computer keeps getting malware..log attached

singspiel · 03-30-2007, 08:55 AM

Hi,

The computer is running extremely slow, especially IE. I was using Kapersky 6.0 and Spybot S&D to remove malware. After supposedly removing malware it would come right back. Also, MS has started giving me a message that the Windows are counterfiet. I know that is not true..and IE wont even let me download a fix. I have included a deckard's main here and attached the extra log. Really will appreciatte your help.

Thanks.

Deckard's System Scanner v20070328.36
Run by Tony S on 2007-03-30 at 09:41:06
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
12: 2007-03-30 14:41:13 UTC - RP362 - Deckard's System Scanner Restore Point
11: 2007-03-30 13:55:06 UTC - RP361 - Installed Ad-Aware SE Personal
10: 2007-03-29 17:13:28 UTC - RP360 - Installed Kaspersky Anti-Virus 6.0.
9: 2007-03-28 06:15:58 UTC - RP359 - Removed Norton WMI Update
8: 2007-03-28 06:12:06 UTC - RP358 - Removed Norton AntiVirus 2003

-- First Restore Point --
1: 2007-02-13 04:30:45 UTC - RP351 - System Checkpoint

Backed up registry hives.

Performed disk cleanup.

-- HijackThis (run as Tony S.exe) ----------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 9:43:41 AM, on 3/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5346.0005)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Documents and Settings\Tony S\Desktop\dss.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\HIJACK~1\Tony S.exe

O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

-- File Associations -----------------------------------------------------------

.js - JSFile - shell\open\command - unable to read value

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 drvmcdb - c:\windows\system32\drivers\drvmcdb.sys
R0 Shockprf - c:\windows\system32\drivers\shockprf.sys
R1 Smapint - c:\windows\system32\drivers\smapint.sys
R1 sscdbhk5 - c:\windows\system32\drivers\sscdbhk5.sys
R1 ssrtln - c:\windows\system32\drivers\ssrtln.sys
R1 TDSMAPI - c:\windows\system32\drivers\tdsmapi.sys
R1 TPHKDRV - c:\windows\system32\drivers\tphkdrv.sys
R1 TPPWR - c:\windows\system32\drivers\tppwr.sys
R1 TSMAPIP - c:\windows\system32\drivers\tsmapip.sys
R2 drvnddm - c:\windows\system32\drivers\drvnddm.sys
R2 irda (IrDA Protocol) - c:\windows\system32\drivers\irda.sys
R2 Packet (Auto Internet Protocol) - c:\windows\system32\drivers\packet.sys
R2 PMEM - c:\windows\system32\drivers\pmemnt.sys
R2 ShockMgr - c:\windows\system32\drivers\shockmgr.sys
R2 tfsnboio - c:\windows\system32\dla\tfsnboio.sys
R2 tfsncofs - c:\windows\system32\dla\tfsncofs.sys
R2 tfsndrct - c:\windows\system32\dla\tfsndrct.sys
R2 tfsndres - c:\windows\system32\dla\tfsndres.sys
R2 tfsnifs - c:\windows\system32\dla\tfsnifs.sys
R2 tfsnopio - c:\windows\system32\dla\tfsnopio.sys
R2 tfsnpool - c:\windows\system32\dla\tfsnpool.sys
R2 tfsnudf - c:\windows\system32\dla\tfsnudf.sys
R2 tfsnudfa - c:\windows\system32\dla\tfsnudfa.sys
R3 aeaudio - c:\windows\system32\drivers\aeaudio.sys
R3 AgereSoftModem (Agere Systems Soft Modem) - c:\windows\system32\drivers\agrsm.sys
R3 AR5211 (Dual-band Wi-Fi Wireless Mini PCI Adapter) - c:\windows\system32\drivers\ar5211.sys
R3 IBMPMDRV - c:\windows\system32\drivers\ibmpmdrv.sys
R3 NSCIRDA (NSC Infrared Device Driver) - c:\windows\system32\drivers\nscirda.sys
R3 Rasirda (WAN Miniport (IrDA)) - c:\windows\system32\drivers\rasirda.sys
R3 smwdm - c:\windows\system32\drivers\smwdm.sys

S3 ac97intc (Intel(r) 82801 Audio Driver Install Service (WDM)) - c:\windows\system32\drivers\ac97intc.sys
S3 E1000 (Intel(R) PRO/1000 Adapter Driver) - c:\windows\system32\drivers\e1000325.sys
S3 gv3 (Intel GV3 Processor Driver) - c:\windows\system32\drivers\gv3.sys
S3 ltmodem5 (LT Modem Driver) - c:\windows\system32\drivers\ltmdmnt.sys
S3 MSIRCOMM (Microsoft IR Communications Driver) - c:\windows\system32\drivers\msircomm.sys
S3 PCAMPR5 (PCAMPR5 NDIS Protocol Driver) - c:\windows\system32\pcampr5.sys (file missing)
S3 PCANDIS5 (PCANDIS5 NDIS Protocol Driver) - c:\windows\system32\pcandis5.sys
S3 S3SSavage - c:\windows\system32\drivers\s3ssavm.sys
S3 SymEvent - c:\program files\symantec\symevent.sys (file missing)
S3 TwoTrack (IBM PS/2 TrackPoint Filter Driver) - c:\windows\system32\drivers\twotrack.sys
S4 cbidf - c:\windows\system32\drivers\cbidf2k.sys
S4 dac2w2k - c:\windows\system32\drivers\dac2w2k.sys

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 IBMPMSVC (IBM PM Service) - c:\windows\system32\ibmpmsvc.exe
R2 Irmon (Infrared Monitor) - c:\windows\system32\svchost.exe -k netsvcs
R2 MSSQL$MICROSOFTBCM - c:\program files\microsoft sql server\mssql$microsoftbcm\binn\sqlservr.exe -smicrosoftbcm
R2 TpKmpSVC (IBM KCU Service) - c:\windows\system32\tpkmpsvc.exe

S3 SQLAgent$MICROSOFTBCM - c:\program files\microsoft sql server\mssql$microsoftbcm\binn\sqlagent.exe -i microsoftbcm
S4 OracleMTSRecoveryService - c:\oracle\ora92\bin\omtsreco.exe "oraclemtsrecoveryservice"
S4 OracleOraHome92ClientCache - c:\oracle\ora92\bin\onrsd.exe
S4 TiFiC System Service - "c:\program files\tific\tific client g1\tific system service.exe"

-- Scheduled Tasks -------------------------------------------------------------

2005-05-23 14:20:28 314 --a------ C:\WINDOWS\Tasks\BMMTask.job

-- Files created between 2007-02-28 and 2007-03-30 -----------------------------

2007-03-30 09:38:16 0 d-------- C:\Program Files\SpywareGuard<SPYWAR~2>
2007-03-30 09:37:53 0 d-------- C:\ie-spyad_zo<IE-SPY~1>
2007-03-30 09:33:39 0 d-------- C:\Program Files\SpywareBlaster<SPYWAR~1>
2007-03-30 09:18:15 0 d-------- C:\WINDOWS\system32\ActiveScan<ACTIVE~1>
2007-03-30 09:18:14 0 d-------- C:\WINDOWS\LastGood
2007-03-30 08:55:12 0 d-------- C:\Documents and Settings\Tony S\Application Data\Lavasoft
2007-03-30 08:55:08 0 d-------- C:\Program Files\Lavasoft
2007-03-29 12:13:53 74396 --a------ C:\WINDOWS\system32\drivers\klin.dat
2007-03-29 12:13:53 75932 --a------ C:\WINDOWS\system32\drivers\klick.dat
2007-03-29 12:13:38 0 d-------- C:\Program Files\Kaspersky Lab<KASPER~1>
2007-03-29 12:13:38 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab<KASPER~1>
2007-03-29 12:13:35 81440 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-03-29 12:13:35 3358240 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-03-29 12:12:46 0 d-------- C:\kav
2007-03-28 10:43:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy<SPYBOT~1>
2007-03-28 01:02:29 0 d-------- C:\WINDOWS\system32\appmgmt

-- Find3M Report ---------------------------------------------------------------

2007-03-30 08:54:35 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard<WISEIN~1>
2007-03-29 21:41:54 0 d-------- C:\Program Files\Wgqn
2007-03-29 12:13:20 0 d-------- C:\Program Files\Common Files\Symantec Shared<SYMANT~1>
2007-03-28 01:14:21 0 d-------- C:\Program Files\Symantec
2007-03-28 01:09:55 0 d-------- C:\Program Files\Java
2007-03-19 16:42:28 0 d-------- C:\Program Files\Google
2007-02-13 01:00:38 0 d-------- C:\Documents and Settings\Tony S\Application Data\Google
2007-02-12 23:11:03 0 d---s---- C:\Documents and Settings\Tony S\Application Data\Microsoft<MICROS~1>
2007-02-07 18:21:37 0 d-------- C:\Documents and Settings\Tony S\Application Data\AdobeUM
2007-01-29 23:04:00 200768 --a------ C:\WINDOWS\system32\klogon.dll

-- Registry Dump ---------------------------------------------------------------

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"IBM RecordNow!"=""
"tgcmd"=""
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"tgcmd"=""
"AVP"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{81559C35-8464-49F7-BB0E-07A383BEF910}"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0

-- End of Deckard's System Scanner: finished at 2007-03-30 at 09:44:01 ---------

**Glaswegian** · 04-03-2007, 01:51 PM

Hi and welcome to TSF.

Apologies for any delay in replying, but we have been rather busy lately, and, of course, all our helpers are volunteers.

My name is Iain and I will be helping you clean your system.

I’m not seeing any signs of malware in your log, so we'll do some cleaning and see what may turn up.

You may wish to Subscribe to this thread (Thread Tools > Subscribe to this thread) so that you are notified when you receive a reply.

Please read these instructions carefully and then print out or copy this page to Notepad in order to assist you when carrying out the fix. You should not have any open browsers or live internet connections when you are following the procedures below.

Note that the fix may take several posts. Please continue to respond to my instructions until I confirm that your log is clean. Remember that although your symptoms may vanish, this does NOT mean that your system is clean.

If there is anything you don't understand, please ask BEFORE proceeding with the fixes.

Please ensure that you follow the instructions in the order I have them listed.

Show Hidden Files
Go to My Computer > Tools > Folder Options > View tab and make sure that Show hidden files and folders is enabled. Also make sure that the System files and Folders are showing / visible. Uncheck the Hide protected operating system files option.

Downloads
Please download Cleanup! or use this Alternate Link if the main link does not work and install it. You will use this later.
*NOTE* Cleanup deletes EVERYTHING out of temporary folders and does NOT make backups. If you have any files in any TEMP directory and you need to keep them, then please MOVE THEM NOW!

Download AVG Anti Spyware

Use the link at the bottom of the page under "AVG Anti-Spyware Free for Windows"

Install AVG Anti Spyware
Double-click the icon on Desktop to launch AVG
On the top of the main screen click Shield
Click the word active to change it to inactive
On the top of the main screen click Update.
Then click on Start Update. The update will start and a progress bar will show the updates being installed.
Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
Under "Reports"
- Select "Automatically generate report after every scan"
- Un-Select "Only if threats were found"

When you have finished updating, EXIT AVG Anti Spyware.

Reboot
Reboot your system in Safe Mode.

Restart the computer. The computer begins processing a set of instructions known as BIOS.
After hearing your computer beep once during startup, but before the Windows icon appears, press F8 (dependent on your system this may be F5 or another key)
Instead of Windows loading as normal, a menu should appear
Use the arrow key to highlight Safe Mode and press Enter.

Run CleanUp!
*NOTE* Cleanup deletes EVERYTHING out of temporary folders and does NOT make backups. If you have any files in any TEMP directory and you need to keep them, then please MOVE THEM NOW!

Open Cleanup! by double-clicking the icon on your desktop (or from Start > All Programs). Set the program up as follows:

Click Options
Move the slider button down to Custom CleanUp!
Check the following:

Empty Recycle Bins
Delete Cookies
Delete Prefetch files
Cleanup! All Users
Click on the “Temporary Files” tab and uncheck the box for “Scan drives for file matching” if it’s checked.

Click OK, Press the CleanUp! button to start the program and DO NOT REBOOT when prompted.
Note: CleanUp! deletes EVERYTHING out of your temp/temporary folders, it does not make backups. If you have any documents or programs that are saved in any Temporary Folders, please make a backup of these BEFORE running CleanUp! If you have a 64 bit Operating System do NOT run Cleanup and let me know as we will use another utility.

Run AVG Anti Spyware
Run AVG with it's updated definitions:(...it's important that all windows must be closed)

Click Scanner
Click on the Scan tab
Click Complete System Scan to begin scanning.
When the scan is complete click Recommended Action and change it to Quarantine
Then click Apply all actions

Once finished, click the Save report button, then click Save Report As and save it to your desktop.

NOTE: AVG scan may require an hour.

Reboot
Reboot your system in Normal Mode.

Online Scan
Perform an online scan with Internet Explorer with Panda ActiveScan

Click on located at the bottom of the page.
A "pop up" window will appear. * Please ensure that your pop up blocker doesn't block it *
Enter your e-mail address, country, and state & click "Free Online Scan" *The download of the 8 MB Panda's ActiveX control will take place*

Begin the scan by selecting

If it finds any malware, it will offer you a report.
Please ignore any entry it finds and the offer to buy the program to remove the entry, as we will address this later.
Click on then click

* You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
* Turn off the real time scanner of any existing antivirus program while performing the online scan

Logs required
AVG Log
Panda Log
HijackThis Log

Please also let me know how your system is performing now and if you have any specific problems. In order to provide you with the best possible help, please ensure that HijackThis logs are produced only while in Normal Mode.

**Glaswegian** · 04-23-2007, 02:20 PM

Owing to lack of response, this Topic is closed.

If you need this topic re-opened, please PM myself or another Moderator, and include the thread address. This applies only to the original topic starter.

Everyone else please begin a New Topic.

04-03-2007, 01:51 PM	#2 (permalink)
Glaswegian Moderator/ Rangemaster TSF Academy; Analyst, Security Team; Oor Wullie; TSF Surgeon and Resident Comic Join Date: Sep 2005 Location: Glasgow Posts: 25,427 OS: Win XP Pro SP3 / Win 7 Pro My System Blog Entries: 10	Re: computer keeps getting malware..log attached Hi and welcome to TSF. Apologies for any delay in replying, but we have been rather busy lately, and, of course, all our helpers are volunteers. My name is Iain and I will be helping you clean your system. I’m not seeing any signs of malware in your log, so we'll do some cleaning and see what may turn up. You may wish to Subscribe to this thread (Thread Tools > Subscribe to this thread) so that you are notified when you receive a reply. Please read these instructions carefully and then print out or copy this page to Notepad in order to assist you when carrying out the fix. You should not have any open browsers or live internet connections when you are following the procedures below. Note that the fix may take several posts. Please continue to respond to my instructions until I confirm that your log is clean. Remember that although your symptoms may vanish, this does NOT mean that your system is clean. If there is anything you don't understand, please ask BEFORE proceeding with the fixes. Please ensure that you follow the instructions in the order I have them listed. Show Hidden Files Go to My Computer > Tools > Folder Options > View tab and make sure that Show hidden files and folders is enabled. Also make sure that the System files and Folders are showing / visible. Uncheck the Hide protected operating system files option. Downloads Please download Cleanup! or use this Alternate Link if the main link does not work and install it. You will use this later. NOTE Cleanup deletes EVERYTHING out of temporary folders and does NOT make backups. If you have any files in any TEMP directory and you need to keep them, then please MOVE THEM NOW! Download AVG Anti Spyware Use the link at the bottom of the page under "AVG Anti-Spyware Free for Windows" Install AVG Anti Spyware Double-click the icon on Desktop to launch AVG On the top of the main screen click Shield Click the word active to change it to inactive On the top of the main screen click Update. Then click on Start Update. The update will start and a progress bar will show the updates being installed. Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab. Once in the Settings screen click on "Recommended actions" and then select "Quarantine". Under "Reports" Select "Automatically generate report after every scan" Un-Select "Only if threats were found" When you have finished updating, EXIT AVG Anti Spyware. Reboot Reboot your system in Safe Mode. Restart the computer. The computer begins processing a set of instructions known as BIOS. After hearing your computer beep once during startup, but before the Windows icon appears, press F8 (dependent on your system this may be F5 or another key) Instead of Windows loading as normal, a menu should appear Use the arrow key to highlight Safe Mode and press Enter. Run CleanUp! NOTE Cleanup deletes EVERYTHING out of temporary folders and does NOT make backups. If you have any files in any TEMP directory and you need to keep them, then please MOVE THEM NOW! Open Cleanup! by double-clicking the icon on your desktop (or from Start > All Programs). Set the program up as follows: Click Options Move the slider button down to Custom CleanUp! Check the following: Empty Recycle Bins Delete Cookies Delete Prefetch files Cleanup! All Users Click on the “Temporary Files” tab and uncheck the box for “Scan drives for file matching” if it’s checked. Click OK, Press the CleanUp! button to start the program and DO NOT REBOOT when prompted. Note: CleanUp! deletes EVERYTHING out of your temp/temporary folders, it does not make backups. If you have any documents or programs that are saved in any Temporary Folders, please make a backup of these BEFORE running CleanUp! If you have a 64 bit Operating System do NOT run Cleanup and let me know as we will use another utility. Run AVG Anti Spyware Run AVG with it's updated definitions:(...it's important that all windows must be closed) Click Scanner Click on the Scan tab Click Complete System Scan to begin scanning. When the scan is complete click Recommended Action and change it to Quarantine Then click Apply all actions Once finished, click the Save report button, then click Save Report As and save it to your desktop. NOTE: AVG scan may require an hour. Reboot Reboot your system in Normal Mode. Online Scan Perform an online scan with Internet Explorer with Panda ActiveScan Click on located at the bottom of the page. A "pop up" window will appear. * Please ensure that your pop up blocker doesn't block it * Enter your e-mail address, country, and state & click "Free Online Scan" The download of the 8 MB Panda's ActiveX control will take place Begin the scan by selecting If it finds any malware, it will offer you a report. Please ignore any entry it finds and the offer to buy the program to remove the entry, as we will address this later. Click on then click * You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report. * Turn off the real time scanner of any existing antivirus program while performing the online scan Logs required AVG Log Panda Log HijackThis Log Please also let me know how your system is performing now and if you have any specific problems. In order to provide you with the best possible help, please ensure that HijackThis logs are produced only while in Normal Mode. __________________ Iain - Defender of the Haggis and all things Scottish. I don't help by PM - post in the Forums. PC Safety & Security::PC running a bit slow?::Donate::Photographers Corner

04-23-2007, 02:20 PM	#3 (permalink)
Glaswegian Moderator/ Rangemaster TSF Academy; Analyst, Security Team; Oor Wullie; TSF Surgeon and Resident Comic Join Date: Sep 2005 Location: Glasgow Posts: 25,427 OS: Win XP Pro SP3 / Win 7 Pro My System Blog Entries: 10	Re: computer keeps getting malware..log attached Owing to lack of response, this Topic is closed. If you need this topic re-opened, please PM myself or another Moderator, and include the thread address. This applies only to the original topic starter. Everyone else please begin a New Topic. __________________ Iain - Defender of the Haggis and all things Scottish. I don't help by PM - post in the Forums. PC Safety & Security::PC running a bit slow?::Donate::Photographers Corner