Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Box #2 trojan infection


  • Please log in to reply
11 replies to this topic

#1 COW8OY

COW8OY

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 18 January 2009 - 08:14 PM

Cannot seem to get it completely clean with Trend Micro. BSOD's on occasion, dunno if related. TY

DDS LOG


DDS (Ver_09-01-18.01) - NTFSx86
Run by Lee at 17:06:44.29 on Sun 01/18/2009
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.3071.2353 [GMT -8:00]

AV: Trend Micro Internet Security *On-access scanning enabled* (Outdated)
FW: Trend Micro Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\PROGRA~1\TRENDM~1\INTERN~4\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\update\update.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Lee\Desktop\dds.scr
c:\windows\$hf_mig$\KB951066\update\update.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
EB: &Yahoo! Messenger: {4528bbe0-4e08-11d5-ad55-00010333d0ad} - c:\progra~1\yahoo!\common\yhexbmesus.dll
uRun: [NVIDIA nTune] "c:\program files\nvidia corporation\ntune\nTuneCmd.exe" clear
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs"
uRunOnce: [TSClientAXDisabler] cmd.exe /C "%systemroot%\Installer\TSClientMsiTrans\tscdsbl.bat"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [SBDrvDet] c:\program files\creative\sb drive det\SBDrvDet.exe /r
mRun: [pccguide.exe] c:\progra~1\trendm~1\intern~2\pccguide.exe
mRun: [UfSeAgnt.exe] "c:\program files\trend micro\internet security\UfSeAgnt.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
dRunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy'
dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe
mExplorerRun: [wininet.dll]
uPolicies-explorer: NoActiveDesktop = 2 (0x2)
uPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
uPolicies-system: Wallpaper = 2|
IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm
IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\yahoo!\Common/ycsms.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: assassinsofwar.com
Trusted Zone: filefront.com\www
Trusted Zone: foxsports.com\msn
Trusted Zone: foxsports.com\s
Trusted Zone: hotmail.com
Trusted Zone: live.com
Trusted Zone: live.com\login
Trusted Zone: live.com\mail
Trusted Zone: msn.com
Trusted Zone: nascar.com\*.fantasy
Trusted Zone: nascar.com\www
Trusted Zone: passport.com
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R3 amdtools;AMD Special Tools Driver;c:\windows\system32\drivers\AmdTools.sys [2007-6-19 29696]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [2007-12-16 333328]
R3 TmPfw;Trend Micro Personal Firewall;c:\progra~1\trendm~1\intern~4\TmPfw.exe [2008-4-7 488768]
R3 tmproxy;Trend Micro Proxy Service;c:\program files\trend micro\internet security\TmProxy.exe [2008-4-7 648456]
R4 LANPkt;Realtek LANPkt Protocol;c:\windows\system32\drivers\LANPkt.sys [2003-9-17 8440]
R4 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2008-4-7 52240]
R4 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2007-12-16 36368]
S3 ALSysIO;ALSysIO;\??\c:\docume~1\lee\locals~1\temp\alsysio.sys --> c:\docume~1\lee\locals~1\temp\ALSysIO.sys [?]
S3 Diag69xp;Diag69xp;c:\windows\system32\drivers\diag69xp.sys [2003-8-15 11237]
S3 filter;filter;c:\windows\system32\drivers\filter.sys [2004-7-4 8832]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2008-3-23 17792]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2008-3-23 7680]
S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [2008-3-23 21504]
S3 TMPassthruMP;TMPassthruMP;c:\windows\system32\drivers\tmpassthru.sys --> c:\windows\system32\drivers\TMPassthru.sys [?]
S4 spupdsvc;Windows Service Pack Installer update service;c:\windows\system32\spupdsvc.exe [2006-3-9 26488]

=============== Created Last 30 ================

2009-01-18 17:06 2,763 a------- c:\windows\system32\spupdsvc.inf
2009-01-18 17:04 <DIR> --d----- c:\program files\Messenger
2009-01-18 17:03 <DIR> --d----- c:\windows\system32\scripting
2009-01-18 17:03 <DIR> --d----- c:\windows\l2schemas
2009-01-18 17:03 <DIR> --d----- c:\windows\system32\en
2009-01-18 17:03 <DIR> --d----- c:\windows\system32\bits
2009-01-18 17:01 <DIR> --d----- c:\windows\ServicePackFiles
2009-01-18 16:58 <DIR> --d----- c:\windows\EHome
2009-01-18 16:49 285,184 a------- c:\windows\system32\SET37C.tmp
2009-01-18 16:21 250 a------- c:\windows\gmer.ini
2009-01-18 16:02 <DIR> --d----- c:\docume~1\lee\applic~1\Malwarebytes
2009-01-18 16:02 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-01-18 16:02 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-18 16:02 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-01-18 16:02 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes

==================== Find3M ====================

2009-01-18 17:05 76,487 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-01-18 12:09 137,688 ac------ c:\windows\system32\drivers\PnkBstrK.sys
2009-01-18 12:09 202,040 a------- c:\windows\system32\PnkBstrB.exe
2008-12-02 10:13 453,152 ac------ c:\windows\system32\NVUNINST.EXE
2008-11-26 17:42 205,328 ac------ c:\windows\system32\drivers\tmxpflt.sys
2008-11-26 17:42 36,368 ac------ c:\windows\system32\drivers\tmpreflt.sys
2008-11-26 17:39 1,195,384 ac------ c:\windows\system32\drivers\vsapint.sys
2008-11-24 20:11 2,291,285 a------- c:\program files\RivaTuner220.exe
2008-11-20 16:36 22,328 ac------ c:\docume~1\lee\applic~1\PnkBstrK.sys
2008-11-20 16:35 682,280 a------- c:\windows\system32\pbsvc.exe
2008-11-20 16:35 66,872 a------- c:\windows\system32\PnkBstrA.exe
2008-10-23 05:01 283,648 -------- c:\windows\system32\gdi32.dll
2008-03-23 11:39 92,064 ac------ c:\documents and settings\lee\mqdmmdm.sys
2008-03-23 11:39 79,328 ac------ c:\documents and settings\lee\mqdmserd.sys
2008-03-23 11:39 66,656 ac------ c:\documents and settings\lee\mqdmbus.sys
2008-03-23 11:39 25,600 ac------ c:\documents and settings\lee\usbsermptxp.sys
2008-03-23 11:39 22,768 ac------ c:\documents and settings\lee\usbsermpt.sys
2008-03-23 11:39 9,232 ac------ c:\documents and settings\lee\mqdmmdfl.sys
2008-03-23 11:39 6,208 ac------ c:\documents and settings\lee\mqdmcmnt.sys
2008-03-23 11:39 5,936 ac------ c:\documents and settings\lee\mqdmwhnt.sys
2008-03-23 11:39 4,048 ac------ c:\documents and settings\lee\mqdmcr.sys
2007-03-15 16:12 1 ac------ c:\documents and settings\lee\SI.bin
2007-02-21 19:53 1,976 ac------ c:\program files\current.spg
2006-03-19 16:59 457 ac------ c:\program files\INSTALL.LOG

============= FINISH: 17:06:57.65 ===============

Attached Files


"The only thing necessary for the the triumph of evil is for good men to do nothing."
-Edmund Burke (1729-1797)

BC AdBot (Login to Remove)

 


#2 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:11:29 PM

Posted 30 January 2009 - 07:52 AM

Hello COW8OY

Welcome to BleepingComputer :thumbup2:
========================
Please post a new dds log and let me know of any issues you are still experiencing.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#3 COW8OY

COW8OY
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 30 January 2009 - 07:40 PM

Ok, heres new logs


DDS (Ver_09-01-18.01) - NTFSx86
Run by Lee at 16:17:31.39 on Fri 01/30/2009
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3071.2622 [GMT -8:00]

AV: Trend Micro Internet Security *On-access scanning enabled* (Updated)
FW: Trend Micro Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\PROGRA~1\TRENDM~1\INTERN~4\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Documents and Settings\Lee\Desktop\Games\Core Temp.exe
C:\Documents and Settings\Lee\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
EB: &Yahoo! Messenger: {4528bbe0-4e08-11d5-ad55-00010333d0ad} - c:\progra~1\yahoo!\common\yhexbmesus.dll
uRun: [NVIDIA nTune] "c:\program files\nvidia corporation\ntune\nTuneCmd.exe" clear
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [pccguide.exe] c:\progra~1\trendm~1\intern~2\pccguide.exe
mRun: [nwiz] nwiz.exe /install
mRun: [UfSeAgnt.exe] "c:\program files\trend micro\internet security\UfSeAgnt.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
dRunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy'
dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe
mExplorerRun: [wininet.dll]
uPolicies-explorer: NoActiveDesktop = 2 (0x2)
uPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
uPolicies-system: Wallpaper = 2|
IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm
IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\yahoo!\Common/ycsms.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: assassinsofwar.com
Trusted Zone: filefront.com\www
Trusted Zone: foxsports.com\msn
Trusted Zone: foxsports.com\s
Trusted Zone: hotmail.com
Trusted Zone: live.com
Trusted Zone: live.com\login
Trusted Zone: live.com\mail
Trusted Zone: msn.com
Trusted Zone: nascar.com\*.fantasy
Trusted Zone: nascar.com\www
Trusted Zone: passport.com
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R3 ALSysIO;ALSysIO;\??\c:\docume~1\lee\locals~1\temp\alsysio.sys --> c:\docume~1\lee\locals~1\temp\ALSysIO.sys [?]
R3 amdtools;AMD Special Tools Driver;c:\windows\system32\drivers\AmdTools.sys [2007-6-19 29696]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [2008-6-27 99352]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [2008-6-27 555032]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [2008-6-27 566296]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [2008-2-15 333328]
R3 TmPfw;Trend Micro Personal Firewall;c:\progra~1\trendm~1\intern~4\TmPfw.exe [2009-1-24 488768]
R3 tmproxy;Trend Micro Proxy Service;c:\program files\trend micro\internet security\TmProxy.exe [2009-1-24 648456]
R4 LANPkt;Realtek LANPkt Protocol;c:\windows\system32\drivers\LANPkt.sys [2003-9-17 8440]
R4 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2009-1-24 52240]
R4 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2008-2-15 36368]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [2008-6-27 99352]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [2008-6-27 555032]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [2008-6-27 100888]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [2008-6-27 100888]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [2008-6-27 566296]
S3 Diag69xp;Diag69xp;c:\windows\system32\drivers\diag69xp.sys [2003-8-15 11237]
S3 filter;filter;c:\windows\system32\drivers\filter.sys [2004-7-4 8832]
S3 getPlus® Helper;getPlus® Helper;c:\program files\nos\bin\getPlus_HelperSvc.exe [2009-1-20 33752]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2008-3-23 17792]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2008-3-23 7680]
S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [2008-3-23 21504]
S3 TMPassthruMP;TMPassthruMP;c:\windows\system32\drivers\tmpassthru.sys --> c:\windows\system32\drivers\TMPassthru.sys [?]

=============== Created Last 30 ================

2009-01-24 10:33 138,384 a------- c:\windows\system32\drivers\tmcomm.sys
2009-01-24 10:33 52,496 a------- c:\windows\system32\drivers\tmactmon.sys
2009-01-24 10:33 52,240 a------- c:\windows\system32\drivers\tmevtmgr.sys
2009-01-24 10:32 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Trend Micro
2009-01-23 23:00 32,088 a------- c:\windows\system32\BMXBkpCtrlState-{00000005-00000000-00000007-00001102-00000004-20021102}.rfx
2009-01-23 23:00 11,564 a------- c:\windows\system32\DVCState-{00000005-00000000-00000007-00001102-00000004-20021102}.rfx
2009-01-23 23:00 4,958,588 a------- c:\windows\{00000005-00000000-00000007-00001102-00000004-20021102}.BAK
2009-01-23 22:34 <DIR> --d----- c:\windows\NV19801868.TMP
2009-01-23 22:23 <DIR> --d----- c:\windows\NV9721448.TMP
2009-01-23 22:20 32,592 a------- c:\windows\system32\BMXStateBkp-{00000005-00000000-00000007-00001102-00000004-20021102}.rfx
2009-01-23 22:20 32,592 a------- c:\windows\system32\BMXState-{00000005-00000000-00000007-00001102-00000004-20021102}.rfx
2009-01-23 22:20 32,088 a------- c:\windows\system32\BMXCtrlState-{00000005-00000000-00000007-00001102-00000004-20021102}.rfx
2009-01-23 22:14 4,958,588 a------- c:\windows\{00000005-00000000-00000007-00001102-00000004-20021102}.CDF
2009-01-23 22:12 <DIR> --d----- c:\windows\NV6121016.TMP
2009-01-20 16:57 82,432 ac------ c:\windows\system32\dllcache\ws2_32.dll
2009-01-20 16:57 7,680 a------- c:\windows\system32\a.exe
2009-01-18 20:58 <DIR> --d----- c:\docume~1\lee\applic~1\FreeStone Group
2009-01-18 17:04 <DIR> --d----- c:\program files\Messenger
2009-01-18 17:03 <DIR> --d----- c:\windows\system32\scripting
2009-01-18 17:03 <DIR> --d----- c:\windows\l2schemas
2009-01-18 17:03 <DIR> --d----- c:\windows\system32\en
2009-01-18 17:03 <DIR> --d----- c:\windows\system32\bits
2009-01-18 17:01 <DIR> --d----- c:\windows\ServicePackFiles
2009-01-18 16:58 <DIR> --d----- c:\windows\EHome
2009-01-18 16:49 19,569 a------- c:\windows\002846_.tmp
2009-01-18 16:21 250 a------- c:\windows\gmer.ini
2009-01-18 16:02 <DIR> --d----- c:\docume~1\lee\applic~1\Malwarebytes
2009-01-18 16:02 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-01-18 16:02 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-18 16:02 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-01-18 16:02 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes

==================== Find3M ====================

2009-01-29 17:50 137,688 ac------ c:\windows\system32\drivers\PnkBstrK.sys
2009-01-29 17:50 202,040 a------- c:\windows\system32\PnkBstrB.exe
2009-01-23 22:57 444,952 a------- c:\windows\system32\wrap_oal.dll
2009-01-23 22:57 109,080 a------- c:\windows\system32\OpenAL32.dll
2009-01-18 17:05 76,487 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-01-07 11:28 453,152 ac------ c:\windows\system32\NVUNINST.EXE
2008-12-11 02:57 333,952 a------- c:\windows\system32\drivers\srv.sys
2008-11-24 20:11 2,291,285 a------- c:\program files\RivaTuner220.exe
2008-11-20 16:36 22,328 ac------ c:\docume~1\lee\applic~1\PnkBstrK.sys
2008-11-20 16:35 682,280 a------- c:\windows\system32\pbsvc.exe
2008-11-20 16:35 66,872 a------- c:\windows\system32\PnkBstrA.exe
2008-03-23 11:39 92,064 ac------ c:\documents and settings\lee\mqdmmdm.sys
2008-03-23 11:39 79,328 ac------ c:\documents and settings\lee\mqdmserd.sys
2008-03-23 11:39 66,656 ac------ c:\documents and settings\lee\mqdmbus.sys
2008-03-23 11:39 25,600 ac------ c:\documents and settings\lee\usbsermptxp.sys
2008-03-23 11:39 22,768 ac------ c:\documents and settings\lee\usbsermpt.sys
2008-03-23 11:39 9,232 ac------ c:\documents and settings\lee\mqdmmdfl.sys
2008-03-23 11:39 6,208 ac------ c:\documents and settings\lee\mqdmcmnt.sys
2008-03-23 11:39 5,936 ac------ c:\documents and settings\lee\mqdmwhnt.sys
2008-03-23 11:39 4,048 ac------ c:\documents and settings\lee\mqdmcr.sys
2007-03-15 16:12 1 ac------ c:\documents and settings\lee\SI.bin
2007-02-21 19:53 1,976 ac------ c:\program files\current.spg
2006-03-19 16:59 457 ac------ c:\program files\INSTALL.LOG

============= FINISH: 16:18:09.23 ===============

Attached Files


"The only thing necessary for the the triumph of evil is for good men to do nothing."
-Edmund Burke (1729-1797)

#4 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:11:29 PM

Posted 31 January 2009 - 08:28 AM

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#5 COW8OY

COW8OY
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 31 January 2009 - 10:00 PM

Here ya go...

Malwarebytes' Anti-Malware 1.33
Database version: 1712
Windows 5.1.2600 Service Pack 3

1/31/2009 6:58:35 PM
mbam-log-2009-01-31 (18-58-35).txt

Scan type: Quick Scan
Objects scanned: 53243
Time elapsed: 4 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
"The only thing necessary for the the triumph of evil is for good men to do nothing."
-Edmund Burke (1729-1797)

#6 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:11:29 PM

Posted 31 January 2009 - 10:29 PM

I will need you to show hidden Files \Folders.
To do this:*Click Start.
*Open My Computer.
*Select the Tools menu and click Folder Options.
*Select the View Tab.
*Under the Hidden files and folders heading select Show hidden files and folders.
*Uncheck the Hide protected operating system files (recommended) option.
*Click Yes to confirm.
*Click OK
After that using Windows Explorer (to get there right-click your Start button and go to "Explore")
Delete this file listed below:

c:\windows\system32\a.exe

Now close Windows Explorer.

Now reset your Hidden files\folders to hidden.
To do this:
To reset:*Click Start.
*Open My Computer.
*Select the Tools menu and click Folder Options.
*Select the View Tab.
*Under the Hidden files and folders heading select Do not Show hidden files and folders.
*Check the Hide protected operating system files (recommended) option.
*Click Yes to confirm.
*Click OK
=========================
After that reboot and post a new dds log and let me know how things are running?
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#7 COW8OY

COW8OY
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 31 January 2009 - 11:41 PM

Ok, New DDS, post A.exe deletion.


DDS (Ver_09-01-18.01) - NTFSx86
Run by Lee at 20:37:43.20 on Sat 01/31/2009
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3071.2640 [GMT -8:00]

AV: Trend Micro Internet Security *On-access scanning enabled* (Updated)
FW: Trend Micro Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\PROGRA~1\TRENDM~1\INTERN~4\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Documents and Settings\Lee\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
EB: &Yahoo! Messenger: {4528bbe0-4e08-11d5-ad55-00010333d0ad} - c:\progra~1\yahoo!\common\yhexbmesus.dll
uRun: [NVIDIA nTune] "c:\program files\nvidia corporation\ntune\nTuneCmd.exe" clear
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [pccguide.exe] c:\progra~1\trendm~1\intern~2\pccguide.exe
mRun: [nwiz] nwiz.exe /install
mRun: [UfSeAgnt.exe] "c:\program files\trend micro\internet security\UfSeAgnt.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
dRunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy'
dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe
mExplorerRun: [wininet.dll]
uPolicies-explorer: NoActiveDesktop = 2 (0x2)
uPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
uPolicies-system: Wallpaper = 2|
IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm
IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\yahoo!\Common/ycsms.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: assassinsofwar.com
Trusted Zone: filefront.com\www
Trusted Zone: foxsports.com\msn
Trusted Zone: foxsports.com\s
Trusted Zone: hotmail.com
Trusted Zone: live.com
Trusted Zone: live.com\login
Trusted Zone: live.com\mail
Trusted Zone: msn.com
Trusted Zone: nascar.com\*.fantasy
Trusted Zone: nascar.com\www
Trusted Zone: passport.com
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R3 amdtools;AMD Special Tools Driver;c:\windows\system32\drivers\AmdTools.sys [2007-6-19 29696]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [2008-6-27 99352]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [2008-6-27 555032]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [2008-6-27 566296]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [2008-2-15 333328]
R3 TmPfw;Trend Micro Personal Firewall;c:\progra~1\trendm~1\intern~4\TmPfw.exe [2009-1-24 488768]
R3 tmproxy;Trend Micro Proxy Service;c:\program files\trend micro\internet security\TmProxy.exe [2009-1-24 648456]
R4 LANPkt;Realtek LANPkt Protocol;c:\windows\system32\drivers\LANPkt.sys [2003-9-17 8440]
R4 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2009-1-24 52240]
R4 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2008-2-15 36368]
S3 ALSysIO;ALSysIO;\??\c:\docume~1\lee\locals~1\temp\alsysio.sys --> c:\docume~1\lee\locals~1\temp\ALSysIO.sys [?]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [2008-6-27 99352]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [2008-6-27 555032]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [2008-6-27 100888]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [2008-6-27 100888]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [2008-6-27 566296]
S3 Diag69xp;Diag69xp;c:\windows\system32\drivers\diag69xp.sys [2003-8-15 11237]
S3 filter;filter;c:\windows\system32\drivers\filter.sys [2004-7-4 8832]
S3 getPlus® Helper;getPlus® Helper;c:\program files\nos\bin\getPlus_HelperSvc.exe [2009-1-20 33752]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2008-3-23 17792]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2008-3-23 7680]
S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [2008-3-23 21504]
S3 TMPassthruMP;TMPassthruMP;c:\windows\system32\drivers\tmpassthru.sys --> c:\windows\system32\drivers\TMPassthru.sys [?]

=============== Created Last 30 ================

2009-01-24 10:33 138,384 a------- c:\windows\system32\drivers\tmcomm.sys
2009-01-24 10:33 52,496 a------- c:\windows\system32\drivers\tmactmon.sys
2009-01-24 10:33 52,240 a------- c:\windows\system32\drivers\tmevtmgr.sys
2009-01-24 10:32 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Trend Micro
2009-01-23 23:00 32,088 a------- c:\windows\system32\BMXBkpCtrlState-{00000005-00000000-00000007-00001102-00000004-20021102}.rfx
2009-01-23 23:00 11,564 a------- c:\windows\system32\DVCState-{00000005-00000000-00000007-00001102-00000004-20021102}.rfx
2009-01-23 23:00 4,958,588 a------- c:\windows\{00000005-00000000-00000007-00001102-00000004-20021102}.BAK
2009-01-23 22:34 <DIR> --d----- c:\windows\NV19801868.TMP
2009-01-23 22:23 <DIR> --d----- c:\windows\NV9721448.TMP
2009-01-23 22:20 32,592 a------- c:\windows\system32\BMXStateBkp-{00000005-00000000-00000007-00001102-00000004-20021102}.rfx
2009-01-23 22:20 32,592 a------- c:\windows\system32\BMXState-{00000005-00000000-00000007-00001102-00000004-20021102}.rfx
2009-01-23 22:20 32,088 a------- c:\windows\system32\BMXCtrlState-{00000005-00000000-00000007-00001102-00000004-20021102}.rfx
2009-01-23 22:14 4,958,588 a------- c:\windows\{00000005-00000000-00000007-00001102-00000004-20021102}.CDF
2009-01-23 22:12 <DIR> --d----- c:\windows\NV6121016.TMP
2009-01-20 16:57 82,432 ac------ c:\windows\system32\dllcache\ws2_32.dll
2009-01-18 20:58 <DIR> --d----- c:\docume~1\lee\applic~1\FreeStone Group
2009-01-18 17:04 <DIR> --d----- c:\program files\Messenger
2009-01-18 17:03 <DIR> --d----- c:\windows\system32\scripting
2009-01-18 17:03 <DIR> --d----- c:\windows\l2schemas
2009-01-18 17:03 <DIR> --d----- c:\windows\system32\en
2009-01-18 17:03 <DIR> --d----- c:\windows\system32\bits
2009-01-18 17:01 <DIR> --d----- c:\windows\ServicePackFiles
2009-01-18 16:58 <DIR> --d----- c:\windows\EHome
2009-01-18 16:49 19,569 a------- c:\windows\002846_.tmp
2009-01-18 16:21 250 a------- c:\windows\gmer.ini
2009-01-18 16:02 <DIR> --d----- c:\docume~1\lee\applic~1\Malwarebytes
2009-01-18 16:02 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-01-18 16:02 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-18 16:02 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-01-18 16:02 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes

==================== Find3M ====================

2009-01-31 19:18 137,688 ac------ c:\windows\system32\drivers\PnkBstrK.sys
2009-01-31 19:18 202,040 a------- c:\windows\system32\PnkBstrB.exe
2009-01-23 22:57 444,952 a------- c:\windows\system32\wrap_oal.dll
2009-01-23 22:57 109,080 a------- c:\windows\system32\OpenAL32.dll
2009-01-18 17:05 76,487 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-01-07 11:28 453,152 ac------ c:\windows\system32\NVUNINST.EXE
2008-12-11 02:57 333,952 a------- c:\windows\system32\drivers\srv.sys
2008-11-24 20:11 2,291,285 a------- c:\program files\RivaTuner220.exe
2008-11-20 16:36 22,328 ac------ c:\docume~1\lee\applic~1\PnkBstrK.sys
2008-11-20 16:35 682,280 a------- c:\windows\system32\pbsvc.exe
2008-11-20 16:35 66,872 a------- c:\windows\system32\PnkBstrA.exe
2008-03-23 11:39 92,064 ac------ c:\documents and settings\lee\mqdmmdm.sys
2008-03-23 11:39 79,328 ac------ c:\documents and settings\lee\mqdmserd.sys
2008-03-23 11:39 66,656 ac------ c:\documents and settings\lee\mqdmbus.sys
2008-03-23 11:39 25,600 ac------ c:\documents and settings\lee\usbsermptxp.sys
2008-03-23 11:39 22,768 ac------ c:\documents and settings\lee\usbsermpt.sys
2008-03-23 11:39 9,232 ac------ c:\documents and settings\lee\mqdmmdfl.sys
2008-03-23 11:39 6,208 ac------ c:\documents and settings\lee\mqdmcmnt.sys
2008-03-23 11:39 5,936 ac------ c:\documents and settings\lee\mqdmwhnt.sys
2008-03-23 11:39 4,048 ac------ c:\documents and settings\lee\mqdmcr.sys
2007-03-15 16:12 1 ac------ c:\documents and settings\lee\SI.bin
2007-02-21 19:53 1,976 ac------ c:\program files\current.spg
2006-03-19 16:59 457 ac------ c:\program files\INSTALL.LOG

============= FINISH: 20:38:21.70 ===============

No BSOD's yet but havnt been on much. TY

Attached Files


"The only thing necessary for the the triumph of evil is for good men to do nothing."
-Edmund Burke (1729-1797)

#8 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:11:29 PM

Posted 01 February 2009 - 09:13 AM

Please download ATF Cleaner by Atribune.Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.
==============================================
Please do a scan with Kaspersky Online Scanner

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#9 COW8OY

COW8OY
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 01 February 2009 - 08:41 PM

Kaspersky found nothing to report. Interesting.
"The only thing necessary for the the triumph of evil is for good men to do nothing."
-Edmund Burke (1729-1797)

#10 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:11:29 PM

Posted 01 February 2009 - 09:13 PM

I don't see anything either, what symptoms are you experiencing with the computer?
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#11 COW8OY

COW8OY
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:08:29 PM

Posted 01 February 2009 - 09:39 PM

None yet, seems good. TY!
"The only thing necessary for the the triumph of evil is for good men to do nothing."
-Edmund Burke (1729-1797)

#12 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:11:29 PM

Posted 02 February 2009 - 07:56 AM

Delete\uninstall anything else that we have used.


System Restore
Then I will need you to reset your System Restore points.
The link below shows how to create a clean restore point.
How to Turn On and Turn Off System Restore in Windows XP
http://support.microsoft.com/kb/310405/en-us

If you are using Vista then see this link > http://www.bleepingcomputer.com/tutorials/...143.html#manual
=====================================
After that your log is clean. :thumbup2:

The following is a list of tools and utilities that I like to suggest to people.
You do not have to have all or any of them they are only suggestions.
This list is full of great tools and utilities to help you understand how you got infected and how to keep from getting infected again.

Spybot Search & Destroy-Uber powerful tool which can search and annhilate nasties that make it onto your system. Now with an Immunize section that will help prevent future infections.

Spyware Blaster - Great prevention tool to keep nasties from installing on your system.

Spywareguard-Works as a Spyware "Shield" to protect your computer from getting malware in the first place.

Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.

Prevention article To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections please read the Prevention artice by Miekiemoes.

If your computer is slow Is a tutorial on what you can do if your computer is slow.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users