|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| General Computer Security Get Help With System Security - This forum is not for malware removal assistance. For malware removal assistance, read the sticky topic at the top of the Virus/Trojan/Spyware Help forum, or the "First Steps" link at the top right of each page. |
 |
|
|
LinkBack | Thread Tools |
10-19-2009, 01:56 PM
|
#1 (permalink) |
|
Registered User
Join Date: Sep 2009
Posts: 11
OS: Vista SP1
|
Suspect Virus at startup?
My buddy is running Windows XP and after starting his PC I see the following pop-up: C/Windows/System32/pmnlj.exe is missing. I looked this up and read that it is a malware program. I see steps for deleting but all require internet connectivity. His PC can not connect to the internet. His anti-virus is disabled and I am unable to start it. I see a anti-spyware program but of course this will not run either. My question is: Can I do anything without being able to connect to the internet? I am thinking about putting "hijack this" or an "anti-spyware" like spybot on a CD and trying to download on to his PC. I know my way around a PC, but by no means and I a expert. Any suggestions, will be greatly appreciated. PS. My friend likes to visit adult sites and I have advised against this for the future, especially without the proper protection. Thanks again.
|
|
     |
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
10-20-2009, 02:25 PM
|
#2 (permalink) |
|
Registered User
Join Date: Sep 2009
Posts: 11
OS: Vista SP1
|
Re: Suspect Virus at startup?
Update - I was able to run spybot search & destroy & it found 150 items which it deleted. I ran HijackThis where I found the line that was causing the PMNLJ.exe message. Of course another message appeared but after running Malwarebytes, which found 67 items and deleted them I rid myself of all remaining errors. I also now am able to access the remove/add programs, access User accounts, etc. I still do not know if I have internet connectivity because the anti-virus they have has expired. I will be installing an anti-virus on Wednesday and trying to connect. If I connect I can run whatever you need. Thanks
|
|
|
|
|
10-20-2009, 02:57 PM
|
#3 (permalink) |
|
Moderator/ Rangemaster TSF Academy; Analyst, Security Team; Oor Wullie; TSF Surgeon and Resident Comic
|
Re: Suspect Virus at startup?
Hi
If you cannot connect with that PC, use another clean PC and download the tools mentioned in this thread and then transfer them to the infected PC NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help Do not post any logs back in this thread - follow the guidance in the above link! If you have problems with any of the steps, simply move on to the next one and make a note of the problem in your reply. Please note that the Security Forum is always busy, so I would ask for your patience while waiting for a reply - it may take a few days.
__________________
Iain - Defender of the Haggis and all things Scottish. I don't help by PM - post in the Forums.   PC Safety & Security::PC running a bit slow?::Donate::Photographers Corner |
|
|
|
|
10-20-2009, 03:28 PM
|
#4 (permalink) |
|
Registered User
Join Date: Sep 2009
Posts: 11
OS: Vista SP1
|
Re: Suspect Virus at startup?
I was able to run the RMIT I will post here in 1 second. Just curious why my post was moved here? I originally had it on the malware/spyware scetion. oh well:
Logfile of random's system information tool 1.06 (written by random/random) Run by Owner at 2009-10-20 14  03Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 13 GB (44%) free of 29 GB Total RAM: 255 MB (27% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2 59 PM, on 10/20/2009Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wdfmgr.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\WINDOWS\System32\hphmon05.exe C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\QuickTime\qttask .exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\j2 Messenger 4.2\J2GDllCmd.exe C:\Program Files\Fisher-Price\FP3 Player\sspnotifier.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\WINDOWS\BCMSMMSG.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\Messenger\msmsgs.exe C:\Palm\HOTSYNC.EXE C:\Program Files\j2 Messenger 4.2\J2GTray.exe C:\WINDOWS\system32\taskmgr.exe C:\WINDOWS\System32\HPZipm12.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\msiexec.exe C:\Documents and Settings\Owner\Desktop\RSIT.exe C:\Documents and Settings\Owner\Desktop\Owner.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [j2 4.2] "C:\Program Files\j2 Messenger 4.2\J2GDllCmd.exe" /R O4 - HKLM\..\Run: [SSP Notifier] C:\Program Files\Fisher-Price\FP3 Player\sspnotifier.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NAV] "C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV\2454B0AB\16.0.0.125\InstStub.exe" /RELAUNCH /RUNONCE /MEDIA "E:\SETUP.EXE" /NOPROMPT /PATH "C:\Program Files\Norton AntiVirus\Norton AntiVirus" O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 O4 - HKCU\..\Run: [Simple Star PhotoShow Media Manager] C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\MSSYSM~2.EXE O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: HotSync Manager.LNK = C:\Palm\HOTSYNC.EXE O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE O4 - Global Startup: j2 4.2.lnk = C:\Program Files\j2 Messenger 4.2\J2GTray.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1201810454453 O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O24 - Desktop Component 0: tets - C:\WINDOWS\system32\onhelp.htm -- End of file - 9103 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\CAAntiSpywareScan_Daily as Owner at 1 34 PM.job C:\WINDOWS\tasks\Google Software Updater.job C:\WINDOWS\tasks\HP DArC Task #Hewlett-Packard#7700#MY38G1215KK5.job C:\WINDOWS\tasks\HP Usg Daily.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] SITEguard [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "HPDJ Taskbar Utility"=C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe [2008-01-31 188416] "HPHUPD05"=C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe [2008-01-31 49152] "HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2008-01-31 221184] "HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [2008-01-31 49152] "HPHmon05"=C:\WINDOWS\System32\hphmon05.exe [2008-01-31 483328] "AdaptecDirectCD"=C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe [2008-01-31 684032] "Microsoft Works Update Detection"=C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [2008-01-31 50688] "QuickTime Task"=C:\Program Files\QuickTime\qttask .exe [2008-01-31 282624] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-01-31 278528] "j2 4.2"=C:\Program Files\j2 Messenger 4.2\J2GDllCmd.exe [2008-01-31 107008] "SSP Notifier"=C:\Program Files\Fisher-Price\FP3 Player\sspnotifier.exe [2008-01-31 20480] "ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2008-10-17 51048] "osCheck"=C:\Program Files\Norton AntiVirus\osCheck.exe [2007-08-25 714608] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "NAV"=C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV\2454B0AB\16.0.0.125\InstStub.exe [2009-03-03 968312] "BCMSMMSG"=C:\WINDOWS\BCMSMMSG.exe [2003-08-29 122880] "RealTray"=C:\Program Files\Real\RealPlayer\RealPlay.exe [2009-10-20 26112] "ISTray"=C:\Program Files\Spyware Doctor\pctsTray.exe [2009-07-22 1181064] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232] "updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_7 -reboot 1 [] "Simple Star PhotoShow Media Manager"=C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\MSSYSM~2.EXE [] "AdobeUpdater"=C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2007-03-01 2321600] "AOL Fast Start"=C:\Program Files\America Online 9.0\AOL.EXE [2004-11-19 50776] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] C:\Documents and Settings\All Users\Start Menu\Programs\Startup HotSync Manager.lnk - C:\Palm\HOTSYNC.EXE j2 4.2.lnk - C:\Program Files\j2 Messenger 4.2\J2GTray.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE C:\Documents and Settings\Owner\Start Menu\Programs\Startup Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe HotSync Manager.LNK - C:\Palm\HOTSYNC.EXE [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 C:\WINDOWS\System32\pmnlj [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, mcenspc.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Documents and Settings\Owner\Application Data\syssl.exe"="C:\Documents and Settings\Owner\Application Data\syssl.exe:*:Enabled:Win32load" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader" "C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe"="C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe:*:Enabled:AOLTsMon" "C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe"="C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe:*:Enabled:AOLTopSpeed" "C:\Program Files\Common Files\AOL\1256014368\EE\AOLServiceHost.exe"="C:\Program Files\Common Files\AOL\1256014368\EE\AOLServiceHost.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\System Information\sinf.exe"="C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe"="C:\Program Files\Common Files\AOL\AOL Spyware Protection\AOLSP Scheduler.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe"="C:\Program Files\Common Files\AOL\AOL Spyware Protection\asp.exe:*:Enabled:AOL" "C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe"="C:\Program Files\Common Files\AolCoach\en_en\player\AOLNySEV.exe:*:Enabled:AOL" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======List of files/folders created in the last 1 months====== 2009-10-20 10:39:49 ----D---- C:\Documents and Settings\Owner\Application Data\Malwarebytes 2009-10-20 10:39:17 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-10-20 10:39:17 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-10-20 10:36:41 ----D---- C:\Program Files\Common Files\PC Tools 2009-10-20 10:36:15 ----D---- C:\Program Files\Spyware Doctor 2009-10-20 10:36:15 ----D---- C:\Documents and Settings\Owner\Application Data\PC Tools 2009-10-20 10:26:39 ----D---- C:\rsit 2009-10-20 01:10:11 ----D---- C:\Documents and Settings\Owner\Application Data\AOL 2009-10-20 01:00:26 ----A---- C:\WINDOWS\aolback.exe.lnk 2009-10-20 00:59:29 ----D---- C:\Program Files\Common Files\aolback 2009-10-20 00:58:52 ----D---- C:\Install iTunes 2009-10-20 00:58:51 ----D---- C:\Install ICQ 2009-10-20 00:58:48 ----D---- C:\AOL Instant Messenger 2009-10-20 00:58:40 ----D---- C:\MAV 2009-10-20 00:58:40 ----D---- C:\aolextras 2009-10-20 00:57:59 ----D---- C:\Documents and Settings\Owner\Application Data\You've Got Pictures Screensaver 2009-10-20 00:57:55 ----D---- C:\Program Files\Common Files\Nullsoft 2009-10-20 00:56:51 ----D---- C:\My Music 2009-10-20 00:56:40 ----A---- C:\WINDOWS\system32\rmoc3260.dll 2009-10-20 00:56:37 ----D---- C:\Program Files\Real 2009-10-20 00:56:37 ----A---- C:\WINDOWS\system32\pndx5032.dll 2009-10-20 00:56:37 ----A---- C:\WINDOWS\system32\pndx5016.dll 2009-10-20 00:56:37 ----A---- C:\WINDOWS\system32\pncrt.dll 2009-10-20 00:56:36 ----D---- C:\Program Files\Common Files\Real 2009-10-20 00:55:58 ----A---- C:\WINDOWS\system32\aamd532.dll 2009-10-20 00:55:57 ----A---- C:\WINDOWS\system32\SimpleRegistry.dll 2009-10-20 00:55:46 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint 2009-10-20 00:55:44 ----D---- C:\Program Files\Viewpoint 2009-10-20 00:54:54 ----D---- C:\Program Files\AOL Toolbar 2009-10-20 00:54:30 ----D---- C:\Program Files\AOL Deskbar 2009-10-20 00:53:41 ----D---- C:\Program Files\Common Files\AolCoach 2009-10-20 00:52:41 ----D---- C:\Program Files\Common Files\aolshare 2009-10-20 00:52:41 ----D---- C:\Program Files\America Online 9.0 2009-10-20 00:48:55 ----D---- C:\Program Files\Common Files\AOL 2009-10-20 00:48:55 ----D---- C:\Documents and Settings\All Users\Application Data\AOL 2009-10-20 00:46:20 ----HD---- C:\TEMP 2009-10-20 00:18:16 ----A---- C:\WINDOWS\wininit.ini 2009-10-19 23:26:16 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy ======List of files/folders modified in the last 1 months====== 2009-10-20 14:05:58 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-10-20 14:05:46 ----D---- C:\WINDOWS\Temp 2009-10-20 13:52:37 ----A---- C:\WINDOWS\win.ini 2009-10-20 13:49:34 ----D---- C:\WINDOWS\system32\drivers 2009-10-20 13:47:37 ----D---- C:\WINDOWS 2009-10-20 13:44:24 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-10-20 13:41:32 ----RD---- C:\Program Files 2009-10-20 13:41:32 ----D---- C:\WINDOWS\system32 2009-10-20 12:20:10 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater 2009-10-20 10:36:41 ----D---- C:\Program Files\Common Files 2009-10-20 10:36:15 ----D---- C:\Documents and Settings\All Users\Application Data\PC Tools 2009-10-20 01:14:54 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-10-20 01:14:45 ----A---- C:\WINDOWS\system32\rundll32.exe 2009-10-20 01:04:08 ----HD---- C:\WINDOWS\inf 2009-10-20 01:04:06 ----D---- C:\WINDOWS\system32\CatRoot2 2009-10-20 00:52:47 ----D---- C:\WINDOWS\Prefetch 2009-10-20 00:52:10 ----D---- C:\Documents and Settings\Owner\Application Data\Mozilla 2009-10-19 23:11:22 ----SD---- C:\WINDOWS\Tasks 2009-10-19 11:09:03 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec 2009-10-06 09:41:23 ----D---- C:\WINDOWS\Help ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-10-07 35840] R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2002-12-17 61424] R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2002-12-17 23436] R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2002-12-17 241152] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [] R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352] R1 OMCI;OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [2001-08-22 13632] R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2006-03-14 143834] R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-12-01 43696] R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2009-02-19 184496] R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2006-03-14 206464] R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-03 12032] R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2009-10-20 8552] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816] R3 BCMModem;BCM V.92 56K Modem; C:\WINDOWS\system32\DRIVERS\BCMSM.sys [2003-08-29 1101696] R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2003-03-04 145408] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [] R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2005-02-02 14408] R3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2006-03-14 30630] R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-03-14 1223562] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-02-28 545024] R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2009-02-19 13616] R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [] R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2009-02-19 96560] R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2009-02-19 38576] R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-02-19 31280] R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2009-02-19 37424] R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2009-02-19 22320] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588] S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 COH_Mon;COH_Mon; \??\C:\WINDOWS\system32\Drivers\COH_Mon.sys [] S3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2006-03-14 25898] S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-05-14 51056] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-05-14 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-05-14 21488] S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] S3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090131.023\NAVENG.SYS [] S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090131.023\NAVEX15.SYS [] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 SQTECH905C;DualCamera; C:\WINDOWS\System32\Drivers\Capt905c.sys [2005-03-24 38937] S3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-12-01 279088] S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-12-01 317616] S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-02-19 31280] S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AOL ACS;AOL Connectivity Service; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [2004-10-20 10328] R2 AOL TopSpeedMonitor;AOL TopSpeed Monitor; C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe [2004-10-15 100016] R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2007-08-23 243064] R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352] R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352] R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-07 168432] R2 LiveUpdate Notice;LiveUpdate Notice; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352] R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-03-14 65536] R2 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2009-01-07 348752] R2 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2009-07-22 1097096] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2005-01-28 38912] R3 iPodService;iPodService; C:\Program Files\iPod\bin\iPodService.exe [2006-02-23 323584] R3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2007-08-23 3192184] R3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2003-05-14 65795] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] -----------------EOF----------------- info.txt logfile of random's system information tool 1.06 2009-10-20 10:26:50 ======Uninstall list====== -->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Ad-Aware SE Personal-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG Adobe Acrobat Reader 3.01-->C:\WINDOWS\uninst.exe -fC:\Acrobat3\Reader\DeIsL1.isu Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E} Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39} Adobe Flash Player 9 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\UninstFl.exe -q Adobe Media Player-->msiexec /qb /x {1EBB57D4-63FF-87CC-A0F0-D73982CF6008} Adobe Media Player-->MsiExec.exe /I{1EBB57D4-63FF-87CC-A0F0-D73982CF6008} Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003} America Online (Choose which version to remove)-->C:\Program Files\Common Files\aolshare\aolunins_us.exe AOL Coach Version 2.0(Build:20041026.5 en)-->C:\Program Files\Common Files\AolCoach\en_en\AolCInUn.exe -lang=en_en -ext=UDP AOL Connectivity Services-->"C:\Program Files\Common Files\AOL\ACS\AcsUninstall.exe" /c AOL Deskbar-->"C:\Program Files\AOL Deskbar\UNWISE.EXE" /u "C:\Program Files\AOL Deskbar\INSTALL.LOG" AOL Spyware Protection-->C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\UNWISE.EXE C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\INSTALL.LOG AOL Toolbar-->"C:\Program Files\AOL Toolbar\UNWISE.EXE" /u "C:\Program Files\AOL Toolbar\INSTALL.LOG" AOL You've Got Pictures Screensaver-->C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.exe AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B} Appgen Custom Suite Windows Client-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DA49FE6-DA74-11D5-9BD5-0001033438CF}\Setup.exe" Uninstall BCM V.92 56K Modem-->C:\WINDOWS\BCMSMU.exe quiet ccCommon-->MsiExec.exe /I{B24E05CC-46FF-4787-BBB8-5CD516AFB118} Component Framework-->MsiExec.exe /I{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09} Dell ResourceCD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D78653C3-A8FF-415F-92E6-D774E634FF2D}\setup.exe" Easy CD Creator 5 Basic-->MsiExec.exe /I{609F7AC8-C510-11D4-A788-009027ABA5D0} FP3 Player-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{44170B31-F47A-4FF9-9D77-382D1FE2A728} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall HijackThis 2.0.2-->"C:\Documents and Settings\Owner\Desktop\HijackThis.exe" /uninstall Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" hp instant support-->C:\PROGRA~1\HEWLET~1\hpis\Uninstall.exe /s CeS HP Memories Disc-->MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70} HP Software Update-->MsiExec.exe /X{D43BB532-3537-4CE9-9CBB-92533BD29F0C} Intel(R) PRO Network Adapters and Drivers-->Prounstl.exe iTunes-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{59C4F14F-7590-45FC-BE9F-A67AB3590709} /l1033 j2 Messenger 4.2-->C:\Program Files\j2 Messenger 4.2\Uninstall.exe J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110} LiveUpdate (Symantec Corporation)-->MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate" LiveUpdate (Symantec Corporation)-->MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft Digital Image Standard 2006-->"C:\Program Files\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=PREM VERSION=11 Microsoft Office 2000 SR-1 Professional-->MsiExec.exe /I{00010409-78E1-11D2-B60F-006097C998E7} Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9} Microsoft Picture It! Photo Premium 9-->C:\WINDOWS\System32\msiexec.exe /i {DBA8B9E1-C6FF-4624-9598-73D3B41A0903} Microsoft Plus! Digital Media Edition-->MsiExec.exe /I{C6A7AF96-4EB1-4AAE-8318-1AB393C64F88} Microsoft Plus! for Windows XP-->MsiExec.exe /I{EEC2DAFD-5558-40AC-8E9C-5005C8F810E8} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Web Publishing Wizard 1.52-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall MSN Music Assistant-->rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MyDSC2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83D96ED0-98AA-4515-8DDC-816F3EFDD104}\Setup.exe" -l0x9 Norton AntiVirus (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\SymSetup\{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}_15_0_0_58\Setup.exe" /X Norton AntiVirus-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV\2454B0AB\16.0.0.125\InstStub.exe /X Norton Protection Center-->MsiExec.exe /I{62120008-8E1E-4807-860D-A8B48F8552DB} NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvdd.inf OfotoNow-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2875A5F5-E613-4F99-9B47-8882C9DD24A5}\Setup.exe" -l0x9 anything OLYMPUS CAMEDIA Master 4.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{30BB4D60-81DB-11D5-BB77-00400536ABAC}\setup.exe" CAMEDIA Master 4.2 PhotoShow Deluxe 4-->"C:\Program Files\Simple Star\PhotoShow 4\data\Xtras\Uninstall.exe" Photosmart 140,240,7200,7600,7700,7900 Series-->C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\setup\hpzscr01.exe -datfile hphscr01.dat QuickTime-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C21D5524-A970-42FA-AC8A-59B8C7CDCA31} /l1033 RealPlayer Basic-->C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0 Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe" Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe" Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Security Update for Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe" Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe" Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe" Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe" Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe" Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe" Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe" Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Security Update for Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Security Update for Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe" Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Security Update for Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe" Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Security Update for Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe" Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u VNC Free Edition 4.1.2-->"C:\Program Files\RealVNC\VNC4\unins000.exe" Windows Antivirus Pro-->C:\Program Files\Windows Antivirus Pro\AntiSpyware_Uninstall.exe Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" Yahoo! Browser Services-->C:\PROGRA~1\Yahoo!\Common\unyext.exe Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~2.DLL Yahoo! Internet Mail-->C:\WINDOWS\System32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\ymmapi.dll Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe =====HijackThis Backups===== O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll [2009-10-19] O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll [2009-10-19] O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2009-10-19] F3 - REG:win.ini: load=C:\WINDOWS\System32\pmnlj.exe [2009-10-19] O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-10-19] O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-10-19] O2 - BHO: 796525 helper - {E7F15AC4-E0A9-43F0-921B-70DFEA621220} - (no file) [2009-10-19] O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-10-19] O2 - BHO: ICQSys (IE PlugIn) - {F54AF7DE-6038-4026-8433-CC30E3F17212} - C:\WINDOWS\system32\dddesot.dll [2009-10-19] O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll [2009-10-19] O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-10-19] O2 - BHO: 655708 helper - {EA73037A-F182-44A0-BC0B-690D71231330} - (no file) [2009-10-19] O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2009-10-19] O4 - HKCU\..\Run: [Win32load] C:\Documents and Settings\Owner\Application Data\syssl.exe -lds [2009-10-19] O4 - HKCU\..\Run: [SpyClean] C:\Program Files\Netcom3 Cleaner\SpyClean.exe [2009-10-19] O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-10-19] O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (file missing) [2009-10-20] O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) [2009-10-20] O4 - HKLM\..\Run: [MRT] "C:\WINDOWS\system32\MRT.exe" /R [2009-10-20] O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2009-10-20] R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:7171 [2009-10-20] R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local> [2009-10-20] ======Hosts File====== 192.168.1.103 csrdim02 192.168.1.244 csrdim16 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com ======Security center information====== AV: Norton AntiVirus (outdated) FW: Norton AntiVirus (disabled) ======System event log====== Computer Name: VANESSA-6M7BRTK Event Code: 4 Message: Adapter Intel(R) PRO/100 VE Network Connection: Adapter Link Down Record Number: 846 Source Name: E100B Time Written: 20090804072226.000000-240 Event Type: warning User: Computer Name: VANESSA-6M7BRTK Event Code: 4 Message: Adapter Intel(R) PRO/100 VE Network Connection: Adapter Link Down Record Number: 833 Source Name: E100B Time Written: 20090804072018.000000-240 Event Type: warning User: Computer Name: VANESSA-6M7BRTK Event Code: 10005 Message: DCOM got error "%1055" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E} Record Number: 814 Source Name: DCOM Time Written: 20090803220625.000000-240 Event Type: error User: VANESSA-6M7BRTK\Owner Computer Name: VANESSA-6M7BRTK Event Code: 1002 Message: The IP address lease 192.168.0.2 for the Network Card with network address 0007E96B1BE9 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). Record Number: 812 Source Name: Dhcp Time Written: 20090803220600.000000-240 Event Type: error User: Computer Name: VANESSA-6M7BRTK Event Code: 4 Message: Adapter Intel(R) PRO/100 VE Network Connection: Adapter Link Down Record Number: 803 Source Name: E100B Time Written: 20090803211821.000000-240 Event Type: warning User: =====Application event log===== Computer Name: VANESSA-6M7BRTK Event Code: 1002 Message: Hanging application YahooMessenger.exe, version 9.0.0.2162, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Record Number: 16196 Source Name: Application Hang Time Written: 20090718092438.000000-240 Event Type: error User: Computer Name: VANESSA-6M7BRTK Event Code: 1002 Message: Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Record Number: 16141 Source Name: Application Hang Time Written: 20090716142506.000000-240 Event Type: error User: Computer Name: VANESSA-6M7BRTK Event Code: 1002 Message: Hanging application YahooMessenger.exe, version 9.0.0.2162, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Record Number: 16140 Source Name: Application Hang Time Written: 20090716142435.000000-240 Event Type: error User: Computer Name: VANESSA-6M7BRTK Event Code: 1002 Message: Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Record Number: 16130 Source Name: Application Hang Time Written: 20090716014448.000000-240 Event Type: error User: Computer Name: VANESSA-6M7BRTK Event Code: 1002 Message: Hanging application YahooMessenger.exe, version 9.0.0.2162, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Record Number: 16129 Source Name: Application Hang Time Written: 20090716014359.000000-240 Event Type: error User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Adaptec Shared\System;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\Common Files\Ulead Systems\DVD;C:\Program Files\Common Files\Adobe\AGL "windir"=%SystemRoot% "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel "PROCESSOR_REVISION"=0207 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip "FP_NO_HOST_CHECK"=NO -----------------EOF----------------- |
|
|
|
|
10-20-2009, 06:04 PM
|
#6 (permalink) |
|
Manager, Security Center, TSF Academy; Analyst, Security Team
Join Date: Jan 2005
Location: Transylvania County, North Carolina, USA
Posts: 35,594
OS: 2000 Pro; XP Pro; XP Home
|
Re: Suspect Virus at startup?
RK25HAMMER, be sure to post the requested logs as indicated by Glaswegian. We ask for logs from those tools for good reason. Unless they will not run on your machine for some reason, we expect DDS and GMER logs.
Topic closed.
__________________
Practice Safe Surfing Because what you don't know, CAN hurt you.  Microsoft MVP - Consumer Security 2009
|
|
|
|
|
| Thread Tools | |
|
|
