Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

HELP cannot get rid of popups...thankyou

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Unread postby silver » October 25th, 2007, 9:51 am

Hi maxx22.

I'm sorry to hear you are having trouble!

You've already posted a current HJT log, I'm waiting for the Kaspersky report to be posted before we continue.

If you have trouble posting it, you can upload the report here:
http://www.bleepingcomputer.com/submit- ... channel=32

Please fill in the link to topic field with a link to this topic
Press Browse, browse to and select the Kaspersky report, then press Send File, this will upload the file for analysis
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7
Advertisement
Register to Remove

Unread postby maxx22 » October 26th, 2007, 1:37 pm

hello silver will be away from pc tonight will hopefully post tomorrow .thank you for all of your help so far ,

maxx22
maxx22
Regular Member
 
Posts: 34
Joined: October 15th, 2007, 1:48 pm

Unread postby maxx22 » October 27th, 2007, 2:17 pm

hello silver . i tried to post the kaspersky log using the link you gave me . all that happened was that i was left with a blank page .
once ide clicked send i was just left with the hour glass icon then a blank page .
i tried posting half of the log at a time to mru althuogh it said done at the bottom of the page the log was not posted .

i was going to e mail it to another pc and send it you , but my brother said run it through jotti wich found a virus
maxx22
Regular Member
 
Posts: 34
Joined: October 15th, 2007, 1:48 pm

Unread postby silver » October 27th, 2007, 10:53 pm

Hi maxx22,

Sounds very frustrating!

i was going to e mail it to another pc and send it you , but my brother said run it through jotti wich found a virus

Do you mean the Kaspersky report was flagged by Jotti as having a virus? it should be a .txt file and as such harmless.

If you can upload the Kaspersky report to Jotti then you should be able to upload it using the link I gave you above, please try it once more.
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7

Unread postby maxx22 » November 1st, 2007, 10:02 am

Hello silver, first of all let me apologise for the delay in replying, I've only just managed to get back on line.

I have a few questions if you do not mind:

Using the link you supplied, I've tried to post the log with bleepingcomputers and failed.

The link I gave was the webpage address for this page:

http://www.malwareremoval.com/forum/viewtopic.php?t=24463

I browsed to the Kaspersky log and tried to send it.

It said it had failed and gave the following message,

There was a problem with your submission. Please contact us and let us know the name of the file, the size of the file and error message given below.

The error message was as follows:

Unknown error
Error number......

So, did I do it correctly?

Do I have to join bleeping computers to get the log to send?

Also, when I attempt to post the kaspersky log directly to MRU I just get an hourglass icon next to the pointer icon.

Task Manager says MRU ..... running

Then I just get a blank page, and the Kaspersky log has not posted.

The Kaspersky file is 10.2mb in size according to the files properties.

many thanks

maxx22
:D
maxx22
Regular Member
 
Posts: 34
Joined: October 15th, 2007, 1:48 pm

Unread postby silver » November 1st, 2007, 10:17 am

Hi maxx22,

I think the problems are due to the size of the Kaspersky log, I've never heard of one that big before and it's probably too big for the Bleeping Computer upload system.

I recommend you clean temp files and then try scanning again:

Click Start->Run and type cleanmgr in the box and press OK
Ensure the boxes for Recycle Bin, Temporary Files and Temporary Internet Files are checked, you can choose to check other boxes if you wish but they are not required.
Press OK and Yes to confirm

Then use the Kaspersky scanner once more. If you do not use your computer while it's scanning, the log may be a more manageable size. Then either post it here or upload it to Bleeping Computer (you don't need to register to upload).

Once complete, please post a new HijackThis log and let me know how your computer is behaving now.
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7

Unread postby maxx22 » November 1st, 2007, 10:51 am

Hello silver, in the clean manager there was an option to delete 'Compress Old Files...124,106kb is it ok to get rid of this?

I'd already run Ccleaner before I attempted to post the Kaspersky log. I'd also turned off programes that run at startup.

I'll run the Kaspersky program tomorrow if thats ok because my brother is helping me and he has to go now.

Thankyou again,

:D

maxx22
maxx22
Regular Member
 
Posts: 34
Joined: October 15th, 2007, 1:48 pm

Unread postby silver » November 1st, 2007, 8:45 pm

Hi maxx22,

I wouldn't use the "compress old files" option.

I'd already run Ccleaner before I attempted to post the Kaspersky log. I'd also turned off programes that run at startup.

This was a good idea, however this means the new Kaspersky report could be as large as the last one.

If it's too big to post here at MRU, then upload it at Bleeping Computer. If it's too large for Bleeping Computer, then upload it to RapidShare:
http://www.rapidshare.com/
Click Browse, browse to and select the Kaspersky report, then press Upload
Click the link at the bottom of the page which reads I don't want a collector's account right now. Just give me the download-link.
Copy the download link and paste a copy in your next response.
Keep a copy of the delete link if you wish to remove the file once were done.

Once complete, please post a new HijackThis log.
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7

Unread postby maxx22 » November 2nd, 2007, 11:57 am

Hi silver here's the rapidshare link.

http://rapidshare.com/files/66959544/KA ... 7.txt.html

The PC although running slowish does not have any popups appearing when I connect to either Internet Explorer or Firefox....thankyou very much :-)

Here's the Hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 15:55:31, on 02/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\D-Link\D-Link DWA-111 Wireless G USB Adapter\wirelesscm.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOWNLOADS\HJT\hijackthis\david and mandy.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Fire-Trust SiteHound - {C86AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - C:\Program Files\FireTrust\SiteHound\SiteHound.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: SiteHound - {73F7F495-A325-4C52-BE48-5F97FA511E89} - C:\Program Files\FireTrust\SiteHound\SiteHound.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [WINREMOTE] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_SD7.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Wireless Connection Manager.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {11316B13-33F0-4C9F-BD55-09994CCFA8EB} - C:\Program Files\FireTrust\SiteHound\SiteHound.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Thankyou :D
maxx22
Regular Member
 
Posts: 34
Joined: October 15th, 2007, 1:48 pm

Unread postby silver » November 2nd, 2007, 11:12 pm

Hi maxx22,

I got the Kaspersky scan OK, and it's very large because there were a lot of files in use by a number of users - at the time of the scan were there people logged in and using the computer?

I'd like you do to a couple further checks. Please print/save a copy of these instructions because we will be using Safe Mode, during which time you won't have access to the internet.

Please download F-Secure Blacklight to your Desktop (right-click the link, select Save Target As..., select your Desktop and press Save)
  • Double click fsbl.exe to run it, choose I accept the agreement then press Scan
  • It will create the fsbl-xxxxxxx.log on your desktop containing a list of all items found.
  • Do not choose to rename any because legitimate items can also be present.
  • Exit Blacklight and post the contents of the log in your next reply.

Next, download Dr.WEB CureIt to your desktop from here:
ftp://ftp.drweb.com/pub/drweb/cureit/cureit.exe

Then, reboot your computer in Safe Mode:
Restart your computer and as soon as it starts booting up again continuously tap F8
A menu should appear, use the arrow keys to select Safe Mode and press enter

Once in safe mode:

  • Double-click cureit.exe to start the program.
  • Press Start and then OK to start the Express scan
  • The Express scan takes just a few moments to finish, if something is found, click Yes to cure it
  • Once the short scan has finished, Click Options->Change settings
  • Choose the Scan tab and UN-CHECK Heuristic analysis
  • Choose the Actions tab and next to Infected objects select Move
  • At the bottom-left, UN-CHECK Prompt on action, then press OK to close the settings box.
  • Note: These settings changes are IMPORTANT, please ensure you have made them before scanning
  • Then select Complete scan and press the green arrow to start the scan
  • When the scan is complete, click File-> Save report list and save the report to your desktop
  • Close Dr.Web Cureit and reboot your computer normally


Once complete, please post the Blacklight log, the Dr Web report and a new HijackThis log.
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7

Unread postby maxx22 » November 4th, 2007, 1:42 pm

Hello silver, here are the 3 logs you reguested. This has been done with only myself on the pc, there are no ther users.
The only users on this pc are myself (mandy and david), kaylee, Christoper and sam, i hope this helps.
Ill run the kaspersky virus checker again and check the size of the logs.

Many thanks maxx22



11/03/07 15:38:13 [Info]: BlackLight Engine 1.0.67 initialized
11/03/07 15:38:13 [Info]: OS: 5.1 build 2600 (Service Pack 2)
11/03/07 15:38:14 [Note]: 7019 4
11/03/07 15:38:14 [Note]: 7005 0
11/03/07 15:38:18 [Note]: 7006 0
11/03/07 15:38:18 [Note]: 7011 244
11/03/07 15:38:18 [Note]: 7026 0
11/03/07 15:38:18 [Note]: 7026 0
11/03/07 15:38:22 [Note]: FSRAW library version 1.7.1024
11/03/07 15:47:56 [Note]: 7007 0



=============================================================================
Dr.Web(R) Scanner for Windows v4.44.0 (4.44.0.09140)
Copyright (c) Igor Daniloff, 1992-2007
Log generated on: 2007-11-03, 15:57:25 [david and mandy]
Command-line: "C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\setup.exe" /lng /ini:setup_XP.ini
Operating system:Windows XP Home Edition x86 (Build 2600), Service Pack 2
=============================================================================
DwShield started
Engine version: 4.44 (4.44.0.09170)
Engine API version: 2.02
[Virus database] C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\crwtoday.cdb - 1503 virus records
[Virus database] C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\crw44411.cdb - 1582 virus records
[Virus database] C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\crw44410.cdb - 1131 virus records
[Virus database] C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\crw44409.cdb - 2303 virus records
[Virus database] C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\crw44408.cdb - 3904 virus records
[Virus database] C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\crw44407.cdb - 2456 virus records
[Virus database] C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\crw44406.cdb - 4411 virus records
[Virus database] C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\crw44405.cdb - 1311 virus records
[Virus database] C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\crw44404.cdb - 2486 virus records
[Virus database] C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\crw44403.cdb - 4462 virus records
[Virus database] C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\crw44402.cdb - 94 virus records
[Virus database] C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\crw44401.cdb - 557 virus records
[Virus database] C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\crw44400.cdb - 945 virus records
[Virus database] C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\crwebase.cdb - 209466 virus records
[Virus database] C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\cwrtoday.cdb - 149 virus records
[Virus database] C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\cwntoday.cdb - 35 virus records
[Virus database] C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\cwn44401.cdb - 698 virus records
[Virus database] C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\crwrisky.cdb - 2747 virus records
[Virus database] C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\crwnasty.cdb - 13534 virus records
Total virus records: 253774
Key file: C:\DOCUME~1\DAVIDA~1\LOCALS~1\Temp\RarSFX0\setup.key
License key number: 0010092936
Registered to: Dr.Web CureIt Project
License key activates on: 2007-02-05
License key expires on: 2010-02-11

[Scan path] c:\documents and settings\all users\start menu\programs\startup\desktop.ini
[Scan path] c:\documents and settings\all users\start menu\programs\startup\wireless connection manager.lnk
[Scan path] c:\documents and settings\david and mandy\desktop\cureit.exe
[Scan path] c:\documents and settings\david and mandy\local settings\temp\rarsfx0\_start.exe
[Scan path] c:\documents and settings\david and mandy\local settings\temp\rarsfx0\dwebllio.dll
[Scan path] c:\documents and settings\david and mandy\local settings\temp\rarsfx0\setup.exe
[Scan path] c:\documents and settings\david and mandy\local settings\temp\rarsfx1\_start.exe
[Scan path] c:\documents and settings\david and mandy\start menu\programs\startup\desktop.ini
[Scan path] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
[Scan path] c:\hp\kbd\kbd.exe
[Scan path] c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll
[Scan path] c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll
[Scan path] c:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe
[Scan path] c:\program files\alwil software\avast4\ashdisp.exe
[Scan path] c:\program files\alwil software\avast4\ashmaisv.exe
[Scan path] c:\program files\alwil software\avast4\ashserv.exe
[Scan path] c:\program files\alwil software\avast4\ashshell.dll
[Scan path] c:\program files\alwil software\avast4\ashwebsv.exe
[Scan path] c:\program files\alwil software\avast4\aswupdsv.exe
[Scan path] c:\program files\belarc\advisor\system\bavoilax.dll
[Scan path] c:\program files\common files\adobe systems shared\service\adobelmsvc.exe
[Scan path] c:\program files\common files\installshield\updateservice\issch.exe
[Scan path] c:\program files\common files\installshield\updateservice\isuspm.exe
[Scan path] c:\program files\common files\intervideo\schsvr\schsvr.exe
[Scan path] c:\program files\common files\logishrd\srvlnch\srvlnch.exe
[Scan path] c:\program files\common files\microsoft shared\information retrieval\msitss.dll
[Scan path] c:\program files\common files\microsoft shared\office12\msoshext.dll
[Scan path] c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
[Scan path] c:\program files\common files\nero\lib\nerocheck.exe
[Scan path] c:\program files\common files\nero\lib\nerodigitalext.dll
[Scan path] c:\program files\common files\nero\lib\nmindexingservice.exe
[Scan path] c:\program files\common files\pcsuite\datalayer\datalayer.exe
[Scan path] c:\program files\common files\skype\skype4com.dll
[Scan path] c:\program files\common files\system\ole db\oledb32.dll
[Scan path] c:\program files\epson\epson web-to-page\epson web-to-page.dll
[Scan path] c:\program files\firetrust\sitehound\sitehound.dll
[Scan path] c:\program files\google\common\google updater\googleupdaterservice.exe
[Scan path] c:\program files\google\googletoolbar1.dll
[Scan path] c:\program files\google\googletoolbarnotifier\2.0.301.7164\swg.dll
[Scan path] c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\avgas.exe
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\engine.dll
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\guard.exe
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\guard.sys
[Scan path] c:\program files\grisoft\avg anti-spyware 7.5\shellexecutehook.dll
[Scan path] c:\program files\hp\digital imaging\bin\hpdtlk02.dll
[Scan path] c:\program files\hp\digital imaging\bin\hpqtra08.exe
[Scan path] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
[Scan path] c:\program files\intervideo\common\bin\winremote.exe
[Scan path] c:\program files\ipod\bin\ipodservice.exe
[Scan path] c:\program files\messenger\msmsgs.exe
[Scan path] c:\program files\msn messenger\fsshext.8.1.0178.00.dll
[Scan path] c:\program files\msn messenger\msgrapp.8.1.0178.00.dll
[Scan path] c:\program files\msn messenger\usnsvc.exe
[Scan path] c:\program files\nero\nero8\nero backitup\nbkeyscan.exe
[Scan path] c:\program files\nero\nero8\nero backitup\nbservice.exe
[Scan path] c:\program files\nero\nero8\nero coverdesigner\coveredextension.dll
[Scan path] c:\program files\nokia\nokia pc suite 6\launchapplication.exe
[Scan path] c:\program files\nokia\nokia pc suite 6\messageview.dll
[Scan path] c:\program files\nokia\nokia pc suite 6\phonebrowser.dll
[Scan path] c:\program files\outlook express\setup50.exe
[Scan path] c:\program files\outlook express\wabfind.dll
[Scan path] c:\program files\quicktime\qttask.exe
[Scan path] c:\program files\skype\phone\ieplugin\skypeieplugin.dll
[Scan path] c:\program files\sonic recordnow!\shlext.dll
[Scan path] c:\program files\sony ericsson\mobile2\application launcher\application launcher.exe
[Scan path] c:\program files\sony ericsson\mobile2\file manager\fmgrgui.dll
[Scan path] c:\program files\superantispyware\sasdifsv.sys
[Scan path] c:\program files\superantispyware\sasenum.sys
[Scan path] c:\program files\superantispyware\saskutil.sys
[Scan path] c:\program files\superantispyware\sasseh.dll
[Scan path] c:\program files\superantispyware\saswinlo.dll
[Scan path] c:\program files\windows desktop search\dsweballow.dll
[Scan path] c:\program files\windows desktop search\msnlext.dll
[Scan path] c:\program files\windows desktop search\msnlnamespacemgr.dll
[Scan path] c:\program files\windows desktop search\oeph.dll
[Scan path] c:\program files\windows live toolbar\msntb.dll
[Scan path] c:\program files\zone labs\zonealarm\zlavscan.dll
[Scan path] c:\program files\zone labs\zonealarm\zlclient.exe
[Scan path] c:\windows\agrsmmsg.exe
[Scan path] c:\windows\apppatch\acgenral.dll
[Scan path] c:\windows\explorer.exe
[Scan path] c:\windows\fixcamera.exe
[Scan path] c:\windows\inf\fxsocm.inf
[Scan path] c:\windows\inf\ie.inf
[Scan path] c:\windows\inf\msmsgs.inf
[Scan path] c:\windows\inf\msnetmtg.inf
[Scan path] c:\windows\inf\unregmp2.exe
[Scan path] c:\windows\inf\wmp.inf
[Scan path] c:\windows\microsoft.net\framework\v1.1.4322\aspnet_state.exe
[Scan path] c:\windows\msagent\agentpsh.dll
[Scan path] c:\windows\pchealth\helpctr\binaries\pchsvc.dll
[Scan path] c:\windows\sminst\recguard.exe
[Scan path] c:\windows\system32\advapi32.dll
[Scan path] c:\windows\system32\advpack.dll
[Scan path] c:\windows\system32\alg.exe
[Scan path] c:\windows\system32\alrsvc.dll
[Scan path] c:\windows\system32\apphelp.dll
[Scan path] c:\windows\system32\appwiz.cpl
[Scan path] c:\windows\system32\atl.dll
[Scan path] c:\windows\system32\audiosrv.dll
[Scan path] c:\windows\system32\authz.dll
[Scan path] c:\windows\system32\autochk.exe
[Scan path] c:\windows\system32\basesrv.dll
[Scan path] c:\windows\system32\browser.dll
[Scan path] c:\windows\system32\browseui.dll
[Scan path] c:\windows\system32\cabview.dll
[Scan path] c:\windows\system32\cdfview.dll
[Scan path] c:\windows\system32\certcli.dll
[Scan path] c:\windows\system32\cisvc.exe
[Scan path] c:\windows\system32\clbcatq.dll
[Scan path] c:\windows\system32\clipsrv.exe
[Scan path] c:\windows\system32\cnbjmon.dll
[Scan path] c:\windows\system32\comctl32.dll
[Scan path] c:\windows\system32\comdlg32.dll
[Scan path] c:\windows\system32\comres.dll
[Scan path] c:\windows\system32\credui.dll
[Scan path] c:\windows\system32\crypt32.dll
[Scan path] c:\windows\system32\cryptdll.dll
[Scan path] c:\windows\system32\cryptext.dll
[Scan path] c:\windows\system32\cryptnet.dll
[Scan path] c:\windows\system32\cryptsvc.dll
[Scan path] c:\windows\system32\cryptui.dll
[Scan path] c:\windows\system32\cscdll.dll
[Scan path] c:\windows\system32\cscui.dll
[Scan path] c:\windows\system32\csrsrv.dll
[Scan path] c:\windows\system32\csrss.exe
[Scan path] c:\windows\system32\davclnt.dll
[Scan path] c:\windows\system32\deskadp.dll
[Scan path] c:\windows\system32\deskmon.dll
[Scan path] c:\windows\system32\deskperf.dll
[Scan path] c:\windows\system32\dfsshlex.dll
[Scan path] c:\windows\system32\dhcpcsvc.dll
[Scan path] c:\windows\system32\diskcopy.dll
[Scan path] c:\windows\system32\dllhost.exe
[Scan path] c:\windows\system32\dmadmin.exe
[Scan path] c:\windows\system32\dmserver.dll
[Scan path] c:\windows\system32\dnsapi.dll
[Scan path] c:\windows\system32\dnsrslvr.dll
[Scan path] c:\windows\system32\docprop.dll
[Scan path] c:\windows\system32\docprop2.dll
[Scan path] c:\windows\system32\drivers\acpi.sys
[Scan path] c:\windows\system32\drivers\aec.sys
[Scan path] c:\windows\system32\drivers\aegisp.sys
[Scan path] c:\windows\system32\drivers\afd.sys
[Scan path] c:\windows\system32\drivers\agrsm.sys
[Scan path] c:\windows\system32\drivers\alcxwdm.sys
[Scan path] c:\windows\system32\drivers\amdk7.sys
[Scan path] c:\windows\system32\drivers\arp1394.sys
[Scan path] c:\windows\system32\drivers\asyncmac.sys
[Scan path] c:\windows\system32\drivers\atapi.sys
[Scan path] c:\windows\system32\drivers\atmarpc.sys
[Scan path] c:\windows\system32\drivers\audstub.sys
[Scan path] c:\windows\system32\drivers\avgascln.sys
[Scan path] c:\windows\system32\drivers\bantext.sys
[Scan path] c:\windows\system32\drivers\cap7134.sys
[Scan path] c:\windows\system32\drivers\ccdecode.sys
[Scan path] c:\windows\system32\drivers\cdrom.sys
[Scan path] c:\windows\system32\drivers\disk.sys
[Scan path] c:\windows\system32\drivers\dmboot.sys
[Scan path] c:\windows\system32\drivers\dmio.sys
[Scan path] c:\windows\system32\drivers\dmload.sys
[Scan path] c:\windows\system32\drivers\dmusic.sys
[Scan path] c:\windows\system32\drivers\drmkaud.sys
[Scan path] c:\windows\system32\drivers\fdc.sys
[Scan path] c:\windows\system32\drivers\flpydisk.sys
[Scan path] c:\windows\system32\drivers\fltmgr.sys
[Scan path] c:\windows\system32\drivers\ftdisk.sys
[Scan path] c:\windows\system32\drivers\gearaspiwdm.sys
[Scan path] c:\windows\system32\drivers\http.sys
[Scan path] c:\windows\system32\drivers\i8042prt.sys
[Scan path] c:\windows\system32\drivers\ialmnt5.sys
[Scan path] c:\windows\system32\drivers\imapi.sys
[Scan path] c:\windows\system32\drivers\intelide.sys
[Scan path] c:\windows\system32\drivers\intelppm.sys
[Scan path] c:\windows\system32\drivers\ip6fw.sys
[Scan path] c:\windows\system32\drivers\ipfltdrv.sys
[Scan path] c:\windows\system32\drivers\ipinip.sys
[Scan path] c:\windows\system32\drivers\ipnat.sys
[Scan path] c:\windows\system32\drivers\ipsec.sys
[Scan path] c:\windows\system32\drivers\irenum.sys
[Scan path] c:\windows\system32\drivers\isapnp.sys
[Scan path] c:\windows\system32\drivers\iviaspi.sys
[Scan path] c:\windows\system32\drivers\k750bus.sys
[Scan path] c:\windows\system32\drivers\k750mdfl.sys
[Scan path] c:\windows\system32\drivers\k750mdm.sys
[Scan path] c:\windows\system32\drivers\k750mgmt.sys
[Scan path] c:\windows\system32\drivers\k750obex.sys
[Scan path] c:\windows\system32\drivers\kbdclass.sys
[Scan path] c:\windows\system32\drivers\kmixer.sys
[Scan path] c:\windows\system32\drivers\mouclass.sys
[Scan path] c:\windows\system32\drivers\mrxdav.sys
[Scan path] c:\windows\system32\drivers\mrxsmb.sys
[Scan path] c:\windows\system32\drivers\msgpc.sys
[Scan path] c:\windows\system32\drivers\mskssrv.sys
[Scan path] c:\windows\system32\drivers\mspclock.sys
[Scan path] c:\windows\system32\drivers\mspqm.sys
[Scan path] c:\windows\system32\drivers\mssmbios.sys
[Scan path] c:\windows\system32\drivers\mstee.sys
[Scan path] c:\windows\system32\drivers\nabtsfec.sys
[Scan path] c:\windows\system32\drivers\ndisip.sys
[Scan path] c:\windows\system32\drivers\ndistapi.sys
[Scan path] c:\windows\system32\drivers\ndisuio.sys
[Scan path] c:\windows\system32\drivers\ndiswan.sys
[Scan path] c:\windows\system32\drivers\netbios.sys
[Scan path] c:\windows\system32\drivers\netbt.sys
[Scan path] c:\windows\system32\drivers\nic1394.sys
[Scan path] c:\windows\system32\drivers\nmwcd.sys
[Scan path] c:\windows\system32\drivers\nmwcdc.sys
[Scan path] c:\windows\system32\drivers\nmwcdcj.sys
[Scan path] c:\windows\system32\drivers\nmwcdcm.sys
[Scan path] c:\windows\system32\drivers\nwlnkflt.sys
[Scan path] c:\windows\system32\drivers\nwlnkfwd.sys
[Scan path] c:\windows\system32\drivers\ohci1394.sys
[Scan path] c:\windows\system32\drivers\parport.sys
[Scan path] c:\windows\system32\drivers\pci.sys
[Scan path] c:\windows\system32\drivers\pciide.sys
[Scan path] c:\windows\system32\drivers\pfc.sys
[Scan path] c:\windows\system32\drivers\phtvtune.sys
[Scan path] c:\windows\system32\drivers\processr.sys
[Scan path] c:\windows\system32\drivers\ps2.sys
[Scan path] c:\windows\system32\drivers\psched.sys
[Scan path] c:\windows\system32\drivers\ptilink.sys
[Scan path] c:\windows\system32\drivers\pxhelp20.sys
[Scan path] c:\windows\system32\drivers\r8139n51.sys
[Scan path] c:\windows\system32\drivers\rasacd.sys
[Scan path] c:\windows\system32\drivers\rasl2tp.sys
[Scan path] c:\windows\system32\drivers\raspppoe.sys
[Scan path] c:\windows\system32\drivers\raspptp.sys
[Scan path] c:\windows\system32\drivers\raspti.sys
[Scan path] c:\windows\system32\drivers\rdbss.sys
[Scan path] c:\windows\system32\drivers\rdpcdd.sys
[Scan path] c:\windows\system32\drivers\rdpwd.sys
[Scan path] c:\windows\system32\drivers\redbook.sys
[Scan path] c:\windows\system32\drivers\rt73.sys
[Scan path] c:\windows\system32\drivers\secdrv.sys
[Scan path] c:\windows\system32\drivers\serenum.sys
[Scan path] c:\windows\system32\drivers\serial.sys
[Scan path] c:\windows\system32\drivers\sisagpx.sys
[Scan path] c:\windows\system32\drivers\sisgrp.sys
[Scan path] c:\windows\system32\drivers\slip.sys
[Scan path] c:\windows\system32\drivers\snp2sxp.sys
[Scan path] c:\windows\system32\drivers\splitter.sys
[Scan path] c:\windows\system32\drivers\sr.sys
[Scan path] c:\windows\system32\drivers\srv.sys
[Scan path] c:\windows\system32\drivers\srvkp.sys
[Scan path] c:\windows\system32\drivers\streamip.sys
[Scan path] c:\windows\system32\drivers\swenum.sys
[Scan path] c:\windows\system32\drivers\swmidi.sys
[Scan path] c:\windows\system32\drivers\sysaudio.sys
[Scan path] c:\windows\system32\drivers\tcpip.sys
[Scan path] c:\windows\system32\drivers\tdpipe.sys
[Scan path] c:\windows\system32\drivers\tdtcp.sys
[Scan path] c:\windows\system32\drivers\termdd.sys
[Scan path] c:\windows\system32\drivers\update.sys
[Scan path] c:\windows\system32\drivers\usbccgp.sys
[Scan path] c:\windows\system32\drivers\usbehci.sys
[Scan path] c:\windows\system32\drivers\usbhub.sys
[Scan path] c:\windows\system32\drivers\usbohci.sys
[Scan path] c:\windows\system32\drivers\usbprint.sys
[Scan path] c:\windows\system32\drivers\usbscan.sys
[Scan path] c:\windows\system32\drivers\usbstor.sys
[Scan path] c:\windows\system32\drivers\usbuhci.sys
[Scan path] c:\windows\system32\drivers\vga.sys
[Scan path] c:\windows\system32\drivers\viaagp1.sys
[Scan path] c:\windows\system32\drivers\viaide.sys
[Scan path] c:\windows\system32\drivers\vtmini.sys
[Scan path] c:\windows\system32\drivers\w810bus.sys
[Scan path] c:\windows\system32\drivers\w810mdfl.sys
[Scan path] c:\windows\system32\drivers\w810mdm.sys
[Scan path] c:\windows\system32\drivers\w810mgmt.sys
[Scan path] c:\windows\system32\drivers\w810obex.sys
[Scan path] c:\windows\system32\drivers\wanarp.sys
[Scan path] c:\windows\system32\drivers\wdmaud.sys
[Scan path] c:\windows\system32\drivers\wstcodec.sys
[Scan path] c:\windows\system32\drprov.dll
[Scan path] c:\windows\system32\dskquoui.dll
[Scan path] c:\windows\system32\dsound.dll
[Scan path] c:\windows\system32\dsquery.dll
[Scan path] c:\windows\system32\dssec.dll
[Scan path] c:\windows\system32\dsuiext.dll
[Scan path] c:\windows\system32\e_flbbee.dll
[Scan path] c:\windows\system32\ersvc.dll
[Scan path] c:\windows\system32\es.dll
[Scan path] c:\windows\system32\esent.dll
[Scan path] c:\windows\system32\eventlog.dll
[Scan path] c:\windows\system32\extmgr.dll
[Scan path] c:\windows\system32\fontext.dll
[Scan path] c:\windows\system32\fxsmon.dll
[Scan path] c:\windows\system32\fxssvc.exe
[Scan path] c:\windows\system32\gdi32.dll
[Scan path] c:\windows\system32\hhctrl.ocx
[Scan path] c:\windows\system32\hkcmd.exe
[Scan path] c:\windows\system32\hnetcfg.dll
[Scan path] c:\windows\system32\hphmon06.exe
[Scan path] c:\windows\system32\hticons.dll
[Scan path] c:\windows\system32\icmui.dll
[Scan path] c:\windows\system32\ie4uinit.exe
[Scan path] c:\windows\system32\ieudinit.exe
[Scan path] c:\windows\system32\igfxsrvc.dll
[Scan path] c:\windows\system32\imagehlp.dll
[Scan path] c:\windows\system32\imapi.exe
[Scan path] c:\windows\system32\imm32.dll
[Scan path] c:\windows\system32\inetcomm.dll
[Scan path] c:\windows\system32\iphlpapi.dll
[Scan path] c:\windows\system32\ipnathlp.dll
[Scan path] c:\windows\system32\itss.dll
[Scan path] c:\windows\system32\kerberos.dll
[Scan path] c:\windows\system32\kernel32.dll
[Scan path] c:\windows\system32\linkinfo.dll
[Scan path] c:\windows\system32\lmhsvc.dll
[Scan path] c:\windows\system32\localspl.dll
[Scan path] c:\windows\system32\locator.exe
[Scan path] c:\windows\system32\logon.scr
[Scan path] c:\windows\system32\logonui.exe
[Scan path] c:\windows\system32\lpk.dll
[Scan path] c:\windows\system32\lsasrv.dll
[Scan path] c:\windows\system32\lsass.exe
[Scan path] c:\windows\system32\lz32.dll
[Scan path] c:\windows\system32\mmcshext.dll
[Scan path] c:\windows\system32\mmsys.cpl
[Scan path] c:\windows\system32\mnmsrvc.exe
[Scan path] c:\windows\system32\mpr.dll
[Scan path] c:\windows\system32\mprdim.dll
[Scan path] c:\windows\system32\msacm32.dll
[Scan path] c:\windows\system32\msasn1.dll
[Scan path] c:\windows\system32\mscoree.dll
[Scan path] c:\windows\system32\mscories.dll
[Scan path] c:\windows\system32\msctf.dll
[Scan path] c:\windows\system32\msctfime.ime
[Scan path] c:\windows\system32\msdtc.exe
[Scan path] c:\windows\system32\msgina.dll
[Scan path] c:\windows\system32\msgsvc.dll
[Scan path] c:\windows\system32\mshtml.dll
[Scan path] c:\windows\system32\msi.dll
[Scan path] c:\windows\system32\msieftp.dll
[Scan path] c:\windows\system32\msiexec.exe
[Scan path] c:\windows\system32\msimg32.dll
[Scan path] c:\windows\system32\mspmsnsv.dll
[Scan path] c:\windows\system32\msprivs.dll
[Scan path] c:\windows\system32\mstask.dll
[Scan path] c:\windows\system32\msutb.dll
[Scan path] c:\windows\system32\msv1_0.dll
[Scan path] c:\windows\system32\msvcp60.dll
[Scan path] c:\windows\system32\msvcrt.dll
[Scan path] c:\windows\system32\msvidctl.dll
[Scan path] c:\windows\system32\mswsock.dll
[Scan path] c:\windows\system32\mydocs.dll
[Scan path] c:\windows\system32\ncobjapi.dll
[Scan path] c:\windows\system32\nddeapi.dll
[Scan path] c:\windows\system32\netapi32.dll
[Scan path] c:\windows\system32\netdde.exe
[Scan path] c:\windows\system32\netlogon.dll
[Scan path] c:\windows\system32\netman.dll
[Scan path] c:\windows\system32\netplwiz.dll
[Scan path] c:\windows\system32\netrap.dll
[Scan path] c:\windows\system32\netshell.dll
[Scan path] c:\windows\system32\netui0.dll
[Scan path] c:\windows\system32\netui1.dll
[Scan path] c:\windows\system32\ntdll.dll
[Scan path] c:\windows\system32\ntdsapi.dll
[Scan path] c:\windows\system32\ntlanman.dll
[Scan path] c:\windows\system32\ntlanui2.dll
[Scan path] c:\windows\system32\ntmarta.dll
[Scan path] c:\windows\system32\ntmssvc.dll
[Scan path] c:\windows\system32\ntsd.exe
[Scan path] c:\windows\system32\ntshrui.dll
[Scan path] c:\windows\system32\occache.dll
[Scan path] c:\windows\system32\odbc32.dll
[Scan path] c:\windows\system32\odbcint.dll
[Scan path] c:\windows\system32\ole32.dll
[Scan path] c:\windows\system32\oleaut32.dll
[Scan path] c:\windows\system32\olecli32.dll
[Scan path] c:\windows\system32\olecnv32.dll
[Scan path] c:\windows\system32\olesvr32.dll
[Scan path] c:\windows\system32\olethk32.dll
[Scan path] c:\windows\system32\photowiz.dll
[Scan path] c:\windows\system32\pjlmon.dll
[Scan path] c:\windows\system32\powrprof.dll
[Scan path] c:\windows\system32\printui.dll
[Scan path] c:\windows\system32\profmap.dll
[Scan path] c:\windows\system32\ps2.exe
[Scan path] c:\windows\system32\psapi.dll
[Scan path] c:\windows\system32\qmgr.dll
[Scan path] c:\windows\system32\rasadhlp.dll
[Scan path] c:\windows\system32\rasauto.dll
[Scan path] c:\windows\system32\rasmans.dll
[Scan path] c:\windows\system32\regapi.dll
[Scan path] c:\windows\system32\regsvr32.exe
[Scan path] c:\windows\system32\remotepg.dll
[Scan path] c:\windows\system32\riched20.dll
[Scan path] c:\windows\system32\riched32.dll
[Scan path] c:\windows\system32\rpcrt4.dll
[Scan path] c:\windows\system32\rpcss.dll
[Scan path] c:\windows\system32\rsaenh.dll
[Scan path] c:\windows\system32\rshx32.dll
[Scan path] c:\windows\system32\rsvp.exe
[Scan path] c:\windows\system32\rsvpsp.dll
[Scan path] c:\windows\system32\rtutils.dll
[Scan path] c:\windows\system32\rundll32.exe
[Scan path] c:\windows\system32\samlib.dll
[Scan path] c:\windows\system32\samsrv.dll
[Scan path] c:\windows\system32\scardsvr.exe
[Scan path] c:\windows\system32\scecli.dll
[Scan path] c:\windows\system32\scesrv.dll
[Scan path] c:\windows\system32\schannel.dll
[Scan path] c:\windows\system32\schedsvc.dll
[Scan path] c:\windows\system32\sclgntfy.dll
[Scan path] c:\windows\system32\seclogon.dll
[Scan path] c:\windows\system32\secur32.dll
[Scan path] c:\windows\system32\sendmail.dll
[Scan path] c:\windows\system32\sens.dll
[Scan path] c:\windows\system32\services.exe
[Scan path] c:\windows\system32\sessmgr.exe
[Scan path] c:\windows\system32\setupapi.dll
[Scan path] c:\windows\system32\sfc.dll
[Scan path] c:\windows\system32\sfc_os.dll
[Scan path] c:\windows\system32\shdocvw.dll
[Scan path] c:\windows\system32\shell32.dll
[Scan path] c:\windows\system32\shellvrtf.dll
[Scan path] c:\windows\system32\shfolder.dll
[Scan path] c:\windows\system32\shimeng.dll
[Scan path] c:\windows\system32\shimgvw.dll
[Scan path] c:\windows\system32\shlwapi.dll
[Scan path] c:\windows\system32\shmedia.dll
[Scan path] c:\windows\system32\shmgrate.exe
[Scan path] c:\windows\system32\shscrap.dll
[Scan path] c:\windows\system32\shsvcs.dll
[Scan path] c:\windows\system32\sispower.dll
[Scan path] c:\windows\system32\slayerxp.dll
[Scan path] c:\windows\system32\smlogsvc.exe
[Scan path] c:\windows\system32\smss.exe
[Scan path] c:\windows\system32\spool\drivers\w32x86\3\e_fatibee.exe
[Scan path] c:\windows\system32\spoolsv.exe
[Scan path] c:\windows\system32\srsvc.dll
[Scan path] c:\windows\system32\srvsvc.dll
[Scan path] c:\windows\system32\ssdpsrv.dll
[Scan path] c:\windows\system32\stobject.dll
[Scan path] c:\windows\system32\svchost.exe
[Scan path] c:\windows\system32\sxs.dll
[Scan path] c:\windows\system32\syncui.dll
[Scan path] c:\windows\system32\tapisrv.dll
[Scan path] c:\windows\system32\tcpmon.dll
[Scan path] c:\windows\system32\termsrv.dll
[Scan path] c:\windows\system32\themeui.dll
[Scan path] c:\windows\system32\trkwks.dll
[Scan path] c:\windows\system32\twext.dll
[Scan path] c:\windows\system32\umpnpmgr.dll
[Scan path] c:\windows\system32\upnphost.dll
[Scan path] c:\windows\system32\ups.exe
[Scan path] c:\windows\system32\url.dll
[Scan path] c:\windows\system32\urlmon.dll
[Scan path] c:\windows\system32\usbmon.dll
[Scan path] c:\windows\system32\user32.dll
[Scan path] c:\windows\system32\userenv.dll
[Scan path] c:\windows\system32\userinit.exe
[Scan path] c:\windows\system32\usp10.dll
[Scan path] c:\windows\system32\uxtheme.dll
[Scan path] c:\windows\system32\version.dll
[Scan path] c:\windows\system32\vsdatant.sys
[Scan path] c:\windows\system32\vssapi.dll
[Scan path] c:\windows\system32\vssvc.exe
[Scan path] c:\windows\system32\w32time.dll
[Scan path] c:\windows\system32\w3ssl.dll
[Scan path] c:\windows\system32\wbem\esscli.dll
[Scan path] c:\windows\system32\wbem\fastprox.dll
[Scan path] c:\windows\system32\wbem\ncprov.dll
[Scan path] c:\windows\system32\wbem\repdrvfs.dll
[Scan path] c:\windows\system32\wbem\wbemcomn.dll
[Scan path] c:\windows\system32\wbem\wbemcore.dll
[Scan path] c:\windows\system32\wbem\wbemess.dll
[Scan path] c:\windows\system32\wbem\winmgmt.exe
[Scan path] c:\windows\system32\wbem\wmiapsrv.exe
[Scan path] c:\windows\system32\wbem\wmiprvsd.dll
[Scan path] c:\windows\system32\wbem\wmisvc.dll
[Scan path] c:\windows\system32\wbem\wmiutils.dll
[Scan path] c:\windows\system32\wdfmgr.exe
[Scan path] c:\windows\system32\wdigest.dll
[Scan path] c:\windows\system32\webcheck.dll
[Scan path] c:\windows\system32\webclnt.dll
[Scan path] c:\windows\system32\wgalogon.dll
[Scan path] c:\windows\system32\wiascr.dll
[Scan path] c:\windows\system32\wiaservc.dll
[Scan path] c:\windows\system32\wiashext.dll
[Scan path] c:\windows\system32\wininet.dll
[Scan path] c:\windows\system32\winlogon.exe
[Scan path] c:\windows\system32\winmm.dll
[Scan path] c:\windows\system32\winrnr.dll
[Scan path] c:\windows\system32\winscard.dll
[Scan path] c:\windows\system32\winspool.drv
[Scan path] c:\windows\system32\winsrv.dll
[Scan path] c:\windows\system32\winsta.dll
[Scan path] c:\windows\system32\wintrust.dll
[Scan path] c:\windows\system32\wkssvc.dll
[Scan path] c:\windows\system32\wldap32.dll
[Scan path] c:\windows\system32\wlnotify.dll
[Scan path] c:\windows\system32\wmpshell.dll
[Scan path] c:\windows\system32\ws2_32.dll
[Scan path] c:\windows\system32\ws2help.dll
[Scan path] c:\windows\system32\wscsvc.dll
[Scan path] c:\windows\system32\wshext.dll
[Scan path] c:\windows\system32\wshtcpip.dll
[Scan path] c:\windows\system32\wtsapi32.dll
[Scan path] c:\windows\system32\wuaucpl.cpl
[Scan path] c:\windows\system32\wuauserv.dll
[Scan path] c:\windows\system32\wzcsvc.dll
[Scan path] c:\windows\system32\xmlprov.dll
[Scan path] c:\windows\system32\xpsp2res.dll
[Scan path] c:\windows\system32\zipfldr.dll
[Scan path] c:\windows\system32\zonelabs\srescan.sys
[Scan path] c:\windows\system32\zonelabs\vsmon.exe
[Scan path] c:\windows\system\hpsysdrv.exe
[Scan path] c:\windows\tsnp2std.exe
[Scan path] c:\windows\vsnp2std.exe
[Scan path] c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
[Scan path] c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
[Scan path] c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
[Scan path] c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80enu.dll
[Scan path] c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[Scan path] d:\info.exe
[Scan path] e:\dts.ico
[Scan path] e:\runme.exe
-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 528
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Cured: 0
Deleted: 0
Renamed: 0
Moved: 0
Ignored: 0
Scan speed: 2639 Kb/s
Scan time: 00:00:57
-----------------------------------------------------------------------------

[Scan path] C:\
>C:\Program Files\DivX\DivX Web Player\npdivx32.dll - decompression error
>C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll - decompression error
C:\Program Files\Navilog1\Process.exe is a hacktool program Tool.Prockill
>C:\Program Files\PopCap Games\PopCap ActiveX Control\Uninstall.exe is a riskware program Program.PopcapLoader
C:\System Volume Information\_restore{D207F513-1AD2-4EA6-B9AE-1EC20364A2B0}\RP223\A0258346.exe is a hacktool program Tool.Prockill
C:\System Volume Information\_restore{D207F513-1AD2-4EA6-B9AE-1EC20364A2B0}\RP223\A0258472.exe is an adware program Adware.SaveNow.origin
C:\WINDOWS\system32\Process.exe is a hacktool program Tool.Prockill

[Scan path] D:\
[Scan path] E:\
-----------------------------------------------------------------------------
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 260438
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 1
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 1
Hacktool programs found: 3
Cured: 0
Deleted: 0
Renamed: 0
Moved: 0
Ignored: 0
Scan speed: 47 Kb/s
Scan time: 03:24:08
-----------------------------------------------------------------------------

=============================================================================
Total session statistics
=============================================================================
Objects scanned: 260966
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 1
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 1
Hacktool programs found: 3
Cured: 0
Deleted: 0
Renamed: 0
Moved: 0
Ignored: 0
Scan speed: 59 Kb/s
Scan time: 03:25:05
=============================================================================



Logfile of HijackThis v1.99.1
Scan saved at 17:38:33, on 04/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\D-Link\D-Link DWA-111 Wireless G USB Adapter\wirelesscm.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\kaylee\My Documents\HJT\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Fire-Trust SiteHound - {C86AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - C:\Program Files\FireTrust\SiteHound\SiteHound.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: SiteHound - {73F7F495-A325-4C52-BE48-5F97FA511E89} - C:\Program Files\FireTrust\SiteHound\SiteHound.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [WINREMOTE] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_SD7.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Wireless Connection Manager.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {11316B13-33F0-4C9F-BD55-09994CCFA8EB} - C:\Program Files\FireTrust\SiteHound\SiteHound.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
maxx22
Regular Member
 
Posts: 34
Joined: October 15th, 2007, 1:48 pm

Unread postby silver » November 4th, 2007, 9:14 pm

Hi maxx22,

Temporarily disable SUPERAntiSpyware
  • Right-click the SUPERAntiSpyware taskbar icon and find Enable Real-Time Protection
  • If this item has a check-mark next to it, select it to disable real-time protection
  • Protection will automatically be re-enabled when your computer is rebooted


Then, open HijackThis, choose Do a system scan only and place a checkmark next to the following lines:
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (file missing)

Then close all open windows apart from HijackThis, press Fix checked, OK the prompt and close HijackThis.

Next, use Windows Explorer (right-click Start, select Explore) to find and delete the following file:
C:\Program Files\PopCap Games\PopCap ActiveX Control\Uninstall.exe


Kaspersky flagged this file:
C:\Documents and Settings\david and mandy\Desktop\Nero-8.1.1.0b_eng_trial.exe

It was flagged because it contains an adware toolbar as an optional component.
If you install this program please take care to install it without the toolbar - you are offered the choice during the installation.
Because Nero choose to bundle this type of program, I recommend considering a safe, free alternative such as ImgBurn

Once complete, please post a new HijackThis log and let me know how your computer is running.
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7

Unread postby maxx22 » November 6th, 2007, 1:06 pm

Hello Silver,
Did everything you said, pc now has no pop-ups appearing when i log onto the internet.

Thank you very much for your help in this.

The pc still appears to be running a little slow.

In the DR Webb scan hack tools were found, have we got rid of these?

I have deleted Nero using add/remove in control panel and downloaded ImgBurn as you recommended, thank you for this, please find below a new hijackthis log.

Thank you again Maxx22

Logfile of HijackThis v1.99.1
Scan saved at 17:02:45, on 06/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
C:\Program Files\InterVideo\Common\Bin\WinRemote.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\D-Link\D-Link DWA-111 Wireless G USB Adapter\wirelesscm.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\DOWNLOADS\HJT\hijackthis\david and mandy.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Fire-Trust SiteHound - {C86AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - C:\Program Files\FireTrust\SiteHound\SiteHound.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: SiteHound - {73F7F495-A325-4C52-BE48-5F97FA511E89} - C:\Program Files\FireTrust\SiteHound\SiteHound.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [WINREMOTE] "C:\Program Files\InterVideo\Common\Bin\WinRemote.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_SD7.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Wireless Connection Manager.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {11316B13-33F0-4C9F-BD55-09994CCFA8EB} - C:\Program Files\FireTrust\SiteHound\SiteHound.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
maxx22
Regular Member
 
Posts: 34
Joined: October 15th, 2007, 1:48 pm

Unread postby silver » November 6th, 2007, 9:44 pm

Hi maxx22,

I'm glad to hear the popups have stopped :)
The 'hacktools' Dr Web found are from a program we have used to clean your machine, which we will remove now:

Please open Start->Control Panel->Add/Remove Programs, find Navilog1 and remove it.

Next, double-click OTMoveIt.exe to start the program.
Select the contents of the below file list, then press Ctrl+C to copy it to the clipboard
In OTMoveIt, click in the left-hand pane and press Ctrl+V to paste the file-list into the program
Then, press MoveIt!
OTMoveIt file list:
Code: Select all
C:\WINDOWS\system32\Process.exe
C:\Documents and Settings\david and mandy\Desktop\SILVER\Navilog1.zip
deljob.exe
erunt.zip
fix.reg
cureit.exe

Then use the cleanup function:
  • Close all other programs apart from OTMoveIt as this step will require a reboot
  • On the OTMoveIt main screen, press the CleanUp! button
  • Say Yes to the prompt and then allow the program to reboot your computer.

Create a new, clean System Restore point which you can use in case of future system problems:
Press Start->All Programs->Accessories->System Tools->System Restore
Select Create a restore point, then Next, type a name like All Clean then press the Create button and once it's done press Close

Now remove old, infected System Restore points:
Next click Start->Run and type cleanmgr in the box and press OK
Ensure the boxes for Temporary Files and Temporary Internet Files are checked, you can choose to check other boxes if you wish but they are not required.
Select the More Options tab, under System Restore press Clean up... and say Yes to the prompt
Press OK and Yes to confirm

Re-hide hidden/system files and folders:
Click Start -> My Computer
Select the Tools menu, click Folder Options and select the View tab
Under the Hidden files and folders heading SELECT Do not show hidden files and folders
CHECK the Hide extensions for known file types option
CHECK the Hide protected operating system files (recommended) option
Press OK

------------------------------------------------------------------------

We've had a pretty thorough look at your computer and at this stage it looks clean of malware, so I'd say it's running slow for other reasons.
Some suggestions for pinning it down:
  • Uninstall unnecessary applications via Start->Control Panel->Add/Remove Programs
  • Turn off unnecessary auto-starting applications. Look at your HijackThis log for programs which automatically start - many are listed in the O4 section of the log, and turn of the automatic starting functionality from within the program. Note: Please do not useHijackThis to remove the entries.
  • Use Process Explorer to monitor resources on your system. Run Process Explorer minimized and when a slowdown occurs, switch to the Process Explorer window to see which process is using a high percentage of CPU.
  • For further assistance, try posting at a PC troubleshooting forum such as PC Pitstop. PC Pitstop specializes in handling problems like this so you are certain to get expert assistance and a speedy resolution is very likely.


------------------------------------------------------------------------

Here are some tips to help you keep your computer clean:

Operating system vulnerabilities can easily be exploited by malware so please ensure your operating system is automatically kept up to date by using Windows Update:
Go to Start->Control Panel->Automatic Updates
Select Automatic and select a suitable schedule
Also, check that your antivirus and antispyware programs are set to automatically update daily.

You have good protection software installed however please ensure it is kept up to date. Check that your antivirus and antispyware programs are set to automatically update themselves daily, and that your firewall is the latest version.

Spywareblaster is a free program which prevents the download and installation of Internet Explorer ActiveX based malware by immunizing your system against it. You can download Spywareblaster from here and a tutorial to help you get started is available here.

Consider a custom hosts file such as MVPS HOSTS. This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers.
For information on how to download and install, please read this tutorial by WinHelp2002
Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.

Find out more about how to prevent infection in the future
http://forum.malwareremoval.com/viewtopic.php?p=33687

Please post back to let me know whether the instructions went OK, and if there are any further issues.
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7

Unread postby maxx22 » November 8th, 2007, 3:33 pm

Hello Silver, followed your instructions to the letter.
Automatic updates have been set to 19.00 in he evening daily, I already have spy ware blaster but will make sure its updated daily from now on.

All my malware/anti virus programmes will be updated daily. I will install the host files programmes when my brother can help me.

I have bookmarked and will read the MRU, so how did I get infected in the first place?? by tony klein page.

Many thanks for your help it is gratefully appreciated.

maxx22 :D
maxx22
Regular Member
 
Posts: 34
Joined: October 15th, 2007, 1:48 pm
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 296 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware