Jump to content

h-26

Members
  • Posts

    20
  • Joined

  • Last visited

Everything posted by h-26

  1. uninstalled IE 8 so back to IE 7 and it's all working fine. do i have to reinstall IE again or will the automatic updates take care of that? anything else i need to do to prevent this sort of thing happening again? i was thinking of dumping mcafee for something else - would you have any recommendations? and should i keep all the software on that you've asked me to download or will i start getting conflicts between them? thanks again for all your advice - you've been soooo helpful !
  2. i have windows internet explorer 7 and 8 listed as installed programs (in add or remove programs), but when i click on either of these there isn't an option to remove or change. tried the add/remove windows components option on left hand side, but this hasn't had any effect.
  3. SP3 install seems to have worked ok. Still have same problem with internet access.
  4. actually it hasn't cured IE! the only way i can internet access is to right click IE icon and select start without add-ons still.
  5. Hi there That seems to have fixed internet explorer, but BT broadband is still shutting. Not a huge problem really. Also, there were some automatic updates waiting to be installed, but they 'could not be installed'. I've listed these below: Update for Windows XP (KB979306) Security Update for Windows XP (KB958470) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB956844) Did we reinstall the SP3 or do i not need to do this?
  6. ESET log: ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=4f301b9eabc72d49b6d292925a57bc8e # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=false # utc_time=2010-03-25 12:18:49 # local_time=2010-03-25 12:18:49 (+0000, GMT Standard Time) # country="United Kingdom" # lang=9 # osver=5.1.2600 NT Service Pack 2 # compatibility_mode=1024 16777175 100 0 291116 291116 0 0 # compatibility_mode=5121 16776613 100 96 2991932 22419450 0 0 # compatibility_mode=8192 67108863 100 0 3931 3931 0 0 # scanned=192608 # found=0 # cleaned=0 # scan_time=5225 still having problems with accessing internet via BT Yahoo - it keeps closing down still. not tried anything else atm as it's time for bed !! thanks for your help with this - it's much appreciated. goodnight! x
  7. got mbam to work! log as follows: Malwarebytes' Anti-Malware 1.44 Database version: 3910 Windows 5.1.2600 Service Pack 2 Internet Explorer 7.0.5730.11 24/03/2010 22:40:33 mbam-log-2010-03-24 (22-40-33).txt Scan type: Quick Scan Objects scanned: 136507 Time elapsed: 8 minute(s), 19 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  8. just had an error on the malwarebytes update: Error code: 732 (0, 0)
  9. found a way to crank up IE so here's the combofix log ComboFix 10-03-23.01 - heather 23/03/2010 18:21:09.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.2046.1330 [GMT 0:00] Running from: c:\documents and settings\heather\Desktop\ComboFix.exe AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Personal Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\heather\Local Settings\Application Data\{F476E718-F83B-4BEE-A8B7-2016291C0745} c:\documents and settings\heather\Local Settings\Application Data\{F476E718-F83B-4BEE-A8B7-2016291C0745}\chrome.manifest c:\documents and settings\heather\Local Settings\Application Data\{F476E718-F83B-4BEE-A8B7-2016291C0745}\chrome\content\_cfg.js c:\documents and settings\heather\Local Settings\Application Data\{F476E718-F83B-4BEE-A8B7-2016291C0745}\chrome\content\overlay.xul c:\documents and settings\heather\Local Settings\Application Data\{F476E718-F83B-4BEE-A8B7-2016291C0745}\install.rdf c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc100.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc101.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc102.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc103.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc104.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc105.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc106.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc107.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc108.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc109.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc10A.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc10B.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc10C.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc10D.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc10E.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc10F.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc110.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc111.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc112.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc113.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc114.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc115.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc116.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc117.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc118.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc119.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc11A.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc11B.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc11C.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc11D.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc11E.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc11F.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc120.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc121.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc122.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc123.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc124.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc125.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc126.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc127.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc128.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc12A.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc12D.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc13.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc132.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc134.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc135.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc136.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc13D.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc141.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc142.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc15.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc150.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc170.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc171.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc18.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc19.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc199.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc19B.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc1B.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc1BB.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc1C.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc1D.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc1E.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc1F.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc20.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc202.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc21.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc22.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc23.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc24.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc249.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc25.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc26.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc27.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc28.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc29.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc2A.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc2B.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc2C.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc2D.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc2E.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc2F.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc30.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc31.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc32.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc33.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc34.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc35.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc36.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc37.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc38.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc39.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc3A.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc3B.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc3C.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc3D.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc3E.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc3F.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc40.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc40E.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc41.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc411.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc42.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc43.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc44.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc45.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc46.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc47.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc48.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc49.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc4A.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc4B.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc4C.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc4D.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc4E.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc4F.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc50.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc51.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc52.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc53.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc54.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc55.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc56.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc57.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc58.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc59.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc5A.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc5B.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc5C.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc5D.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc5E.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc5F.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc60.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc61.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc62.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc63.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc64.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc65.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc66.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc67.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc68.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc69.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc6A.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc6B.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc6C.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc6D.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc6E.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc6F.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc70.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc71.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc72.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc73.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc74.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc75.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc76.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc77.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc78.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc79.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc7A.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc7B.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc7C.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc7D.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc7E.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc7F.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc80.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc81.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc82.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc83.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc84.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc85.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc86.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc87.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc88.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc89.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc8A.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc8B.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc8C.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc8D.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc8E.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc8F.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc90.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc91.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc92.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc93.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc94.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc95.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc96.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc97.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc98.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc99.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc9A.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc9B.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc9C.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc9D.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc9E.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mcc9F.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccA0.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccA1.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccA2.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccA3.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccA4.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccA5.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccA6.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccA7.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccA8.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccA9.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccAA.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccAB.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccAC.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccAD.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccAE.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccAF.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccB0.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccB1.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccB2.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccB3.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccB4.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccB5.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccB6.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccB7.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccB8.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccB9.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccBA.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccBB.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccBC.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccBD.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccBE.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccBF.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccC0.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccC1.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccC2.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccC3.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccC4.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccC5.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccC6.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccC7.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccC8.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccC9.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccCA.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccCB.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccCC.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccCD.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccCE.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccCF.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccD0.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccD1.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccD2.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccD3.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccD4.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccD5.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccD6.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccD7.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccD8.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccD9.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccDA.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccDB.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccDC.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccDD.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccDE.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccDF.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccE0.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccE1.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccE2.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccE3.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccE4.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccE5.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccE6.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccE7.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccE8.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccE9.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccEA.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccEB.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccEC.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccED.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccEE.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccEF.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccF0.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccF1.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccF2.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccF3.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccF4.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccF5.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccF6.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccF7.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccF8.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccF9.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccFA.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccFB.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccFC.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccFD.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccFE.tmp c:\documents and settings\heather\Local Settings\Temporary Internet Files\mccFF.tmp c:\windows\Downloaded Program Files\popcaploader.inf c:\windows\system32\345022866.dat c:\windows\system32\bb1.dat c:\windows\system32\Data c:\windows\system32\hjgruihpmowpap.dat c:\windows\system32\hjgruivhfetchh.dat c:\windows\system32\ps1.dat c:\windows\system32\rc.dat . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_hjgruiijglkayb -------\Service_hjgruiijglkayb ((((((((((((((((((((((((( Files Created from 2010-02-24 to 2010-03-24 ))))))))))))))))))))))))))))))) . 2010-03-22 17:35 . 2010-03-22 17:35 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2010-03-21 15:34 . 2010-03-21 15:34 293376 ----a-w- c:\program files\ozi0x6xe.exe 2010-03-21 15:18 . 2010-03-21 15:18 525824 ----a-w- c:\program files\dds.scr 2010-03-21 15:00 . 2010-03-21 15:00 -------- d-----w- C:\$AVG 2010-03-21 15:00 . 2010-03-22 17:35 242696 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-03-21 15:00 . 2010-03-22 17:35 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-03-21 15:00 . 2010-03-22 17:34 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-03-21 15:00 . 2010-03-24 08:20 -------- d-----w- c:\windows\system32\drivers\Avg 2010-03-21 15:00 . 2010-03-21 15:00 -------- d-----w- c:\program files\AVG 2010-03-21 15:00 . 2010-03-21 15:00 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9 2010-03-21 14:31 . 2010-03-21 14:31 -------- d-----w- c:\windows\system32\wbem\Repository 2010-03-21 11:24 . 2010-03-21 11:24 55184 ----a-w- c:\windows\system32\PxSecure(2).dll 2010-03-21 11:24 . 2010-03-21 14:31 -------- d-----w- c:\program files\Prevx 2010-03-21 11:24 . 2010-03-21 14:30 -------- d-----w- c:\documents and settings\All Users\Application Data\PrevxCSI 2010-03-13 09:05 . 2010-03-13 09:05 -------- d-----w- c:\documents and settings\heather\Local Settings\Application Data\IRIS Software Ltd 2010-03-13 09:04 . 2010-03-13 09:04 -------- d-----w- c:\program files\Microsoft Visual Studio .NET 2003 2010-03-13 09:04 . 2010-03-13 09:04 -------- d-----w- c:\program files\Common Files\Crystal Decisions 2010-03-13 09:04 . 2010-03-18 18:22 -------- d-----w- c:\documents and settings\All Users\Application Data\IRIS Software Ltd 2010-03-13 09:04 . 2010-03-13 09:04 -------- d-----w- c:\program files\IRIS Software Ltd 2010-03-02 18:55 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-24 18:27 . 2008-04-13 16:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Kontiki 2010-03-24 18:24 . 2006-11-17 18:44 -------- d-----w- c:\program files\Dl_cats 2010-03-24 18:03 . 2004-08-10 12:03 78503 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-03-21 14:30 . 2009-02-07 15:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-03-19 17:29 . 2010-02-17 08:49 120 ----a-w- c:\windows\Hwupiholuracanar.dat 2010-03-19 08:45 . 2010-02-17 08:49 0 ----a-w- c:\windows\Ucenukururul.bin 2010-03-10 19:11 . 2009-08-06 17:51 -------- d-----w- c:\program files\LittlewoodsPoker 2010-03-10 19:11 . 2009-08-06 17:51 -------- d-----w- c:\documents and settings\heather\Application Data\LittlewoodsPoker 2010-03-08 18:36 . 2006-03-30 16:16 -------- d-----w- c:\program files\Java 2010-03-04 18:23 . 2009-01-27 18:52 -------- d-----w- c:\program files\InterPoker 2010-02-18 16:19 . 2009-01-18 19:01 -------- d-----w- c:\program files\McAfee 2007-06-25 19:18 . 2007-06-25 19:18 60526 -c--a-w- c:\program files\mozilla firefox\components\jar50.dll 2007-06-25 19:18 . 2007-06-25 19:18 49256 -c--a-w- c:\program files\mozilla firefox\components\jsd3250.dll 2007-06-25 19:18 . 2007-06-25 19:18 166000 -c--a-w- c:\program files\mozilla firefox\components\xpinstal.dll 2007-10-06 14:50 . 2007-10-06 14:50 56 -csh--r- c:\windows\system32\1B9E4B68C9.sys 2009-05-25 09:03 . 2007-02-11 11:19 56 -csh--r- c:\windows\system32\391C1D2BD4.sys 2009-05-25 09:03 . 2007-02-11 11:19 6372 -csha-w- c:\windows\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SetDefaultMIDI"="MIDIDef.exe" [2004-12-22 24576] "Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400] "DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2004-07-19 306688] "kdx"="c:\program files\Kontiki\KHost.exe" [2008-02-27 1032376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 339968] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 139264] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064] "DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-11-01 94208] "CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-09-15 57344] "MBMon"="CTMBHA.DLL" [2005-05-19 1345520] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "VoiceCenter"="c:\program files\Creative\VoiceCenter\AndreaVC.exe" [2005-09-19 1159168] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 110592] "DLCICATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCItime.dll" [2006-02-24 73728] "dlcimon.exe"="c:\program files\Dell AIO Printer 946\dlcimon.exe" [2006-02-14 430080] "YBrowser"="c:\progra~1\Yahoo!\browser\ybrwicon.exe" [2006-07-21 129536] "YOP"="c:\progra~1\Yahoo!\YOP\yop.exe" [2006-08-31 448040] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-09-26 267064] "btbb_McciTrayApp"="c:\program files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe" [2009-09-14 1584640] "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-10-29 1218008] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-09-28 198160] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2005-6-15 1208320] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2010-03-22 17:35 12464 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mferkdk.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YPAGER.EXE"= "c:\\Program Files\\Yahoo!\\Messenger\\yserver.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Kontiki\\KService.exe"= "c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"= R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [21/03/2010 15:00 216200] R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [21/03/2010 15:00 242696] R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [22/03/2010 17:35 308064] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [18/01/2009 20:30 203280] R3 dlci_device;dlci_device;c:\windows\system32\dlcicoms.exe -service --> c:\windows\system32\dlcicoms.exe -service [?] S2 gupdate1ca4020fd98a150;Google Update Service (gupdate1ca4020fd98a150);c:\program files\Google\Update\GoogleUpdate.exe [28/09/2009 09:49 133104] --- Other Services/Drivers In Memory --- *NewlyCreated* - UPLOADMGR [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}] 2009-03-08 03:32 128512 ----a-w- c:\windows\system32\advpack.dll . Contents of the 'Scheduled Tasks' folder 2010-02-18 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 12:34] 2010-03-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-28 09:49] 2010-03-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-28 09:49] 2009-11-15 c:\windows\Tasks\McDefragTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2009-01-18 11:22] 2009-10-01 c:\windows\Tasks\McQcTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2009-01-18 11:22] . . ------- Supplementary Scan ------- . uStart Page = hxxp://bt.yahoo.com uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 mSearch Bar = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = 127.0.0.1 uSearchURL,(Default) = hxxp://uk.search.yahoo.com/search?fr=mcafee&p=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000 Trusted Zone: internet Trusted Zone: mcafee.com DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\heather\Application Data\Mozilla\Firefox\Profiles\juferj17.default\ FF - prefs.js: browser.search.selectedEngine - Google ---- FIREFOX POLICIES ---- FF - user.js: dom.disable_open_during_load - false // Popupblocker control handled by McAfee Privacy Service c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties"); . - - - - ORPHANS REMOVED - - - - HKLM-Run-Stosuhuw - c:\windows\ufetokesiko.dll Notify-dimsntfy - (no file) SafeBoot-mferkdk AddRemove-sunpoker - c:\program files\SunPoker\_SetupPoker[1].exe AddRemove-William Hill Poker - c:\poker\William Hill Poker\_SetupPoker[1].exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-03-24 18:25 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run DLCICATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCItime.dll,_RunDLLEntry@16??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(4332) c:\windows\system32\WININET.dll c:\program files\McAfee\SiteAdvisor\saHook.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\AVG\AVG9\avgchsvx.exe c:\program files\AVG\AVG9\avgrsx.exe c:\program files\AVG\AVG9\avgcsrvx.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe c:\windows\system32\CTsvcCDA.exe c:\program files\Intel\Intel Matrix Storage Manager\iaantmon.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Kontiki\KService.exe c:\program files\AVG\AVG9\avgnsx.exe c:\program files\Common Files\Motive\McciCMService.exe c:\progra~1\McAfee\MSC\mcmscsvc.exe c:\progra~1\COMMON~1\mcafee\mna\mcnasvc.exe c:\progra~1\COMMON~1\mcafee\mcproxy\mcproxy.exe c:\progra~1\McAfee\VIRUSS~1\mcshield.exe c:\program files\McAfee\MPF\MPFSrv.exe c:\program files\McAfee\MSK\MskSrver.exe c:\windows\system32\wdfmgr.exe c:\progra~1\mcafee.com\agent\mcagent.exe c:\windows\stsystra.exe c:\windows\system32\Rundll32.exe c:\docume~1\heather\LOCALS~1\Temp\clclean.0001 c:\windows\system32\rundll32.exe c:\progra~1\Yahoo!\browser\ycommon.exe c:\windows\system32\rundll32.exe c:\program files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe c:\windows\system32\dlcicoms.exe c:\program files\Common Files\InstallShield\UpdateService\agent.exe c:\progra~1\McAfee\VIRUSS~1\mcsysmon.exe c:\progra~1\Yahoo!\YOP\secstat.exe c:\program files\iPod\bin\iPodService.exe c:\windows\system32\taskmgr.exe . ************************************************************************** . Completion time: 2010-03-24 18:36:58 - machine was rebooted ComboFix-quarantined-files.txt 2010-03-24 18:36 Pre-Run: 137,947,705,344 bytes free Post-Run: 138,531,946,496 bytes free WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect Current=3 Default=3 Failed=2 LastKnownGood=5 Sets=1,2,3,5 - - End Of File - - 64085F15912C70D4163206D5CA4D3AF8
  10. checked mcafee and the ufetokesiko.dll file is in quarantine. there is also 5 combofix artemis! files
  11. ok - it looks like i won't be able to post the combofix log at the moment as when i try and get on the internet it's saying it's encountered a problem and needs to close. i also have a yellow shield in the corner telling me it's downloading updates. was it supposed to do this?
  12. the good news is that my pc started up without any error messages and i now have icons and task bar back (hurrah!). combofix started up (of it's own accord) and i now have a log from this which i have posted below. i also had two error message boxes: RUNDLL Error loading C:\Windows\ufetokesiko.dll The specified module could not be found. RUNDLL Error loading CTMBHA.DLL A dynamic link library (DLL) initialization routine failed.
  13. i'm still getting the msls51.dll messages and still no icons or task bar. scan results as follows: -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0: scan report Wednesday, March 24, 2010 Operating system: Microsoft Windows XP Home Edition Service Pack 3 (build 2600) Kaspersky Online Scanner version: 7.0.26.13 Last database update: Tuesday, March 23, 2010 18:34:12 Records in database: 3854749 -------------------------------------------------------------------------------- Scan settings: scan using the following database: extended Scan archives: yes Scan e-mail databases: yes Scan area - File: Scan statistics: Objects scanned: 196544 Threats found: 0 Infected objects found: 0 Suspicious objects found: 0 Scan duration: 02:22:29 No threats found. Scanned area is clean. Selected area has been scanned.
  14. that was everything on the combofix text file. when combofix finished it didn't put the log on screen, just said it needed to reboot. i don't seem to have a C:\Qoobox\quarantine\combofix quarantined files.txt file
  15. combofix.txt log: ComboFix 10-03-23.01 - heather 23/03/2010 18:21:09.1.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.2046.1330 [GMT 0:00] Running from: C:\Documents and Settings\heather\Desktop\ComboFix.exe AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Personal Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} .
  16. i can't get the combofix to download to desktop. every time i try it gets to 99% and then gives me an error message... Cannot copy ComboFix{1}: Access is denied. Make sure the disk is not full or write-protected and that the file is not currently in use. sorry! any ideas how to sort this?
  17. here's the log SystemLook v1.0 by jpshortstuff (11.01.10) Log created at 17:31 on 22/03/2010 by heather (Administrator - Elevation successful) ========== filefind ========== Searching for "msls51.dll" No files found. -=End Of File=- PrevX didn't pick anything up. AVG has given me a message as follows (i can't find out how to copy it!) _ Resident Shield alert Accessed file is infected Threat detected! File name: C:\WINDOWS\system32\uxtheme.dll Threat name: Virus identified Win32/Patched.CK Detected on open. More information about this threat.... _
  18. here's the DDS logs: DDS (Ver_10-03-17.01) - NTFSx86 Run by heather at 15:26:57.40 on 21/03/2010 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17 Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.2046.1298 [GMT 0:00] AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe svchost.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Kontiki\KService.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\svchost.exe -k imgsvc c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\system32\taskmgr.exe C:\PROGRA~1\Yahoo!\browser\ycommon.exe C:\Program Files\Yahoo!\browser\ybrwicon.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\AVG\AVG9\avgwdsvc.exe C:\Program Files\AVG\AVG9\avgnsx.exe C:\Program Files\AVG\AVG9\avgrsx.exe C:\Program Files\AVG\AVG9\avgchsvx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\PROGRA~1\Yahoo!\browser\ybrowser.exe C:\Program Files\McAfee\MSC\mcshell.exe C:\Program Files\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://bt.yahoo.com uSearch Page = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sp/*http://uk.search.yahoo.com/ uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 uWindow Title = Windows Internet Explorer provided by Yahoo! uDefault_Page_URL = hxxp://bt.yahoo.com mSearch Bar = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = 127.0.0.1 uSearchURL,(Default) = hxxp://uk.search.yahoo.com/search?fr=mcafee&p=%s uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll mWinlogon: Shell=Explorer.exe BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\progra~1\yahoo!\common\yiesrvc.dll BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: SidebarAutoLaunch Class: {f2aa9440-6328-4933-b7c9-a6ccdf9cbf6d} - c:\program files\yahoo!\browser\YSidebarIEBHO.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll uRun: [setDefaultMIDI] MIDIDef.exe uRun: [Creative Detector] "c:\program files\creative\mediasource\detector\CTDetect.exe" /R uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [kdx] c:\program files\kontiki\KHost.exe -all mRun: [sigmatelSysTrayApp] stsystra.exe mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe" mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe mRun: [CTSysVol] c:\program files\creative\sbaudigy\surround mixer\CTSysVol.exe /r mRun: [MBMon] Rundll32 CTMBHA.DLL,MBMon mRun: [updReg] c:\windows\UpdReg.EXE mRun: [VoiceCenter] "c:\program files\creative\voicecenter\AndreaVC.exe" /tray mRun: [iSUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE mRun: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent mRun: [DLCICATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCItime.dll,_RunDLLEntry@16 mRun: [dlcimon.exe] "c:\program files\dell aio printer 946\dlcimon.exe" mRun: [YBrowser] c:\progra~1\yahoo!\browser\ybrwicon.exe mRun: [YOP] c:\progra~1\yahoo!\yop\yop.exe /autostart mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [btbb_McciTrayApp] "c:\program files\bt broadband desktop help\btbb\BTHelpNotifier.exe" mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [stosuhuw] rundll32.exe "c:\windows\ufetokesiko.dll",Startup mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe mRunOnce: [*Restore] c:\windows\system32\restore\rstrui.exe -c dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueso~1.lnk - c:\program files\ivt corporation\bluesoleil\BlueSoleil.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office10\EXCEL.EXE/3000 IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partygaming\partypoker\RunApp.exe IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\progra~1\yahoo!\common\yiesrvc.dll IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\common files\microsoft shared\encarta search bar\ENCSBAR.DLL Trusted Zone: internet Trusted Zone: mcafee.com DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - c:\program files\tiscali\tiscali internet\dlls\tiscalifilter.dll Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll Notify: avgrsstarter - avgrsstx.dll mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12 Hosts: 127.0.0.1 www.spywareinfo.com ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\heather\applic~1\mozilla\firefox\profiles\juferj17.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - HiddenExtension: XULRunner: {F476E718-F83B-4BEE-A8B7-2016291C0745} - c:\documents and settings\heather\local settings\application data\{F476E718-F83B-4BEE-A8B7-2016291C0745} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- FF - user.js: dom.disable_open_during_load - false // Popupblocker control handled by McAfee Privacy Service c:\program files\mozilla firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom c:\program files\mozilla firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties"); ============= SERVICES / DRIVERS =============== R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-3-21 333192] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-3-21 28424] R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-3-21 360584] R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2008-10-20 214664] R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-3-21 285392] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-1-18 203280] R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2009-1-18 359952] R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2009-1-18 144704] R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2009-1-18 606736] R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-1-18 79816] R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-1-18 35272] R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-1-18 40552] S2 gupdate1ca4020fd98a150;Google Update Service (gupdate1ca4020fd98a150);c:\program files\google\update\GoogleUpdate.exe [2009-9-28 133104] S3 dlci_device;dlci_device;c:\windows\system32\dlcicoms.exe -service --> c:\windows\system32\dlcicoms.exe -service [?] S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-1-18 34248] =============== Created Last 30 ================ 2010-03-21 15:18:01 525824 ----a-w- c:\program files\dds.scr 2010-03-21 15:00:49 0 d--h--w- C:\$AVG 2010-03-21 15:00:39 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-03-21 15:00:39 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2010-03-21 15:00:33 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-03-21 15:00:25 0 d-----w- c:\windows\system32\drivers\Avg 2010-03-21 15:00:10 0 d-----w- c:\program files\AVG 2010-03-21 15:00:08 0 d-----w- c:\docume~1\alluse~1\applic~1\avg9 2010-03-21 14:31:02 0 d-----w- c:\windows\system32\wbem\Repository 2010-03-21 11:24:59 55184 ----a-w- c:\windows\system32\PxSecure(2).dll 2010-03-21 11:24:57 0 d-----w- c:\program files\Prevx 2010-03-21 11:24:26 0 d-----w- c:\docume~1\alluse~1\applic~1\PrevxCSI 2010-03-13 09:04:08 0 d-----w- c:\program files\common files\Crystal Decisions 2010-03-13 09:04:00 0 d-----w- c:\program files\IRIS Software Ltd 2010-03-13 09:04:00 0 d-----w- c:\docume~1\alluse~1\applic~1\IRIS Software Ltd 2010-03-02 18:55:44 293376 ------w- c:\windows\system32\browserchoice.exe ==================== Find3M ==================== 2009-12-31 16:50:03 353792 ------w- c:\windows\system32\dllcache\srv.sys 2009-12-21 19:14:05 916480 ----a-w- c:\windows\system32\wininet.dll 2007-10-06 14:50:15 56 -csh--r- c:\windows\system32\1B9E4B68C9.sys 2009-07-10 08:33:25 144 -csha-w- c:\windows\system32\345022866.dat 2009-05-25 09:03:35 56 -csh--r- c:\windows\system32\391C1D2BD4.sys 2009-05-25 09:03:44 6372 -csha-w- c:\windows\system32\KGyGaAvL.sys 2008-08-30 12:27:30 32768 -csha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008083020080831\index.dat ============= FINISH: 15:29:18.73 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-03-17.01) Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume2 Install Date: 22/07/2006 10:07:42 System Uptime: 21/03/2010 14:31:32 (1 hours ago) Motherboard: Dell Inc. | | 0FJ030 Processor: Intel® Pentium® 4 CPU 3.00GHz | Microprocessor | 2992/800mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 146 GiB total, 128.733 GiB free. D: is CDROM () E: is CDROM () H: is Removable I: is Removable J: is Removable K: is Removable ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP24: 14/03/2010 09:08:38 - System Checkpoint RP25: 15/03/2010 17:58:01 - System Checkpoint RP26: 17/03/2010 20:35:39 - System Checkpoint RP27: 18/03/2010 20:50:37 - System Checkpoint RP28: 19/03/2010 21:01:08 - System Checkpoint RP29: 21/03/2010 09:37:48 - Restore Operation RP30: 21/03/2010 09:41:27 - Restore Operation RP31: 21/03/2010 09:45:20 - Restore Operation RP32: 21/03/2010 14:30:18 - Restore Operation RP33: 21/03/2010 15:00:08 - Installed AVG Free 9.0 ==== Installed Programs ====================== ABBYY FineReader 6.0 Sprint ActionPoker.com Adobe Flash Player 10 ActiveX Adobe Reader 7.0 Andrea VoiceCenter Apple Mobile Device Support Apple Software Update ARTEuro ATI Control Panel ATI Display Driver AVG Free 9.0 BBC iPlayer Download Manager Betfair Poker BlueSoleil BT Broadband Desktop Help BT Wireless Connection Manager BT Yahoo! Applications CinepPlayer 30 Update Corel Paint Shop Pro X Corel Photo Album 6 Creative MediaSource Dell AIO Printer 946 Dell CinePlayer Dell Driver Reset Tool Dell Media Experience Dell Support 5.0.0 (630) Dell System Restore Digimax Converter Digimax Master Google Chrome Google Toolbar for Firefox Google Update Helper High Definition Audio Driver Package - KB835221 Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976002-v5) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Intel Matrix Storage Manager Intel® PRO Network Connections Drivers Intel® PROSet for Wired Connections InterPoker IRIS Bookkeeping iTunes Jasc Paint Shop Photo Album 5 Jasc Paint Shop Pro Studio, Dell Editon Java 2 Runtime Environment, SE v1.4.2_03 Java 6 Update 17 Java 6 Update 2 Java 6 Update 3 Java 6 Update 5 Java 6 Update 7 Java SE Runtime Environment 6 Update 1 Littlewoods Poker Malwarebytes' Anti-Malware McAfee SecurityCenter MCU Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB953297) Microsoft AutoRoute 2005 Microsoft Digital Image Library 9 - Blocker Microsoft Encarta Encyclopedia Standard 2005 Microsoft Internationalized Domain Names Mitigation APIs Microsoft Money Microsoft National Language Support Downlevel APIs Microsoft Office XP Media Content Microsoft Office XP Standard for Students and Teachers Microsoft Photo Premium 10 Microsoft Picture It! Library 10 Microsoft Visual C++ 2005 Redistributable Microsoft Visual J# .NET Redistributable Package 1.1 Microsoft Word 2002 Microsoft Works Microsoft Works 2005 Setup Launcher Microsoft Works Suite Add-in for Microsoft Word Mozilla Firefox (1.5) MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) OpenOffice.org Installer 1.0 PokerStars Print to Fax QuickTime RealPlayer Roxio DLA Roxio MyDVD LE Roxio RecordNow Audio Roxio RecordNow Copy Roxio RecordNow Data Samsung USB Driver Security Update for Step By Step Interactive Training (KB898458) Security Update for Step By Step Interactive Training (KB923723) Security Update for Windows Internet Explorer 7 (KB928090) Security Update for Windows Internet Explorer 7 (KB929969) Security Update for Windows Internet Explorer 7 (KB931768) Security Update for Windows Internet Explorer 7 (KB933566) Security Update for Windows Internet Explorer 7 (KB937143) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB939653) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 8 (KB969897) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB972260) Security Update for Windows Internet Explorer 8 (KB974455) Security Update for Windows Internet Explorer 8 (KB976325) Security Update for Windows Internet Explorer 8 (KB978207) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows Media Player 9 (KB917734) Security Update for Windows Media Player 9 (KB936782) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978706) Shockwave Sonic Activation Module Sonic Advanced Decoder Sonic Update Manager Sound Blaster Audigy ADVANCED MB Sound Blaster Audigy ADVANCED MB Product Registration SunPoker SunPoker.com Tiscali Internet Update for Windows Internet Explorer 8 (KB968220) Update for Windows Internet Explorer 8 (KB976662) Update for Windows Internet Explorer 8 (KB976749) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Wanadoo Europe Installer WebFldrs XP William Hill Poker Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Media Format Runtime Windows XP Service Pack 3 Works Upgrade ==== Event Viewer Messages From Past Week ======== 18/03/2010 17:48:35, error: Service Control Manager [7022] - The KService service hung on starting. 16/03/2010 23:05:07, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 16/03/2010 22:50:07, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) ==== End Of File =========================== the pc crashed overnight so i don't have anything off the GMER scan. it looked like there was a conflict with my security software(?). is there anything i can do before trying again?
  19. hello kahdah i'm having problems with the GMER scan as it's taken over three hours so far. My CPU usage is at 100%. should I stop it running or continue. I've tried to post the results of the DDS but that froze, so i'm sending this from my laptop. thanks for your help with this!
  20. I am having a problem as follows. When I turn on my pc this error message appears 'this application has failed to start because msls51.dll was not found. Re-installing the application may fix this problem' the windows screen loads up without any icons. I can get to the task manager via ctrl-alt-del and run programs through this, but am repeatedly getting the same error message. I have tried system restore to a point where I know everything was working fine, but this hasn't worked. can anyone help please?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.