Jump to content

goldie

Honorary Members
 View Profile  See their activity

  • Posts

    24

  • Joined

  • Last visited

Reputation

0 Neutral
  1. goldie
    Hi mate. Just uninstalled & reinstalled firefox & it has done the trick. Thanks for all ur help. U can close the topic thanks again
  2. goldie
    keeps comming up this error Microsoft Windows XP [Version 5.1.2600] © Copyright 1985-2001 Microsoft Corp. C:\Documents and Settings\user>tasklist/svc 'tasklist' is not recognized as an internal or external command, operable program or batch file. C:\Documents and Settings\user>cd| The syntax of the command is incorrect. C:\Documents and Settings\user>cd\ C:\>tasklist/svc 'tasklist' is not recognized as an internal or external command, operable program or batch file. C:\>cd windows C:\WINDOWS>tasklist/svc 'tasklist' is not recognized as an internal or external command, operable program or batch file. C:\WINDOWS>tasklist/svc 'tasklist' is not recognized as an internal or external command, operable program or batch file. C:\WINDOWS>cd\ C:\>tasklist 'tasklist' is not recognized as an internal or external command, operable program or batch file. C:\>
  3. goldie
    Sorry to be a pain mate. I ve done the new scan but still the prob here is the log Malwarebytes' Anti-Malware 1.34 Database version: 1778 Windows 5.1.2600 Service Pack 3 19/02/2009 10:51:48 mbam-log-2009-02-19 (10-51-48).txt Scan type: Quick Scan Objects scanned: 81045 Time elapsed: 10 minute(s), 40 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  4. goldie
    Are U still there to help please
  5. goldie
    I Uninstalled all of them but still have the same problem
  6. goldie
    PC IS Behaving Fine. IE Home Page is fine its only in firefox maybe i should uninstall & reinstall firefox
  7. goldie
    ok did all that here r the reports online scan report KASPERSKY ONLINE SCANNER 7 REPORT Sunday, February 15, 2009 Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Friday, February 13, 2009 17:21:08 Records in database: 1793226 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ I:\ J:\ Scan statistics: Files scanned: 86073 Threat name: 1 Infected objects: 1 Suspicious objects: 0 Duration of the scan: 02:03:04 File name / Threat name / Threats count C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Outlook\OutlookHotmail-00000003.pst Infected: Trojan.JS.Redirector.b 1 The selected area was scanned. HJT log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:59:53, on 15/02/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\common files\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TVersity\Media Server\MediaServer.exe C:\Program Files\VIA\RAID\vialogsv.exe C:\Program Files\Live Mesh\Remote Desktop\wlcrasvc.exe C:\WINDOWS\Explorer.EXE c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Java\jre6\bin\java.exe c:\PROGRA~1\mcafee\msc\mcuimgr.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.search.yahoo.com/search?fr=mcafee&p=%s O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll O2 - BHO: McAfee Phishing Filter - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll O2 - BHO: (no name) - {5c255c8a-e604-49b4-9d64-90988571cecb} - (no file) O2 - BHO: Search Helper - {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: del.icio.us Toolbar Helper - {7AA07AE6-01EF-44EC-93CA-9D7CD41CCDB6} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Windows Live Sign-in Helper - {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMin1.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMin1.dll O3 - Toolbar: del.icio.us - {981FE6A8-260C-4930-960F-C3BC82746CB0} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - (no file) O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: LaunchU3.exe.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: Blog This - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780b25-18cc-41c8-b9be-3c9c571a8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/OnlineScanner.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1141679236031 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: !saswinlogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O20 - Winlogon Notify: wlcrdplauncher - C:\Program Files\Live Mesh\Remote Desktop\wlcrdplauncher.dll O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe -- End of file - 11476 bytes
  8. goldie
    hi there sorry for the delay, i ve been ill Hrere are the logs Dr Web Log data002;C:\Documents and Settings\user\Desktop;Archive contains infected objects;; ComboFix.exe;C:\Documents and Settings\user\Desktop;Container contains infected objects;Moved.; HoldEmSetup-dm[1].exe;C:\Downloads;Adware.TryMedia;Incurable.Deleted.; SpWizard.exe;C:\Program Files\WinRAR\Setup&CabPacker;Trojan.Click.17167;Deleted.; A0000208.exe;C:\System Volume Information\_restore{21257B34-F143-460A-89C1-8999DCDC75FD}\RP3;Trojan.Click.17167;Deleted.; kanye west - love locked down .mp3;E:\Music;Trojan.WMALoader;Cured.; HJT LOg Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:01:43, on 12/02/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\common files\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TVersity\Media Server\MediaServer.exe C:\Program Files\VIA\RAID\vialogsv.exe C:\Program Files\Live Mesh\Remote Desktop\wlcrasvc.exe C:\WINDOWS\Explorer.EXE c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.search.yahoo.com/search?fr=mcafee&p=%s O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll O2 - BHO: McAfee Phishing Filter - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll O2 - BHO: (no name) - {5c255c8a-e604-49b4-9d64-90988571cecb} - (no file) O2 - BHO: Search Helper - {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: del.icio.us Toolbar Helper - {7AA07AE6-01EF-44EC-93CA-9D7CD41CCDB6} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Windows Live Sign-in Helper - {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMin1.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program Files\Mininova\tbMin1.dll O3 - Toolbar: del.icio.us - {981FE6A8-260C-4930-960F-C3BC82746CB0} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - (no file) O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: LaunchU3.exe.lnk = ? O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: Blog This - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780b25-18cc-41c8-b9be-3c9c571a8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/OnlineScanner.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1141679236031 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\siteadvisor\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: !saswinlogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O20 - Winlogon Notify: wlcrdplauncher - C:\Program Files\Live Mesh\Remote Desktop\wlcrdplauncher.dll O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe -- End of file - 11504 bytes Still Keeps up comming with same site as my home add
  9. goldie
    ok done all that attatched is the log file gmerlog.zip gmerlog.zip
  10. goldie
    Hi Here are the logs Combofix ComboFix 09-02-06.01 - user 2009-02-06 19:52:54.3 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1471.848 [GMT 0:00] Running from: c:\documents and settings\user\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\user\Desktop\CFscript.txt AV: McAfee VirusScan *On-access scanning disabled* (Updated) FW: McAfee Personal Firewall *enabled* * Created a new restore point FILE :: c:\documents and settings\Guest\p3pp0s_conf.dat c:\windows\system32\fz_32.dll c:\windows\system32\fz32.dll c:\windows\system32\lqdado.dll c:\windows\system32\wsg_32.dll . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Guest\p3pp0s_conf.dat c:\windows\system32\fz_32.dll c:\windows\system32\fz32.dll c:\windows\system32\lqdado.dll c:\windows\system32\wsg_32.dll . ((((((((((((((((((((((((( Files Created from 2009-01-06 to 2009-02-06 ))))))))))))))))))))))))))))))) . 2009-01-30 00:00 . 2009-02-06 19:59 218 --a------ c:\windows\system32\tversity.cookies 2009-01-29 20:03 . 2009-01-29 20:05 250 --a------ c:\windows\gmer.ini 2009-01-24 18:48 . 2009-01-24 18:51 <DIR> d-------- c:\program files\EsetOnlineScanner 2009-01-22 10:58 . 2009-01-22 10:57 410,984 --a------ c:\windows\system32\deploytk.dll 2009-01-22 10:58 . 2009-01-22 10:57 73,728 --a------ c:\windows\system32\javacpl.cpl 2009-01-22 10:57 . 2009-01-22 10:57 <DIR> d-------- c:\program files\Java 2009-01-21 21:15 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll 2009-01-21 21:15 . 2009-01-21 21:15 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf 2009-01-21 21:15 . 2009-01-21 21:15 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf 2009-01-21 21:13 . 2008-09-15 07:29 1,112,288 --a------ c:\windows\system32\wdfcoinstaller01007.dll 2009-01-21 21:13 . 2008-09-15 07:56 659,968 --a------ c:\windows\system32\nmwcdcocls.dll 2009-01-21 21:13 . 2008-09-15 07:56 22,016 --a------ c:\windows\system32\drivers\ccdcmbo.sys 2009-01-21 21:13 . 2008-09-15 07:56 17,664 --a------ c:\windows\system32\drivers\ccdcmb.sys 2009-01-21 21:13 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerfltj.sys 2009-01-21 21:13 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys 2009-01-21 21:12 . 2008-02-01 15:17 138,112 --a------ c:\windows\system32\drivers\nmwcdnsu.sys 2009-01-21 21:12 . 2008-02-01 15:17 8,320 --a------ c:\windows\system32\drivers\nmwcdnsuc.sys 2009-01-21 21:11 . 2009-01-21 21:11 <DIR> d-------- c:\program files\Common Files\Nokia 2009-01-17 19:10 . 2009-01-17 19:10 <DIR> d-------- c:\documents and settings\user\Application Data\TomTom 2009-01-16 21:18 . 2009-01-16 21:18 <DIR> d-------- c:\program files\Trend Micro 2009-01-16 18:00 . 2009-01-16 18:00 <DIR> d-------- c:\program files\Microsoft ActiveSync 2009-01-16 17:57 . 2009-01-16 17:57 <DIR> d-------- c:\program files\Windows Mobile Device Handbook 2009-01-13 21:22 . 2009-01-19 18:52 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-01-13 21:22 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-01-13 21:22 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-01-09 22:26 . 2009-01-12 18:34 <DIR> d-------- c:\documents and settings\user\Tracing 2009-01-09 21:41 . 2009-01-09 21:41 <DIR> d-------- c:\program files\Microsoft Office Outlook Connector 2009-01-09 21:41 . 2008-12-08 17:01 55,136 --a------ c:\windows\system32\drivers\fssfltr_tdi.sys 2009-01-09 21:22 . 2009-01-09 21:22 <DIR> d-------- c:\program files\Microsoft Sync Framework 2009-01-09 21:13 . 2009-01-09 21:13 <DIR> d-------- c:\program files\Windows Live SkyDrive 2009-01-09 21:13 . 2009-01-09 21:41 <DIR> d-------- c:\program files\Microsoft 2009-01-09 18:08 . 2009-01-09 18:08 <DIR> d-------- c:\program files\Microsoft Works 2009-01-09 18:05 . 2009-01-09 18:05 <DIR> d-------- c:\program files\Microsoft.NET 2009-01-09 17:56 . 2009-01-09 17:56 <DIR> d-------- c:\program files\Common Files\Windows Live 2009-01-09 17:52 . 2009-01-09 17:52 <DIR> d-------- c:\program files\Microsoft Visual Studio 8 2009-01-09 17:50 . 2009-01-16 17:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-01-07 20:28 . 2009-01-07 20:28 2 --a------ C:\-857030512 2009-01-07 12:56 . 2009-01-07 13:00 <DIR> d-------- c:\program files\Common Files\Nero . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-02 11:50 --------- d-----w c:\documents and settings\user\Application Data\Azureus 2009-01-29 20:24 --------- d-----w c:\program files\Microsoft Small Business 2009-01-28 18:36 --------- d-----w c:\program files\Azureus 2009-01-22 21:40 --------- d-----w c:\program files\SUPERAntiSpyware 2009-01-22 19:30 --------- d-----w c:\program files\Yahoo! 2009-01-22 19:30 --------- d-----w c:\program files\Windows Live Safety Center 2009-01-22 19:29 --------- d-----w c:\documents and settings\user\Application Data\UpdateStar 2009-01-22 19:26 --------- d-----w c:\program files\Sony 2009-01-22 19:26 --------- d-----w c:\program files\Google 2009-01-21 21:13 --------- d-----w c:\program files\Nokia 2009-01-21 21:13 --------- d-----w c:\documents and settings\All Users\Application Data\Installations 2009-01-21 21:04 --------- d-----w c:\documents and settings\user\Application Data\PC Suite 2009-01-13 21:24 --------- d-----w c:\documents and settings\user\Application Data\LimeWire 2009-01-13 21:18 --------- d-----w c:\program files\nLite 2009-01-13 20:52 --------- d-----w c:\program files\CCleaner 2009-01-09 21:41 --------- d-----w c:\program files\Windows Live 2009-01-09 21:22 --------- d-----w c:\program files\Windows Live Toolbar 2009-01-09 18:08 --------- d-----w c:\program files\MSBuild 2009-01-08 18:46 --------- d-----w c:\program files\Microsoft SQL Server 2009-01-08 18:39 --------- d-----w c:\program files\SimpleCenter 2009-01-08 18:37 --------- d-----w c:\program files\DivX 2009-01-08 18:37 --------- d-----w c:\program files\CachemanXP 2009-01-08 18:37 --------- d-----w c:\documents and settings\user\Application Data\DivX 2009-01-07 13:01 --------- d-----w c:\documents and settings\user\Application Data\Nero 2009-01-07 12:56 --------- d-----w c:\program files\Nero 2009-01-04 16:46 --------- d-----w c:\program files\mkv2vob 2009-01-04 00:45 --------- d-----w c:\program files\Good 2009-01-01 23:01 --------- d-----w c:\program files\Newspaper Delivery 2008-12-27 20:57 --------- d-----w c:\program files\BitLord 2008-12-25 14:36 --------- d-----w c:\program files\Haali 2008-12-25 14:31 --------- d-----w c:\program files\TVersity Codec Pack 2008-12-25 14:31 --------- d-----w c:\program files\ffdshow 2008-12-25 13:30 --------- d-----w c:\program files\Common Files\Wise Installation Wizard 2008-12-22 20:07 --------- d-----w c:\documents and settings\user\Application Data\U3 2008-12-21 12:09 --------- d-----w c:\documents and settings\user\Application Data\NeroDigital
  11. goldie
    H i I am trying to get regbooks, but it says it can not find the web page?
  12. goldie
    mbam log Malwarebytes' Anti-Malware 1.33 Database version: 1702 Windows 5.1.2600 Service Pack 3 28/01/2009 18:22:44 mbam-log-2009-01-28 (18-22-44).txt Scan type: Quick Scan Objects scanned: 73785 Time elapsed: 10 minute(s), 5 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Combofix Log ComboFix 09-02-02.04 - user 2009-02-03 18:58:59.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1471.939 [GMT 0:00] Running from: c:\documents and settings\user\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\user\Desktop\CFscript.txt AV: McAfee VirusScan *On-access scanning disabled* (Updated) FW: McAfee Personal Firewall *enabled* * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2009-01-03 to 2009-02-03 ))))))))))))))))))))))))))))))) . 2009-01-30 00:00 . 2009-02-03 19:05 218 --a------ c:\windows\system32\tversity.cookies 2009-01-29 20:03 . 2009-01-29 20:05 250 --a------ c:\windows\gmer.ini 2009-01-24 18:48 . 2009-01-24 18:51 <DIR> d-------- c:\program files\EsetOnlineScanner 2009-01-22 10:58 . 2009-01-22 10:57 410,984 --a------ c:\windows\system32\deploytk.dll 2009-01-22 10:58 . 2009-01-22 10:57 73,728 --a------ c:\windows\system32\javacpl.cpl 2009-01-22 10:57 . 2009-01-22 10:57 <DIR> d-------- c:\program files\Java 2009-01-21 21:15 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll 2009-01-21 21:15 . 2009-01-21 21:15 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf 2009-01-21 21:15 . 2009-01-21 21:15 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf 2009-01-21 21:13 . 2008-09-15 07:29 1,112,288 --a------ c:\windows\system32\wdfcoinstaller01007.dll 2009-01-21 21:13 . 2008-09-15 07:56 659,968 --a------ c:\windows\system32\nmwcdcocls.dll 2009-01-21 21:13 . 2008-09-15 07:56 22,016 --a------ c:\windows\system32\drivers\ccdcmbo.sys 2009-01-21 21:13 . 2008-09-15 07:56 17,664 --a------ c:\windows\system32\drivers\ccdcmb.sys 2009-01-21 21:13 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerfltj.sys 2009-01-21 21:13 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys 2009-01-21 21:12 . 2008-02-01 15:17 138,112 --a------ c:\windows\system32\drivers\nmwcdnsu.sys 2009-01-21 21:12 . 2008-02-01 15:17 8,320 --a------ c:\windows\system32\drivers\nmwcdnsuc.sys 2009-01-21 21:11 . 2009-01-21 21:11 <DIR> d-------- c:\program files\Common Files\Nokia 2009-01-17 19:10 . 2009-01-17 19:10 <DIR> d-------- c:\documents and settings\user\Application Data\TomTom 2009-01-16 21:18 . 2009-01-16 21:18 <DIR> d-------- c:\program files\Trend Micro 2009-01-16 18:00 . 2009-01-16 18:00 <DIR> d-------- c:\program files\Microsoft ActiveSync 2009-01-16 17:57 . 2009-01-16 17:57 <DIR> d-------- c:\program files\Windows Mobile Device Handbook 2009-01-13 21:22 . 2009-01-19 18:52 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-01-13 21:22 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-01-13 21:22 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-01-09 22:26 . 2009-01-12 18:34 <DIR> d-------- c:\documents and settings\user\Tracing 2009-01-09 21:41 . 2009-01-09 21:41 <DIR> d-------- c:\program files\Microsoft Office Outlook Connector 2009-01-09 21:41 . 2008-12-08 17:01 55,136 --a------ c:\windows\system32\drivers\fssfltr_tdi.sys 2009-01-09 21:22 . 2009-01-09 21:22 <DIR> d-------- c:\program files\Microsoft Sync Framework 2009-01-09 21:13 . 2009-01-09 21:13 <DIR> d-------- c:\program files\Windows Live SkyDrive 2009-01-09 21:13 . 2009-01-09 21:41 <DIR> d-------- c:\program files\Microsoft 2009-01-09 18:08 . 2009-01-09 18:08 <DIR> d-------- c:\program files\Microsoft Works 2009-01-09 18:05 . 2009-01-09 18:05 <DIR> d-------- c:\program files\Microsoft.NET 2009-01-09 17:56 . 2009-01-09 17:56 <DIR> d-------- c:\program files\Common Files\Windows Live 2009-01-09 17:52 . 2009-01-09 17:52 <DIR> d-------- c:\program files\Microsoft Visual Studio 8 2009-01-09 17:50 . 2009-01-16 17:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-01-07 20:28 . 2009-01-07 20:28 2 --a------ C:\-857030512 2009-01-07 12:56 . 2009-01-07 13:00 <DIR> d-------- c:\program files\Common Files\Nero . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-02 11:50 --------- d-----w c:\documents and settings\user\Application Data\Azureus 2009-01-29 20:24 --------- d-----w c:\program files\Microsoft Small Business 2009-01-28 18:36 --------- d-----w c:\program files\Azureus 2009-01-22 21:40 --------- d-----w c:\program files\SUPERAntiSpyware 2009-01-22 19:30 --------- d-----w c:\program files\Yahoo! 2009-01-22 19:30 --------- d-----w c:\program files\Windows Live Safety Center 2009-01-22 19:29 --------- d-----w c:\documents and settings\user\Application Data\UpdateStar 2009-01-22 19:26 --------- d-----w c:\program files\Sony 2009-01-22 19:26 --------- d-----w c:\program files\Google 2009-01-21 21:13 --------- d-----w c:\program files\Nokia 2009-01-21 21:13 --------- d-----w c:\documents and settings\All Users\Application Data\Installations 2009-01-21 21:04 --------- d-----w c:\documents and settings\user\Application Data\PC Suite 2009-01-13 21:24 --------- d-----w c:\documents and settings\user\Application Data\LimeWire 2009-01-13 21:18 --------- d-----w c:\program files\nLite 2009-01-13 20:52 --------- d-----w c:\program files\CCleaner 2009-01-09 21:41 --------- d-----w c:\program files\Windows Live 2009-01-09 21:22 --------- d-----w c:\program files\Windows Live Toolbar 2009-01-09 18:08 --------- d-----w c:\program files\MSBuild 2009-01-08 18:46 --------- d-----w c:\program files\Microsoft SQL Server 2009-01-08 18:39 --------- d-----w c:\program files\SimpleCenter 2009-01-08 18:37 --------- d-----w c:\program files\DivX 2009-01-08 18:37 --------- d-----w c:\program files\CachemanXP 2009-01-08 18:37 --------- d-----w c:\documents and settings\user\Application Data\DivX 2009-01-07 13:01 --------- d-----w c:\documents and settings\user\Application Data\Nero 2009-01-07 12:56 --------- d-----w c:\program files\Nero 2009-01-04 16:46 --------- d-----w c:\program files\mkv2vob 2009-01-04 00:45 --------- d-----w c:\program files\Good 2009-01-01 23:01 --------- d-----w c:\program files\Newspaper Delivery 2008-12-27 20:57 --------- d-----w c:\program files\BitLord 2008-12-25 14:36 --------- d-----w c:\program files\Haali 2008-12-25 14:31 --------- d-----w c:\program files\TVersity Codec Pack 2008-12-25 14:31 --------- d-----w c:\program files\ffdshow 2008-12-25 13:30 --------- d-----w c:\program files\Common Files\Wise Installation Wizard 2008-12-22 20:07 --------- d-----w c:\documents and settings\user\Application Data\U3 2008-12-21 12:09 --------- d-----w c:\documents and settings\user\Application Data\NeroDigital
  13. goldie
    Hi here is the log for combofix ComboFix 09-02-01.01 - user 2009-02-02 11:55:35.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1471.920 [GMT 0:00] Running from: c:\documents and settings\user\Desktop\ComboFix.exe AV: McAfee VirusScan *On-access scanning disabled* (Updated) FW: McAfee Personal Firewall *enabled* * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\user\Application Data\Adobe\crc.dat c:\program files\outlook c:\windows\system32\drivers\RKHit.sys c:\windows\system32\taskkill.com c:\documents and settings\user\Cookies\??????????????????????? . . . . failed to delete . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_RkHit ((((((((((((((((((((((((( Files Created from 2009-01-02 to 2009-02-02 ))))))))))))))))))))))))))))))) . 2009-01-30 00:00 . 2009-02-02 12:02 218 --a------ c:\windows\system32\tversity.cookies 2009-01-29 20:03 . 2009-01-29 20:05 250 --a------ c:\windows\gmer.ini 2009-01-24 18:48 . 2009-01-24 18:51 <DIR> d-------- c:\program files\EsetOnlineScanner 2009-01-22 10:58 . 2009-01-22 10:57 410,984 --a------ c:\windows\system32\deploytk.dll 2009-01-22 10:58 . 2009-01-22 10:57 73,728 --a------ c:\windows\system32\javacpl.cpl 2009-01-22 10:57 . 2009-01-22 10:57 <DIR> d-------- c:\program files\Java 2009-01-21 21:15 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll 2009-01-21 21:15 . 2009-01-21 21:15 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf 2009-01-21 21:15 . 2009-01-21 21:15 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf 2009-01-21 21:13 . 2008-09-15 07:29 1,112,288 --a------ c:\windows\system32\wdfcoinstaller01007.dll 2009-01-21 21:13 . 2008-09-15 07:56 659,968 --a------ c:\windows\system32\nmwcdcocls.dll 2009-01-21 21:13 . 2008-09-15 07:56 22,016 --a------ c:\windows\system32\drivers\ccdcmbo.sys 2009-01-21 21:13 . 2008-09-15 07:56 17,664 --a------ c:\windows\system32\drivers\ccdcmb.sys 2009-01-21 21:13 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerfltj.sys 2009-01-21 21:13 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys 2009-01-21 21:12 . 2008-02-01 15:17 138,112 --a------ c:\windows\system32\drivers\nmwcdnsu.sys 2009-01-21 21:12 . 2008-02-01 15:17 8,320 --a------ c:\windows\system32\drivers\nmwcdnsuc.sys 2009-01-21 21:11 . 2009-01-21 21:11 <DIR> d-------- c:\program files\Common Files\Nokia 2009-01-17 19:10 . 2009-01-17 19:10 <DIR> d-------- c:\documents and settings\user\Application Data\TomTom 2009-01-16 21:18 . 2009-01-16 21:18 <DIR> d-------- c:\program files\Trend Micro 2009-01-16 18:00 . 2009-01-16 18:00 <DIR> d-------- c:\program files\Microsoft ActiveSync 2009-01-16 17:57 . 2009-01-16 17:57 <DIR> d-------- c:\program files\Windows Mobile Device Handbook 2009-01-13 21:22 . 2009-01-19 18:52 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-01-13 21:22 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-01-13 21:22 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-01-09 22:26 . 2009-01-12 18:34 <DIR> d-------- c:\documents and settings\user\Tracing 2009-01-09 21:41 . 2009-01-09 21:41 <DIR> d-------- c:\program files\Microsoft Office Outlook Connector 2009-01-09 21:41 . 2008-12-08 17:01 55,136 --a------ c:\windows\system32\drivers\fssfltr_tdi.sys 2009-01-09 21:22 . 2009-01-09 21:22 <DIR> d-------- c:\program files\Microsoft Sync Framework 2009-01-09 21:13 . 2009-01-09 21:13 <DIR> d-------- c:\program files\Windows Live SkyDrive 2009-01-09 21:13 . 2009-01-09 21:41 <DIR> d-------- c:\program files\Microsoft 2009-01-09 18:08 . 2009-01-09 18:08 <DIR> d-------- c:\program files\Microsoft Works 2009-01-09 18:05 . 2009-01-09 18:05 <DIR> d-------- c:\program files\Microsoft.NET 2009-01-09 17:56 . 2009-01-09 17:56 <DIR> d-------- c:\program files\Common Files\Windows Live 2009-01-09 17:52 . 2009-01-09 17:52 <DIR> d-------- c:\program files\Microsoft Visual Studio 8 2009-01-09 17:50 . 2009-01-16 17:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-01-07 20:28 . 2009-01-07 20:28 2 --a------ C:\-857030512 2009-01-07 12:56 . 2009-01-07 13:00 <DIR> d-------- c:\program files\Common Files\Nero . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-02 11:50 --------- d-----w c:\documents and settings\user\Application Data\Azureus 2009-01-29 20:24 --------- d-----w c:\program files\Microsoft Small Business 2009-01-28 18:36 --------- d-----w c:\program files\Azureus 2009-01-22 21:40 --------- d-----w c:\program files\SUPERAntiSpyware 2009-01-22 19:30 --------- d-----w c:\program files\Yahoo! 2009-01-22 19:30 --------- d-----w c:\program files\Windows Live Safety Center 2009-01-22 19:29 --------- d-----w c:\documents and settings\user\Application Data\UpdateStar 2009-01-22 19:26 --------- d-----w c:\program files\Sony 2009-01-22 19:26 --------- d-----w c:\program files\Google 2009-01-21 21:13 --------- d-----w c:\program files\Nokia 2009-01-21 21:13 --------- d-----w c:\documents and settings\All Users\Application Data\Installations 2009-01-21 21:04 --------- d-----w c:\documents and settings\user\Application Data\PC Suite 2009-01-13 21:24 --------- d-----w c:\documents and settings\user\Application Data\LimeWire 2009-01-13 21:18 --------- d-----w c:\program files\nLite 2009-01-13 20:52 --------- d-----w c:\program files\CCleaner 2009-01-09 21:41 --------- d-----w c:\program files\Windows Live 2009-01-09 21:22 --------- d-----w c:\program files\Windows Live Toolbar 2009-01-09 18:08 --------- d-----w c:\program files\MSBuild 2009-01-08 18:46 --------- d-----w c:\program files\Microsoft SQL Server 2009-01-08 18:39 --------- d-----w c:\program files\SimpleCenter 2009-01-08 18:37 --------- d-----w c:\program files\DivX 2009-01-08 18:37 --------- d-----w c:\program files\CachemanXP 2009-01-08 18:37 --------- d-----w c:\documents and settings\user\Application Data\DivX 2009-01-07 13:01 --------- d-----w c:\documents and settings\user\Application Data\Nero 2009-01-07 12:56 --------- d-----w c:\program files\Nero 2009-01-04 16:46 --------- d-----w c:\program files\mkv2vob 2009-01-04 00:45 --------- d-----w c:\program files\Good 2009-01-01 23:01 --------- d-----w c:\program files\Newspaper Delivery 2008-12-27 20:57 --------- d-----w c:\program files\BitLord 2008-12-25 14:36 --------- d-----w c:\program files\Haali 2008-12-25 14:31 --------- d-----w c:\program files\TVersity Codec Pack 2008-12-25 14:31 --------- d-----w c:\program files\ffdshow 2008-12-25 13:30 --------- d-----w c:\program files\Common Files\Wise Installation Wizard 2008-12-22 20:07 --------- d-----w c:\documents and settings\user\Application Data\U3 2008-12-21 12:09 --------- d-----w c:\documents and settings\user\Application Data\NeroDigital
  14. goldie
    hi , i tried that but it keeps goint to delfindhr.com
  15. goldie
    Hi, I dont get any windows pop up apart from my home page being dealfinhr.com. This is only in firefox, IE is fine. Here is the gmer log gmerlog.zip gmerlog.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.