Jump to content


Photo

Inertnet Explorer


  • This topic is locked This topic is locked
25 replies to this topic

#1 gil69

gil69

    Member

  • Full Member
  • Pip
  • 25 posts

Posted 04 February 2009 - 03:03 PM

Unable to get internet explorer to work, using firefox browser for the time being. Does anyone have any ideas? :hmmm:

#2 gil69

gil69

    Member

  • Full Member
  • Pip
  • 25 posts

Posted 04 February 2009 - 03:05 PM

I am using microsoft windows XP media center edition

#3 miekiemoes

miekiemoes

    Malware Expert

  • Retired Staff
  • PipPipPipPipPip
  • 20,026 posts

Posted 04 February 2009 - 03:38 PM

Hi,

Please read our Forum FAQ in order to find out what info we need (HijackThislog) so we can help you. Then post the HijackThislog in your next reply.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#4 gil69

gil69

    Member

  • Full Member
  • Pip
  • 25 posts

Posted 06 February 2009 - 04:03 PM

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:02:02 PM, on 2/6/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVW32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft....k/?LinkId=54843
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.myactv.net/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe,
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSScheduler] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [HPHUPD08] "c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe"
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe" /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DriverCure] C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe -scan
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\APCMain.exe -m
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DriveDefender] C:\Program Files\DriveDefender\GDC.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Gil Valdez\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/...UI.cab55579.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfar...etup1.0.1.1.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games Buddy Invite) - http://zone.msn.com/...dy.cab55579.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish...fishActivia.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.s...abs/tgctlsr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.liv...es/MSNPUpld.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/...at.cab55579.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symant...ex/symdlmgr.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (MSN Games Texas Holdem Poker) - http://zone.msn.com/...he.cab79352.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn...ro.cab56649.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games Game Communicator) - http://zone.msn.com/...xy.cab55579.cab
O16 - DPF: {F773E7B2-62A9-4524-9109-87D2F0BEFAA4} (ChessControl Class) - http://zone.msn.com/...rp.cab56961.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: SureThing Labelflash service - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe

--
End of file - 13655 bytes

Okay, hope this helps, thanks again

#5 miekiemoes

miekiemoes

    Malware Expert

  • Retired Staff
  • PipPipPipPipPip
  • 20,026 posts

Posted 06 February 2009 - 04:15 PM

Hi,

* Please visit this webpage for instructions for downloading and running ComboFix:

http://www.bleepingc...to-use-combofix

Post the log from ComboFix in your next reply.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#6 gil69

gil69

    Member

  • Full Member
  • Pip
  • 25 posts

Posted 07 February 2009 - 11:55 PM

ComboFix 09-02-06.04 - Gil Valdez 2009-02-08 0:47:45.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.641 [GMT -5:00]
Running from: c:\documents and settings\Gil Valdez\Desktop\ComboFix.exe
AV: Norton Internet Security *On-access scanning disabled* (Updated)
FW: Norton Internet Security *disabled*
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
c:\documents and settings\LocalService\Application Data\wsnpoem
c:\documents and settings\LocalService\Application Data\wsnpoem\audio.dll
c:\program files\FunWebProducts
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\History\search3
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\program files\videoplugin
c:\program files\videoplugin\Uninstall.exe
C:\resycled
c:\resycled\ntldr.com
c:\windows\dat.txt
c:\windows\IE4 Error Log.txt
c:\windows\system32\drivers\gaopdxksxwtrhn.sys
c:\windows\system32\drivers\gaopdxompjcxmq.sys
c:\windows\system32\drivers\gaopdxpsmrufyy.sys
c:\windows\system32\drivers\gaopdxsbavgmbb.sys
c:\windows\system32\drivers\gaopdxwppqdelq.sys
c:\windows\system32\gaopdxppuagdhd.dll
D:\Autorun.inf
D:\resycled

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_gaopdxserv.sys


((((((((((((((((((((((((( Files Created from 2009-01-08 to 2009-02-08 )))))))))))))))))))))))))))))))
.

2009-02-04 19:34 . 2009-02-04 19:49 <DIR> d-------- c:\documents and settings\Gil Valdez\Application Data\vlc
2009-02-04 19:28 . 2009-02-04 19:28 <DIR> d-------- c:\program files\VideoLAN
2009-02-04 19:27 . 2009-02-04 19:27 <DIR> d-------- c:\program files\AWS
2009-02-04 19:27 . 2009-02-04 19:27 <DIR> d-------- c:\documents and settings\Gil Valdez\Application Data\WeatherBug
2009-01-24 23:02 . 2009-01-24 23:02 268 --ah----- C:\sqmdata19.sqm
2009-01-24 23:02 . 2009-01-24 23:02 244 --ah----- C:\sqmnoopt19.sqm
2009-01-24 16:46 . 2009-01-24 16:46 268 --ah----- C:\sqmdata18.sqm
2009-01-24 16:46 . 2009-01-24 16:46 244 --ah----- C:\sqmnoopt18.sqm
2009-01-23 14:47 . 2009-01-23 14:47 268 --ah----- C:\sqmdata17.sqm
2009-01-23 14:47 . 2009-01-23 14:47 244 --ah----- C:\sqmnoopt17.sqm
2009-01-22 16:07 . 2009-01-22 16:07 280 --ah----- C:\sqmdata16.sqm
2009-01-22 16:07 . 2009-01-22 16:07 244 --ah----- C:\sqmnoopt16.sqm
2009-01-21 16:00 . 2009-01-21 16:00 268 --ah----- C:\sqmdata15.sqm
2009-01-21 16:00 . 2009-01-21 16:00 244 --ah----- C:\sqmnoopt15.sqm
2009-01-20 21:12 . 2009-02-06 17:30 268 --ah----- C:\sqmdata14.sqm
2009-01-20 21:12 . 2009-02-06 17:30 244 --ah----- C:\sqmnoopt14.sqm
2009-01-19 05:55 . 2009-02-06 15:29 268 --ah----- C:\sqmdata13.sqm
2009-01-19 05:55 . 2009-02-06 15:29 244 --ah----- C:\sqmnoopt13.sqm
2009-01-18 13:49 . 2009-01-18 13:49 <DIR> d-------- c:\program files\Common Files\Scanner
2009-01-18 13:49 . 2009-01-18 13:58 <DIR> d-------- c:\program files\CA Yahoo! Anti-Spy
2009-01-17 23:17 . 2009-01-18 14:37 <DIR> d-------- c:\documents and settings\Gil Valdez\Application Data\MSNInstaller
2009-01-17 19:49 . 2009-01-17 19:51 <DIR> d-------- C:\data
2009-01-17 18:14 . 2009-01-17 21:47 <DIR> d-------- c:\program files\CrossLoop
2009-01-17 17:37 . 2009-01-17 17:37 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-11 17:19 . 2009-01-11 17:19 <DIR> d-------- c:\documents and settings\Gil Valdez\Application Data\AVS4YOU
2009-01-11 17:19 . 2009-01-11 17:19 <DIR> d-------- c:\documents and settings\All Users\Application Data\AVS4YOU
2009-01-11 17:17 . 2009-01-11 17:38 <DIR> d-------- c:\program files\Common Files\AVSMedia
2009-01-11 17:17 . 2009-01-11 17:38 <DIR> d-------- c:\program files\AVS4YOU
2009-01-11 17:17 . 2007-02-27 18:36 24,576 --a------ c:\windows\system32\msxml3a.dll
2009-01-11 16:59 . 2009-01-11 16:59 <DIR> d-------- c:\documents and settings\Gil Valdez\Application Data\Apple Computer

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-08 05:46 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-02-08 05:15 --------- d-----w c:\documents and settings\Gil Valdez\Application Data\uTorrent
2009-02-08 04:42 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2009-01-17 23:22 --------- d-----w c:\program files\Yahoo!
2009-01-17 23:22 --------- d-----w c:\program files\Google
2009-01-17 22:37 --------- d-----w c:\program files\Java
2009-01-16 21:56 --------- d-----w c:\documents and settings\All Users\Application Data\Yahoo!
2009-01-16 21:55 --------- d-----w c:\documents and settings\All Users\Application Data\Kodak
2009-01-16 21:48 --------- d-----w c:\program files\Kodak
2009-01-09 03:40 806 ----a-w c:\windows\system32\drivers\SYMEVENT.INF
2009-01-09 03:40 60,808 ----a-w c:\windows\system32\S32EVNT1.DLL
2009-01-09 03:40 124,464 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS
2009-01-09 03:40 10,635 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT
2009-01-09 03:40 --------- d-----w c:\program files\Symantec
2009-01-08 02:46 --------- d-----w c:\program files\QuickTime
2009-01-08 02:45 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2008-12-28 20:26 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-28 20:26 --------- d-----w c:\program files\Ascentive
2008-12-28 20:26 --------- d-----w c:\documents and settings\Gil Valdez\Application Data\InstallShield
2008-12-28 20:07 --------- d-----w c:\program files\Microsoft Silverlight
2008-12-26 21:47 --------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller
2008-12-26 21:47 --------- d-----w c:\program files\Windows Live
2008-12-26 21:44 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
2008-12-22 01:59 --------- d-----w c:\program files\AC3Filter
2008-12-21 23:47 203,776 ----a-w c:\windows\system32\clrviddc.dll
2008-12-21 23:24 --------- d-----w c:\program files\DivX
2008-12-21 22:53 --------- d-----w c:\documents and settings\All Users\Application Data\DriverCure
2008-12-21 22:52 --------- d-----w c:\documents and settings\Gil Valdez\Application Data\DriverCure
2008-12-21 22:50 --------- d-----w c:\documents and settings\All Users\Application Data\Downloaded Installations
2008-12-21 22:03 --------- d-----w c:\program files\Common Files\xing shared
2008-12-21 22:03 --------- d-----w c:\program files\Common Files\Real
2008-12-13 06:40 3,593,216 ------w c:\windows\system32\dllcache\mshtml.dll
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-11 10:57 333,952 ------w c:\windows\system32\dllcache\srv.sys
2008-11-21 21:47 524,288 ----a-w c:\windows\system32\DivXsm.exe
2008-11-21 21:47 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll
2008-11-21 21:46 200,704 ----a-w c:\windows\system32\ssldivx.dll
2008-11-21 21:46 1,044,480 ----a-w c:\windows\system32\libdivx.dll
2008-11-21 21:44 161,096 ----a-w c:\windows\system32\DivXCodecVersionChecker.exe
2008-11-21 21:44 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll
2008-10-06 19:27 976 -c--a-w c:\documents and settings\Gil Valdez\Application Data\wklnhst.dat
2008-07-11 05:05 251 ----a-w c:\program files\wt3d.ini
2007-07-26 23:02 389,120 ----a-w c:\documents and settings\Gil Valdez\GoToAssist_phone__268_en.exe
2008-09-04 23:30 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008090420080905\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"OM_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master\Monitor.exe" [2006-05-16 57344]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-10-22 2363392]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"Weather"="c:\program files\AWS\WeatherBug\Weather.exe" [2007-08-29 1347584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 49152]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-12-21 185872]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-17 136600]
"RCSystem"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 49152]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2007-08-24 714608]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"ISUSScheduler"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" [2004-08-09 81920]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-28 221184]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-09-21 1605740]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"CTSysVol"="c:\program files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe" [2005-02-15 57344]
"CTDVDDET"="c:\program files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE" [2003-06-18 45056]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"CTHelper"="CTHELPER.EXE" [2005-06-18 c:\windows\CTHELPER.EXE]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 c:\windows\arpwrmsg.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-13 c:\windows\system32\narrator.exe]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 282624]
Updates from HP.lnk - c:\program files\Updates from HP\9972322\Program\Updates from HP.exe [2005-11-10 36903]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.MJPG"= pvmjpg21.dll
"msacm.ac3filter"= ac3filter.acm

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WebrootSpySweeperService"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8097:TCP"= 8097:TCP:*:Disabled:EarthLink UHP Modem Support

R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [2007-08-25 149352]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-09-03 99376]
S3 ATICXCAP;ATI TV Wonder Pro A/V Capture;c:\windows\system32\drivers\aticxcap.sys [2006-01-27 173824]
S3 ATICXTUN;ATI TV Wonder Pro Tuner (Philips 1236 MK3);c:\windows\system32\drivers\aticxtun.sys [2006-01-27 29184]
S3 ATICXXBR;ATI TV Wonder Pro A/V Crossbar;c:\windows\system32\drivers\aticxxbr.sys [2006-01-27 9088]
S3 BW2NDIS5;BW2NDIS5;c:\windows\system32\Drivers\BW2NDIS5.sys --> c:\windows\system32\Drivers\BW2NDIS5.sys [?]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2007-05-29 23888]
S3 SureThing Labelflash service;SureThing Labelflash service;c:\program files\Common Files\SureThing Shared\stllssvr.exe [2008-07-17 74384]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - COMHOST

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder

2009-02-07 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - Gil Valdez.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-08-26 20:19]
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
HKCU-Run-DriverCure - c:\program files\ParetoLogic\DriverCure\DriverCure.exe
HKCU-Run-Performance Center - c:\program files\Ascentive\Performance Center\APCMain.exe
HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKLM-Run-SpySweeper - c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe


.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.myactv.net/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Gil Valdez\Start Menu\Programs\IMVU\Run IMVU.lnk
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/WebfettiInitialSetup1.0.1.1.cab
FF - ProfilePath - c:\documents and settings\Gil Valdez\Application Data\Mozilla\Firefox\Profiles\3umsc8qi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-dyc&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-dyc&p=
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.1.0.21115.0.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-08 00:50:22
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(804)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-02-08 0:52:01
ComboFix-quarantined-files.txt 2009-02-08 05:51:39

Pre-Run: 158,061,166,592 bytes free
Post-Run: 158,161,760,256 bytes free

248 --- E O F --- 2009-01-15 08:04:53

#7 miekiemoes

miekiemoes

    Malware Expert

  • Retired Staff
  • PipPipPipPipPip
  • 20,026 posts

Posted 08 February 2009 - 08:08 AM

Hi,

* Go to start > run and copy and paste next command in the field:

ComboFix /u

Make sure there's a space between Combofix and /
Then hit enter.

This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.

Let me know in your next reply how things are now.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#8 gil69

gil69

    Member

  • Full Member
  • Pip
  • 25 posts

Posted 08 February 2009 - 03:45 PM

Did as requested, start up appears to be much faster and I have not had to restart the computer which was due to freezing up during start up. But I am still not able to launch internet explorer, still using firefox browser, which I don't like so much, but at least I am able to get on the net. Do you have any other ideas as to why this may be happening??? Do appreciate all your help, thanks!

#9 miekiemoes

miekiemoes

    Malware Expert

  • Retired Staff
  • PipPipPipPipPip
  • 20,026 posts

Posted 08 February 2009 - 04:03 PM

Hi,

First of all,check and fix next entries in HijackThis, because even though it looks legitimate, it's a weird setting and *may explain your problem:

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.myactv.net/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0

Although, it would be easier if you explained what exact error you get when you try to run IE.
Anyway, try above first (make sure IE is closed). Then try to relaunch IE.
If no difference..

Another cause could be your Norton Internet Security. I've seen this quite frequently that Norton interferes with IE / blocks it if not properly configured. Please temporary uninstall your Norton Internet Security. Then reboot. This is needed to properly troubleshoot, this to eliminate potential causes.
After reboot, test if IE works.
Let me know.
If not, don't reinstall Norton yet, but let me know what exactly happens when you try to launch IE.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#10 gil69

gil69

    Member

  • Full Member
  • Pip
  • 25 posts

Posted 08 February 2009 - 06:29 PM

Done all that was suggested but IE will still not launch. The only thing I can tell you is that I click on the icon for IE and then there is about a 1 second flash of the screen wanting to pop up but then it doesn't. I don't get any kind of error to give me a reason why this is happening.

#11 miekiemoes

miekiemoes

    Malware Expert

  • Retired Staff
  • PipPipPipPipPip
  • 20,026 posts

Posted 09 February 2009 - 03:00 AM

Hi,

Can you post a new HijackThislog please?

Also, even though it wasn't dislayed in your logs that a debugger is present, it won't hurt to create and merge the following regfix anyway..

Open notepad and copy and paste next present in the quotebox below in it:
(don't forget to copy and paste REGEDIT4)

REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iexplore.exe]

Save this as fix.reg Choose to save as *all files and place it on your desktop.
It should look like this: Posted Image
Doubleclick on it and when it asks you if you want to merge the contents to the registry, click yes/ok.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#12 gil69

gil69

    Member

  • Full Member
  • Pip
  • 25 posts

Posted 09 February 2009 - 04:45 PM

Okay here is the new log, but I am afraid I could not get the other instructions and was unable to preform the fix you requested.Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:41:36 PM, on 2/9/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ISUSScheduler] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [HPHUPD08] "c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe"
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe" /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - S-1-5-18 Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Gil Valdez\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/...UI.cab55579.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfar...etup1.0.1.1.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games Buddy Invite) - http://zone.msn.com/...dy.cab55579.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish...fishActivia.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.s...abs/tgctlsr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.liv...es/MSNPUpld.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/...at.cab55579.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symant...ex/symdlmgr.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (MSN Games Texas Holdem Poker) - http://zone.msn.com/...he.cab79352.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn...ro.cab56649.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games Game Communicator) - http://zone.msn.com/...xy.cab55579.cab
O16 - DPF: {F773E7B2-62A9-4524-9109-87D2F0BEFAA4} (ChessControl Class) - http://zone.msn.com/...rp.cab56961.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: SureThing Labelflash service - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe

--
End of file - 12374 bytes

#13 miekiemoes

miekiemoes

    Malware Expert

  • Retired Staff
  • PipPipPipPipPip
  • 20,026 posts

Posted 09 February 2009 - 05:00 PM

Hi,

* Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Gil Valdez\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfar...etup1.0.1.1.cab
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe


* Click on Fix Checked when finished and exit HijackThis.
Make sure your Internet Explorer is closed when you click Fix Checked!

Then reboot.

but I am afraid I could not get the other instructions and was unable to preform the fix you requested

Please explain why. If something didn't work, it's a great idea to tell me what didn't work. If you got an error or what went wrong. After all, the more info you give me, the better I can help you.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#14 gil69

gil69

    Member

  • Full Member
  • Pip
  • 25 posts

Posted 09 February 2009 - 07:15 PM

Have done all the following, but still no success. :weep: Everything works fine but IE still will not launch. I click On the icon and I get the same as before, a 1 second flash of a screen and that's it. I wish I could give you more info.

Edited by gil69, 09 February 2009 - 08:33 PM.


#15 miekiemoes

miekiemoes

    Malware Expert

  • Retired Staff
  • PipPipPipPipPip
  • 20,026 posts

Posted 10 February 2009 - 12:44 AM

Ok, try to launch IE in no-addons mode to see if that works..

To run Internet Explorer 7 without Add-ons, rightclick the IE7 icon present on your desktop and select: "Start without Add-ons"

Posted Image

In case that option is not present there, go to start > All Programs > Accessories > System Tools > Internet Explorer (No Add-ons)

Posted Image

This will start Internet Explorer 7 in the No-Add ons mode. This means that toolbars and Browser Helper Objects will be disabled.
So if your problem is solved when you use the No-Add on mode, this means that one of your Add ons is causing this.
Let me know if your problem is solved in the No-Add on mode.

Also, did you do the step with the fix.reg I posted previously? Because you said before that you didn't perform it. I asked you more explanation why.. but I still didn't receive an answer yet about that. This makes it extra confusing since I don't know what worked or not. I can't properly troubleshoot if the feedback is incomplete.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#16 gil69

gil69

    Member

  • Full Member
  • Pip
  • 25 posts

Posted 10 February 2009 - 03:00 PM

Okay, sorry about the lack of info. At this point I have been able to follow all the requested steps, including yesterdays fix. It did merge successfully with registry but still have the same problem IE will not launch.

#17 miekiemoes

miekiemoes

    Malware Expert

  • Retired Staff
  • PipPipPipPipPip
  • 20,026 posts

Posted 10 February 2009 - 03:08 PM

Did you try to launch IE in the no add-ons mode?

Also, what happens if you try to launch the file C:\Program Files\Internet Explorer\iexplore.exe ?
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#18 gil69

gil69

    Member

  • Full Member
  • Pip
  • 25 posts

Posted 10 February 2009 - 05:33 PM

Yes, I've tried running IE as suggested but neither one of the above have been successful. IE will not launch, same as explained before, 1 second flash of screen then nothing.

Edited by gil69, 10 February 2009 - 05:36 PM.


#19 gil69

gil69

    Member

  • Full Member
  • Pip
  • 25 posts

Posted 10 February 2009 - 05:47 PM

Just found this, not entirely sure what this could mean, but I found a file that says; iedw IE Crash Detection Microsoft Corp. but the message will not open.

#20 miekiemoes

miekiemoes

    Malware Expert

  • Retired Staff
  • PipPipPipPipPip
  • 20,026 posts

Posted 10 February 2009 - 06:00 PM

Ok,

Try the following..

reset Internet Explorer settings.
See here how to do this: http://support.micro...n...p;x=10&y=11

If that didn't work, then, first make sure iexplore.exe is not running. So check taskmanager under the running processes and end iexplore.exe if running. Note, do NOT confuse this with explorer.exe, because this is a different process.
Then,

Click Start, click Run, type cmd, and then click OK.
At the command prompt, type the following commands (exactly as shown below):
cd "%programfiles%\Internet Explorer" <hit enter>
regsvr32 IEProxy.dll
Then you should get a message that Dllregisterserver in IEProxy.dll was succeeded (or something similar).
Then exit the command prompt.

Please give feedback what worked or didn't work.
Although the second solution should be covered in the first solution already (RIES), since files get reregistered anyway.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#21 gil69

gil69

    Member

  • Full Member
  • Pip
  • 25 posts

Posted 10 February 2009 - 07:05 PM

I received the following responses for said input: cd "%programfiles%\Internet Explorer" <hit enter>
regsvr32 IEProxy.dll filename, directoryname, or volume label syntax is incorrect. Not recognized as an internal or external command, operable program or batch file. Also resetting IE did not work either.

#22 miekiemoes

miekiemoes

    Malware Expert

  • Retired Staff
  • PipPipPipPipPip
  • 20,026 posts

Posted 10 February 2009 - 07:17 PM

Looks like something got really damaged here.
What I suggest is, please try to reinstall IE7 again.
What you can also do is to install IE8 instead, however, keep in mind that this is still a beta.
If either didn't work/solved it, then there's a lot more being damaged than only IE. After all, malware damages a lot and you were dealing with some really nasty pieces of malware here.
In that case, I suggest a Windows repair install if none of above suggestions worked.
http://www.michaelst...pairinstall.htm
This won't delete your data, but I suggest you make a backup before anyway.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#23 gil69

gil69

    Member

  • Full Member
  • Pip
  • 25 posts

Posted 10 February 2009 - 08:39 PM

reinstalling IE7 did it!!!! :thumbup: Thanks so much for all your help and for being so patient with me. you definitely are very good at this and full of ideas! Wish I could think like that. THANKS AGAIN!!!! :lol:

#24 gil69

gil69

    Member

  • Full Member
  • Pip
  • 25 posts

Posted 10 February 2009 - 08:40 PM

:thumbup:

#25 miekiemoes

miekiemoes

    Malware Expert

  • Retired Staff
  • PipPipPipPipPip
  • 20,026 posts

Posted 11 February 2009 - 12:45 AM

Good to hear. :)

By the way, please also change your passwords, because the malware you were dealing with previously collected them, so they may be known.

Also,

Please read my Prevention page with lots of info and tips how to prevent this in the future.
And if you want to improve speed/system performance after malware removal, take a look here.
Extra note: Make sure your programs are up to date - because older versions may contain Security Leaks. To find out what programs need to be updated, please run the Secunia Software Inspector Scan.

Happy Surfing again! :)
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#26 miekiemoes

miekiemoes

    Malware Expert

  • Retired Staff
  • PipPipPipPipPip
  • 20,026 posts

Posted 17 February 2009 - 08:59 AM

Since the issue appears to be resolved this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.




Member of UNITE
Support SpywareInfo Forum - click the button