.exe --> C:\Windows\system32\Pen_Tablet.exe [?]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-7-20 2027840]
R2 VRMService;VRMService;C:\Program Files\Focusrite\VRM Box\VRMService.exe [2011-8-8 194048]
R2 WTouchService;WTouch Service;C:\Program Files\WTouch\WTouchService.exe [2011-8-6 127784]
R3 EvoMouseDriverFilterHidUsb;Evoluent Mouse Driver Filter;C:\Windows\system32\DRIVERS\EvoMouseDriverFilterHidUsb.sys --> C:\Windows\system32\DRIVERS\EvoMouseDriverFilterHidUsb.sys [?]
R3 EvoMouseDriverMini;EvoMouseDriverMini;C:\Windows\system32\drivers\EvoMouseDriverMini.sys --> C:\Windows\system32\drivers\EvoMouseDriverMini.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-2-10 11856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 FlexService;Remote Connections Service;C:\Program Files (x86)\RapidBIT\cisvc.exe [2009-5-17 41984]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-7-24 136176]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
S3 DELTAII;Service for M-Audio Delta Driver (WDM);C:\Windows\system32\DRIVERS\MAudioDelta.sys --> C:\Windows\system32\DRIVERS\MAudioDelta.sys [?]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-8-7 3276800]
S3 GPWADrv;Service for L6 GuitarPort Driver (WDM);C:\Windows\system32\Drivers\GPWADrv64.sys --> C:\Windows\system32\Drivers\GPWADrv64.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-7-24 136176]
S3 iLokDrvr;Usb Driver;C:\Windows\system32\DRIVERS\iLokDrvr.sys --> C:\Windows\system32\DRIVERS\iLokDrvr.sys [?]
S3 MAFWPROFIRE;Service for M-Audio ProFire;C:\Windows\system32\DRIVERS\MAudioProFire.sys --> C:\Windows\system32\DRIVERS\MAudioProFire.sys [?]
S3 MEMSWEEP2;MEMSWEEP2;\??\C:\Windows\system32\7F9B.tmp --> C:\Windows\system32\7F9B.tmp [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 30969208]
S3 MsDepSvc;Web Deployment Agent Service;C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [2011-1-7 63304]
S3 MSSQL$SONY_MEDIAMGR2;SQL Server (SONY_MEDIAMGR2);C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 netr7364;Belkin Wireless 54G USB Network Adapter Driver;C:\Windows\system32\DRIVERS\netr7364.sys --> C:\Windows\system32\DRIVERS\netr7364.sys [?]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;C:\Windows\System32\svchost.exe -k nosGetPlusHelper [2009-7-13 20992]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RDID1102;A-PRO;C:\Windows\system32\Drivers\rdwm1102.sys --> C:\Windows\system32\Drivers\rdwm1102.sys [?]
S3 rspSanity;rspSanity;C:\Windows\system32\DRIVERS\rspSanity64.sys --> C:\Windows\system32\DRIVERS\rspSanity64.sys [?]
S3 Saffire;Saffire;C:\Windows\system32\Drivers\Saffire.sys --> C:\Windows\system32\Drivers\Saffire.sys [?]
S3 SaffireAudio;Saffire Audio;C:\Windows\system32\drivers\SaffireAudio.sys --> C:\Windows\system32\drivers\SaffireAudio.sys [?]
S3 SaffireMidi;Saffire MIDI;C:\Windows\system32\drivers\SaffireMidi.sys --> C:\Windows\system32\drivers\SaffireMidi.sys [?]
S3 sdAuxService;PC Tools Auxiliary Service;C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe [2011-8-15 366840]
S3 sdCoreService;PC Tools Security Service;C:\Program Files (x86)\PC Tools Security\pctsSvc.exe [2011-8-15 1150936]
S3 SynasUSB;SynasUSB;C:\Windows\system32\drivers\SynUSB64.sys --> C:\Windows\system32\drivers\SynUSB64.sys [?]
S3 synusb64;eLicenser;C:\Windows\system32\DRIVERS\synusb64.sys --> C:\Windows\system32\DRIVERS\synusb64.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 vrm;vrm;C:\Windows\system32\DRIVERS\vrm.sys --> C:\Windows\system32\DRIVERS\vrm.sys [?]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-08-18 18:16:38 -------- d-----w- C:\Windows\Standalone System Sweeper
2011-08-18 02:57:16 6144 ------w- C:\Windows\System32\7F9B.tmp
2011-08-18 02:48:20 6144 ------w- C:\Windows\System32\512B.tmp
2011-08-18 02:48:13 -------- d-----w- C:\Program Files (x86)\Sophos
2011-08-18 02:34:50 29752 ----a-w- C:\Windows\System32\drivers\rspSanity64.sys
2011-08-18 02:34:50 -------- d-----w- C:\Program Files\SanityCheck
2011-08-18 01:46:25 -------- d-----w- C:\Users\Paul\AppData\Local\Focusrite
2011-08-18 01:39:18 73728 ----a-w- C:\Windows\SysWow64\SaffireUninstall.dll
2011-08-18 01:39:18 43232 ----a-w- C:\Windows\System32\drivers\SaffireMidi.sys
2011-08-18 01:39:18 38880 ----a-w- C:\Windows\System32\drivers\SaffireAudio.sys
2011-08-18 01:39:18 211936 ----a-w- C:\Windows\System32\drivers\Saffire.sys
2011-08-18 01:39:18 116224 ----a-w- C:\Windows\System32\SaffireAsio.dll
2011-08-18 01:39:18 106496 ----a-w- C:\Windows\SysWow64\SaffireAsio.dll
2011-08-18 01:01:19 -------- d-----w- C:\Program Files (x86)\Ask.com
2011-08-17 02:21:31 -------- d-----w- C:\Program Files (x86)\Common Files\MAGIX Shared
2011-08-17 01:19:42 16 ----a-w- C:\Windows\SysWow64\msvcsv60.dll
2011-08-16 00:21:31 98816 ----a-w- C:\Windows\sed.exe
2011-08-16 00:21:31 518144 ----a-w- C:\Windows\SWREG.exe
2011-08-16 00:21:31 256000 ----a-w- C:\Windows\PEV.exe
2011-08-16 00:21:31 208896 ----a-w- C:\Windows\MBR.exe
2011-08-15 23:57:50 -------- d-----w- C:\Users\Paul\AppData\Local\old exe
2011-08-15 23:56:48 -------- d-----w- C:\ProgramData\old exe
2011-08-15 23:10:43 -------- d-----w- C:\Users\Paul\AppData\Roaming\Avira
2011-08-15 23:08:06 88288 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2011-08-15 23:08:05 -------- d-----w- C:\ProgramData\Avira
2011-08-15 23:08:05 -------- d-----w- C:\Program Files (x86)\Avira
2011-08-15 22:32:21 816016 ----a-w- C:\Windows\System32\drivers\pctEFA64.sys
2011-08-15 22:32:21 452872 ----a-w- C:\Windows\System32\drivers\pctDS64.sys
2011-08-15 22:32:21 334976 ----a-w- C:\Windows\System32\drivers\pctgntdi64.sys
2011-08-15 22:32:21 137704 ----a-w- C:\Windows\System32\drivers\pctwfpfilter64.sys
2011-08-15 22:32:19 257232 ----a-w- C:\Windows\System32\drivers\PCTCore64.sys
2011-08-15 22:32:18 92896 ----a-w- C:\Windows\System32\drivers\pctplsg64.sys
2011-08-15 22:32:15 -------- d-----w- C:\Users\Paul\AppData\Roaming\PC Tools
2011-08-15 22:32:15 -------- d-----w- C:\Program Files (x86)\PC Tools Security
2011-08-15 22:32:15 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2011-08-15 22:27:39 -------- d-----w- C:\ProgramData\PC Tools
2011-08-14 02:55:15 65792 ----a-w- C:\Windows\SysWow64\LGDispDrv.dll
2011-08-14 02:55:15 3456 ----a-r- C:\Windows\SysWow64\LgExport.dll
2011-08-14 01:30:48 73816 ----a-w- C:\Windows\System32\WRusr.dll
2011-08-13 01:52:48 88 --sha-r- C:\ProgramData\090E0CF4E1.sys
2011-08-13 00:56:47 -------- d-----w- C:\ProgramData\Borland
2011-08-13 00:55:19 -------- d-----w- C:\ProgramData\WordPerfect Office X5
2011-08-09 03:11:41 19000 ----a-w- C:\Windows\System32\nvnusbaudio_coinst.dll
2011-08-09 03:11:38 238080 ----a-w- C:\Windows\System32\drivers\vrm.sys
2011-08-09 03:11:38 16952 ----a-w- C:\Windows\System32\vrm_coinst.dll
2011-08-09 03:11:36 -------- d-----w- C:\Program Files\Focusrite
2011-08-08 17:46:12 145008 ----a-w- C:\Windows\System32\drivers\idmwfp.sys
2011-08-06 21:24:20 -------- d-----w- C:\Users\Paul\AppData\Roaming\WTablet
2011-08-06 21:24:15 -------- d-----w- C:\Users\Paul\AppData\Roaming\WTouch
2011-08-06 21:24:14 290088 ------w- C:\Windows\System32\Touch_Tablet.dll
2011-08-06 21:24:14 245032 ------w- C:\Windows\SysWow64\Touch_Tablet.dll
2011-08-06 21:24:11 -------- d-----w- C:\Program Files\WTouch
2011-08-06 21:23:52 7543592 ------w- C:\Windows\System32\PenTablet.cpl
2011-08-06 21:23:47 12848 ----a-w- C:\Windows\System32\drivers\wacommousefilter.sys
2011-08-06 21:23:41 15656 ----a-w- C:\Windows\System32\drivers\wacomvhid.sys
2011-08-06 21:23:37 -------- d-----w- C:\Windows\System32\WTablet
2011-08-06 21:23:33 490280 ------w- C:\Windows\System32\Pen_Tablet.dll
2011-08-06 21:23:33 416040 ------w- C:\Windows\SysWow64\Pen_Tablet.dll
2011-08-06 21:23:33 284160 ------w- C:\Windows\SysWow64\Wintab32.dll
2011-08-06 21:23:31 5556520 ------w- C:\Windows\System32\Pen_Tablet.exe
2011-08-06 21:23:28 -------- d-----w- C:\Program Files (x86)\Tablet
2011-07-29 17:15:33 8578896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6570C5D1-982E-471C-8F8B-4CD569CC549D}\mpengine.dll
2011-07-27 01:06:34 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS
2011-07-27 01:06:34 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2011-07-27 01:06:22 3137536 ----a-w- C:\Windows\System32\win32k.sys
2011-07-27 00:59:59 716800 ----a-w- C:\Windows\System32\drivers\netr7364.sys
2011-07-27 00:59:59 200704 ----a-w- C:\Windows\SysWow64\UpdateDriver.exe
2011-07-25 15:11:35 -------- d-----w- C:\Users\Paul\AppData\Roaming\Apowersoft
2011-07-25 15:11:31 -------- d-----w- C:\Program Files\Apowersoft
2011-07-24 17:46:18 -------- d-----w- C:\Program Files (x86)\Belkin
.
==================== Find3M ====================
.
2011-08-18 01:48:23 16 ----a-w- C:\Users\Paul\AppData\Roaming\msregsvv.dll
2011-08-13 01:54:39 8768 --sha-w- C:\ProgramData\KGyGaAvL.sys
2011-07-31 21:03:21 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-22 05:42:23 2303488 ----a-w- C:\Windows\System32\jscript9.dll
2011-07-22 05:36:16 1389056 ----a-w- C:\Windows\System32\wininet.dll
2011-07-22 05:32:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-07-22 02:54:43 1797632 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-07-22 02:48:26 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-07-22 02:44:36 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-07-20 08:41:18 34624 ----a-w- C:\Windows\System32\TURegOpt.exe
2011-07-20 08:35:48 25920 ----a-w- C:\Windows\System32\authuitu.dll
2011-07-20 08:35:42 21312 ----a-w- C:\Windows\SysWow64\authuitu.dll
2011-07-20 08:35:38 36160 ----a-w- C:\Windows\System32\uxtuneup.dll
2011-07-20 08:35:34 29504 ----a-w- C:\Windows\SysWow64\uxtuneup.dll
2011-07-16 05:41:50 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-07-16 05:41:49 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-07-16 05:41:49 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-07-16 05:39:10 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-07-16 05:37:12 421888 ----a-w- C:\Windows\System32\KernelBase.dll
2011-07-16 04:29:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-07-16 04:26:00 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-07-16 04:25:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-07-16 04:24:23 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-07-16 04:24:22 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-07-16 02:21:44 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-07-16 02:21:41 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-07-16 02:17:19 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17:19 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17:19 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17:19 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-07-09 02:46:28 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-07-06 23:52:42 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-06 23:52:42 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-06-24 15:37:17 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-06-24 15:37:17 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-06-24 05:34:53 214528 ----a-w- C:\Windows\System32\winsrv.dll
2011-06-24 05:25:49 338432 ----a-w- C:\Windows\System32\conhost.exe
2011-06-23 05:43:12 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-06-23 04:33:57 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-06-23 04:33:57 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-06-21 06:34:00 1923968 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-06-15 10:02:23 212992 ----a-w- C:\Windows\System32\odbctrac.dll
2011-06-15 10:02:23 163840 ----a-w- C:\Windows\System32\odbccp32.dll
2011-06-15 10:02:23 106496 ----a-w- C:\Windows\System32\odbccu32.dll
2011-06-15 10:02:23 106496 ----a-w- C:\Windows\System32\odbccr32.dll
2011-06-15 08:55:19 86016 ----a-w- C:\Windows\SysWow64\odbccu32.dll
2011-06-15 08:55:19 81920 ----a-w- C:\Windows\SysWow64\odbccr32.dll
2011-06-15 08:55:19 319488 ----a-w- C:\Windows\SysWow64\odbcjt32.dll
2011-06-15 08:55:19 163840 ----a-w- C:\Windows\SysWow64\odbctrac.dll
2011-06-15 08:55:19 122880 ----a-w- C:\Windows\SysWow64\odbccp32.dll
2011-06-02 23:56:40 11152 ----a-w- C:\Windows\SysWow64\mfcuia32.dll
2011-06-02 23:56:38 139424 ----a-w- C:\Windows\SysWow64\MFCANS32.DLL
2011-05-24 23:14:10 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-05-24 11:42:55 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2011-05-24 10:40:05 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2011-05-24 10:40:05 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2011-05-24 10:39:38 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37:54 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
.
============= FINISH: 17:25:18.56 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 10/24/2009 7:58:30 PM
System Uptime: 8/18/2011 4:37:12 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0TP406
Processor: Intel(R) Core(TM)2 Quad CPU Q9400 @ 2.66GHz | CPU | 2660/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 596 GiB total, 102.103 GiB free.
D: is FIXED (NTFS) - 684 GiB total, 458.705 GiB free.
E: is FIXED (NTFS) - 15 GiB total, 14.878 GiB free.
F: is CDROM ()
G: is CDROM ()
I: is Removable
J: is Removable
K: is Removable
L: is CDROM ()
M: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1864: 8/14/2011 9:23:18 PM - Removed EasySetPackage
RP1865: 8/14/2011 11:14:29 PM - Removed S-Gear
RP1866: 8/14/2011 11:21:39 PM - Removed Modern Symphonic Orchestra Brass
RP1867: 8/17/2011 9:39:29 PM - Device Driver Package Install: Focusrite A.E. Sound, video and game controllers
.
==== Installed Programs ======================
.
123di Version 6.2
2C-Audio Breeze
Acrobat.com
Adobe AIR
Adobe Audition 3.0
Adobe Community Help
Adobe Content Viewer
Adobe Download Assistant
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Media Player
Adobe Photoshop CS2
Adobe Reader X (10.1.0)
Adobe Shockwave Player 11.5
Akamai NetSession Interface
Aleo Flash Intro Banner Maker 3.6
Amazon Kindle
Amazon MP3 Downloader 1.0.10
AmpliTube X-GEAR
Apple Application Support
Apple Software Update
Aptana Studio 3
ArtRage Studio Pro
ASIO4ALL
Ask Toolbar
Avira AntiVir Personal - Free Antivirus
Bamboo
Belarc Advisor 8.1
Belkin 54Mbps Wireless Network Adapter
Capture NX 2
CD - DVD Publishing Service
Cisco Connect
Corel Graphics - Windows Shell Extension
CorelDRAW Graphics Suite X5
CorelDRAW Graphics Suite X5 - BR
CorelDRAW Graphics Suite X5 - Capture
CorelDRAW Graphics Suite X5 - Common
CorelDRAW Graphics Suite X5 - Connect
CorelDRAW Graphics Suite X5 - Custom Data
CorelDRAW Graphics Suite X5 - Draw
CorelDRAW Graphics Suite X5 - EN
CorelDRAW Graphics Suite X5 - ES
CorelDRAW Graphics Suite X5 - Extra Content
CorelDRAW Graphics Suite X5 - Filters
CorelDRAW Graphics Suite X5 - FontNav
CorelDRAW Graphics Suite X5 - FR
CorelDRAW Graphics Suite X5 - IPM
CorelDRAW Graphics Suite X5 - PHOTO-PAINT
CorelDRAW Graphics Suite X5 - Photozoom Plugin
CorelDRAW Graphics Suite X5 - Premium Fonts
CorelDRAW Graphics Suite X5 - Redist
CorelDRAW Graphics Suite X5 - Setup Files
CorelDRAW Graphics Suite X5 - VBA
CorelDRAW Graphics Suite X5 - VideoBrowser
CorelDRAW Graphics Suite X5 - VSTA
CorelDRAW Graphics Suite X5 - WT
CorelDRAW(R) Graphics Suite X5
CSR Hall
Definition update for Microsoft Office 2010 (KB982726)
Dell Driver Download Manager
DHTML Editing Component
Dragon NaturallySpeaking 11
DVD Decrypter (Remove Only)
DVD Shrink 3.2
Easy GIF Animator 5.02
eLicenser Control
EZmix
FabFilter Pro-C 1.14
FabFilter Pro-C 1.14 (64-bit)
Feedback Tool
ffdshow [rev 2527] [2008-12-19]
FileMaker Pro 11
FileZilla Client 3.5.0
Firebird SQL Server - MAGIX Edition
FL Studio 10
FolderMatch v3.5.6
Font Viewer 2.0
GEAR driver installer for x86 and x64
GEAR driver installer for x86 Win2K
getPlus(R) Download Manager for Corel
Google Chrome
Google Earth
Google Talk Plugin
Google Update Helper
Guitar Pro 6 Demo
H&R Block Premium + Efile + State 2010
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
IL Download Manager
iLok Client Helper
Internet Download Manager
iZotope Ozone 4
Java Auto Updater
Java(TM) 6 Update 16
Java(TM) 6 Update 20
K-Lite Codec Pack 5.2.0 (Standard)
KORG Legacy Collection - M1
LameACM
LibreOffice 3.4
License Support
LinPlug RM IV 4.12c
LXP Native Reverb Plug-In Bundle
MagicDisc 2.7.106
MagicTune Premium
MAGIX Movie Edit Pro 17 Plus Download Version
MAGIX Screenshare
MAGIX Speed burnR (MSI)
Malwarebytes' Anti-Malware version 1.51.1.1800
Media Manager 2.4
Metal EZmix pack
Microsoft ASP.NET Web Pages
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (SONY_MEDIAMGR2)
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server Compact 4.0 Web Tools ENU
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server System CLR Types
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Miro Video Converter
Modern Symphonic Orchestra Percussion
Modern Symphonic Orchestra Strings
Modern Symphonic Orchestra Symphonic Collection
Modern Symphonic Orchestra Woodwinds
Moment of Inspiration 2.0
MotoHelper 2.0.24 Driver 4.7.1
MotoHelper MergeModules
Mozilla Firefox 5.0 (x86 en-US)
Mp3tag v2.46a
MSU Screen Capture Lossless Codec v1.2 (Remove Only)
MSVCRT Redists
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
Native Instruments Controller Editor
Native Instruments Kontakt 4
Native Instruments Kontakt 4 Factory Content
Native Instruments Service Center
NF VST 32-bit Installer
NI Service Center
Notepad++
Octoshape add-in for Adobe Flash Player
On2 Technologies Flix Standard
Opera 11.01
Pdf995 (installed by H&R Block)
PdfEdit995 (installed by H&R Block)
Picture Control Utility
Postbox (2.5.0)
PxMergeModule
QuickTime
RapidBIT Suite
Rhino 2.09
RightNote 1.8.3.2
RoboForm 7-4-1 (All Users)
SampleTank 2
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft Excel 2010 (KB2523021)
Security Update for Microsoft InfoPath 2010 (KB2510065)
Security Update for Microsoft Office 2010 (KB2289078)
Security Update for Microsoft Office 2010 (KB2289161)
Security Update for Microsoft PowerPoint 2010 (KB2519975)
Security Update for Microsoft Publisher 2010 (KB2409055)
Security Update for Microsoft Word 2010 (KB2345000)
Serif PagePlus Starter Edition
Serif PhotoPlus Starter Edition
Skype™ 5.3
SmartSound Common Data
SmartSound Quicktracks 5
Sonic Reality Infinite Player
Sophos Anti-Rootkit 1.5.20
Spartan Multi Clipboard
Spyware Doctor 8.0
Steinberg Groove Agent ONE Content
Steinberg Groove Agent ONE Vintage Beatboxes
Steinberg HALion Sonic SE Content for Cubase LE AI Elements
Steinberg LoopMash Content
Steinberg LoopMash Content 2
Steinberg REVerence Content 01
String Studio VS-1 v1.1.3
Studio Devil VBA 1.0
StyleWriter 4
Swift To-Do List 7.262
SWiSH Max4
Tone2 Warmverb multi-FX full
Tonelux Tilt (Native)
Toraverb
Tracktion 3.0.4.8
Tree Notes 1.64
TuneUp Utilities 2011
TuneUp Utilities Language Pack (en-US)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2413186)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2523113)
Update for Microsoft OneNote 2010 (KB2493983)
Update for Microsoft Outlook Social Connector (KB2441641)
Update Manager
Verizon V CAST Media Manager
Visual Basic for Applications (R) Core
Visual Basic for Applications (R) Core - English
Visual C++ Redistributables
WampServer 2.1
Wave Arts Power Suite
Wave Arts Tube Saturator
WebTablet IE Plugin
WebTablet Netscape Plugin
Windows Media Encoder 9 Series
XMind
Yahoo! BrowserPlus 2.9.8
Yahoo! Software Update
.
==== Event Viewer Messages From Past Week ========
.
8/18/2011 4:38:06 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: gCjoqlFo
8/18/2011 1:40:33 AM, Error: Service Control Manager [7000] - The MEMSWEEP2 service failed to start due to the following error: This driver has been blocked from loading
8/18/2011 1:40:33 AM, Error: Application Popup [1060] - \??\C:\Windows\system32\7F9B.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
8/17/2011 10:48:20 PM, Error: Application Popup [1060] - \??\C:\Windows\system32\512B.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
8/16/2011 8:59:56 PM, Error: Service Control Manager [7034] - The TuneUp Utilities Service service terminated unexpectedly. It has done this 1 time(s).
8/16/2011 12:43:20 AM, Error: Service Control Manager [7024] - The wampapache service terminated with service-specific error Incorrect function..
8/15/2011 8:38:35 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
8/15/2011 8:37:10 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
8/15/2011 8:27:46 PM, Error: Service Control Manager [7034] - The VRMService service terminated unexpectedly. It has done this 1 time(s).
8/15/2011 8:27:46 PM, Error: Service Control Manager [7034] - The MagicTuneEngine service terminated unexpectedly. It has done this 1 time(s).
8/15/2011 8:18:37 PM, Error: Service Control Manager [7031] - The Akamai NetSession Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
8/15/2011 7:08:30 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
8/15/2011 6:58:49 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
8/15/2011 6:44:07 PM, Error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).
8/15/2011 6:32:16 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
8/15/2011 6:27:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
8/15/2011 6:27:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
8/15/2011 6:26:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
8/15/2011 6:26:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
8/15/2011 6:26:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/15/2011 6:26:14 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx aswSP aswTdi discache gCjoqlFo NetworkX spldr Wanarpv6
8/15/2011 6:26:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
8/15/2011 6:10:05 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f4 (0x0000000000000003, 0xfffffa80073b0a80, 0xfffffa80073b0d60, 0xfffff800037d58b0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 081511-22386-01.
8/15/2011 5:52:39 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Paul-PC\Paul SID (S-1-5-21-4155556350-2478720249-951101306-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
8/14/2011 9:19:09 PM, Error: Service Control Manager [7022] - The avast! Antivirus service hung on starting.
8/14/2011 9:01:43 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
8/14/2011 9:01:27 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
8/14/2011 9:01:27 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
8/14/2011 9:00:54 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi DfsC discache gCjoqlFo NetBIOS NetBT NetworkX nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
8/14/2011 9:00:54 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
8/14/2011 9:00:54 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
8/14/2011 9:00:54 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
8/14/2011 9:00:54 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
8/14/2011 9:00:54 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
8/14/2011 9:00:54 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
8/14/2011 9:00:54 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
8/14/2011 9:00:54 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
8/14/2011 9:00:54 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/14/2011 9:00:54 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
8/14/2011 9:00:53 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000001 (0x00000000745b2e09, 0x0000000000000000, 0x000000000000ffff, 0xfffff880083c6c60). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 081411-20607-01.
8/14/2011 8:57:55 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147014847
8/14/2011 12:17:39 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
8/14/2011 12:10:01 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Remote Connections Service service to connect.
8/14/2011 12:10:01 PM, Error: Service Control Manager [7000] - The Remote Connections Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
PaulG
Active Member
 
Posts: 1
Joined: August 18th, 2011, 4:51 pm
Advertisement
Register to Remove

Re: Malwarebytes - iexplore.exe outgoing IP request - won't

Unread postby askey127 » August 22nd, 2011, 8:23 am

Hi PaulG,
You can read a lot of details about fixing this infection here: http://www.bleepingcomputer.com/virus-r ... urity-2011
------------------------------------------------
Download the Registry file FixNCR.reg from here: FixNCR.reg URL: http://download.bleepingcomputer.com/reg/FixNCR.reg
(You can look at the content by right clicking and choosing "edit". These are the Reg entries that need to be fixed)

Right click and choose "Run as administrator"
Allow it to merge with the registry.

DO NOT REBOOT BEFORE DOING ALL OF THE FOLLOWING
------------------------------------------------
Download and Run Rkill
Please download and run the tool named Rkill, which may help in allowing other programs to run.
There are 4 different versions. If one of them won't run then download and try to run one of the other ones.
Vista and Win7 users need to right click Rkill and choose Run as Administrator
(For this infection, the exe versions may not run correctly)
You only need to get ONE of these to run, not all of them. You may get warnings from your antivirus about any of these tools, ignore them or shutdown your antivirus.
Please download Rkill from one of the following links (note the different names) and save to your Desktop:
Rkill.exe
eXplorer.exe
RKill.com
RKill.scr
Rkill.pif
  • Double-click on the Rkill or eXplorer desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If you get a Warning Message when you try to run it, run it again while the Warning Message is still displayed.
  • If it doesn't run on the first try, please try to run it another two or three times.
  • If it still does not run, delete the desktop entry. Then download and use the one provided in the next link.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided after trying each a few times, please let me know.
------------------------------------------------
Now start up Malwarebytes, allow it to update and run a scan.
Have it delete anything it finds. When the log opens, please post the content in a reply.
The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Or via the Logs tab when the application is started.[/list]

Let me know how it goes.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Malwarebytes - iexplore.exe outgoing IP request - won't

Unread postby askey127 » August 26th, 2011, 9:49 am

Due to Lack of Response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 11 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware