Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads

User Tag List

New Malware.z (first time poster)

This is a discussion on New Malware.z (first time poster) within the Resolved HJT Threads forums, part of the Tech Support Forum category. Hi there, my McAfee virus scan has detected the Trojan New Malware.z in C:\WINDOWS\SYSTEM32\DRIVERS\iksysflt.sys on my pc. It's been detected


 
 
Thread Tools Search this Thread
Old 03-14-2007, 03:56 PM   #1
Registered Member
 
Join Date: Mar 2007
Posts: 12
OS: Windows 7 Home Premium 64 Bit



Hi there, my McAfee virus scan has detected the Trojan New Malware.z in
C:\WINDOWS\SYSTEM32\DRIVERS\iksysflt.sys on my pc. It's been detected a couple of times and quarantined but never completely removed. Can anyone please advise how to remove it permanently and what harm it's done already.

Cheers in advance
Silent M is offline  
Sponsored Links
Advertisement
 
Old 03-15-2007, 07:34 AM   #2
Registered Member
 
Join Date: Mar 2007
Posts: 12
OS: Windows 7 Home Premium 64 Bit



Anyone able to help with this please?

I'm in the UK so if you're posting from the US in the evening it will probably be the following day before I respond.

Cheers
Silent M is offline  
Old 03-15-2007, 12:22 PM   #3
TSF Security Manager
Emeritus
 
Ried's Avatar

Microsoft Most Valuable Professional
 
Join Date: Jan 2005
Location: Ohio
Posts: 42,837
OS: WinXP Home, Vista, Windows 7 64bit



Hello Silent M and welcome,

We need more info--

Download ComboScan to your Desktop.Note: You must be logged onto an account with administrator privileges.
  1. Close all applications and windows.
  2. Double-click on comboscan.exe to run it, and follow the prompts.
  3. When the scan is complete, two text files will open - ComboScan.txt <- this one will be maximized and Supplementary.txt <-this one will be minimized
  4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of ComboScan.txt in this thread.
__________________
Member of UNITE since 2006

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Sponsored Links
Advertisement
 
Old 03-15-2007, 02:18 PM   #4
Registered Member
 
Join Date: Mar 2007
Posts: 12
OS: Windows 7 Home Premium 64 Bit



Hi there, this is what I have:

Logfile of HijackThis v1.99.1
Scan saved at 21:12:48, on 15/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\SiteAdvisor\6028\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\Program Files\SiteAdvisor\6028\SiteAdv.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Jessops\Picture Suite\InsDetect.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\Program Files\SiteAdvisor\6028\SiteAdv.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Documents and Settings\Manus McFadden\Desktop\comboscan.exe
C:\PROGRA~1\HIJACK~1\Manus McFadden.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.co.uk/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.tiscali.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - c:\program files\mcafee\mps\mcpopup.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6028\SiteAdv.exe
O4 - HKLM\..\Run: [SDTray] C:\Program Files\Spyware Doctor\SDTrayApp.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Jessops Insert Detect] C:\Program Files\Jessops\Picture Suite\InsDetect.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [DelayShred] "C:\Program Files\McAfee.com\Shredder\SHRED32.EXE" /q C:\DOCUME~1\MANUSM~1\LOCALS~1\TEMPOR~1\Content.SH!
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - https://bar.mywebsearch.com/menusearc...B_ZSYYYYYYAWGB
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - https://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O18 - Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: McAfee Application Installer Cleanup (0240051173957307) (0240051173957307mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\024005~1.EXE (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6028\SAService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe


-- File Associations -----------------------------------------------------------

.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

0R agpCPQ (Compaq AGP Bus Filter) - C:\WINDOWS\SYSTEM32\DRIVERS\AGPCPQ.SYS
3S alcan5wn (SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)) - C:\WINDOWS\SYSTEM32\DRIVERS\alcan5wn.sys
3S alcaudsl (SpeedTouch ADSL Modem ATM Transport) - C:\WINDOWS\SYSTEM32\DRIVERS\alcaudsl.sys
0R alim1541 (ALI AGP Bus Filter) - C:\WINDOWS\SYSTEM32\DRIVERS\ALIM1541.SYS
0R amdagp (AMD AGP Bus Filter Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\AMDAGP.SYS
2R ASCTRM - C:\WINDOWS\SYSTEM32\DRIVERS\asctrm.sys
0R cbidf - C:\WINDOWS\SYSTEM32\DRIVERS\CBIDF2K.SYS
1R Cdr4_xp - C:\WINDOWS\SYSTEM32\DRIVERS\cdr4_xp.sys
1R Cdralw2k - C:\WINDOWS\SYSTEM32\DRIVERS\cdralw2k.sys
3R ctsfm2k (Creative SoundFont Management Device Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys
0R dac2w2k - C:\WINDOWS\SYSTEM32\DRIVERS\DAC2W2K.SYS
1R DcCam (Kodak Camera Proxy) - C:\WINDOWS\SYSTEM32\DRIVERS\DcCam.sys
3S DcFpoint - C:\WINDOWS\SYSTEM32\DRIVERS\DcFpoint.sys
2R DCFS2K (Kodak DCFS2K Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\DCFS2k.sys
3S DcLps (Legacy Polling Service) - C:\WINDOWS\SYSTEM32\DRIVERS\DcLps.sys
3S DcPTP - C:\WINDOWS\SYSTEM32\DRIVERS\DcPtp.sys
0R drvmcdb - C:\WINDOWS\SYSTEM32\DRIVERS\drvmcdb.sys
2R drvnddm - C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys
3R E100B (Intel(R) PRO Adapter Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\e100b325.sys
2R EAPPkt (Realtek EAPPkt Protocol) - C:\WINDOWS\SYSTEM32\DRIVERS\EAPPkt.sys
1S Exportit - C:\WINDOWS\SYSTEM32\DRIVERS\ExportIt.sys
3R GEARAspiWDM (GEAR CDRom Filter) - C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys
3R HidUsb (Microsoft HID Class Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\hidusb.sys
3R ialm - C:\WINDOWS\SYSTEM32\DRIVERS\ialmnt5.sys
1R IKFileFlt (File Filter Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\ikfileflt.sys
1R IKFileSec (File Security Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\ikfilesec.sys
1S IkSysFlt (System Filter Driver) - C:\WINDOWS\system32\drivers\iksysflt.sys (not found)
1S IKSysSec (System Security Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\iksyssec.sys
3R IntelC51 - C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys
3R IntelC52 - C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys
3R IntelC53 - C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys
1R intelppm (Intel Processor Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\INTELPPM.SYS
3R mfeavfk (McAfee Inc.) - C:\WINDOWS\SYSTEM32\DRIVERS\mfeavfk.sys
3R mfebopk (McAfee Inc.) - C:\WINDOWS\SYSTEM32\DRIVERS\mfebopk.sys
3R mfehidk (McAfee Inc.) - C:\WINDOWS\SYSTEM32\DRIVERS\mfehidk.sys
3R mferkdk (McAfee Inc.) - C:\WINDOWS\SYSTEM32\DRIVERS\mferkdk.sys
3R mfesmfk (McAfee Inc.) - C:\WINDOWS\SYSTEM32\DRIVERS\mfesmfk.sys
3R MODEMCSA (Unimodem Streaming Filter Device) - C:\WINDOWS\SYSTEM32\DRIVERS\MODEMCSA.sys
3R mohfilt - C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys
3R mouhid (Mouse HID Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\mouhid.sys
1R MPFP - C:\WINDOWS\SYSTEM32\DRIVERS\Mpfp.sys
3S nv - C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS
3R ossrv (Creative OS Services Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys
3R P17 (Sound Blaster Live! 24-bit) - C:\WINDOWS\SYSTEM32\DRIVERS\P17.sys
2R PfModNT - C:\WINDOWS\SYSTEM32\DRIVERS\Pfmodnt.sys
0R PxHelp20 - C:\WINDOWS\SYSTEM32\DRIVERS\pxhelp20.sys
3R RTLWUSB (NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\wg111v2.sys
3S SE27bus (Sony Ericsson Device 039 Driver driver (WDM)) - C:\WINDOWS\SYSTEM32\DRIVERS\SE27bus.sys
3S SE27mdfl (Sony Ericsson Device 039 USB WMC Modem Filter) - C:\WINDOWS\SYSTEM32\DRIVERS\SE27mdfl.sys
3S SE27mdm (Sony Ericsson Device 039 USB WMC Modem Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\SE27mdm.sys
3S SE27mgmt (Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)) - C:\WINDOWS\SYSTEM32\DRIVERS\SE27mgmt.sys
3S se27nd5 (Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)) - C:\WINDOWS\SYSTEM32\DRIVERS\se27nd5.sys
3S SE27obex (Sony Ericsson Device 039 USB WMC OBEX Interface) - C:\WINDOWS\SYSTEM32\DRIVERS\SE27obex.sys
3S se27unic (Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)) - C:\WINDOWS\SYSTEM32\DRIVERS\se27unic.sys
0R sisagp (SIS AGP Bus Filter) - C:\WINDOWS\SYSTEM32\DRIVERS\SISAGP.SYS
1R sscdbhk5 - C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys
1R ssrtln - C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys
2R tfsnboio - C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys
2R tfsncofs - C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys
2R tfsndrct - C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys
2R tfsndres - C:\WINDOWS\SYSTEM32\dla\tfsndres.sys
2R tfsnifs - C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys
2R tfsnopio - C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys
2R tfsnpool - C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys
2R tfsnudf - C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys
2R tfsnudfa - C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys
3R usbccgp (Microsoft USB Generic Parent Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\usbccgp.sys
3R usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS
3R usbprint (Microsoft USB PRINTER Class) - C:\WINDOWS\SYSTEM32\DRIVERS\usbprint.sys
3R usbscan (USB Scanner Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\usbscan.sys
3S USBSTOR (USB Mass Storage Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\USBSTOR.SYS
0R viaagp (VIA AGP Bus Filter) - C:\WINDOWS\SYSTEM32\DRIVERS\VIAAGP.SYS
3S wanatw (WAN Miniport (ATW)) - C:\WINDOWS\system32\DRIVERS\wanatw4.sys (not found)
3S WpdUsb - C:\WINDOWS\SYSTEM32\DRIVERS\wpdusb.sys
1R WS2IFSL (Windows Socket 2.0 Non-IFS Service Provider Support Environment) - C:\WINDOWS\SYSTEM32\DRIVERS\WS2IFSL.SYS
0R WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - C:\WINDOWS\SYSTEM32\DRIVERS\WudfPf.sys
3S WudfRd (Windows Driver Foundation - User-mode Driver Framework Reflector) - C:\WINDOWS\SYSTEM32\DRIVERS\WudfRd.sys
3R SjyPkt - C:\WINDOWS\SYSTEM32\DRIVERS\SjyPkt.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

3S aspnet_state (ASP.NET State Service) - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
3S clr_optimization_v2.0.50727_32 (.NET Runtime Optimization Service v2.0.50727_X86) - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
2R Creative Service for CDROM Access - C:\WINDOWS\system32\CTsvcCDA.EXE
3S dlbt_device - C:\WINDOWS\system32\dlbtcoms.exe -service
3S Emproxy (McAfee E-mail Proxy) - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
2R Fax - C:\WINDOWS\system32\fxssvc.exe
3S gusvc (Google Updater Service) - "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
3S IDriverT (InstallDriver Table Manager) - "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
3R iPod Service - "C:\Program Files\iPod\bin\iPodService.exe"
3S KodakCCS (Kodak Camera Connection Software) - C:\WINDOWS\system32\drivers\KodakCCS.exe
2R McAfee HackerWatch Service - "C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe"
3S mcmispupdmgr (McAfee Update Manager) - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
2R mcmscsvc (McAfee Services) - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
2R McNASvc (McAfee Network Agent) - "c:\program files\common files\mcafee\mna\mcnasvc.exe"
2R McODS (McAfee Scanner) - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
2R mcpromgr (McAfee Protection Manager) - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
2R McProxy (McAfee Proxy Service) - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
2R McRedirector (McAfee Redirector Service) - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
2R McShield (McAfee Real-time Scanner) - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
2R McSysmon (McAfee SystemGuards) - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
2R MpfService (McAfee Personal Firewall Service) - "C:\Program Files\McAfee\MPF\MPFSrv.exe"
2R MPS9 (McAfee Privacy Service) - C:\PROGRA~1\McAfee\MPS\mps.exe
2R MSK80Service (McAfee SpamKiller Service) - "C:\Program Files\McAfee\MSK\MskSrver.exe"
3S NetSvc (Intel NCS NetService) - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
2R sdAuxService (Spyware Doctor Auxiliary Service) - C:\Program Files\Spyware Doctor\svcntaux.exe
2R sdCoreService (Spyware Doctor Service) - C:\Program Files\Spyware Doctor\swdsvc.exe
2R SiteAdvisor Service - C:\Program Files\SiteAdvisor\6028\SAService.exe
3S usnjsvc (Messenger Sharing Folders USN Journal Reader service) - "C:\Program Files\MSN Messenger\usnsvc.exe"
2R Viewpoint Manager Service - "C:\Program Files\Viewpoint\Common\ViewpointService.exe"
2R WMDM PMSP Service - C:\WINDOWS\system32\MsPMSPSv.exe
2S 0240051173957307mcinstcleanup (McAfee Application Installer Cleanup (0240051173957307)) - C:\WINDOWS\TEMP\024005~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service


-- Scheduled Tasks -------------------------------------------------------------

2007-03-15 01:48:39 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job<APPLES~1.JOB>
2007-03-14 18:51:28 374 --a------ C:\WINDOWS\Tasks\quickclean.job<QUICKC~1.JOB>
2007-03-14 18:48:34 272 --a------ C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job<CHECKU~1.JOB>
2007-03-14 18:46:08 368 --a------ C:\WINDOWS\Tasks\diskdefrag.job<DISKDE~1.JOB>


-- Files created between 2007-02-15 and 2007-03-15 -----------------------------

2007-03-15 16:11:46 0 d-------- C:\Documents and Settings\Lorna McFadden\Application Data\Teleca
2007-03-15 16:10:19 0 d-------- C:\Documents and Settings\Lorna McFadden\Application Data\Sony Ericsson<SONYER~1>
2007-03-15 11:15:01 0 d-------- C:\WINDOWS\LastGood
2007-03-15 01:54:29 0 d-------- C:\Program Files\iTunes
2007-03-15 01:48:25 0 d-------- C:\Program Files\Apple Software Update<APPLES~1>
2007-03-15 01:19:26 18704 -ra------ C:\WINDOWS\system32\drivers\se27nd5.sys
2007-03-15 01:19:11 90800 -ra------ C:\WINDOWS\system32\drivers\se27unic.sys
2007-03-15 01:19:11 4128 -ra------ C:\WINDOWS\system32\drivers\se27cr.sys
2007-03-15 01:19:07 88688 -ra------ C:\WINDOWS\system32\drivers\SE27mgmt.sys
2007-03-15 01:19:03 86560 -ra------ C:\WINDOWS\system32\drivers\SE27obex.sys
2007-03-15 01:09:25 9360 -ra------ C:\WINDOWS\system32\drivers\SE27mdfl.sys
2007-03-15 01:09:25 6240 -ra------ C:\WINDOWS\system32\drivers\SE27cmnt.sys
2007-03-15 01:09:25 6240 -ra------ C:\WINDOWS\system32\drivers\SE27cm.sys
2007-03-15 01:09:24 97184 -ra------ C:\WINDOWS\system32\drivers\SE27mdm.sys
2007-03-15 01:09:20 5872 -ra------ C:\WINDOWS\system32\drivers\SE27whnt.sys
2007-03-15 01:09:20 5872 -ra------ C:\WINDOWS\system32\drivers\SE27wh.sys
2007-03-15 01:09:20 61600 -ra------ C:\WINDOWS\system32\drivers\SE27bus.sys
2007-03-15 0134 0 d-------- C:\Program Files\Disc2Phone<DISC2P~1>
2007-03-15 01:03:43 0 d-------- C:\Documents and Settings\Manus McFadden\Application Data\AdobeAUM
2007-03-15 00:58:56 0 d-------- C:\Documents and Settings\Manus McFadden\Application Data\Sony Ericsson<SONYER~1>
2007-03-15 00:58:54 0 d-------- C:\Documents and Settings\Manus McFadden\Application Data\Teleca
2007-03-15 00:55:16 0 d-------- C:\Program Files\Common Files\Teleca Shared<TELECA~1>
2007-03-15 00:55:15 0 d-------- C:\Documents and Settings\All Users\Application Data\Teleca
2007-03-14 19:50:27 0 d-------- C:\Documents and Settings\Administrator\Application Data\You've Got Pictures Screensaver<YOU'VE~1>
2007-03-14 19:50:27 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun
2007-03-14 19:50:27 0 d-------- C:\Documents and Settings\Administrator\Application Data\Jasc Software Inc<JASCSO~1>
2007-03-14 15:27:56 0 d-------- C:\Documents and Settings\Administrator\Application Data\Creative
2007-03-14 15:27:55 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sonic
2007-03-14 15:27:53 786432 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2007-02-21 22:22:06 26064 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-02-21 22:22:06 83536 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-02-21 22:22:06 52304 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys<IKFILE~2.SYS>
2007-02-21 22:22:06 39248 --a------ C:\WINDOWS\system32\drivers\ikfileflt.sys<IKFILE~1.SYS>
2007-02-21 22:22:06 0 d-------- C:\Program Files\Common Files\PC Tools<PCTOOL~1>
2007-02-21 22:22:00 0 d-------- C:\Program Files\Spyware Doctor<SPYWAR~1>
2007-02-21 22:22:00 0 d-------- C:\Documents and Settings\Manus McFadden\Application Data\PC Tools<PCTOOL~1>
2007-02-21 22:22:00 0 d-------- C:\Documents and Settings\All Users\Application Data\PC Tools<PCTOOL~1>
2007-02-21 22:20:38 626688 --a------ C:\WINDOWS\system32\msvcr80.dll


-- Find3M Report ---------------------------------------------------------------

2007-03-15 21:01:23 0 d-------- C:\Documents and Settings\Manus McFadden\Application Data\uTorrent
2007-03-15 11:14:59 0 d-------- C:\Program Files\McAfee
2007-03-15 01:54:36 0 d-------- C:\Program Files\iPod
2007-03-15 01:52:08 0 d-------- C:\Program Files\QuickTime<QUICKT~1>
2007-03-15 01:27:23 0 d-------- C:\Documents and Settings\Manus McFadden\Application Data\AdobeUM
2007-03-15 01:03:42 0 d-------- C:\Documents and Settings\Manus McFadden\Application Data\Adobe
2007-03-15 00:55:16 0 d-------- C:\Program Files\Sony Ericsson<SONYER~1>
2007-03-14 17:34:10 0 d-------- C:\Program Files\Winamp
2007-03-14 17:33:45 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-03-14 17:32:12 0 d-------- C:\Program Files\MyWebSearch<MYWEBS~1>
2007-03-14 17:32:12 0 d-------- C:\Program Files\Modem Helper<MODEMH~1>
2007-03-14 17:32:11 0 d-------- C:\Program Files\Intel
2007-03-14 17:32:11 0 d-------- C:\Program Files\FunWebProducts<FUNWEB~1>
2007-03-14 17:32:11 0 d-------- C:\Program Files\DivX
2007-03-14 17:31:52 0 d-------- C:\Program Files\Common Files\AOL
2007-03-14 15:23:51 0 d---s---- C:\Documents and Settings\Manus McFadden\Application Data\Microsoft<MICROS~1>
2007-03-01 22:29:37 0 d-------- C:\Documents and Settings\Manus McFadden\Application Data\Google
2007-02-18 23:02:31 0 d-------- C:\Documents and Settings\Manus McFadden\Application Data\SiteAdvisor<SITEAD~1>
2007-02-18 23:01:23 0 d-------- C:\Program Files\Windows Media Connect 2<WI4DF6~1>
2007-02-14 17:48:21 0 d-------- C:\Program Files\SiteAdvisor<SITEAD~1>
2007-02-10 20:28:33 0 d-------- C:\Program Files\Viewpoint<VIEWPO~1>
2007-02-10 19:28:03 0 d-------- C:\Program Files\MSN Messenger<MSNMES~1>
2007-02-10 18:26:11 0 d-------- C:\Program Files\McAfee.com
2007-02-10 18:22:44 0 d-------- C:\Program Files\Common Files\McAfee
2007-02-09 20:29:51 0 d-------- C:\Program Files\Google
2007-02-03 17:38:48 0 d-------- C:\Program Files\NETGEAR
2007-02-02 00:31:09 0 d-------- C:\Program Files\Windows Live Favorites<WI48FA~1>
2007-01-29 08:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe
2007-01-19 12:53:04 51056 --a------ C:\WINDOWS\system32\sirenacm.dll
2007-01-12 09:27:42 232960 --a------ C:\WINDOWS\system32\webcheck.dll
2007-01-12 09:27:42 51712 -----n--- C:\WINDOWS\system32\msfeedsbs.dll<MSFEED~1.DLL>
2007-01-12 09:27:42 458752 -----n--- C:\WINDOWS\system32\msfeeds.dll
2007-01-12 09:27:42 6054400 --a------ C:\WINDOWS\system32\ieframe.dll
2007-01-08 19:04:54 105984 --a------ C:\WINDOWS\system32\url.dll
2007-01-08 19:04:08 102400 --a------ C:\WINDOWS\system32\occache.dll
2007-01-08 19:02:04 266752 --a------ C:\WINDOWS\system32\iertutil.dll
2007-01-08 19:02:04 44544 --a------ C:\WINDOWS\system32\iernonce.dll
2007-01-08 19:02:02 384000 --a------ C:\WINDOWS\system32\iedkcs32.dll
2007-01-08 19:02:02 383488 --a------ C:\WINDOWS\system32\ieapfltr.dll
2007-01-08 19:02:02 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2007-01-08 19:02:02 230400 --a------ C:\WINDOWS\system32\ieaksie.dll
2007-01-08 19:02:02 153088 --a------ C:\WINDOWS\system32\ieakeng.dll
2007-01-08 19:01:14 17408 --a------ C:\WINDOWS\system32\corpol.dll
2007-01-08 19:00:48 124928 --a------ C:\WINDOWS\system32\advpack.dll
2007-01-08 18:08:14 56832 --a------ C:\WINDOWS\system32\ie4uinit.exe
2007-01-08 18:08:10 13824 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-12-19 21:52:18 134656 --a------ C:\WINDOWS\system32\shsvcs.dll
2006-12-19 18:16:47 333824 --a------ C:\WINDOWS\system32\wiaservc.dll


-- Registry Dump ---------------------------------------------------------------


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MyWebSearch Email Plugin"="C:\\PROGRA~1\\MYWEBS~1\\bar\\1.bin\\mwsoemon.exe"
"Jessops Insert Detect"="C:\\Program Files\\Jessops\\Picture Suite\\InsDetect.exe"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"DelayShred"="\"C:\\Program Files\\McAfee.com\\Shredder\\SHRED32.EXE\" /q C:\\DOCUME~1\\MANUSM~1\\LOCALS~1\\TEMPOR~1\\Content.SH!"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SunJavaUpdateSched"="C:\\Program Files\\Java\\j2re1.4.2_03\\bin\\jusched.exe"
"PCMService"="\"C:\\Program Files\\Dell\\Media Experience\\PCMService.exe\""
"IntelMeM"="C:\\Program Files\\Intel\\Modem Event Monitor\\IntelMEM.exe"
"CTSysVol"="C:\\Program Files\\Creative\\Sound Blaster Live! 24-bit\\Surround Mixer\\CTSysVol.exe /r"
"P17Helper"="Rundll32 P17.dll,P17Helper"
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"DVDLauncher"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\""
"RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"UpdateManager"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r"
"Dell Photo AIO Printer 922"="\"C:\\Program Files\\Dell Photo AIO Printer 922\\dlbtbmgr.exe\""
"BJCFD"="C:\\Program Files\\BroadJump\\Client Foundation\\CFD.exe"
"igfxtray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"igfxhkcmd"="C:\\WINDOWS\\system32\\hkcmd.exe"
"igfxpers"="C:\\WINDOWS\\system32\\igfxpers.exe"
"MskAgentexe"="C:\\Program Files\\McAfee\\MSK\\MskAgent.exe"
"SiteAdvisor"="C:\\Program Files\\SiteAdvisor\\6028\\SiteAdv.exe"
"SDTray"="C:\\Program Files\\Spyware Doctor\\SDTrayApp.exe"
@=""
"Sony Ericsson PC Suite"="\"C:\\Program Files\\Sony Ericsson\\Mobile2\\Application Launcher\\Application Launcher.exe\" /startoptions"
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonceex]
@=""


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\MCODS
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdauxservice
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdcoreservice

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0



-- End of ComboScan: finished at 2007-03-15 at 21:13:38 ------------------------
Silent M is offline  
Old 03-15-2007, 04:38 PM   #5
TSF Security Manager
Emeritus
 
Ried's Avatar

Microsoft Most Valuable Professional
 
Join Date: Jan 2005
Location: Ohio
Posts: 42,837
OS: WinXP Home, Vista, Windows 7 64bit



Hello Silent M,

I believe that to be a false detection by McAfee--that file belongs to PCTools Ltd. and I am able to verify that by the ComboScan.txt.

Note the date/time all files came on the system:

Quote:
2007-02-21 22:22:06 26064 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-02-21 22:22:06 83536 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-02-21 22:22:06 52304 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys<IKFILE~2.SYS>
2007-02-21 22:22:06 39248 --a------ C:\WINDOWS\system32\drivers\ikfileflt.sys<IKFILE~1.SYS>
2007-02-21 22:22:06 0 d-------- C:\Program Files\Common Files\PC Tools<PCTOOL~1>
2007-02-21 22:22:00 0 d-------- C:\Program Files\Spyware Doctor<SPYWAR~1>
2007-02-21 22:22:00 0 d-------- C:\Documents and Settings\Manus McFadden\Application Data\PC Tools<PCTOOL~1>
2007-02-21 22:22:00 0 d-------- C:\Documents and Settings\All Users\Application Data\PC Tools<PCTOOL~1>
You do have malware present, though. We'll take care of that now.

Please copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.

***************************************************

Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs) if they exist:

MyWebSearch
FunWebProducts


--------------------------------------------------------------------

Open HijackThis and click on 'Do a System Scan Only'. 'Check' the following entries: (if they still exist)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O8 - Extra context menu item: &Search - https://bar.mywebsearch.com/menusearc...B_ZSYYYYYYAWGB


Click 'Fix Checked' and close HijackThis.

--------------------------------------------------------------------

Go to My Computer->Tools->Folder Options->View tab:
* Under the Hidden files and folders heading:
* select Show hidden files and folders.
* Uncheck Hide protected operating system files (recommended) option.
*Also, make sure there is no checkmark beside Hide file extensions for known file types.
* Click OK.

--------------------------------------------------------------------

Using 'My Computer', navigate to and delete the following Folders if they still exist after uninstall.

C:\Program Files\ FunWebProducts
C:\Program Files\ MyWebSearch


--------------------------------------------------------------------

Reboot your system.

--------------------------------------------------------------------

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

Updating Java:
  • Download the latest version of Java Runtime Environment (JRE) 6.
  • Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6-windowsi586-p.exe to install the newest version.
----------------------------------------------------------

Due to the malware that was present, it would be prudent to run an online scan to search for any remnants that may be lurking. Perform an online scan with Internet Explorer with Panda ActiveScan
  1. Click on located at the bottom of the page.
  2. A "pop up" window will appear. * Please ensure that your pop up blocker doesn't block it *
  3. Enter your e-mail address, country, and state & click "Free Online Scan" *The download of the 8 MB Panda's ActiveX control will take place*
Begin the scan by selecting
  • If it finds any malware, it will offer you a report.
  • Please ignore any entry it finds and the offer to buy the program to remove the entry, as we will address this later.
  • Click on then click
* You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
* Turn off the real time scanner of any existing antivirus program while performing the online scan


--------------------------------------------------------------------

Run a new scan with HijackThis and save the log.

--------------------------------------------------------------------

Please include the following in your next reply:

Panda results
New HijackThis log
__________________
Member of UNITE since 2006

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Old 03-15-2007, 06:28 PM   #6
Registered Member
 
Join Date: Mar 2007
Posts: 12
OS: Windows 7 Home Premium 64 Bit



Hello Ried, I tried removing My Web Search as you instructed but it appears to be not allowing me to do this. A box appeared with RUNDLL at the top left and the following message:

"Error loading C:\PROGR~1\bar\1.bin\mwsbar.dll
The specified module could not be found."

I'm going to head off to bed just now. Will resume this with you tomorrow if that's okay.

Cheers.
Silent M is offline  
Old 03-16-2007, 06:04 AM   #7
TSF Security Manager
Emeritus
 
Ried's Avatar

Microsoft Most Valuable Professional
 
Join Date: Jan 2005
Location: Ohio
Posts: 42,837
OS: WinXP Home, Vista, Windows 7 64bit



Hi,

Create an Uninstall List:
Open HijackThis
*Click on the "Configure" button on the bottom right
*Click on the tab "Misc Tools"
*Click on the Box that says "Open Uninstall Manager"
*Click on the button "Save list"
The list will automatically be saved in your HijackThis folder.

Please copy and paste the uninstall_list.txt here.
__________________
Member of UNITE since 2006

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Old 03-16-2007, 04:15 PM   #8
Registered Member
 
Join Date: Mar 2007
Posts: 12
OS: Windows 7 Home Premium 64 Bit



Hi Ried, this is what I have:

ABBYY FineReader 5.0 Sprint Plus
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Reader 7.0.8
Adobe® Photoshop® Album Starter Edition 3.0
Apple Software Update
BroadJump Client Foundation
BT Openworld Dell Signup
CardRd81
CCScore
CR2
Creative MediaSource
Dell Driver Reset Tool
Dell Media Experience
Dell Photo AIO Printer 922
DG834
Disc2Phone
DivX
DivX Converter
DivX Player
DivX Web Player
ESSBrwr
ESSCDBK
ESScore
ESSCT
ESSEMAIL
ESSgui
ESShelp
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvcpt
ESSvpaht
ESSvpot
G5a922EN
Google Toolbar for Internet Explorer
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 1.99.1
HLPIndex
HLPPDOCK
HLPSFO
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Intel(R) 537EP V9x DF PCI Modem
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Adapters and Drivers
Intel(R) PROSet for Wired Connections
Internet Explorer Default Page
iPod for Windows 2005-10-12
iPod for Windows 2006-01-10
iTunes
Jasc Paint Shop Photo Album
Jasc Paint Shop Pro 8 Dell Edition
Java 2 Runtime Environment, SE v1.4.2_03
Jessops Picture Suite
Kodak EasyShare software
KSU
Learn2 Player (Uninstall Only)
Macromedia Flash Player 8
Map Button (Windows Live Toolbar)
McAfee SecurityCenter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office PowerPoint Viewer 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works 7.0
Modem Event Monitor
Modem Helper
Modem On Hold
MSN
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
My Web Search (Smiley Central)
Napster
Napster Burn Engine
Notifier
OfotoXMI
OneCare Advisor (Windows Live Toolbar)
OTtBP
OTtBPSDK
Popup Blocker (Windows Live Toolbar)
PowerDVD 5.3
QuickTime
RealPlayer Basic
Security Update for Microsoft .NET Framework 2.0 (KB917283)
Security Update for Microsoft .NET Framework 2.0 (KB922770)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
SFR
SFR2
SHASTA
SKIN0001
SKINXSDK
Smart Menus (Windows Live Toolbar)
Sonic DLA
Sonic MyDVD
Sonic RecordNow!
Sonic Update Manager
Sony Ericsson PC Suite
Sound Blaster Live! 24-bit
Spyware Doctor 5.0
Tiscali Internet
Tvants 1.0
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB900930)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB912945)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB929338)
Update for Windows XP (KB931836)
Viewpoint Manager (Remove Only)
VPRINTOL
WG111v2 Configuration Utility
Winamp (remove only)
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Favorites for Windows Live Toolbar
Windows Live Messenger
Windows Live Outlook Toolbar (Windows Live Toolbar)
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Toolbar Feed Detector (Windows Live Toolbar)
Windows Media Connect
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB887797
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
WinMX
WIRELESS
Yahoo! Toolbar
Silent M is offline  
Old 03-16-2007, 08:32 PM   #9
TSF Security Manager
Emeritus
 
Ried's Avatar

Microsoft Most Valuable Professional
 
Join Date: Jan 2005
Location: Ohio
Posts: 42,837
OS: WinXP Home, Vista, Windows 7 64bit



Hi,

Open HJT. Click on Open the Misc Tools Section.
*Click on 'Open Uninstall Manager"
*Highlight (click on) My Web Search (Smiley Central)
*Click "Delete this entry"
Close HijackThis

--------------------------------------------------------------------

Delete the folder:

C:\Program Files\MyWebSearch


Have you updated your Sun Java yet? The version I see installed is the most vulnerable version out there.
__________________
Member of UNITE since 2006

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Old 03-17-2007, 07:13 PM   #10
Registered Member
 
Join Date: Mar 2007
Posts: 12
OS: Windows 7 Home Premium 64 Bit



Hi there,

Sun Java updated.

Panda results
New HijackThis log


Logfile of HijackThis v1.99.1
Scan saved at 02:09:48, on 18/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\SiteAdvisor\6028\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\Program Files\SiteAdvisor\6028\SiteAdv.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Jessops\Picture Suite\InsDetect.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtWLan.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.co.uk/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.tiscali.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: McAfee Popup Blocker - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - c:\program files\mcafee\mps\mcpopup.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6028\SiteAdv.exe
O4 - HKLM\..\Run: [SDTray] C:\Program Files\Spyware Doctor\SDTrayApp.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [Jessops Insert Detect] C:\Program Files\Jessops\Picture Suite\InsDetect.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [DelayShred] "C:\Program Files\McAfee.com\Shredder\SHRED32.EXE" /q C:\DOCUME~1\MANUSM~1\LOCALS~1\TEMPOR~1\Content.SH!
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - https://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - https://acs.pandasoftware.com/actives...ree/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6028\SiteAdv.dll
O18 - Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6028\SAService.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
Silent M is offline  
Old 03-18-2007, 07:59 AM   #11
TSF Security Manager
Emeritus
 
Ried's Avatar

Microsoft Most Valuable Professional
 
Join Date: Jan 2005
Location: Ohio
Posts: 42,837
OS: WinXP Home, Vista, Windows 7 64bit



Hi Silent M,

Your log looks good.

If there aren't any more problems, please continue with these final instructions and helpful links:

Reset hidden/system files and folders
Windows XP
===============
Click Start.
* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View tab.
* Deselect the Show hidden files and folders option.
* Select the Hide file extensions for known types option.
* Select the Hide protected operating system files option.
Click Yes to confirm.
Click OK.

Enable Windows Auto Update
*Go to Start>Run - type wuaucpl.cpl
*Tick on the checkbox - "Automatically download the updates, and install them on the schedule that I specify".
Click on "OK".

Create a new System Restore point
Click Start >> Run - type SYSDM.CPL & press Enter
* Select the System Restore Tab
* Tick on the checkbox - "Turn off System Restore on all drives"
Click Apply
* Then untick the same checkbox & click OK
This will prevent any reinfection from previous restore points.


To help protect your computer in the future I recommend that you get the following free programs if you do not already have them:

McAfee Site Advisor--free version. The folks there check out websites and based on their findings, rate it as Safe, Unknown, Caution, or Bad.

SpywareBlaster 3.5.1 to help prevent spyware from installing in the first place. Install & update SpywareBlaster with the latest definitions. After you have updated, click the button - enable protection for all unprotected items.

Spyware Guard to catch and block spyware before it can execute.

IE-SPYAD.EXE to block access to malicious websites so you cannot be redirected to them from an infected site or email. IE/Spyad places more than 4000 dubious websites and domains in the IE Restricted list. This severely impairs attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites. This is a self-extracting .ZIP file, save it to your desktop. Once downloaded, double-click on it to extract the files inside (default dir is C:\IE-SPYAD)
  • Now navigate to C:\ie-spyad. Double click to open it.
  • From within the folder, double-click install.bat
  • Select Option #2 - Install the new IE-SPYAD list, by typing 2
  • Then return to the main menu.
  • Select option #4 - Add the old porn sites domain, by typing 4

Update all these programs regularly. Without regular updates you will not be protected when new malicious programs are released.

In light of your recent issue, I'm sure you'd like to avoid any future infections. Please take a look at these well written articles:

PC Safety and Security--What Do I Need?

HOW DID I GET INFECTED IN THE FIRST PLACE? by Tony Klein
THE ANTI-SPYWARE TUTORIAL
MAKING INTERNET EXPLORER SAFER
Understanding and Using Firewalls

**Be very wary with any security software that is advertised in popups or in other ways. They are not only usually of no use, but often have malware in them.

-----------------------------------------------------

Follow the list above and the potential for infection will reduce dramatically.
__________________
Member of UNITE since 2006

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Old 03-19-2007, 04:43 PM   #12
Registered Member
 
Join Date: Mar 2007
Posts: 12
OS: Windows 7 Home Premium 64 Bit



Ried,

Thank you very much for your assistance over the last couple of days.

Your help and advice is very much appreciated.

All the best

Silent M
Silent M is offline  
Old 03-19-2007, 08:43 PM   #13
TSF Security Manager
Emeritus
 
Ried's Avatar

Microsoft Most Valuable Professional
 
Join Date: Jan 2005
Location: Ohio
Posts: 42,837
OS: WinXP Home, Vista, Windows 7 64bit



You're welcome.

All the best to you as well, Silent M.
__________________
Member of UNITE since 2006

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Our Time
The paradox of our time in history is that we have taller buildings but shorter tempers, wider freeways, but narrower viewpoints. We spend more but have less, we buy more but enjoy less. We have bigger houses and smaller families, more conveniences, but less time. We have more degrees but...
SPEEDO Offline 7 03-23-2007 02:11 PM
New Spyware or Something
My spysweeper has detected this same thing called CLKOPTIMIZER when i do a spy scan, its quarentines it but then it comes back. I have tried cwblaster, spysweeper, stinger, avast, avg and ewido and no luck. Any suggestions? Here is my hijack log Logfile of HijackThis v1.99.1 Scan saved at 7:33:03...
callie3274 Resolved HJT Threads 25 08-02-2006 08:32 AM
Something slowing down my internet connection
My computer has been running real slow for about a week now, so I called my service provider to figure out the problem. After 10 minutes of not getting anywhere he had me type in nestat -a at the cmd prompt to see how many ports it was listing. I told him it listed 32 of them and he said that's to...
zaboe Resolved HJT Threads 23 04-15-2006 05:34 PM
Multiple xp problems
New member.. first post xp pro sp2 1. no print out of ie... print preview shows blank page 2. Only text emails will print out of Outlook 3. Search in "My computer" and Windows Explorer do not work 4. Windows media player will not open 5. Version does not show up in IE6 Help/About 6....
galefly Resolved HJT Threads 32 03-25-2006 06:48 PM
Computer continually resets, only loads in safe mode
Hi, my computer wont load. it gets as far as teh loading screen, and at the poin where i would expect teh desktop to load, it resets. the only way i can get it running is in safe mode. i have scanned my comp using the newest definitions of my scan programs, but nothing works, here is my log: ...
2eXtreme Inactive Malware Help Topics 37 03-02-2006 11:51 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 11:18 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts