Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Tracur Trojan Activity


  • This topic is locked This topic is locked
3 replies to this topic

#1 cherroberts

cherroberts

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:44 AM

Posted 24 August 2011 - 08:21 AM

I keep getting a pop-up warning message from Norton360 stating it blocked "System Infected: Tracur Trojan Activity." This has been going on since Monday, 8/22/11. Here are the log files:

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Cheryl Roberts at 15:58:31 on 2011-08-23
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1225 [GMT -4:00]
.
AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
AV: Avanquest Fix-It *Enabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}
FW: Norton 360 *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Avanquest\Fix-It\AVQWinMonEngine.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\AVANQU~1\Fix-It\mxtask.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\iWin Games\iWinGamesInstaller.exe
C:\Program Files\iWin Games\iWinTrusted.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe
C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\PROGRA~1\AVANQU~1\Fix-It\mxtask2.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
C:\Program Files\Common Files\AntiVirus\SBAMSvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\UPS\WSTD\UPSNA1Msgr.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\odbccp3232.exe
C:\Program Files\iGive__Shopping__Window\iGiveShoppingWindowv.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\WINDOWS\system32\DLAAPI_W32.exe
C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Intuit\QuickBooks Pro\QBW32.EXE
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\UPS\WSTD\WSTDMessaging.exe
C:\WINDOWS\system32\wuauclt.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.foxnews.com/
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.msn.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: {016c6d2f-0d0f-4b83-a314-3f5b73affc54} - c:\windows\system32\atmfd32.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\5.1.0.29\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\5.1.0.29\ips\IPSBHO.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Shopping Advisor: {a057a204-bacc-4d26-c7d7-6bad84e32fcb} - c:\progra~1\buysaf~1\BUYSAF~1.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: MediaBar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - MediaBar
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\5.1.0.29\coIEPlg.dll
TB: Shopping Advisor: {a057a204-bacc-4d26-c7d7-6bad84e32fcb} - c:\progra~1\buysaf~1\BUYSAF~1.DLL
TB: MediaBar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} -
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [RKS Fax] c:\program files\rks fax\rksfax.exe
uRun: [Uniblue RegistryBooster 2] c:\program files\uniblue\registrybooster 2\RegistryBooster.exe /S
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [NA1Messenger] c:\ups\wstd\UPSNA1Msgr.exe
mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [igivm] "c:\program files\igive__shopping__window\iGiveShoppingWindowv.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
dRunOnce: [AvanquestMainUI] c:\program files\avanquest\fix-it\Fix-It.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\apcups~1.lnk - c:\program files\apc\apc powerchute personal edition\Display.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\intuit~1.lnk - c:\program files\common files\intuit\dataprotect\IntuitDataProtect.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~2.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\intuit\quickbooks pro\QBW32.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\servic~1.lnk - c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\upswor~2.lnk - c:\ups\wstd\WSTDMessaging.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\upswor~1.lnk - c:\ups\wstd\wstdPldReminder.exe
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\documents and settings\cheryl roberts\application data\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: iGive Shopping Window - file://c:\program files\igive__shopping__window\igivt\igivC5.htm
IE: Open with Scansoft PDF Converter 3.0 - c:\program files\scansoft\pdf professional 3.0\IEShellExt.dll /100
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\cheryl roberts\start menu\programs\imvu\Run IMVU.lnk
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: turbotax.com
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/SCRABBLE/Images/stg_drm.ocx
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - hxxps://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1214506615640
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {A8B02DCA-7648-46D6-95A8-B84EC80CA49D} - hxxp://builder.inmotionhosting.com/applet/SWHTTPUploaderProj.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/SCRABBLE/Images/armhelper.ocx
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{7157AC29-5DEC-4310-A4EA-3ED99CFEE095} : DhcpNameServer = 192.168.0.1
Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - c:\program files\intuit\quickbooks pro\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0501000.01d\SymDS.sys [2011-5-24 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0501000.01d\SymEFA.sys [2011-5-24 744568]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\bashdefs\20110812.001\BHDrvx86.sys [2011-8-16 815736]
R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [2011-8-23 13360]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2009-10-13 95024]
R1 sbtis;sbtis;c:\windows\system32\drivers\sbtis.sys [2011-8-23 203056]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0501000.01d\Ironx86.sys [2011-5-24 136312]
R2 AvanquestWindowsMonitorService;AvanquestWindowsMonitorService;c:\program files\avanquest\fix-it\AVQWinMonEngine.exe [2010-8-20 328704]
R2 iWinGamesInstaller;iWinGamesInstaller;c:\program files\iwin games\iWinGamesInstaller.exe [2008-7-17 78104]
R2 iWinTrusted;iWinTrusted;c:\program files\iwin games\iWinTrusted.exe [2008-12-31 78104]
R2 MSSQL$UPSWSDBSERVER;MSSQL$UPSWSDBSERVER;c:\ups\wstd\mssql$upswsdbserver\binn\sqlservr.exe -supswsdbserver --> c:\ups\wstd\mssql$upswsdbserver\binn\sqlservr.exe -sUPSWSDBSERVER [?]
R2 N360;Norton 360;c:\program files\norton 360\engine\5.1.0.29\ccSvcHst.exe [2011-5-24 130008]
R2 QBVSS;QBIDPService;c:\program files\common files\intuit\dataprotect\QBIDPService.exe [2011-6-30 1248256]
R2 SBAMSvc;Fix-It;c:\program files\common files\antivirus\SBAMSvc.exe [2010-2-22 1012080]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2011-8-23 69936]
R2 TrkWks32;Distributed Link Tracking Client ;c:\windows\system32\odbccp3232.exe [2011-8-22 717824]
R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [2004-3-12 344928]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-7-28 105592]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\ipsdefs\20110822.030\IDSXpx86.sys [2011-8-23 355256]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\virusdefs\20110823.002\NAVENG.SYS [2011-8-23 86136]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\virusdefs\20110823.002\NAVEX15.SYS [2011-8-23 1576312]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-3 135664]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-3 135664]
S3 SQLAgent$UPSWSDBSERVER;SQLAgent$UPSWSDBSERVER;c:\ups\wstd\mssql$upswsdbserver\binn\sqlagent.exe -i upswsdbserver --> c:\ups\wstd\mssql$upswsdbserver\binn\sqlagent.EXE -i UPSWSDBSERVER [?]
.
=============== Created Last 30 ================
.
2011-08-23 18:47:29 -------- d-----w- c:\windows\system32\drivers\nbrtwizard\0305000.017
2011-08-23 18:47:29 -------- d-----w- c:\windows\system32\drivers\NBRTWizard
2011-08-23 18:47:04 -------- d-----w- c:\program files\Norton Bootable Recovery Tool Wizard
2011-08-23 15:09:09 69936 ----a-w- c:\windows\system32\drivers\sbapifs.sys
2011-08-23 15:09:08 13360 ----a-w- c:\windows\system32\drivers\sbaphd.sys
2011-08-23 15:08:35 203056 ----a-w- c:\windows\system32\drivers\sbtis.sys
2011-08-23 15:07:35 35008 ----a-w- c:\windows\system32\mxntdfg.exe
2011-08-23 15:07:32 -------- d-----w- c:\documents and settings\all users\application data\Avanquest
2011-08-23 15:06:13 -------- d-sh--r- C:\_Backup.RC
2011-08-23 15:06:10 -------- d--h--w- C:\_Backup
2011-08-23 15:04:56 -------- d-----w- c:\documents and settings\cheryl roberts\application data\Avanquest
2011-08-23 15:04:43 -------- d-----w- c:\program files\common files\AntiVirus
2011-08-23 15:03:20 -------- d-----w- c:\program files\Avanquest
2011-08-23 15:01:39 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2011-08-22 18:07:10 158720 ----a-w- c:\windows\system32\kbdlv32.dll
2011-08-22 17:48:15 717824 ----a-w- c:\windows\system32\DLAAPI_W32.exe
2011-08-22 17:48:12 717824 ----a-w- c:\windows\system32\odbccp3232.exe
2011-08-22 17:48:00 334848 ----a-w- c:\windows\system32\atmfd32.dll
2011-08-11 12:02:06 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-11 12:01:47 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
2011-08-09 12:08:22 -------- d-----w- c:\documents and settings\all users\application data\Nuance
2011-07-28 12:57:06 -------- d-----w- c:\documents and settings\cheryl roberts\local settings\application data\TomTom
2011-07-28 12:57:06 -------- d-----w- c:\documents and settings\cheryl roberts\application data\TomTom
.
==================== Find3M ====================
.
2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36:30 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:36:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:36:30 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05:13 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-02 14:02:05 1858944 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 15:59:52.54 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 5/22/2007 10:15:54 AM
System Uptime: 8/23/2011 3:53:52 PM (0 hours ago)
.
Motherboard: Dell Inc. | | 0CT017
Processor: Intel® Core™2 CPU 6320 @ 1.86GHz | Microprocessor | 1862/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 145 GiB total, 107.28 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel® 82566DC Gigabit Network Connection
Device ID: PCI\VEN_8086&DEV_104B&SUBSYS_01DB1028&REV_02\3&172E68DD&0&C8
Manufacturer: Intel
Name: Intel® 82566DC Gigabit Network Connection
PNP Device ID: PCI\VEN_8086&DEV_104B&SUBSYS_01DB1028&REV_02\3&172E68DD&0&C8
Service: e1express
.
==== System Restore Points ===================
.
RP1435: 5/25/2011 4:40:27 PM - Software Distribution Service 3.0
RP1436: 5/26/2011 9:00:15 AM - Software Distribution Service 3.0
RP1437: 5/26/2011 4:40:23 PM - Software Distribution Service 3.0
RP1438: 5/27/2011 9:00:16 AM - Software Distribution Service 3.0
RP1439: 5/27/2011 4:25:18 PM - Software Distribution Service 3.0
RP1440: 5/31/2011 9:00:15 AM - Software Distribution Service 3.0
RP1441: 5/31/2011 4:39:11 PM - Software Distribution Service 3.0
RP1442: 6/1/2011 9:00:15 AM - Software Distribution Service 3.0
RP1443: 6/1/2011 4:40:05 PM - Software Distribution Service 3.0
RP1444: 6/2/2011 9:00:15 AM - Software Distribution Service 3.0
RP1445: 6/2/2011 4:21:43 PM - Software Distribution Service 3.0
RP1446: 6/3/2011 9:00:16 AM - Software Distribution Service 3.0
RP1447: 6/3/2011 4:32:31 PM - Software Distribution Service 3.0
RP1448: 6/6/2011 9:00:15 AM - Software Distribution Service 3.0
RP1449: 6/6/2011 4:41:27 PM - Software Distribution Service 3.0
RP1450: 6/7/2011 9:00:15 AM - Software Distribution Service 3.0
RP1451: 6/7/2011 4:29:24 PM - Software Distribution Service 3.0
RP1452: 6/8/2011 9:00:15 AM - Software Distribution Service 3.0
RP1453: 6/8/2011 4:28:31 PM - Software Distribution Service 3.0
RP1454: 6/9/2011 4:29:58 PM - Software Distribution Service 3.0
RP1455: 6/10/2011 9:00:15 AM - Software Distribution Service 3.0
RP1456: 6/10/2011 4:00:47 PM - Software Distribution Service 3.0
RP1457: 6/13/2011 9:00:15 AM - Software Distribution Service 3.0
RP1458: 6/13/2011 4:46:06 PM - Software Distribution Service 3.0
RP1459: 6/14/2011 9:00:15 AM - Software Distribution Service 3.0
RP1460: 6/14/2011 4:40:00 PM - Software Distribution Service 3.0
RP1461: 6/15/2011 9:00:29 AM - Software Distribution Service 3.0
RP1462: 6/15/2011 4:44:48 PM - Software Distribution Service 3.0
RP1463: 6/16/2011 4:43:46 PM - Software Distribution Service 3.0
RP1464: 6/17/2011 9:00:15 AM - Software Distribution Service 3.0
RP1465: 6/17/2011 2:11:20 PM - Software Distribution Service 3.0
RP1466: 6/20/2011 9:00:16 AM - Software Distribution Service 3.0
RP1467: 6/20/2011 4:38:55 PM - Software Distribution Service 3.0
RP1468: 6/21/2011 4:27:46 PM - Software Distribution Service 3.0
RP1469: 6/22/2011 9:00:15 AM - Software Distribution Service 3.0
RP1470: 6/22/2011 11:29:17 AM - Software Distribution Service 3.0
RP1471: 6/23/2011 9:00:15 AM - Software Distribution Service 3.0
RP1472: 6/23/2011 3:58:35 PM - Software Distribution Service 3.0
RP1473: 6/24/2011 9:00:15 AM - Software Distribution Service 3.0
RP1474: 6/24/2011 3:47:57 PM - Software Distribution Service 3.0
RP1475: 6/27/2011 9:00:15 AM - Software Distribution Service 3.0
RP1476: 6/27/2011 4:46:05 PM - Software Distribution Service 3.0
RP1477: 6/28/2011 9:00:15 AM - Software Distribution Service 3.0
RP1478: 6/28/2011 12:00:21 PM - Software Distribution Service 3.0
RP1479: 6/29/2011 9:00:15 AM - Software Distribution Service 3.0
RP1480: 6/29/2011 4:28:18 PM - Software Distribution Service 3.0
RP1481: 6/30/2011 9:00:15 AM - Software Distribution Service 3.0
RP1482: 6/30/2011 4:01:19 PM - Software Distribution Service 3.0
RP1483: 7/1/2011 9:00:15 AM - Software Distribution Service 3.0
RP1484: 7/1/2011 11:55:34 AM - Software Distribution Service 3.0
RP1485: 7/5/2011 9:00:15 AM - Software Distribution Service 3.0
RP1486: 7/5/2011 4:50:11 PM - Software Distribution Service 3.0
RP1487: 7/6/2011 9:00:15 AM - Software Distribution Service 3.0
RP1488: 7/6/2011 4:40:31 PM - Software Distribution Service 3.0
RP1489: 7/7/2011 9:00:14 AM - Software Distribution Service 3.0
RP1490: 7/7/2011 4:27:18 PM - Software Distribution Service 3.0
RP1491: 7/8/2011 9:00:17 AM - Software Distribution Service 3.0
RP1492: 7/8/2011 2:54:45 PM - Software Distribution Service 3.0
RP1493: 7/11/2011 12:24:48 PM - System Checkpoint
RP1494: 7/11/2011 4:37:48 PM - Software Distribution Service 3.0
RP1495: 7/12/2011 4:52:51 PM - Software Distribution Service 3.0
RP1496: 7/13/2011 4:37:32 PM - Software Distribution Service 3.0
RP1497: 7/14/2011 9:00:15 AM - Software Distribution Service 3.0
RP1498: 7/14/2011 4:39:32 PM - Software Distribution Service 3.0
RP1499: 7/15/2011 9:00:15 AM - Software Distribution Service 3.0
RP1500: 7/15/2011 3:51:33 PM - Software Distribution Service 3.0
RP1501: 7/18/2011 9:00:15 AM - Software Distribution Service 3.0
RP1502: 7/18/2011 4:40:55 PM - Software Distribution Service 3.0
RP1503: 7/19/2011 9:00:15 AM - Software Distribution Service 3.0
RP1504: 7/19/2011 3:58:39 PM - Software Distribution Service 3.0
RP1505: 7/20/2011 9:00:15 AM - Software Distribution Service 3.0
RP1506: 7/20/2011 3:58:11 PM - Software Distribution Service 3.0
RP1507: 7/21/2011 9:00:16 AM - Software Distribution Service 3.0
RP1508: 7/21/2011 3:57:53 PM - Software Distribution Service 3.0
RP1509: 7/22/2011 9:00:28 AM - Software Distribution Service 3.0
RP1510: 7/22/2011 3:40:15 PM - Software Distribution Service 3.0
RP1511: 7/25/2011 9:00:19 AM - Software Distribution Service 3.0
RP1512: 7/25/2011 4:42:55 PM - Software Distribution Service 3.0
RP1513: 7/26/2011 9:00:16 AM - Software Distribution Service 3.0
RP1514: 7/26/2011 4:43:04 PM - Software Distribution Service 3.0
RP1515: 7/27/2011 9:00:16 AM - Software Distribution Service 3.0
RP1516: 7/27/2011 10:13:29 AM - Removed OpenOffice.org Installer 1.0
RP1517: 7/27/2011 4:42:41 PM - Software Distribution Service 3.0
RP1518: 7/28/2011 8:54:11 AM - Installed TomTom HOME
RP1519: 7/28/2011 8:56:27 AM - Removed TomTom HOME
RP1520: 7/28/2011 9:00:16 AM - Software Distribution Service 3.0
RP1521: 7/28/2011 11:27:27 AM - Removed TomTom HOME Visual Studio Merge Modules
RP1522: 7/28/2011 11:29:05 AM - Removed Sorry Boggle and Yahtzee Triple Pack of Fun
RP1523: 7/28/2011 4:29:19 PM - Software Distribution Service 3.0
RP1524: 7/29/2011 9:00:16 AM - Software Distribution Service 3.0
RP1525: 7/29/2011 3:32:24 PM - Software Distribution Service 3.0
RP1526: 8/1/2011 9:00:18 AM - Software Distribution Service 3.0
RP1527: 8/1/2011 4:46:42 PM - Software Distribution Service 3.0
RP1528: 8/2/2011 9:00:16 AM - Software Distribution Service 3.0
RP1529: 8/2/2011 4:15:11 PM - Software Distribution Service 3.0
RP1530: 8/3/2011 9:00:16 AM - Software Distribution Service 3.0
RP1531: 8/3/2011 4:37:11 PM - Software Distribution Service 3.0
RP1532: 8/4/2011 9:00:16 AM - Software Distribution Service 3.0
RP1533: 8/4/2011 4:29:28 PM - Software Distribution Service 3.0
RP1534: 8/8/2011 9:00:16 AM - Software Distribution Service 3.0
RP1535: 8/8/2011 4:43:12 PM - Software Distribution Service 3.0
RP1536: 8/9/2011 9:00:16 AM - Software Distribution Service 3.0
RP1537: 8/9/2011 4:41:47 PM - Software Distribution Service 3.0
RP1538: 8/11/2011 9:00:21 AM - Software Distribution Service 3.0
RP1539: 8/11/2011 4:39:45 PM - Software Distribution Service 3.0
RP1540: 8/12/2011 9:00:16 AM - Software Distribution Service 3.0
RP1541: 8/12/2011 4:02:03 PM - Software Distribution Service 3.0
RP1542: 8/15/2011 9:00:17 AM - Software Distribution Service 3.0
RP1543: 8/15/2011 3:54:50 PM - Software Distribution Service 3.0
RP1544: 8/16/2011 9:00:16 AM - Software Distribution Service 3.0
RP1545: 8/16/2011 4:43:29 PM - Software Distribution Service 3.0
RP1546: 8/17/2011 9:00:15 AM - Software Distribution Service 3.0
RP1547: 8/17/2011 2:54:38 PM - Software Distribution Service 3.0
RP1548: 8/18/2011 9:00:16 AM - Software Distribution Service 3.0
RP1549: 8/18/2011 3:57:45 PM - Software Distribution Service 3.0
RP1550: 8/19/2011 4:35:57 PM - Software Distribution Service 3.0
RP1551: 8/22/2011 9:00:16 AM - Software Distribution Service 3.0
RP1552: 8/22/2011 3:29:11 PM - Installed Java™ 6 Update 26
RP1553: 8/22/2011 4:37:38 PM - Software Distribution Service 3.0
RP1554: 8/23/2011 9:00:16 AM - Software Distribution Service 3.0
RP1555: 8/23/2011 11:03:14 AM - Installed Fix-It Utilities 11 Professional
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.5
AnswerWorks 4.0 Runtime - English
APC PowerChute Personal Edition
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Around The World In 80 Days
Bonjour
BPD_HPSU
BPD_Scan
BPDfax
BPDSoftware
BPDSoftware_Ini
Brain Games Collection 2.0
BufferChm
Business Contact Manager for Outlook 2007 SP2
CCC
CLUE Classic
Corel Paint Shop Pro Photo XI
Corel Snapfire Plus
Critical Update for Windows Media Player 11 (KB959772)
CustomerResearchQFolder
Dell CinePlayer
Dell Driver Reset Tool
Dell Support 3.2.1
Dell System Restore
Destinations
DeviceManagementQFolder
DocProc
DocProcQFolder
Encore LaunchPad 6.8.25.100
eSupportQFolder
Fix-It Utilities 11 Professional
FormsComponent
FOSS
Free Audio CD Burner version 1.4.7
Free Video to MP3 Converter version 4.2.19.324
Free YouTube to MP3 Converter version 3.9.35.324
GearDrvs
getPlus® for Adobe
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB835221
Highlight Viewer (Windows Live Toolbar)
Hotfix 2050 for SQL Server 2000 ENU (KB948110)
Hotfix 2055 for SQL Server 2000 ENU (KB960082)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Hoyle Board Games 2007
Hoyle Card Games 2007
Hoyle Card Games Classic
Hoyle Puzzle and Board Games Classic
Hoyle Puzzle Games 2007
HP Customer Participation Program 7.0
HP Imaging Device Functions 7.0
HP Officejet Pro All-In-One Series
HP Photosmart Essential
HP Product Assistant
HP Solution Center 7.0
HP Update
HPPhotoSmartExpress
HPProductAssistant
ICCHelp
iGive Shopping Window
InstantShareDevicesMFC
Intel® Matrix Storage Manager
Intel® PRO Network Connections
iTunes
iWin Games (remove only)
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java™ 6 Update 2
Java™ 6 Update 26
Java™ 6 Update 3
Java™ 6 Update 5
Java™ 6 Update 7
Java™ SE Runtime Environment 6 Update 1
Jewel Quest (remove only)
Jewel Quest III (remove only)
Jewel Quest Solitaire II (remove only)
Map Button (Windows Live Toolbar)
MarketResearch
Mega Sudoku Plus
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Word MUI (English) 2007
Microsoft Plus! Digital Media Edition Installer
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Desktop Engine (UPSWSDBSERVER)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual Studio 2005 Tools for Office Runtime
Move Networks Media Player for Internet Explorer
MPM
MSIChecker
MSN
MSN Toolbar
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6.0 Parser (KB933579)
NA1Messenger
Norton 360
Norton Bootable Recovery Tool Wizard
NRF
NVIDIA Drivers
OCR Software by I.R.I.S 7.0
OGA Notifier 2.0.0048.0
PanoStandAlone
PolicyManager
Qualxserve Service Agreement
QuickBooks
QuickBooks Premier: Mfg and Whsle Edition 2011
QuickTime
QuickTime 3.0
Reconciler
ReportServer
Roxio DLA
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Scan
ScanSoft PDF Professional 3.0
SCRABBLE
SCRABBLE PLUS
SearchAssist
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office 2007 System (KB2541012)
Security Update for Microsoft Office Excel 2007 (KB2541007)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SereneScene Marine Aquarium 2
Shopping Advisor
Smart Menus (Windows Live Toolbar)
SolutionCenter
Sonic Activation Module
Sonic Update Manager
Spybot - Search & Destroy 1.4
Status
SupportSoft Assisted Service
SupportUtility
Symantec Technical Support Web Controls
System
The Game Of Life
Toolbox
TrayApp
Try Corel Snapfire muvee autoProducer add on
UnifiedPrinting
Uninstall 1.0.0.1
Unload
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Outlook 2007 Junk Email Filter (KB2586924)
Update for Windows Internet Explorer 8 (KB968220)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
UPS WorldShip
UPSDB
UPSICC
UPSlinkHTTP
UPSVC2008MM
UPSVCMM
URL Assistant
WebFldrs XP
WebHelp
WebReg
Windows Internet Explorer 8
Windows Live installer
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows XP Service Pack 3
WorldShip
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Software Update
.
==== Event Viewer Messages From Past Week ========
.
8/23/2011 3:18:01 PM, error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
8/23/2011 10:43:07 AM, error: Service Control Manager [7034] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s).
8/16/2011 9:01:34 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2416447).
.
==== End Of File ===========================
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-08-24 09:00:46
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST316081 rev.3.AD
Running: gmer.exe; Driver: C:\DOCUME~1\CHERYL~1\LOCALS~1\Temp\pxtdqpow.sys


---- System - GMER 1.0.15 ----

SSDT 89C32950 ZwAlertResumeThread
SSDT 89C32A30 ZwAlertThread
SSDT 899AFA48 ZwAllocateVirtualMemory
SSDT 89A378B8 ZwAssignProcessToJobObject
SSDT 89A37240 ZwConnectPort
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0xAD353710]
SSDT 89A018B0 ZwCreateMutant
SSDT 89BD6918 ZwCreateSymbolicLinkObject
SSDT 899EBD10 ZwCreateThread
SSDT 89A37998 ZwDebugActiveProcess
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteKey [0xAD353990]
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0xAD353EF0]
SSDT 89BE0D58 ZwDuplicateObject
SSDT 899C4A58 ZwFreeVirtualMemory
SSDT 89C0DC88 ZwImpersonateAnonymousToken
SSDT 89C0DD68 ZwImpersonateThread
SSDT 89BFF1E8 ZwLoadDriver
SSDT 899C4978 ZwMapViewOfSection
SSDT 89A017D0 ZwOpenEvent
SSDT 89A1AAB0 ZwOpenProcess
SSDT 89BE0C98 ZwOpenProcessToken
SSDT 89A3E980 ZwOpenSection
SSDT 89A1A9C0 ZwOpenThread
SSDT 89BD6A08 ZwProtectVirtualMemory
SSDT 89C94790 ZwResumeThread
SSDT 899EAD68 ZwSetContextThread
SSDT 899EA720 ZwSetInformationProcess
SSDT 899C8990 ZwSetSystemInformation
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0xAD354140]
SSDT 89A3EA60 ZwSuspendProcess
SSDT 89C94870 ZwSuspendThread
SSDT 899EBDF0 ZwTerminateProcess
SSDT 899EAC88 ZwTerminateThread
SSDT 899EA810 ZwUnmapViewOfSection
SSDT 899AF958 ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 2D68 80504604 4 Bytes CALL 94DA05FA
.text ntkrnlpa.exe!ZwCallbackReturn + 2DD8 80504674 4 Bytes JMP D198D01C
.text ntkrnlpa.exe!ZwCallbackReturn + 2FD8 80504874 5 Bytes [60, EA, A3, 89, 70]
.text ntkrnlpa.exe!ZwCallbackReturn + 2FDE 8050487A 2 Bytes [C9, 89]
? SYMDS.SYS The system cannot find the file specified. !
? SYMEFA.SYS The system cannot find the file specified. !
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xAFC6F360, 0x21235D, 0xE8000020]
? C:\DOCUME~1\CHERYL~1\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[1252] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1252] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB3C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1252] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5337 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1252] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E5269 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1252] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E52D4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1252] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E513A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1252] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E519C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1252] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E539A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1252] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E51FE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2092] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2092] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AC9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2092] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD12D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2092] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB3C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2092] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E2546A6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2092] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5337 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2092] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E5269 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2092] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E52D4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2092] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E513A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2092] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E519C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2092] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E539A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2092] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E51FE C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2092] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDB98 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2092] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E569F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip sbtis.sys (Sunbelt TDI Inspection System/Sunbelt Software)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp sbtis.sys (Sunbelt TDI Inspection System/Sunbelt Software)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp sbtis.sys (Sunbelt TDI Inspection System/Sunbelt Software)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp sbtis.sys (Sunbelt TDI Inspection System/Sunbelt Software)

Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
Device A8E63D20

AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

---- EOF - GMER 1.0.15 ----

THANK YOU!!!

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:44 PM

Posted 28 August 2011 - 03:06 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

In order for me to see the status of the infection I will need a new set of logs to start with.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.

Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

Scan With RKUnHooker

  • Please Download Rootkit Unhooker Save it to your desktop.
  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in a reply here.

Note** you may get this warning it is ok, just ignore

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"


"just click on Cancel, then Accept".

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • log from RKUnHooker
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:44 PM

Posted 31 August 2011 - 01:34 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:44 PM

Posted 03 September 2011 - 01:42 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users