Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Not Sure What Malware I've Been Infected With


  • This topic is locked This topic is locked
4 replies to this topic

#1 iceey_blu

iceey_blu

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:03 AM

Posted 06 April 2008 - 04:55 PM

I've been infected with some sort of malware that causes popups to show up all the time, usually to online poker sites, dating sites or to antispyware program sites. I also consistently get the yellow triangle with the exclamation mark inside popup in my task bar, and the balloon that tells me i've been infected with spyware, and I should click the balloon to get rid of it. I also occasionally get a "System Security Warning" box pop up once in a while telling me I've been infected with "Abebot", but I think it's a fake warning from the malware on my computer. Also, whenever I start up my computer, the "welcome to add new hardware wizard" window would pop up, although I have no installed anything on my computer or even put in any sort of installation disc for a long time! I'm not sure if this is also the doing of the malware I've been infected with. Please help me get rid of it!

Here is the Main DSS Report:

Deckard's System Scanner v20071014.68
Run by Jenn on 2008-04-06 17:35:51
Computer is in Normal Mode.
--------------------------------------------------------------------------------

System Drive C: has 3.63 GiB (less than 15%) free.


-- HijackThis (run as Jenn.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:36:08 PM, on 4/6/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\PHAROS~1\Core\CTskMstr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\dllhost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\TheWeatherNetwork\WeatherEye\WeatherEye.exe
C:\WINDOWS\system32\fkpsrgjc.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\MostFun\Bin\MostFun.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Jenn\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Jenn.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\SiteAdv.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\SiteAdv.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SNM] C:\Program Files\SpyNoMore\SNM.exe /startup
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\TheWeatherNetwork\WeatherEye\WeatherEye.exe
O4 - HKCU\..\Run: [A00F2E479727.exe] C:\DOCUME~1\Jenn\LOCALS~1\Temp\_A00F2E479727.exe
O4 - HKCU\..\Run: [tcpyifsi] C:\WINDOWS\system32\fkpsrgjc.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - S-1-5-18 Startup: IEHOME.LNK = C:\Documents and Settings\Default User\Local Settings\Temp\iehome.bat (User 'SYSTEM')
O4 - .DEFAULT Startup: IEHOME.LNK = C:\Documents and Settings\Default User\Local Settings\Temp\iehome.bat (User 'Default user')
O4 - .DEFAULT User Startup: IEHOME.LNK = C:\Documents and Settings\Default User\Local Settings\Temp\iehome.bat (User 'Default user')
O4 - Startup: MostFun.lnk = C:\Program Files\MostFun\Bin\MostFun.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: ActiveGS.cab - http://www.virtualapple.org/activegs.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200610...ex/qtplugin.cab
O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} (NowStarter Control) - http://www.clubbox.co.kr/neo.fld/NowStarter.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...wlscbase370.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1162626903968
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1162844146125
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {E1AC9563-A1E3-45B8-A5CE-5C19E34EC6AC} (ComTop Class) - http://www.arirangtv.com/AlwaysTop.cab
O16 - DPF: {E9A7F56F-C40F-4928-8C6F-7A72F2A25222} (AxRUploadControl Object) - http://www.imagestation.com/common/classes....cab?v=1,0,0,38
O20 - Winlogon Notify: __c002D97A - C:\WINDOWS\system32\__c002D97A.dat
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: DVD-RAM_Service - Matsubleepa Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pharos Systems ComTaskMaster - Pharos Systems International - C:\PROGRA~1\PHAROS~1\Core\CTskMstr.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe

--
End of file - 15730 bytes

-- Files created between 2008-03-06 and 2008-04-06 -----------------------------

2008-04-05 00:24:07 0 d-------- C:\Program Files\Trend Micro
2008-04-04 22:54:05 1152 --a------ C:\WINDOWS\system32\windrv.sys
2008-04-04 22:52:29 0 d-------- C:\Program Files\Common Files\Download Manager
2008-04-04 22:18:41 0 d-------- C:\Program Files\SiteAdvisor
2008-04-04 22:18:33 0 d-------- C:\Documents and Settings\Jenn\Application Data\SiteAdvisor
2008-04-04 22:15:37 0 d-------- C:\Program Files\McAfee.com
2008-04-04 22:15:28 0 d-------- C:\Program Files\Common Files\McAfee
2008-04-04 22:15:15 0 d-------- C:\Program Files\McAfee
2008-04-04 22:05:36 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2008-04-04 22:03:14 0 d-------- C:\WINDOWS\system32\appmgmt
2008-04-04 19:57:47 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-04-04 19:57:40 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-04-04 19:57:40 0 d-------- C:\Documents and Settings\Jenn\Application Data\SUPERAntiSpyware.com
2008-04-04 18:37:28 0 d-------- C:\WINDOWS\ERUNT
2008-04-04 17:20:35 4348 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-04 01:37:00 0 d-------- C:\Documents and Settings\Jenn\Application Data\TmpRecentIcons
2008-04-04 00:44:22 0 d-------- C:\Program Files\Lavasoft
2008-04-04 00:44:21 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-04-04 00:43:45 0 d-------- C:\Program Files\Enigma Software Group
2008-04-04 00:34:21 0 d-------- C:\Program Files\Windows Live Safety Center
2008-04-03 21:20:31 4096 --a------ C:\WINDOWS\system32winlogonpc.exe
2008-04-03 21:20:30 4096 --a------ C:\WINDOWS\system32taack.exe
2008-04-03 21:20:30 4096 --a------ C:\WINDOWS\system32taack.dat
2008-04-03 21:20:30 4096 --a------ C:\WINDOWS\system32sncntr.exe
2008-04-03 21:20:30 4096 --a------ C:\WINDOWS\system32mwin32.exe
2008-04-03 21:20:30 4096 --a------ C:\WINDOWS\system32hoproxy.dll
2008-04-03 21:20:30 4096 --a------ C:\WINDOWS\a.bat
2008-04-03 21:20:29 4096 --a------ C:\WINDOWS\system32psoft1.exe
2008-04-03 21:20:29 4096 --a------ C:\WINDOWS\system32psof1.exe
2008-04-03 21:20:29 4096 --a------ C:\WINDOWS\system32ps1.exe
2008-04-03 21:20:29 4096 --a------ C:\WINDOWS\system32hxiwlgpm.exe
2008-04-03 21:20:29 4096 --a------ C:\WINDOWS\system32hxiwlgpm.dat
2008-04-03 21:20:29 4096 --a------ C:\WINDOWS\system32bsva-egihsg52.exe
2008-04-03 21:20:28 4096 --a------ C:\WINDOWS\system32ssurf022.dll
2008-04-03 21:20:28 0 d-------- C:\WINDOWS\system32smp
2008-04-03 21:20:28 4096 --a------ C:\WINDOWS\system32netode.exe
2008-04-03 21:20:28 4096 --a------ C:\WINDOWS\system32mtr2.exe
2008-04-03 21:20:28 4096 --a------ C:\WINDOWS\system32msnbho.dll
2008-04-03 21:20:28 4096 --a------ C:\WINDOWS\system32msgp.exe
2008-04-03 21:20:28 4096 --a------ C:\WINDOWS\system32medup020.dll
2008-04-03 21:20:28 4096 --a------ C:\WINDOWS\system32medup012.dll
2008-04-03 21:20:27 4096 --a------ C:\WINDOWS\system32temp#01.exe
2008-04-03 21:20:27 4096 --a------ C:\WINDOWS\system32h@tkeysh@@k.dll
2008-04-03 21:20:27 0 d-------- C:\Program Files\Inet Delivery
2008-04-03 21:20:26 4096 --a------ C:\WINDOWS\system32thun32.dll
2008-04-03 21:20:26 4096 --a------ C:\WINDOWS\system32thun.dll
2008-04-03 21:20:26 4096 --a------ C:\WINDOWS\system32ssvchost.exe
2008-04-03 21:20:26 4096 --a------ C:\WINDOWS\system32ssvchost.com
2008-04-03 21:20:26 4096 --a------ C:\WINDOWS\system32Rundl1.exe
2008-04-03 21:20:26 4096 --a------ C:\WINDOWS\system32regm64.dll
2008-04-03 21:20:26 4096 --a------ C:\WINDOWS\system32regc64.dll
2008-04-03 21:20:26 4096 --a------ C:\WINDOWS\system32msvchost.exe
2008-04-03 21:20:26 4096 --a------ C:\WINDOWS\system32dpcproxy.exe
2008-04-03 21:20:26 4096 --a------ C:\Documents and Settings\Jenn\DesktopFWebdEditor.exe
2008-04-03 21:20:26 4096 --a------ C:\Documents and Settings\Jenn\Desktopfwebd.exe
2008-04-03 21:20:26 4096 --a------ C:\Documents and Settings\Jenn\Desktopfilemanagerclient.exe
2008-04-03 21:20:25 4096 --a------ C:\WINDOWS\system32newsd32.exe
2008-04-03 21:20:25 4096 --a------ C:\WINDOWS\system32emesx.dll
2008-04-03 21:20:24 4096 --a------ C:\WINDOWS\winsystem.exe
2008-04-03 21:20:24 4096 --a------ C:\WINDOWS\system32WINWGPX.EXE
2008-04-03 21:20:24 4096 --a------ C:\WINDOWS\system32winsystem.exe
2008-04-03 21:20:24 4096 --a------ C:\WINDOWS\system32vcatchpi.dll
2008-04-03 21:20:24 4096 --a------ C:\WINDOWS\system32sysreq.exe
2008-04-03 21:20:24 4096 --a------ C:\WINDOWS\system32mssecu.exe
2008-04-03 21:20:24 4096 --a------ C:\WINDOWS\system32bdn.com
2008-04-03 21:20:24 4096 --a------ C:\WINDOWS\system32anticipator.dll
2008-04-03 21:20:24 4096 --a------ C:\WINDOWS\system32akttzn.exe
2008-04-03 21:20:24 4096 --a------ C:\WINDOWS\mssecu.exe
2008-04-03 21:20:24 4096 --a------ C:\WINDOWS\bdn.com
2008-04-03 21:20:23 4096 --a------ C:\WINDOWS\system32awtoolb.dll
2008-04-03 21:20:22 4096 --a------ C:\WINDOWS\system32vbsys2.dll
2008-04-03 21:19:36 0 d-------- C:\Documents and Settings\All Users\Application Data\hyjarszu
2008-04-03 21:19:35 110592 --a------ C:\WINDOWS\system32\fkpsrgjc.exe
2008-04-03 21:18:14 37376 --a------ C:\WINDOWS\system32\__c002D97A.dat
2008-03-06 23:23:43 0 d-------- C:\Documents and Settings\Jenn\Application Data\PlayFirst
2008-03-06 23:23:43 0 d-------- C:\Documents and Settings\All Users\Application Data\PlayFirst


-- Find3M Report ---------------------------------------------------------------

2008-04-06 14:41:40 0 d-------- C:\Program Files\Symantec AntiVirus
2008-04-04 22:52:29 0 d-------- C:\Program Files\Common Files
2008-04-04 19:45:39 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-03-08 22:35:19 0 d-------- C:\Program Files\Shockwave.com
2008-03-04 01:21:35 0 d-------- C:\Program Files\Runtime Software
2008-02-28 06:58:00 1536000 -ra------ C:\WINDOWS\system32\clubbox.exe <Not Verified; Nowcom, Co. LTD.; CLUBBOX File Transfer Manager V2>
2008-02-28 06:57:44 155648 -ra------ C:\WINDOWS\system32\downengine.dll <Not Verified; (?)???; ClubBox>
2008-02-25 12:24:40 159744 -ra------ C:\WINDOWS\system32\fscagent.exe <Not Verified; Nowcom Co., Ltd.; FSCAgent>
2008-02-23 13:42:20 0 d-------- C:\Program Files\Common Files\NSV
2008-02-23 13:42:08 0 d-------- C:\Documents and Settings\Jenn\Application Data\Winamp
2008-02-23 13:40:09 0 d-------- C:\Program Files\Winamp
2008-02-22 23:59:16 0 d-------- C:\Documents and Settings\Jenn\Application Data\Media Player Classic
2008-02-04 02:39:53 11264 --a------ C:\WINDOWS\system32\PSSE84B1.DLL <Not Verified; Pharos Systems International; PHAROS>
2008-02-04 02:39:53 11264 --a------ C:\WINDOWS\system32\PSSE84B0.DLL <Not Verified; Pharos Systems International; PHAROS>
2008-02-04 02:39:53 11264 --a------ C:\WINDOWS\system32\PSSE84AF.DLL <Not Verified; Pharos Systems International; PHAROS>
2008-02-04 02:39:53 11264 --a------ C:\WINDOWS\system32\PSSE84AE.DLL <Not Verified; Pharos Systems International; PHAROS>
2008-02-04 02:39:53 11264 --a------ C:\WINDOWS\system32\PSSE84AD.DLL <Not Verified; Pharos Systems International; PHAROS>
2008-02-04 02:39:53 11264 --a------ C:\WINDOWS\system32\PSSE84AC.DLL <Not Verified; Pharos Systems International; PHAROS>
2008-02-04 02:39:53 11264 --a------ C:\WINDOWS\system32\PSSE84AB.DLL <Not Verified; Pharos Systems International; PHAROS>
2008-02-04 02:39:53 11264 --a------ C:\WINDOWS\system32\PSSE84AA.DLL <Not Verified; Pharos Systems International; PHAROS>
2008-02-04 02:39:53 11264 --a------ C:\WINDOWS\system32\PSSE84A9.DLL <Not Verified; Pharos Systems International; PHAROS>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [08/05/2005 05:56 PM]
"RTHDCPL"="RTHDCPL.EXE" [05/04/2006 06:59 PM C:\WINDOWS\RTHDCPL.exe]
"Alcmtr"="ALCMTR.EXE" [05/03/2005 09:43 PM C:\WINDOWS\Alcmtr.exe]
"AGRSMMSG"="AGRSMMSG.exe" [12/12/2005 07:50 PM C:\WINDOWS\agrsmmsg.exe]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [10/06/2005 09:20 AM]
"SmoothView"="C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [04/26/2005 08:13 PM]
"Tvs"="C:\Program Files\Toshiba\Tvs\TvsTray.exe" [02/02/2006 04:11 PM]
"THotkey"="C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe" [08/25/2006 05:47 PM]
"LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [08/17/2004 03:37 PM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [03/02/2006 04:02 AM]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [08/02/2006 01:38 AM]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [08/02/2006 01:32 AM]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [03/23/2006 12:17 AM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [03/23/2006 12:13 AM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [03/23/2006 12:17 AM]
"TPSMain"="TPSMain.exe" [05/31/2005 10:00 PM C:\WINDOWS\system32\TPSMain.exe]
"ClubBox"="" []
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [08/10/2004 08:00 AM]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [08/10/2004 08:00 AM]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [08/10/2004 08:00 AM]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [08/10/2004 08:00 AM]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [08/10/2004 08:00 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [11/11/2006 07:19 PM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [07/19/2006 07:26 PM]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [09/27/2006 08:33 PM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 08:51 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 02:11 AM]
"SNM"="C:\Program Files\SpyNoMore\SNM.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [12/30/2004 04:32 AM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/10/2004 08:00 AM]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [01/19/2007 12:54 PM]
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" [11/29/2006 11:50 PM]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [10/24/2006 05:10 PM]
"WeatherEye"="C:\Program Files\TheWeatherNetwork\WeatherEye\WeatherEye.exe" [09/26/2007 02:14 PM]
"A00F2E479727.exe"="C:\DOCUME~1\Jenn\LOCALS~1\Temp\_A00F2E479727.exe" []
"tcpyifsi"="C:\WINDOWS\system32\fkpsrgjc.exe" [04/03/2008 09:19 PM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe

C:\Documents and Settings\Jenn\Start Menu\Programs\Startup\
MostFun.lnk - C:\Program Files\MostFun\Bin\MostFun.exe [8/28/2007 5:47:20 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2/18/1999 12:05:56 AM]
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [1/29/2006 8:57:47 PM]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [11/4/2006 5:07:24 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\__c002D97A]
C:\WINDOWS\system32\__c002D97A.dat 04/06/2008 02:49 PM 37376 C:\WINDOWS\system32\__c002D97A.dat

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""




-- End of Deckard's System Scanner: finished at 2008-04-06 17:36:43 ------------


This is the extra report:

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Genuine Intel® CPU T2050 @ 1.60GHz
CPU 1: Genuine Intel® CPU T2050 @ 1.60GHz
Percentage of Memory in Use: 71%
Physical Memory (total/avail): 1013.98 MiB / 288.48 MiB
Pagefile Memory (total/avail): 2442.38 MiB / 1624.25 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1912.22 MiB

C: is Fixed (NTFS) - 82.91 GiB total, 3.84 GiB free.
D: is Fixed (NTFS) - 10 GiB total, 1.06 GiB free.
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - HTS541010G9SA00 - 93.16 GiB - 3 partitions
\PARTITION0 (bootable) - Installable File System - 82.91 GiB - C:
\PARTITION1 - Installable File System - 10 GiB - D:
\PARTITION2 - Unknown - 251.02 MiB



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.

FW: Norton Internet Worm Protection v2006 (Symantec) Disabled
FW: McAfee Personal Firewall v (McAfee)
AV: McAfee VirusScan v (McAfee)
AV: Symantec AntiVirus Corporate Edition v10.1.5.5000 (Symantec Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Pharos\\bin\\PSNotify.exe"="C:\\Program Files\\Pharos\\bin\\PSNotify.exe:*:Enabled:Pharos Notify Client "
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\PharosSystems\\Core\\CTskMstr.exe"="C:\\Program Files\\PharosSystems\\Core\\CTskMstr.exe:*:Enabled:Pharos Com Task Master "

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\WINDOWS\\system32\\FSCAgent.exe"="C:\\WINDOWS\\system32\\FSCAgent.exe:*:Enabled:???? ???? ??"
"C:\\WINDOWS\\system32\\ClubBox.exe"="C:\\WINDOWS\\system32\\ClubBox.exe:*:Enabled:瀣反国胶 驿囡帱见 包府帔"
"C:\\WINDOWS\\system32\\grdmgr.exe"="C:\\WINDOWS\\system32\\grdmgr.exe:*:Enabled:CDN ???? ??"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Pharos\\bin\\PSNotify.exe"="C:\\Program Files\\Pharos\\bin\\PSNotify.exe:*:Enabled:Pharos Notify Client "
"C:\\WINDOWS\\DownUpdater.exe"="C:\\WINDOWS\\DownUpdater.exe:*:Enabled:努反冠胶 诀单捞磐"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\MostFun\\Bin\\MostFun.exe"="C:\\Program Files\\MostFun\\Bin\\MostFun.exe:*:Enabled:MostFun"
"C:\\Program Files\\PharosSystems\\Core\\CTskMstr.exe"="C:\\Program Files\\PharosSystems\\Core\\CTskMstr.exe:*:Enabled:Pharos Com Task Master "
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"="C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe:*:Enabled:McAfee Network Agent"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Jenn\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=DANIEL
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Jenn
LOGONSERVER=\\DANIEL
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\PharosSystems\OutputManagement;C:\Program Files\PharosSystems\Core
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0e08
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Jenn\LOCALS~1\Temp
TMP=C:\DOCUME~1\Jenn\LOCALS~1\Temp
USERDOMAIN=DANIEL
USERNAME=Jenn
USERPROFILE=C:\Documents and Settings\Jenn
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Jenn (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> C:\WINDOWS\WEBDELC.EXE -[WebCam Control
--> C:\WINDOWS\WEBDELC.EXE -[WebCam Monitor
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
AC3Filter (remove only) --> C:\Program Files\AC3Filter\uninstall.exe
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81100000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
BitTorrent 5.0.2 --> "C:\Program Files\BitTorrent\uninstall.exe"
Bluetooth Stack for Windows by Toshiba --> MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
CD/DVD Drive Acoustic Silencer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\SETUP.EXE" -l0x9
Clubbox 颇老傈价包府磊 --> C:\WINDOWS\system32\ClubboxUninstall.exe
Combined Community Codec Pack 2007-07-22 --> "C:\Program Files\Combined Community Codec Pack\unins000.exe"
Creative Manual --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4B82E31D-3D73-11D5-BFC1-B5E8E91BBA12}\SETUP.EXE"
Creative WebCam Control --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\WebCam Control\DeIsL1.isu"
Creative WebCam Monitor --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\WebCam Monitor\DeIsL1.isu"
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD-RAM Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}\setup.exe" -l0x9 DVD-RAM Driver
ffdshow (remove only) --> "C:\Program Files\ffdshow\uninstall.exe"
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Ink Components --> "C:\Documents and Settings\All Users\Application Data\{02C45027-B817-41FE-A000-2799C43CEF41}\TabletComponents.exe" REMOVE=TRUE MODIFY=FALSE
Intel® Graphics Media Accelerator Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
Intel® PRO Network Connections Drivers --> Prounstl.exe
Intel® PROSet/Wireless Software --> C:\WINDOWS\Installer\iProInst.exe
InterVideo WinDVD Creator 2 --> "C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
InterVideo WinDVD for TOSHIBA --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java™ 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
LiveUpdate 3.1 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe
mCore --> MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDrWiFi --> MsiExec.exe /I{90CC4231-94AC-45CD-991A-0253BFAC0650}
Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
mHelp --> MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office 2000 Premium --> MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
Microsoft Office OneNote 2003 --> MsiExec.exe /I{91A10409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
mIWA --> MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView --> MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse --> MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
MostFun Game Player --> MsiExec.exe /I{2BD2069A-A865-432A-86B8-1151BB0526CC}
Move Networks Media Player for Internet Explorer --> C:\Documents and Settings\Jenn\Application Data\Move Networks\ie_bin\Uninst.exe
mPfMgr --> MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz --> MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe --> MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
mWlsSafe --> MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML --> MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
mZConfig --> MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
NJWIN - NJStar CJK Viewer --> C:\Program Files\NJStar CJK Viewer\uninst.exe
Pharos --> C:\PROGRA~1\Pharos\bin\Local.EXE
Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe"
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.exe" -l0x9 -removeonly
SD Secure Module --> MsiExec.exe /X{C45F4811-31D5-4786-801D-F79CD06EDD85}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic Encoders --> MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
SpyNoMore 2.67 --> C:\Program Files\SpyNoMore\uninst.exe
Symantec AntiVirus --> MsiExec.exe /I{33CFCF98-F8D6-4549-B469-6F4295676D83}
Symantec KB-DocID:2003093015493306 --> MsiExec.exe /I{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TOSHIBA Assist --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\SETUP.EXE" -l0x9
TOSHIBA ConfigFree --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\Setup.exe" -l0x9 UNINSTALL
TOSHIBA Controls --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\setup.exe" -l0x9 UNINSTALL
TOSHIBA Hotkey Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64DD71BC-3109-4C88-9AD3-D5422644B722}\setup.exe" -l0x9
TOSHIBA PC Diagnostic Tool --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{2C38F661-26B7-445D-B87D-B53FE2D3BD42} /l1033
TOSHIBA Power Saver --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\system32\TPSDel.dll"
TOSHIBA SD Memory Card Format --> MsiExec.exe /X{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}
TOSHIBA Software Modem --> Tosmreg -U
TOSHIBA Speech System Applications --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}\Setup.exe" -l0x9
TOSHIBA Speech System SR Engine(U.S.) Version1.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{008D69EB-70FF-46AB-9C75-924620DF191A}\Setup.exe" -l0x9 UNINSTALL
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}\Setup.exe" -l0x9
Toshiba Tbiosdrv Driver --> C:\PROGRA~1\Toshiba\TO3438~1\UNWISE.EXE C:\PROGRA~1\Toshiba\TO3438~1\INSTALL.LOG
TOSHIBA TouchPad ON/Off Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{69BE47C2-36FE-4397-8199-85D8EAE69982}\setup.exe" -l0x9
TOSHIBA Utilities --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}\setup.exe" -l0x9
TOSHIBA Virtual Sound --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B12BA86-ADAC-4BA6-B441-FFC591087252}\SETUP.EXE" /uninstall
TOSHIBA Zooming Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64212898-097F-4F3F-AECA-6D34A7EF82DF}\SETUP.EXE"
Update Rollup 2 for Windows XP Media Center Edition 2005 --> C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
VideoLAN VLC media player 0.8.6a --> C:\Program Files\VideoLAN\VLC\uninstall.exe
VobSub v2.23 (Remove Only) --> "C:\Program Files\Gabest\VobSub\uninstall.exe"
WeatherEye --> "C:\Program Files\TheWeatherNetwork\WeatherEye\MMTWNLiveUpdate.exe" /language ENGLISH /uninstall HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\WeatherEye,HKEY_CURRENT_USER\Software\MMTWN\WeatherEye
WebCam PhotoEditor --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\WebCam PhotoEditor\WEBCAMPE.isu"
Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Communication Foundation --> MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Messenger --> MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Live Sign-in Assistant --> MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Workflow Foundation --> MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
Windows XP Media Center Edition 2005 KB888316 --> C:\WINDOWS\$NtUninstallKB888316$\spuninst\spuninst.exe
Windows XP Media Center Edition 2005 KB894553 --> C:\WINDOWS\$NtUninstallKB894553$\spuninst\spuninst.exe
Windows XP Media Center Edition 2005 KB895678 --> C:\WINDOWS\$NtUninstallKB895678$\spuninst\spuninst.exe
Windows XP Media Center Edition 2005 KB925766 --> "C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
XML Paper Specification Shared Components Pack 1.0 -->
Xvid 1.1.3 final uninstall --> "C:\Program Files\Xvid\unins000.exe"
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG


-- Application Event Log -------------------------------------------------------

Event Record #/Type20735 / Success
Event Submitted/Written: 04/04/2008 10:50:48 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type20679 / Success
Event Submitted/Written: 04/04/2008 10:01:40 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type20633 / Success
Event Submitted/Written: 04/04/2008 08:43:30 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type20605 / Error
Event Submitted/Written: 04/04/2008 07:24:24 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.16608, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [iexplore.exe!ws!]

Event Record #/Type20601 / Success
Event Submitted/Written: 04/04/2008 07:12:21 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type49475 / Warning
Event Submitted/Written: 04/04/2008 11:36:16 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type49471 / Warning
Event Submitted/Written: 04/04/2008 11:06:03 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type49465 / Warning
Event Submitted/Written: 04/04/2008 10:50:13 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type49449 / Error
Event Submitted/Written: 04/04/2008 10:47:17 PM
Event ID/Source: 10010 / DCOM
Event Description:
The server {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493} did not register with DCOM within the required timeout.

Event Record #/Type49443 / Error
Event Submitted/Written: 04/04/2008 10:47:07 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
SASKUTIL



-- End of Deckard's System Scanner: finished at 2008-04-05 00:27:09 ------------

I thought I might have been infected with Vundo and I've tried VundoFix but after running it, it says I don't have it. I have also tried running SDFix but it did not remove the malware. Please tell me how I can remove whatever I have! Thanks!

BC AdBot (Login to Remove)

 


#2 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:12:03 PM

Posted 13 April 2008 - 09:02 AM

Hi,

* Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply along with a fresh HijackThis log.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 iceey_blu

iceey_blu
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:03 AM

Posted 15 April 2008 - 10:08 AM

Hey. Thanks for the advice on removing the malware!

However after I ran the program and cleaned it and t hen restarted, there appears to be a problem with my IE7!! Whenever I open a window, it would freeze up immediately, before any pages can even be loaded! I would try to close it and I get that it's "Not Responding". So far this appears to be the only problem I'm having after running the program.

Also, whenever I turn on my computer, a "Add New Hardware Wizard" appears saying they found some mass storage device on my computer, altho I have not put anything of that sort on it recently. Could this be caused by some malware that was not removed?

Could this be cause by running Malwarebytes, or perhaps something I need was removed? I will try to get my logs posted ASAP (as I am on a different computer at the moment)

#4 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:12:03 PM

Posted 15 April 2008 - 10:23 AM

Well, one of the big mistakes you made previously is the fact that you have two Antivirus installed. McAfee and Norton/Symantec Antivirus... and that may explain the issues with IE7 - including the malware you are dealing with.

Anyway, we'll see what the logs show afterwards.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#5 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:12:03 PM

Posted 22 April 2008 - 06:27 AM

Due to the lack of feedback, this Topic is closed.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users