Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Admistrator restriciton warnings.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Admistrator restriciton warnings.

Unread postby hhcdirector » October 2nd, 2007, 11:52 am

Thanks in advance for any help. I am very frustrated and wasting much time!
I have a fairly new Acer computer running XP Pro.
I can not access CD drives or any USB ports.
I get warnings that say "Administrator has restricted access to USB/1394 mass storage devices"
I am the administrator and have full access.
In the Acer software, one shows the optical drive and the usb port enabled and another shows them as disabled. The one reading disabled does not allow changes, just reports. The one that reads enabled allows changes and I have clicked on diable for each, rebuted and then clicked enable on each and I still have the problem.
I have run several spy and virus scans and removed a few nasties, but the issue persists.

My HiJackThis log (saw no other way to post, so I assume it is to be pasted here):
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 11:36:30 AM, on 10/2/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Acer\LANScope Agent\awServ.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Acer\Empowering Technology\eLock\LockServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\LANScope Agent\awtray.exe
C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\TrojanHunter 5.0\THGuard.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\palmOne\Hotsync.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Novell\GroupWise\GrpWise.exe
C:\Documents and Settings\Brian\Desktop\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/ ... ch/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [AdminWorks Tray] "C:\Acer\LANScope Agent\awtray.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 5.0\THGuard.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Palm Desktop.lnk = C:\Program Files\palmOne\Palm.exe
O4 - Startup: palmOne Registration.lnk = C:\Program Files\palmOne\register.exe
O4 - Global Startup: HHC.bat
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6848821515
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\WINDOWS\msxml4.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Acer ODDSpeedControl - TODO: <????> - C:\Acer\Empowering Technology\eAcoustics\ODDSpeedCtl\speedcontrol.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AdminWorks Agent X6 (AWService) - OSA Technologies Inc., An Avocent Company - C:\Acer\LANScope Agent\awServ.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 9732 bytes
hhcdirector
Active Member
 
Posts: 6
Joined: October 2nd, 2007, 11:17 am
Advertisement
Register to Remove

Unread postby random/random » October 10th, 2007, 4:50 pm

First of all, you are using an older version of HijackThis. Please do the following to download and install the latest version of HijackThis v2.0.2:

CLICK HERE to download the HijackThis Installer:
  1. Save HJTInstall.exe to your desktop.
  2. Double-click on HJTInstall.exe to run the program.
  3. By default it will install to C:\Program Files\Trend Micro\HijackThis.
  4. Accept the license agreement by clicking the "I Accept" button.
  5. Click on the "Do a system scan and save a log file" button. It will scan and then ask you to save the log.
  6. Click "Save log" to save the log file and then the log will open in Notepad.
  7. Click on "Edit -> Select All" then click on "Edit -> Copy" to copy the entire contents of the log.
  8. Come back here to this thread and paste the log in your next reply.
  9. Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.

You may delete the older version once you have successfully downloaded and installed the latest version of HijackThis v2.0.2.

Go here to run an online scannner from Kaspersky.
  • Note: You will need to use Internet explorer for this scan
  • Click on "Kaspersky Online Scanner"
  • A new smaller window will pop up. Press on "Accept". After reading the contents.
  • Now Kaspersky will update the anti-virus database. Let it run.
  • Click on "Next">"Scan Settings", and make sure the database is set to "extended". And check both the scan options. Then click OK.
  • Then click on "My Computer", and the scan will start.
  • Once finished, save the log as "KAV.txt" to the desktop.


Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.

Then post the kaspersky log as a reply to this topic
User avatar
random/random
Developer
Developer
 
Posts: 7733
Joined: December 18th, 2005, 3:30 pm

Log file with new version...

Unread postby hhcdirector » October 15th, 2007, 3:58 pm

Thanks for your time and attention...
Here is the new log file

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:52:35 PM, on 10/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Acer\LANScope Agent\awServ.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Acer\Empowering Technology\eLock\LockServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\LANScope Agent\awtray.exe
C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\TrojanHunter 5.0\THGuard.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\palmOne\Hotsync.exe
C:\Program Files\palmOne\Palm.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/ ... ch/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [AdminWorks Tray] "C:\Acer\LANScope Agent\awtray.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 5.0\THGuard.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Palm Desktop.lnk = C:\Program Files\palmOne\Palm.exe
O4 - Startup: palmOne Registration.lnk = C:\Program Files\palmOne\register.exe
O4 - Global Startup: HHC.bat
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6848821515
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\WINDOWS\msxml4.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Acer ODDSpeedControl - TODO: <????> - C:\Acer\Empowering Technology\eAcoustics\ODDSpeedCtl\speedcontrol.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AdminWorks Agent X6 (AWService) - OSA Technologies Inc., An Avocent Company - C:\Acer\LANScope Agent\awServ.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 9447 bytes
hhcdirector
Active Member
 
Posts: 6
Joined: October 2nd, 2007, 11:17 am

Unread postby random/random » October 15th, 2007, 4:26 pm

Please run the kaspersky scan & post the log
User avatar
random/random
Developer
Developer
 
Posts: 7733
Joined: December 18th, 2005, 3:30 pm

Unread postby hhcdirector » October 16th, 2007, 10:07 am

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, October 16, 2007 10:04:14 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 15/10/2007
Kaspersky Anti-Virus database records: 436357
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
J:\
P:\
S:\

Scan Statistics:
Total number of scanned objects: 104762
Number of viruses found: 1
Number of infected objects: 20
Number of suspicious objects: 0
Duration of the scan process: 01:14:18

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\avg7\Log\emc.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\jcusn9kf.default\cert8.db Object is locked skipped
C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\jcusn9kf.default\history.dat Object is locked skipped
C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\jcusn9kf.default\key3.db Object is locked skipped
C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\jcusn9kf.default\parent.lock Object is locked skipped
C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\jcusn9kf.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Brian\Application Data\Mozilla\Firefox\Profiles\jcusn9kf.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Brian\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Brian\Local Settings\Application Data\ApplicationHistory\LockMon.exe.7987f3da.ini.inuse Object is locked skipped
C:\Documents and Settings\Brian\Local Settings\Application Data\ApplicationHistory\SysMonitor.exe.49302a1.ini.inuse Object is locked skipped
C:\Documents and Settings\Brian\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Brian\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Brian\Local Settings\Application Data\Mozilla\Firefox\Profiles\jcusn9kf.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Brian\Local Settings\Application Data\Mozilla\Firefox\Profiles\jcusn9kf.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Brian\Local Settings\Application Data\Mozilla\Firefox\Profiles\jcusn9kf.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Brian\Local Settings\Application Data\Mozilla\Firefox\Profiles\jcusn9kf.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Brian\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Brian\Local Settings\History\History.IE5\MSHist012007100820071015\index.dat Object is locked skipped
C:\Documents and Settings\Brian\Local Settings\History\History.IE5\MSHist012007101520071016\index.dat Object is locked skipped
C:\Documents and Settings\Brian\Local Settings\Temp\Perflib_Perfdata_acc.dat Object is locked skipped
C:\Documents and Settings\Brian\Local Settings\Temp\wt1A.tmp Object is locked skipped
C:\Documents and Settings\Brian\Local Settings\Temp\~DF64C0.tmp Object is locked skipped
C:\Documents and Settings\Brian\Local Settings\Temp\~DF6637.tmp Object is locked skipped
C:\Documents and Settings\Brian\Local Settings\Temp\~DF76C9.tmp Object is locked skipped
C:\Documents and Settings\Brian\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Brian\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Brian\ntuser.dat Object is locked skipped
C:\Documents and Settings\Brian\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\CampBrain4\WinVNC\vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\Program Files\CampBrain4\WinVNC\winvnc4.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\system volume information\_restore{6878E952-D0C8-4B42-9C1D-8CE4EE7F9B17}\RP27\A0005803.msi/Data1.cab/winvnc4.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\system volume information\_restore{6878E952-D0C8-4B42-9C1D-8CE4EE7F9B17}\RP27\A0005803.msi/Data1.cab/vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\system volume information\_restore{6878E952-D0C8-4B42-9C1D-8CE4EE7F9B17}\RP27\A0005803.msi/Data1.cab Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\system volume information\_restore{6878E952-D0C8-4B42-9C1D-8CE4EE7F9B17}\RP27\A0005803.msi Embedded: infected - 3 skipped
C:\system volume information\_restore{6878E952-D0C8-4B42-9C1D-8CE4EE7F9B17}\RP27\A0005804.msi/Data1.cab/winvnc4.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\system volume information\_restore{6878E952-D0C8-4B42-9C1D-8CE4EE7F9B17}\RP27\A0005804.msi/Data1.cab/vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\system volume information\_restore{6878E952-D0C8-4B42-9C1D-8CE4EE7F9B17}\RP27\A0005804.msi/Data1.cab Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\system volume information\_restore{6878E952-D0C8-4B42-9C1D-8CE4EE7F9B17}\RP27\A0005804.msi Embedded: infected - 3 skipped
C:\system volume information\_restore{6878E952-D0C8-4B42-9C1D-8CE4EE7F9B17}\RP27\A0005807.msi/Data1.cab/winvnc4.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\system volume information\_restore{6878E952-D0C8-4B42-9C1D-8CE4EE7F9B17}\RP27\A0005807.msi/Data1.cab/vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\system volume information\_restore{6878E952-D0C8-4B42-9C1D-8CE4EE7F9B17}\RP27\A0005807.msi/Data1.cab Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\system volume information\_restore{6878E952-D0C8-4B42-9C1D-8CE4EE7F9B17}\RP27\A0005807.msi Embedded: infected - 3 skipped
C:\system volume information\_restore{6878E952-D0C8-4B42-9C1D-8CE4EE7F9B17}\RP83\A0024044.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\system volume information\_restore{6878E952-D0C8-4B42-9C1D-8CE4EE7F9B17}\RP83\A0024045.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\system volume information\_restore{6878E952-D0C8-4B42-9C1D-8CE4EE7F9B17}\RP95\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Downloaded Installations\{E55FBF2A-B078-4BDA-A0C0-8C51A281C069}\CampBrain 4.18.msi/Data1.cab/winvnc4.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\WINDOWS\Downloaded Installations\{E55FBF2A-B078-4BDA-A0C0-8C51A281C069}\CampBrain 4.18.msi/Data1.cab/vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\WINDOWS\Downloaded Installations\{E55FBF2A-B078-4BDA-A0C0-8C51A281C069}\CampBrain 4.18.msi/Data1.cab Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped
C:\WINDOWS\Downloaded Installations\{E55FBF2A-B078-4BDA-A0C0-8C51A281C069}\CampBrain 4.18.msi Embedded: infected - 3 skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{8AEB4BBB-ABB7-4EDF-AE5A-555D3D5779D4}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

Scan process completed.
hhcdirector
Active Member
 
Posts: 6
Joined: October 2nd, 2007, 11:17 am

Unread postby random/random » October 16th, 2007, 12:55 pm

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.
  1. Close all applications and windows.
  2. Double-click on dss.exe to run it, and follow the prompts.
  3. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt<-this one will be minimized
  4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and the extra.txt to your post. in your reply
User avatar
random/random
Developer
Developer
 
Posts: 7733
Joined: December 18th, 2005, 3:30 pm

DS Scanner log file

Unread postby hhcdirector » October 17th, 2007, 11:33 am

Deckard's System Scanner v20071014.68
Run by Brian on 2007-10-17 11:28:22
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
87: 2007-10-17 15:28:27 UTC - RP97 - Deckard's System Scanner Restore Point
86: 2007-10-16 14:52:51 UTC - RP96 - System Checkpoint
85: 2007-10-15 13:14:50 UTC - RP95 - System Checkpoint
84: 2007-10-10 07:00:56 UTC - RP94 - Software Distribution Service 3.0
83: 2007-10-09 16:14:43 UTC - RP93 - System Checkpoint


-- First Restore Point --
1: 2007-08-08 19:18:01 UTC - RP11 - Installed Acer WLAN 11g USB Dongle


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Brian.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:29:36 AM, on 10/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Acer\LANScope Agent\awServ.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Acer\Empowering Technology\eLock\LockServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\LANScope Agent\awtray.exe
C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\TrojanHunter 5.0\THGuard.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\palmOne\Hotsync.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Brian\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Brian.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/ ... ch/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [AdminWorks Tray] "C:\Acer\LANScope Agent\awtray.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 5.0\THGuard.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Palm Desktop.lnk = C:\Program Files\palmOne\Palm.exe
O4 - Startup: palmOne Registration.lnk = C:\Program Files\palmOne\register.exe
O4 - Global Startup: HHC.bat
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6848821515
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\WINDOWS\msxml4.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Acer ODDSpeedControl - TODO: <????> - C:\Acer\Empowering Technology\eAcoustics\ODDSpeedCtl\speedcontrol.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AdminWorks Agent X6 (AWService) - OSA Technologies Inc., An Avocent Company - C:\Acer\LANScope Agent\awServ.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 9513 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 UBHelper - c:\windows\system32\drivers\ubhelper.sys
R1 OsaFsLoc - c:\windows\system32\drivers\osafsloc.sys <Not Verified; OSA Technologies; >
R2 eLock2BurnerLockDriver - c:\windows\system32\elock2burnerlockdriver.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R2 eLock2FSCTLDriver - c:\windows\system32\elock2fsctldriver.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
R2 int15 - c:\windows\system32\drivers\int15.sys
R2 osaio - c:\windows\system32\drivers\osaio.sys <Not Verified; OSA Technologies, An Avocent Company; Windows (R) 2000 DDK driver>
R2 osanbm - c:\windows\system32\drivers\osanbm.sys <Not Verified; Windows (R) 2000 DDK provider; OSA int15 Driver>
R2 tvicport - c:\windows\system32\drivers\tvicport.sys <Not Verified; EnTech Taiwan; TVicPort Generic Device Driver for Windows 95/98/ME/NT/2000/2003/XP/XP64>
R2 zntport - c:\windows\system32\drivers\zntport.sys <Not Verified; Zeal SoftStudio; NTPort Library>
R3 NTIDrvr (Upper Class Filter Driver) - c:\windows\system32\drivers\ntidrvr.sys <Not Verified; NewTech Infosystems, Inc.; >
R3 psdfilter - c:\windows\system32\drivers\psdfilter.sys <Not Verified; HiTRUST; >
R3 psdvdisk - c:\windows\system32\drivers\psdvdisk.sys <Not Verified; HiTRUST; >

S3 NdisFilt (OSA NdisFilter Protocol) - c:\windows\system32\drivers\ndisfilt.sys <Not Verified; OSA Technologies; >
S3 NETMNT (NetMonitor Protocol ) - c:\windows\system32\drivers\netmnt.sys
S3 ZDPSp50 (ZDPSp50 NDIS Protocol Driver) - c:\windows\system32\drivers\zdpsp50.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 AcerMemUsageCheckService (Memory Check Service) - c:\acer\empowering technology\eperformance\memcheck.exe <Not Verified; Acer Inc.; >
R2 AWService (AdminWorks Agent X6) - "c:\acer\lanscope agent\awserv.exe" <Not Verified; OSA Technologies Inc., An Avocent Company; AdminWorks>
R2 LockServ - c:\acer\empowering technology\elock\lockserv.exe -p

S3 Acer ODDSpeedControl - "c:\acer\empowering technology\eacoustics\oddspeedctl\speedcontrol.exe" <Not Verified; TODO: <????>; TODO: <????>>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Files created between 2007-09-17 and 2007-10-17 -----------------------------

2007-10-15 16:50:28 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-10-15 16:50:27 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-10-15 16:50:25 0 d-------- C:\WINDOWS\LastGood
2007-10-15 15:47:30 0 d-------- C:\Program Files\Trend Micro
2007-10-08 14:16:19 0 d-------- C:\Documents and Settings\Brian\Application Data\Snapfish
2007-10-08 14:16:17 1142 --a------ C:\WINDOWS\mozver.dat
2007-10-08 10:45:41 0 d-------- C:\Documents and Settings\Kathryn\Application Data\Macromedia
2007-09-30 11:33:01 0 d-------- C:\WINDOWS\BDOSCAN8
2007-09-30 11:19:42 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-09-29 16:26:48 0 d-------- C:\Documents and Settings\Brian\.housecall6.6
2007-09-28 20:32:07 0 d-------- C:\Documents and Settings\Brian\Application Data\TrojanHunter
2007-09-28 16:50:54 0 d-------- C:\Program Files\TrojanHunter 5.0
2007-09-28 10:41:19 0 d-------- C:\Documents and Settings\Kathryn\Application Data\Adobe
2007-09-28 10:23:35 0 d-------- C:\Program Files\a-squared Free
2007-09-28 09:49:09 0 d-------- C:\Program Files\Lavasoft
2007-09-28 09:49:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-09-28 09:47:15 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-09-27 21:08:54 0 d--h----- C:\WINDOWS\system32\GroupPolicy
2007-09-27 12:18:45 0 d-------- C:\Documents and Settings\Brian\Application Data\Help
2007-09-21 17:21:40 0 d-------- C:\Documents and Settings\Denise\Application Data\Adobe
2007-09-20 15:09:04 0 d-------- C:\Program Files\Dell Computer
2007-09-20 15:08:58 0 d-------- C:\Program Files\Jasc Software Inc


-- Find3M Report ---------------------------------------------------------------

2007-10-17 08:51:41 0 d-------- C:\Documents and Settings\Brian\Application Data\AVG7
2007-10-08 11:27:02 0 d-------- C:\Program Files\Java
2007-09-28 09:47:15 0 d-------- C:\Program Files\Common Files
2007-09-27 12:19:14 0 d-------- C:\Program Files\palmOne
2007-09-27 12:11:42 0 d-------- C:\Program Files\Visioneer OneTouch
2007-09-27 12:04:51 0 d-------- C:\Program Files\SpywareBlaster
2007-09-25 00:06:48 28 --a------ C:\WINDOWS\liccyval.dat
2007-09-12 17:23:24 0 d-------- C:\Documents and Settings\Brian\Application Data\Uniblue
2007-08-31 12:10:57 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-08-30 12:09:51 0 d-------- C:\Documents and Settings\Brian\Application Data\Leadertech
2007-08-17 14:25:16 0 d-------- C:\Documents and Settings\Brian\Application Data\Sun
2007-08-17 11:21:53 0 d-------- C:\Documents and Settings\Brian\Application Data\Arcsoft
2007-08-11 10:34:15 0 --a------ C:\WINDOWS\nsreg.dat
2007-08-08 14:44:21 32768 -----n--- C:\WINDOWS\system32\MWLPS.dll


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" []
"RTHDCPL"="RTHDCPL.EXE" [05/17/2006 06:27 PM C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [05/15/2006 10:04 PM C:\WINDOWS\SkyTel.exe]
"Alcmtr"="ALCMTR.EXE" [05/02/2005 10:43 PM C:\WINDOWS\Alcmtr.exe]
"ntiMUI"="c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [05/11/2005 08:15 PM]
"@"="" []
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [11/02/2004 11:24 PM]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [08/04/2004 01:00 AM]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [08/04/2004 01:00 AM]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [08/04/2004 01:00 AM]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [08/04/2004 01:00 AM]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [08/04/2004 01:00 AM]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [06/22/2006 05:41 PM]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [06/22/2006 05:44 PM]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [06/22/2006 05:40 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 01:11 AM]
"Acer Empowering Technology Monitor"="C:\WINDOWS\system32\SysMonitor.exe" [04/18/2006 10:54 PM]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [12/05/2006 09:34 PM]
"eLockMonitor"="C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe" [03/31/2006 01:14 PM]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe" [06/01/2006 05:40 PM]
"AdminWorks Tray"="C:\Acer\LANScope Agent\awtray.exe" [04/17/2006 08:38 PM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [09/26/2007 08:45 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 03:06 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [06/29/2007 06:24 AM]
"THGuard"="C:\Program Files\TrojanHunter 5.0\THGuard.exe" [09/09/2007 09:31 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 01:00 AM]
"updateMgr"="c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" []

C:\Documents and Settings\Brian\Start Menu\Programs\Startup\
Palm Desktop.lnk - C:\Program Files\palmOne\Palm.exe [1/5/2005 10:50:38 AM]
palmOne Registration.lnk - C:\Program Files\palmOne\register.exe [1/28/2005 2:24:12 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HHC.bat [8/16/2007 3:43:00 PM]
HotSync Manager.lnk - C:\Program Files\palmOne\Hotsync.exe [6/9/2004 2:16:08 PM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0b45bfb0-4a03-11dc-b6d2-001921a50198}]
AutoRun\command- J:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0b45bfb2-4a03-11dc-b6d2-001921a50198}]
AutoRun\command- J:\LaunchU3.exe -a




-- End of Deckard's System Scanner: finished at 2007-10-17 11:30:01 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Pentium(R) D CPU 2.80GHz
CPU 1: Intel(R) Pentium(R) D CPU 2.80GHz
Percentage of Memory in Use: 52%
Physical Memory (total/avail): 1014.42 MiB / 483.95 MiB
Pagefile Memory (total/avail): 2441.6 MiB / 2023.14 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1928.67 MiB

C: is Fixed (NTFS) - 71.58 GiB total, 44.69 GiB free.
D: is Fixed (NTFS) - 76.93 GiB total, 76.59 GiB free.
E: is CDROM (No Media)
J: is CDROM (No Media)
P: is Network (NTFS)
S: is Network (NTFS)

\\.\PHYSICALDRIVE0 - Hitachi HDS721616PLA380 - 153.38 GiB - 3 partitions
\PARTITION0 - Unknown - 4.88 GiB
\PARTITION1 (bootable) - Installable File System - 71.58 GiB - C:
\PARTITION2 - Installable File System - 76.93 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.

AV: AVG 7.5.488 v7.5.488 (GRISOFT)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Novell\\GroupWise\\grpwise.exe"="C:\\Novell\\GroupWise\\grpwise.exe:*:Enabled:GroupWise"
"C:\\Novell\\GroupWise\\notify.exe"="C:\\Novell\\GroupWise\\notify.exe:*:Enabled:GroupWise Notify"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Brian\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=THEBIGB
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Brian
LOGONSERVER=\\THEBIGB
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;;C:\PROGRA~1\COMMON~1\MUVEET~1\030625
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 6 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0604
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Brian\LOCALS~1\Temp
TMP=C:\DOCUME~1\Brian\LOCALS~1\Temp
USERDOMAIN=THEBIGB
USERNAME=Brian
USERPROFILE=C:\Documents and Settings\Brian
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI


-- User Profiles ---------------------------------------------------------------

Brian (admin)
Dave (new local)
Denise
Gary (new local)
Kathryn
Nathanael Tice
Volunteer
Paula (new local)
Staff
Administrator (admin)
Guest (guest)


-- Add/Remove Programs ---------------------------------------------------------

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
a-squared Free 3.0 --> "C:\Program Files\a-squared Free\unins000.exe"
Acer eAcoustics Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C7EC4EE3-ED7D-4DCD-86DC-29ACF0B122E9}\setup.exe" -l0x9 -removeonly
Acer eDataSecurity Management --> C:\Acer\Empowering Technology\eDataSecurity\eDStbmngr.exe UNINSTALL 1
Acer eDataSecurity Management 2.0.3084 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{4AD13F68-CADA-4C6B-9759-C33753F89908} /l1033
Acer eLock Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x9 -removeonly
Acer Empowering Technology --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x9 -removeonly
Acer ePerformance Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7057702F-6D71-4F30-8000-9E72BC771887}\setup.exe" -l0x9 -removeonly
Acer eSettings Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}\setup.exe" -l0x9 -removeonly
Acer LANScope Agent --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{4771B74C-003B-4E7B-A4A0-ABB7CA342C70}
Acer WLAN 11g USB Dongle --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{0CB98AC0-D691-4B21-AD3D-95982517021D} /l1033
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Apple Software Update --> MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
CampBrain 4.18 --> MsiExec.exe /I{0AE5C226-98DF-4539-BDE0-987AE826DDAB}
commercial --> MsiExec.exe /I{38C65D12-79E3-49C0-B211-DE3BE0A7AB39}
Corel WordPerfect Suite 8 --> C:\Corel\Suite8\AppMan\Setup\REMOVELAUNCHER.EXE
GroupWise --> C:\WINDOWS\IsUninst.exe -fC:\Novell\GroupWise\DeIsL1.isu -cC:\WINDOWS\system32\gwuninst.dll
GroupWise Internet Browser Mail Integration --> C:\Novell\GroupWise\gwmailto.exe /uninstall
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Intel(R) Graphics Media Accelerator Driver --> C:\WINDOWS\system32\igxpun.exe -uninstall
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Kaspersky Online Scanner --> C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{91110409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (2.0.0.6) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Firefox (2.0.0.7) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nexic Synchronis --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6463E69-9DAE-11D6-BD54-525400DB1D20}\setup.exe" -l0x9
NTI Backup NOW! 4 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{385979FE-DC4F-4140-8EAD-A59625000D72} /l1033 BUN4
NTI CD & DVD-Maker --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1033 CDM7
OCA Client history tool install --> "C:\WINDOWS\$UninstallOCA-X86Fre-ENU$\spuninst\spuninst.exe"
palmOne --> MsiExec.exe /X{FF8157AA-F640-45BD-B7C2-BAA1016B267A}
Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x9 -removeonly
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
Symantec KB-DocID:2003093015493306 --> MsiExec.exe /I{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}
TrojanHunter 5.0 --> "C:\Program Files\TrojanHunter 5.0\unins000.exe"
Windows Communication Foundation --> MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122 --> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows NT Messaging --> RunDll32 setupapi.dll,InstallHinfSection Uninstall 4 MSMail.inf
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation --> MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
XML Paper Specification Shared Components Pack 1.0 -->


-- Application Event Log -------------------------------------------------------

Event Record #/Type1011 / Warning
Event Submitted/Written: 10/15/2007 08:59:37 AM
Event ID/Source: 32068 / Microsoft Fax
Event Description:
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly.
Country/region code: '*'
Area code: '*'

Event Record #/Type1010 / Warning
Event Submitted/Written: 10/15/2007 08:59:37 AM
Event ID/Source: 32026 / Microsoft Fax
Event Description:
Fax Service failed to initialize any assigned fax devices (virtual or TAPI).
No faxes can be sent or received until a fax device is installed.

Event Record #/Type1004 / Warning
Event Submitted/Written: 10/10/2007 03:10:03 AM
Event ID/Source: 32068 / Microsoft Fax
Event Description:
The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly.
Country/region code: '*'
Area code: '*'

Event Record #/Type1003 / Warning
Event Submitted/Written: 10/10/2007 03:10:03 AM
Event ID/Source: 32026 / Microsoft Fax
Event Description:
Fax Service failed to initialize any assigned fax devices (virtual or TAPI).
No faxes can be sent or received until a fax device is installed.

Event Record #/Type994 / Error
Event Submitted/Written: 10/08/2007 03:41:22 PM
Event ID/Source: 1001 / Application Error
Event Description:
Fault bucket 94614955.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type4408 / Warning
Event Submitted/Written: 10/16/2007 02:07:08 PM
Event ID/Source: 20 / Print
Event Description:
Printer Driver HP LaserJet P2015 Series PCL 5e for Windows NT x86 Version-3 was added or updated. Files:- UNIDRV.DLL, UNIDRVUI.DLL, HPC20155.GPD, UNIDRV.HLP, hpzui43e.dll, hppdvq01.dll, hpz5r43e.dll, hpcdmc32.dll, hplj1xxx.exp, hpzsm43e.gpd, hpzst43e.dll, HPC2015W.HTML, HPC2015W.SWF, HPC2015W.XML, hpzev43e.dll, hpzhl43e.cab, UNIRES.DLL, STDNAMES.GPD, hpc20155.xml, hpc2015b.ini, hpzsc43e.dtd, hpzls43e.dll, hpzss43e.dll.

Event Record #/Type4405 / Warning
Event Submitted/Written: 10/15/2007 10:38:48 PM
Event ID/Source: 36 / W32Time
Event Description:
The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.

Event Record #/Type4399 / Warning
Event Submitted/Written: 10/15/2007 10:38:52 AM
Event ID/Source: 20 / Print
Event Description:
Printer Driver hp deskjet 3600 series for Windows NT x86 Version-3 was added or updated. Files:- hpz2ku09.dll, hpzpm309.dll, hpf2s009.dat, hpfmom09.hlp, hpzimc09.dll, hpzstw09.exe, hpzslk09.dll, hpzr3209.dll, hpzrm309.dll, hpzcon09.dll, hpzcfg09.exe, hpzeng09.exe, hpzime09.dll, hpzrer09.dll, hpzjui09.dll, hpzpre09.exe, hpzstc09.exe, hpztbi09.dll, hpztbu09.exe, hpztbx09.exe, hpzsnt09.dll, hpzcoi09.dll.

Event Record #/Type4398 / Warning
Event Submitted/Written: 10/15/2007 10:38:49 AM
Event ID/Source: 20 / Print
Event Description:
Printer Driver HP LaserJet P2015 Series PCL 5e for Windows NT x86 Version-3 was added or updated. Files:- UNIDRV.DLL, UNIDRVUI.DLL, HPC20155.GPD, UNIDRV.HLP, hpzui43e.dll, hppdvq01.dll, hpz5r43e.dll, hpcdmc32.dll, hplj1xxx.exp, hpzsm43e.gpd, hpzst43e.dll, HPC2015W.HTML, HPC2015W.SWF, HPC2015W.XML, hpzev43e.dll, hpzhl43e.cab, UNIRES.DLL, STDNAMES.GPD, hpc20155.xml, hpc2015b.ini, hpzsc43e.dtd, hpzls43e.dll, hpzss43e.dll.

Event Record #/Type4365 / Warning
Event Submitted/Written: 10/10/2007 07:11:16 AM
Event ID/Source: 20 / Print
Event Description:
Printer Driver Lexmark Z700-P700 Series for Windows NT x86 Version-3 was added or updated. Files:- LXBLDR5C.DLL, LXBLUI5C.DLL, LXBLUI5C.DLL, LXBLDRV.HLP, LXBLUN5C.EXE, LXBLUNRS.DLL, LXBLFC5C.DLL, LXBLICUR.DLL, LXBLCLR1.DLL, LXBLCLR2.DLL, LXBLCLR3.DLL, LXBLSTRN.DLL, LXBLLPA.HLP, LXBLNOTE.HLP, LXBLDRV.CNT, LXBLLPA.CNT, LXBLMA.CNT, CONTACT.HTM, LXBLJSWX.EXE, LXBLPSWX.EXE, LXBLJSW.DLL, LXBLJSWR.DLL, LXBLLPA.DLL, LXBLLPAR.DLL, LXBLPRP.DLL, LXBLPRPR.DLL, LXBLPSW.DLL, LXBLPSWR.DLL, LXBLUTIL.DLL, LXBLUPD.DLL, LXBLUPDR.DLL, LXBLPP5C.DLL, LEXEDF.DLL, lexgo.EXE, LXBLAUAL.OUT, LXBLMCAL.OUT, LXBLCAU.OUT, LXBLKAU.OUT, LXBLPHAU.OUT, LXBLCLN.OUT, LXBLCALN.OUT, LXBLKALN.OUT, LXBLALGN.OUT, LXBLPHCL.OUT, LXBLPHAL.OUT, lxblsply.htm, lxbllegl.htm, lxblsk0.dll, lxblsk1.dll, lxblsk2.dll, license.txt, lexwww.htm, ptzipw32.dll, WAVS.EXE, duplex1.prn, duplex2.prn, LXBLGF.DLL, lxblrme.doc, lxblweb.exe, HLP256.DLL, LEXBCE.DLL, LEXBCES.EXE, lexlmpm.dll, LEXPPS.EXE, LEXP2P32.DLL, LEX2KUSB.DLL, lxblcomm.dll, lxblw2k.ini, lexdrvin.exe, lxblver.web, lxblpwr.dll, LXBLPMNT.DLL, LXBLLCNT.DLL, LXBLLCNP.DLL, LXBLLSNT.EXE, LXBLIH.EXE, LXBL.LOC, LXBLCFG.EXE, LXBLCU.DLL, LXBLCUR.DLL, LEXPING.EXE, INSTMON.EXE, lxblvs.dll.



-- End of Deckard's System Scanner: finished at 2007-10-17 11:30:01 ------------

Thanks!
hhcdirector
Active Member
 
Posts: 6
Joined: October 2nd, 2007, 11:17 am

Unread postby random/random » October 17th, 2007, 1:17 pm

Are you still getting those warnings?

Also, do you recognize this program?

commercial --> MsiExec.exe /I{38C65D12-79E3-49C0-B211-DE3BE0A7AB39}
User avatar
random/random
Developer
Developer
 
Posts: 7733
Joined: December 18th, 2005, 3:30 pm

Unread postby hhcdirector » October 17th, 2007, 5:18 pm

Yes, I am still getting these warnings.
Sometimes it just says "K:\ is not accessible. Access is denied."
when I plug a usb drive in.

No, I do not recognize that program.
hhcdirector
Active Member
 
Posts: 6
Joined: October 2nd, 2007, 11:17 am

Unread postby random/random » October 19th, 2007, 2:06 pm

It appears your problem is related to the Acer LANScope Agent

As such, I suggest you do this:

Go to Start> Control Panel> Add or Remove Programs.

Remove the following programs, if they are present.

  • Acer LANScope Agent
  • commercial
  • Java(TM) 6 Update 2 <<This is an outdated version of Java


Please let me know if this solves your problem
User avatar
random/random
Developer
Developer
 
Posts: 7733
Joined: December 18th, 2005, 3:30 pm

That seemed to work!

Unread postby hhcdirector » October 19th, 2007, 10:58 pm

Thank You!

It worked. commercial and Java unistalled just fine.
AcerLanScopeAgent kept stalling during uninstall.
I started to notice that when I shut down or rebooted a notice would come up that Awtray would not close and it had to be closed by program manager.
I went into program manager, processes and ended awtray. Then tried the uninstall and it completed.
I rebooted and the drives and ports all work!
Thanks for all your time and assistance.
hhcdirector
Active Member
 
Posts: 6
Joined: October 2nd, 2007, 11:17 am

Unread postby random/random » October 20th, 2007, 12:56 pm

Glad we could be of assistance.

This topic is now closed. If you wish it
reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.


You can help support this site from this link :
Donations For Malware Removal

Do not bother contacting us if you are not the topic starter. A valid,
working link to the closed topic is required along with the user name used.
If the user name does not match the one in the thread linked, the email will be deleted.
User avatar
random/random
Developer
Developer
 
Posts: 7733
Joined: December 18th, 2005, 3:30 pm
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 499 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware