Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Moving ad on web mail page


  • This topic is locked This topic is locked
10 replies to this topic

#1 Majordaly

Majordaly

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:07 PM

Posted 10 January 2009 - 12:52 PM

Hey!

Need some help on an advertisement that is moving over my " go to mail" button. The page has advertisements on the Bellsouth web mail page. When I try to click on the "go to mail" button the ad in the next payne jumps over the button so i can't click on the button but can only click on the advertisement.

I have run Spybot, Adaware, Malwarebytes and run Norton Internet Security 2008. My HJT is posted below.

Thanks in advance for your help.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:43:47 PM, on 1/10/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Vince\Downloads\HiJackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [iolo Startup] "C:\Program Files\iolo\Common\Lib\iStartupStub.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} (Scanner.SysScanner) - http://i.dell.com/images/global/js/scanner/SysProExe.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\Windows\system32\CTsvcCDA.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 8541 bytes

BC AdBot (Login to Remove)

 


#2 Majordaly

Majordaly
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:07 PM

Posted 10 January 2009 - 03:29 PM

I did not do the ddt so here it is.


DDS (Ver_09-01-07.01) - NTFSx86
Run by Vince at 15:18:49.00 on Sat 01/10/2009
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3316.1887 [GMT -5:00]

AV: Norton Internet Security *On-access scanning enabled* (Updated)
FW: Norton Internet Security *enabled*

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\AERTSrv.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\Windows\system32\CTsvcCDA.exe
C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\iolo\System Mechanic 7\SMSystemAnalyzer.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Vince\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/ig?hl=en
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: NCO 2.0 IE BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\common files\symantec shared\coshared\browser\2.5\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar2.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\2.0.301.7164\swg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll
TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\common files\symantec shared\coshared\browser\2.5\CoIEPlg.dll
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [VolPanel] "c:\program files\creative\sbaudigy\volume panel\VolPanlu.exe" /r
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4\OpwareSE4.exe"
mRun: [WrtMon.exe] c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe
mRun: [IJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.EXE
mRun: [iolo Startup] "c:\program files\iolo\common\lib\iStartupStub.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\users\vince\appdata\roaming\micros~1\windows\startm~1\programs\startup\pictur~1.lnk - c:\program files\sony\sony picture utility\pmbcore\SPUVolumeWatcher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\apcups~1.lnk - c:\program files\apc\apc powerchute personal edition\Display.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL

============= SERVICES / DRIVERS ===============

R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\ipsdefs\20090102.001\IDSvix86.sys [2009-1-5 270384]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2008-10-2 99376]
R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2008-6-13 41008]
R4 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]
R4 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-5-2 161048]
R4 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-1-25 149352]
R4 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2008-7-24 12856]
R4 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2009-1-10 47640]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-1-12 23888]

=============== Created Last 30 ================

2009-01-10 13:07 <DIR> --d----- c:\programdata\LogMeIn
2009-01-10 13:07 <DIR> --d----- c:\progra~2\LogMeIn
2009-01-10 13:07 28,984 a------- c:\windows\system32\LMIport.dll
2009-01-10 13:07 83,288 a------- c:\windows\system32\LMIRfsClientNP.dll
2009-01-10 13:07 47,640 a------- c:\windows\system32\drivers\LMIRfsDriver.sys
2009-01-10 13:07 87,352 a------- c:\windows\system32\LMIinit.dll
2009-01-10 13:07 1,024 a------- C:\.rnd
2009-01-10 13:07 <DIR> --d----- c:\program files\LogMeIn
2009-01-10 13:02 410,984 a------- c:\windows\system32\deploytk.dll
2009-01-10 11:46 <DIR> --d----- c:\users\vince\appdata\roaming\Malwarebytes
2009-01-10 11:46 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-01-10 11:46 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-10 11:46 <DIR> --d----- c:\programdata\Malwarebytes
2009-01-10 11:46 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-01-10 11:46 <DIR> --d----- c:\progra~2\Malwarebytes

==================== Find3M ====================

2009-01-09 00:14 124,464 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2009-01-09 00:14 10,635 a------- c:\windows\system32\drivers\SYMEVENT.CAT
2009-01-09 00:14 806 a------- c:\windows\system32\drivers\SYMEVENT.INF
2009-01-08 00:30 2,326 a------- c:\users\vince\appdata\roaming\wklnhst.dat
2008-10-31 22:44 52,736 a------- c:\windows\apppatch\iebrshim.dll
2008-10-31 22:44 2,154,496 a------- c:\windows\apppatch\AcGenral.dll
2008-10-31 22:44 541,696 a------- c:\windows\apppatch\AcLayers.dll
2008-10-31 22:44 460,288 a------- c:\windows\apppatch\AcSpecfc.dll
2008-10-31 22:44 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2008-10-31 22:44 28,672 a------- c:\windows\system32\Apphlpdm.dll
2008-10-31 20:21 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2008-10-29 01:29 2,927,104 a------- c:\windows\explorer.exe
2008-10-21 22:57 241,152 a------- c:\windows\system32\PortableDeviceApi.dll
2008-10-21 20:22 2,048 a------- c:\windows\system32\tzres.dll
2008-10-21 00:25 296,960 a------- c:\windows\system32\gdi32.dll
2008-10-21 00:25 1,645,568 a------- c:\windows\system32\connect.dll
2008-10-16 20:35 10,040 a------- c:\windows\system32\lmimirr2.dll
2008-10-16 20:35 23,736 a------- c:\windows\system32\lmimirr.dll
2008-10-16 15:56 1,524,736 a------- c:\windows\system32\wucltux.dll
2008-10-16 15:55 83,456 a------- c:\windows\system32\wudriver.dll
2008-10-16 14:08 162,064 a------- c:\windows\system32\wuwebv.dll
2008-10-16 13:56 31,232 a------- c:\windows\system32\wuapp.exe
2008-10-15 23:47 827,392 a------- c:\windows\system32\wininet.dll
2008-10-04 11:21 51,200 a------- c:\windows\inf\infpub.dat
2008-10-04 11:21 143,360 a------- c:\windows\inf\infstrng.dat
2008-10-04 11:18 86,016 a------- c:\windows\inf\infstor.dat
2008-09-19 23:23 665,600 a------- c:\windows\inf\drvindex.dat
2008-01-20 21:43 174 a--sh--- c:\program files\desktop.ini
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 15:19:15.84 ===============

Attached Files



#3 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:03:07 AM

Posted 22 January 2009 - 04:54 PM

Hello Majordaly, and welcome to BleepingComputer

Is that the only webpage you have a problem with ?

Your logs look fine, so it may just be the ads are a part of that page, sporadically showing up.
In that case however, there should be a small, hardly visible X in the upper right corner, or the text 'Close' in small letters in the down right corner,
making it possible to close that ad.

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#4 Majordaly

Majordaly
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:07 PM

Posted 22 January 2009 - 09:44 PM

Hey Thunder!

There is no "x" on the ad. The pane for the ad is in the lower right corner. The "Go To Mail" button is in the middle of the page. If I move fast I can get to the button before the ad covers it. If I am not fast enough I click the ad and to to its location. The ad starts in the lower right corner then moves to cover the button.

I have a friend who had the same problem and he got some help here from a Grinler. I will upload what he gave me. I tried the flash thing but it did not fix the problem. He said his got fixed with something called a combofix? I don't know what to do with that.

If you have the time please take a look at it to see if my problem can be fixed.

Thanks,

Majordaly

Attached Files



#5 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:03:07 AM

Posted 23 January 2009 - 07:11 AM

OK, Majordaily,

That doesn't seem to be a supported ad. :thumbsup:

Let's run a full diagnostic :

Please read [url="http://"http://www.bleepingcomputer.com/combofix/how-to-use-combofix"]this tutorial[/url] carefully to download ComboFix from one of the locations specified, and save it to your Desktop.
Double click the ComboFix icon to run it.
If ComboFix askes you to install the Recovery Console, please do so..
The Windows Recovery Console will allow you to boot up into a special recovery mode, in case your computer has a problem after an attempted removal of malware. This allows us to help you.
Once the Recovery Console is installed, continue with the malware scan.

Note: Make sure not to click ComboFix's window while it's running. That may cause it to stall or freeze.

Please post the log from ComboFix (can also be found as C:\ComboFix.txt) in your next reply. :)

If you have any questions along the way, STOP and ask them before proceeding !!

Please post back with the ComboFix log.

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#6 Majordaly

Majordaly
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:07 PM

Posted 24 January 2009 - 11:45 AM

Hey THUNDER!!!

I ran combofix. Here is the log. I also attached it as an upload.


Many thanks o' learned one!

MajorDaly

ComboFix 09-01-21.04 - Vince 2009-01-24 11:28:03.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3316.2268 [GMT -5:00]
Running from: c:\users\Vince\Desktop\ComboFix.exe
AV: Norton Internet Security *On-access scanning disabled* (Updated)
FW: Norton Internet Security *enabled*
* Created a new restore point
.
ADS - Windows: deleted 24 bytes in 1 streams.

((((((((((((((((((((((((( Files Created from 2008-12-24 to 2009-01-24 )))))))))))))))))))))))))))))))
.

2009-01-13 15:10 . 2008-12-15 21:42 288,768 --a------ c:\windows\System32\drivers\srv.sys
2009-01-10 15:15 . 2006-11-02 05:23 <DIR> dr------- c:\users\LogMeInRemoteUser\Videos
2009-01-10 15:15 . 2006-11-02 05:23 <DIR> d-------- c:\users\LogMeInRemoteUser\Saved Games
2009-01-10 15:15 . 2006-11-02 05:23 <DIR> dr------- c:\users\LogMeInRemoteUser\Pictures
2009-01-10 15:15 . 2006-11-02 05:23 <DIR> dr------- c:\users\LogMeInRemoteUser\Music
2009-01-10 15:15 . 2006-11-02 05:23 <DIR> dr------- c:\users\LogMeInRemoteUser\Links
2009-01-10 15:15 . 2006-11-02 05:23 <DIR> dr------- c:\users\LogMeInRemoteUser\Downloads
2009-01-10 15:15 . 2009-01-10 15:15 <DIR> dr------- c:\users\LogMeInRemoteUser\Documents
2009-01-10 15:15 . 2006-11-02 06:18 <DIR> d--h----- c:\users\LogMeInRemoteUser\AppData
2009-01-10 15:15 . 2009-01-10 15:15 <DIR> d-------- c:\users\LogMeInRemoteUser
2009-01-10 13:07 . 2009-01-10 13:07 <DIR> d-------- c:\users\All Users\LogMeIn
2009-01-10 13:07 . 2009-01-10 13:07 <DIR> d-------- c:\programdata\LogMeIn
2009-01-10 13:07 . 2009-01-24 11:02 <DIR> d-------- c:\program files\LogMeIn
2009-01-10 13:07 . 2008-10-16 20:35 87,352 --a------ c:\windows\System32\LMIinit.dll
2009-01-10 13:07 . 2008-10-16 20:35 83,288 --a------ c:\windows\System32\LMIRfsClientNP.dll
2009-01-10 13:07 . 2008-07-24 18:46 47,640 --a------ c:\windows\System32\drivers\LMIRfsDriver.sys
2009-01-10 13:07 . 2008-10-16 20:35 28,984 --a------ c:\windows\System32\LMIport.dll
2009-01-10 13:07 . 2009-01-10 13:07 1,024 --a------ C:\.rnd
2009-01-10 13:02 . 2009-01-10 13:02 410,984 --a------ c:\windows\System32\deploytk.dll
2009-01-10 11:46 . 2009-01-10 11:46 <DIR> d-------- c:\users\Vince\AppData\Roaming\Malwarebytes
2009-01-10 11:46 . 2009-01-10 11:46 <DIR> d-------- c:\users\All Users\Malwarebytes
2009-01-10 11:46 . 2009-01-10 11:46 <DIR> d-------- c:\programdata\Malwarebytes
2009-01-10 11:46 . 2009-01-10 11:46 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-10 11:46 . 2009-01-04 18:39 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-01-10 11:46 . 2009-01-04 18:39 15,504 --a------ c:\windows\System32\drivers\mbam.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-24 16:10 --------- d-----w c:\program files\Google
2009-01-14 03:02 --------- d-----w c:\program files\Windows Mail
2009-01-10 18:02 --------- d-----w c:\program files\Java
2009-01-09 05:14 806 ----a-w c:\windows\system32\drivers\SYMEVENT.INF
2009-01-09 05:14 124,464 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS
2009-01-09 05:14 10,635 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT
2009-01-09 05:14 --------- d-----w c:\program files\Symantec
2009-01-08 05:30 2,326 ----a-w c:\users\Vince\AppData\Roaming\wklnhst.dat
2008-12-06 16:43 --------- d-----w c:\users\Vince\AppData\Roaming\Canon
2008-12-06 16:18 --------- d-----w c:\users\Carol\AppData\Roaming\Symantec
2008-12-06 16:18 --------- d-----w c:\users\Carol\AppData\Roaming\Dell
2008-12-06 16:17 --------- d-----w c:\users\Carol\AppData\Roaming\iolo
2008-11-24 06:17 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-11-24 06:16 --------- d-----w c:\programdata\Spybot - Search & Destroy
2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-01 03:44 28,672 ----a-w c:\windows\System32\Apphlpdm.dll
2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-11-01 01:21 4,240,384 ----a-w c:\windows\System32\GameUXLegacyGDFs.dll
2008-10-29 06:29 2,927,104 ----a-w c:\windows\explorer.exe
2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-19 68856]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-28 17920]
"VolPanel"="c:\program files\Creative\SBAudigy\Volume Panel\VolPanlu.exe" [2006-11-27 180224]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-19 29744]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-10-25 652624]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-09-13 1603152]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-06-13 73728]
"WrtMon.exe"="c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 20480]
"IJNetworkScanUtility"="c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-05-21 124512]
"iolo Startup"="c:\program files\iolo\Common\Lib\iStartupStub.exe" [2007-02-01 268904]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-10 136600]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-07-24 63048]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-17 c:\windows\RtHDVCpl.exe]

c:\users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-07-15 1226024]

c:\users\Vince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Picture Motion Browser Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2008-10-03 385024]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
APC UPS Status.lnk - c:\program files\APC\APC PowerChute Personal Edition\Display.exe [2008-10-04 221295]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-09-19 20:50 10536 c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=G

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HotKeysCmds"=c:\windows\system32\hkcmd.exe
"Persistence"=c:\windows\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\ipsdefs\20090120.002\IDSvix86.sys [2009-01-22 270384]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-10-02 99376]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\drivers\symndisv.sys [2008-06-13 41008]
R4 AERTFilters;Andrea RT Filters Service;c:\windows\System32\AERTSrv.exe [2007-12-05 77824]
R4 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-05-02 161048]
R4 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [2008-01-25 149352]
R4 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\System32\drivers\LMIRfsDriver.sys [2009-01-10 47640]
S3 COH_Mon;COH_Mon;c:\windows\System32\drivers\COH_Mon.sys [2008-01-12 23888]
S4 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [2008-07-24 12856]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - COMHOST

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58397b31-90e4-11dd-a944-00219b0a378d}]
\shell\AutoRun\command - H:\LaunchU3.exe -a
.
Contents of the 'Scheduled Tasks' folder

2009-01-20 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - Vince.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2008-02-07 09:05]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/ig?hl=en
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-24 11:29:40
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(2488)
c:\windows\system32\ieframe.dll
.
Completion time: 2009-01-24 11:31:24
ComboFix-quarantined-files.txt 2009-01-24 16:31:21
ComboFix2.txt 2008-10-03 15:55:34

Pre-Run: 608,351,887,360 bytes free
Post-Run: 608,335,089,664 bytes free

163 --- E O F --- 2009-01-14 03:02:19

Attached Files

  • Attached File  log.txt   10.66KB   4 downloads


#7 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:03:07 AM

Posted 24 January 2009 - 03:55 PM

Hello MajorDaly,

Open Notepad and copy and paste the bold, blue text below in it:
(don't forget to copy and paste REGEDIT4)REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=""

Save this as fix.reg Choose to save as "all files" and place it on your Desktop.
It should look like this: Posted Image
Doubleclick on it and when it asks you if you want to merge the contents to the registry, click Yes/OK.
(In case you are unsure how to create a reg file, take a look here with screenshots.)

Still having problems ?

Greetings,
Thunder

Edited by Thunder, 24 January 2009 - 07:41 PM.

Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#8 Majordaly

Majordaly
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:07 PM

Posted 24 January 2009 - 06:58 PM

:thumbsup:
Yea! THUNDER!!!

It worked. No more moving ad.

I did a direct regedit after you poointed out the problem.

What was the REGEDIT4 ? I could not see anything about it in the post. I could make the fix.reg OK.

Thanks,
MajorDaly

#9 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:03:07 AM

Posted 24 January 2009 - 07:50 PM

Hello MajorDaly,

I'll have to review recent changes in my canned speeches, REGEDIT4 had disappeared. :thumbsup:

You can remove all used tools and folders created in the process.
To remove ComboFix :
Go to Start > Run, and copy and paste next command in the field:ComboFix /u
Make sure there's a space between Combofix and /u
Then press Enter.
This will uninstall Combofix, delete its related folders and files, restore your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.

No more issues ?

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#10 Majordaly

Majordaly
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:07 PM

Posted 24 January 2009 - 10:06 PM

Everything is clean.

You should get $ from in-house-computer@comcast.net

thanx

#11 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:03:07 AM

Posted 25 January 2009 - 06:37 AM

Glad we could help, MajorDaly :thumbsup:

Please read this Prevention page with lots of info and tips how to prevent this in the future.
And if you want to improve speed/system performance after malware removal, take a look here.
Extra note: Make sure your programs are up to date - because older versions may contain Security Leaks.
To find out what programs need to be updated, please run the Secunia Software Inspector Scan.

Please also read Tony Klein's excellent article: How I got Infected in the First Place
and/or Grinlers tutorial on how malware is hidden and installed

Since this issue appears resolved ... this Topic is closed.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users