Jump to content

Infected please help


mtc777

Recommended Posts

The Windows support page opens randomly and after that all my desktop icons are gone, so I must kill explorer proccess and start it again to get them back. Maleware log is clean

Here is the DDS/GMER :

DDS (Ver_10-03-17.01) - NTFSx86

Run by Matic at 22:54:02.40 on Sat 09/11/2010

Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_21

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1519 [GMT 2:00]

AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

FW: Online Armor Firewall *disabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\NOD32 Antivirus\ekrn.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Razer\razerhid.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CNAP2LAK.EXE

C:\Program Files\ZEngine\Zboard.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CNAB8SWK.EXE

C:\Program Files\ObjectDock\ObjectDock.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CNAP2RPK.EXE

C:\Program Files\Razer\razertra.exe

C:\Program Files\Razer\razerofa.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Documents and Settings\Matic\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.si/

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot\SDHelper.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

uRun: [spybotSD TeaTimer] c:\program files\spybot\TeaTimer.exe

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

mRun: [razer] c:\program files\razer\razerhid.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [CNAP2 Launcher] c:\windows\system32\spool\drivers\w32x86\3\CNAP2LAK.EXE

mRun: [@OnlineArmor GUI] "c:\program files\online armor\oaui.exe"

mRun: [Zboard] c:\program files\zengine\Zboard.exe

mRun: [egui] "c:\program files\nod32 antivirus\egui.exe" /hide /waitservice

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

StartupFolder: c:\docume~1\matic\startm~1\programs\startup\stardo~1.lnk - c:\program files\objectdock\ObjectDock.exe

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot\SDHelper.dll

DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

TCP: {EAB4A913-F574-48CC-A89E-42EFC0BEDFAA} = 193.2.1.66,193.2.1.72

Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - c:\program files\iconpackager\iprepair.dll

SEH: OA Shell Helper: {4f07da45-8170-4859-9b5f-037ef2970034} - c:\progra~1\online~2\oaevent.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

Hosts: 127.0.0.1 www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\matic\applic~1\mozilla\firefox\profiles\gnebaclb.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT329536&SearchSource=3&q=

FF - prefs.js: browser.startup.homepage - hxxp://www.microtforum.com/forum/

FF - plugin: c:\documents and settings\matic\local settings\application data\google\update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\nppopcaploader.dll

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);

c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);

c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr

ef", true);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-2-20 33800]

R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2010-9-7 201168]

R1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [2010-9-7 38856]

R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2010-9-7 25000]

R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [2010-9-7 29272]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]

R2 ekrn;Eset Service;c:\program files\nod32 antivirus\ekrn.exe [2008-2-20 472320]

R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [2007-10-18 38656]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-4-17 20952]

R3 Razerlow;Razerlow USB Filter Driver;c:\windows\system32\drivers\Razerlow.sys [2007-10-20 13225]

S2 MBAMService;MBAMService;"c:\program files\malwarebytes' anti-malware\mbamservice.exe" --> c:\program files\malwarebytes' anti-malware\mbamservice.exe [?]

S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2004-8-4 3584]

S2 OAcat;Online Armor Helper Service;c:\program files\online armor\oacat.exe [2010-9-7 380272]

S2 SvcOnlineArmor;Online Armor;c:\program files\online armor\oasrv.exe [2010-9-7 3638240]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-3-4 1684736]

S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-7-12 137344]

S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-7-12 8320]

S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-4 14336]

S3 PbsAuDrv;PolderbitS Audio Driver;c:\windows\system32\drivers\pbsaudrv.sys --> c:\windows\system32\drivers\pbsaudrv.sys [?]

S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2010-9-10 27064]

S3 SE2Fbus;Sony Ericsson Device 047 Driver driver (WDM);c:\windows\system32\drivers\SE2Fbus.sys [2007-10-28 61600]

S3 SE2Fmdfl;Sony Ericsson Device 047 USB WMC Modem Filter;c:\windows\system32\drivers\SE2Fmdfl.sys [2007-10-28 9360]

S3 SE2Fmdm;Sony Ericsson Device 047 USB WMC Modem Driver;c:\windows\system32\drivers\SE2Fmdm.sys [2007-10-28 97184]

S3 SE2Fmgmt;Sony Ericsson Device 047 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\SE2Fmgmt.sys [2007-12-10 88688]

S3 se2Fnd5;Sony Ericsson Device 047 USB Ethernet Emulation SEMC47 (NDIS);c:\windows\system32\drivers\se2Fnd5.sys [2007-12-10 18704]

S3 SE2Fobex;Sony Ericsson Device 047 USB WMC OBEX Interface;c:\windows\system32\drivers\SE2Fobex.sys [2007-10-28 86560]

S3 se2Funic;Sony Ericsson Device 047 USB Ethernet Emulation SEMC47 (WDM);c:\windows\system32\drivers\se2Funic.sys [2007-12-10 90800]

S3 Z550bus;Sony Ericsson Z550 driver (WDM);c:\windows\system32\drivers\Z550bus.sys [2008-3-1 60800]

S3 Z550mdfl;Sony Ericsson Z550 USB WMC Modem Filter;c:\windows\system32\drivers\Z550mdfl.sys [2008-3-1 9264]

S3 Z550mdm;Sony Ericsson Z550 USB WMC Modem Driver;c:\windows\system32\drivers\Z550mdm.sys [2008-3-1 96352]

S3 Z550mgmt;Sony Ericsson Z550 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\Z550mgmt.sys [2008-3-1 87824]

S3 Z550obex;Sony Ericsson Z550 USB WMC OBEX Interface;c:\windows\system32\drivers\Z550obex.sys [2008-3-1 85696]

============== File Associations ===============

.txt=UltraEdit.txt

=============== Created Last 30 ================

2010-09-11 20:40:26 24832 ----a-w- c:\windows\system32\20402623441.dll

2010-09-11 20:26:47 20 ----a-w- c:\documents and settings\matic\defogger_reenable

2010-09-10 21:42:29 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys

2010-09-10 21:42:23 0 d-----w- c:\program files\Revo Uninstaller Pro

2010-09-10 21:37:53 73728 ----a-w- c:\windows\system32\javacpl.cpl

2010-09-10 20:19:50 0 d-----w- c:\program files\Trend Micro

2010-09-10 08:50:28 423656 ----a-w- c:\windows\system32\deployJava1.dll

2010-09-08 07:15:51 0 d-----w- c:\docume~1\matic\applic~1\SUPERAntiSpyware.com

2010-09-08 07:15:51 0 d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com

2010-09-08 07:15:21 0 d-----w- c:\program files\SUPERAntiSpyware

2010-09-07 15:22:02 0 d-----w- c:\docume~1\matic\applic~1\OnlineArmor

2010-09-07 15:22:02 0 d-----w- c:\docume~1\alluse~1\applic~1\OnlineArmor

2010-09-07 15:21:28 38856 ----a-w- c:\windows\system32\drivers\oahlp32.sys

2010-09-07 15:21:28 29272 ----a-w- c:\windows\system32\drivers\OAnet.sys

2010-09-07 15:21:28 25000 ----a-w- c:\windows\system32\drivers\OAmon.sys

2010-09-07 15:21:28 201168 ----a-w- c:\windows\system32\drivers\OADriver.sys

2010-09-07 15:19:13 0 d-----w- c:\program files\Online Armor

2010-09-07 07:42:41 1096 ----a-w- c:\windows\system32\drivers\kgpcpy.cfg

2010-09-07 07:33:07 16384 ---ha-w- C:\SZKGFS.dat

2010-09-07 07:29:49 0 d-----w- c:\docume~1\alluse~1\applic~1\SITEguard

2010-09-07 07:28:35 0 d-----w- c:\program files\common files\iS3

2010-09-07 07:28:35 0 d-----w- c:\docume~1\alluse~1\applic~1\STOPzilla!

2010-09-07 07:04:48 48 ----a-w- c:\windows\wininit.ini

2010-09-06 10:29:31 0 d-----w- c:\program files\Anti-Malware

2010-09-06 10:06:48 0 d-s---w- c:\documents and settings\matic\UserData

2010-09-04 19:21:29 0 d-----w- c:\program files\Subtitle Workshop

2010-08-27 17:33:51 0 d-----w- c:\program files\common files\Data

2010-08-27 17:31:46 197632 ----a-w- c:\program files\common files\OnlineFilesManager.dll

2010-08-20 11:30:38 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643}

2010-08-20 11:16:14 0 d-----w- c:\program files\IconPackager

2010-08-19 14:52:27 0 d-----w- c:\program files\common files\Stardock

2010-08-19 12:05:11 0 d-----w- c:\program files\ObjectDock

==================== Find3M ====================

2010-08-12 12:48:08 232968 ----a-w- c:\windows\system32\nvdrsdb0.bin

2010-08-12 12:48:05 232968 ----a-w- c:\windows\system32\nvdrsdb1.bin

2010-07-26 08:13:40 108032 ----a-w- c:\windows\system32\ff_vfw.dll

2010-07-09 22:38:00 6343040 ----a-w- c:\windows\system32\nv4_disp.dll

2010-07-09 22:38:00 61440 ----a-w- c:\windows\system32\OpenCL.dll

2010-07-09 22:38:00 4595712 ----a-w- c:\windows\system32\nvcuda.dll

2010-07-09 22:38:00 2914408 ----a-w- c:\windows\system32\nvcuvid.dll

2010-07-09 22:38:00 2506344 ----a-w- c:\windows\system32\nvcuvenc.dll

2010-07-09 22:38:00 236136 ----a-w- c:\windows\system32\nvcodins.dll

2010-07-09 22:38:00 236136 ----a-w- c:\windows\system32\nvcod.dll

2010-07-09 22:38:00 2195030 ----a-w- c:\windows\system32\nvdata.bin

2010-07-09 22:38:00 1388544 ----a-w- c:\windows\system32\nvapi.dll

2010-07-09 22:38:00 13549568 ----a-w- c:\windows\system32\nvoglnt.dll

2010-07-09 22:38:00 10260480 ----a-w- c:\windows\system32\nvcompiler.dll

2010-07-09 14:24:26 81920 ----a-w- c:\windows\system32\nvwddi.dll

2010-07-09 14:24:18 277608 ----a-w- c:\windows\system32\nvmccs.dll

2010-07-09 14:24:18 110696 ----a-w- c:\windows\system32\nvmctray.dll

2010-07-09 14:24:16 155752 ----a-w- c:\windows\system32\nvsvc32.exe

2010-07-09 14:24:16 145000 ----a-w- c:\windows\system32\nvcolor.exe

2010-07-09 14:24:16 13923432 ----a-w- c:\windows\system32\nvcpl.dll

2009-11-19 19:08:02 3749224 ----a-w- c:\program files\common files\adlmint_libFNP.dll

2009-11-19 19:08:02 2941288 ----a-w- c:\program files\common files\adlmint.dll

2006-06-23 20:48:54 32768 ----a-r- c:\windows\inf\UpdateUSB.exe

============= FINISH: 22:55:05.62 ===============

attach.zip

Link to post
Share on other sites

:P

Copy and paste these lines in Notepad.

@Echo on

pushd\windows\system32\drivers\etc

attrib -h -s -r hosts

echo 127.0.0.1 localhost>HOSTS

attrib +r +h +s hosts

popd

ipconfig /release

ipconfig /renew

ipconfig /flushdns

netsh winsock reset all

netsh int ip reset all

shutdown -r -t 1

del %0

Save as flush.bat to your desktop. Double click to run.

*** note: Win Vista and Win 7 need to right click and choose to "run as Administrator" .. the computer will reboot itself.

Please download ATF Cleaner by Atribune.

Download - ATF Cleaner

Link to post
Share on other sites

DDS (Ver_10-03-17.01) - NTFSx86

Run by Matic at 23:29:05.35 on Sun 09/12/2010

Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_21

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1548 [GMT 2:00]

AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

FW: Online Armor Firewall *enabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

C:\Program Files\Online Armor\OAcat.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\NOD32 Antivirus\ekrn.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\oodag.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Razer\razerhid.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CNAP2LAK.EXE

C:\Program Files\ZEngine\Zboard.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CNAP2RPK.EXE

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CNAB8SWK.EXE

C:\Program Files\ObjectDock\ObjectDock.exe

C:\Program Files\Razer\razertra.exe

C:\Program Files\Razer\razerofa.exe

C:\Program Files\UltraEdit\UEDIT32.EXE

C:\WINDOWS\system32\taskmgr.exe

C:\Documents and Settings\Matic\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.si/

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot\SDHelper.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

uRun: [spybotSD TeaTimer] c:\program files\spybot\TeaTimer.exe

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

mRun: [razer] c:\program files\razer\razerhid.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [CNAP2 Launcher] c:\windows\system32\spool\drivers\w32x86\3\CNAP2LAK.EXE

mRun: [@OnlineArmor GUI] "c:\program files\online armor\oaui.exe"

mRun: [Zboard] c:\program files\zengine\Zboard.exe

mRun: [egui] "c:\program files\nod32 antivirus\egui.exe" /hide /waitservice

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

StartupFolder: c:\docume~1\matic\startm~1\programs\startup\stardo~1.lnk - c:\program files\objectdock\ObjectDock.exe

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot\SDHelper.dll

DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - c:\program files\iconpackager\iprepair.dll

SEH: OA Shell Helper: {4f07da45-8170-4859-9b5f-037ef2970034} - c:\progra~1\online~2\oaevent.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\matic\applic~1\mozilla\firefox\profiles\gnebaclb.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT329536&SearchSource=3&q=

FF - prefs.js: browser.startup.homepage - hxxp://www.microtforum.com/forum/

FF - plugin: c:\documents and settings\matic\local settings\application data\google\update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\nppopcaploader.dll

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);

c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);

c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr

ef", true);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-2-20 33800]

R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2010-9-7 201168]

R1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [2010-9-7 38856]

R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2010-9-7 25000]

R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [2010-9-7 29272]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]

R2 ekrn;Eset Service;c:\program files\nod32 antivirus\ekrn.exe [2008-2-20 472320]

R2 OAcat;Online Armor Helper Service;c:\program files\online armor\oacat.exe [2010-9-7 380272]

R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [2007-10-18 38656]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-4-17 20952]

R3 Razerlow;Razerlow USB Filter Driver;c:\windows\system32\drivers\Razerlow.sys [2007-10-20 13225]

S2 MBAMService;MBAMService;"c:\program files\malwarebytes' anti-malware\mbamservice.exe" --> c:\program files\malwarebytes' anti-malware\mbamservice.exe [?]

S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2004-8-4 3584]

S2 SvcOnlineArmor;Online Armor;c:\program files\online armor\oasrv.exe [2010-9-7 3638240]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-3-4 1684736]

S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-7-12 137344]

S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-7-12 8320]

S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-4 14336]

S3 PbsAuDrv;PolderbitS Audio Driver;c:\windows\system32\drivers\pbsaudrv.sys --> c:\windows\system32\drivers\pbsaudrv.sys [?]

S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2010-9-10 27064]

S3 SE2Fbus;Sony Ericsson Device 047 Driver driver (WDM);c:\windows\system32\drivers\SE2Fbus.sys [2007-10-28 61600]

S3 SE2Fmdfl;Sony Ericsson Device 047 USB WMC Modem Filter;c:\windows\system32\drivers\SE2Fmdfl.sys [2007-10-28 9360]

S3 SE2Fmdm;Sony Ericsson Device 047 USB WMC Modem Driver;c:\windows\system32\drivers\SE2Fmdm.sys [2007-10-28 97184]

S3 SE2Fmgmt;Sony Ericsson Device 047 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\SE2Fmgmt.sys [2007-12-10 88688]

S3 se2Fnd5;Sony Ericsson Device 047 USB Ethernet Emulation SEMC47 (NDIS);c:\windows\system32\drivers\se2Fnd5.sys [2007-12-10 18704]

S3 SE2Fobex;Sony Ericsson Device 047 USB WMC OBEX Interface;c:\windows\system32\drivers\SE2Fobex.sys [2007-10-28 86560]

S3 se2Funic;Sony Ericsson Device 047 USB Ethernet Emulation SEMC47 (WDM);c:\windows\system32\drivers\se2Funic.sys [2007-12-10 90800]

S3 Z550bus;Sony Ericsson Z550 driver (WDM);c:\windows\system32\drivers\Z550bus.sys [2008-3-1 60800]

S3 Z550mdfl;Sony Ericsson Z550 USB WMC Modem Filter;c:\windows\system32\drivers\Z550mdfl.sys [2008-3-1 9264]

S3 Z550mdm;Sony Ericsson Z550 USB WMC Modem Driver;c:\windows\system32\drivers\Z550mdm.sys [2008-3-1 96352]

S3 Z550mgmt;Sony Ericsson Z550 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\Z550mgmt.sys [2008-3-1 87824]

S3 Z550obex;Sony Ericsson Z550 USB WMC OBEX Interface;c:\windows\system32\drivers\Z550obex.sys [2008-3-1 85696]

============== File Associations ===============

.txt=UltraEdit.txt

=============== Created Last 30 ================

2010-09-12 20:57:01 0 d-----w- c:\docume~1\alluse~1\applic~1\RegCure

2010-09-12 16:12:18 24832 ----a-w- c:\windows\system32\16121873441.dll

2010-09-12 14:23:20 0 d-----w- c:\program files\ESET

2010-09-11 20:26:47 20 ----a-w- c:\documents and settings\matic\defogger_reenable

2010-09-10 21:42:29 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys

2010-09-10 21:42:23 0 d-----w- c:\program files\Revo Uninstaller Pro

2010-09-10 21:37:53 73728 ----a-w- c:\windows\system32\javacpl.cpl

2010-09-10 20:19:50 0 d-----w- c:\program files\Trend Micro

2010-09-10 08:50:28 423656 ----a-w- c:\windows\system32\deployJava1.dll

2010-09-08 07:15:51 0 d-----w- c:\docume~1\matic\applic~1\SUPERAntiSpyware.com

2010-09-08 07:15:51 0 d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com

2010-09-08 07:15:21 0 d-----w- c:\program files\SUPERAntiSpyware

2010-09-07 15:22:02 0 d-----w- c:\docume~1\matic\applic~1\OnlineArmor

2010-09-07 15:22:02 0 d-----w- c:\docume~1\alluse~1\applic~1\OnlineArmor

2010-09-07 15:21:28 38856 ----a-w- c:\windows\system32\drivers\oahlp32.sys

2010-09-07 15:21:28 29272 ----a-w- c:\windows\system32\drivers\OAnet.sys

2010-09-07 15:21:28 25000 ----a-w- c:\windows\system32\drivers\OAmon.sys

2010-09-07 15:21:28 201168 ----a-w- c:\windows\system32\drivers\OADriver.sys

2010-09-07 15:19:13 0 d-----w- c:\program files\Online Armor

2010-09-07 07:42:41 1096 ----a-w- c:\windows\system32\drivers\kgpcpy.cfg

2010-09-07 07:33:07 16384 ---ha-w- C:\SZKGFS.dat

2010-09-07 07:29:49 0 d-----w- c:\docume~1\alluse~1\applic~1\SITEguard

2010-09-07 07:28:35 0 d-----w- c:\program files\common files\iS3

2010-09-07 07:28:35 0 d-----w- c:\docume~1\alluse~1\applic~1\STOPzilla!

2010-09-07 07:04:48 48 ----a-w- c:\windows\wininit.ini

2010-09-06 10:29:31 0 d-----w- c:\program files\Anti-Malware

2010-09-06 10:06:48 0 d-s---w- c:\documents and settings\matic\UserData

2010-09-04 19:21:29 0 d-----w- c:\program files\Subtitle Workshop

2010-08-27 17:33:51 0 d-----w- c:\program files\common files\Data

2010-08-27 17:31:46 197632 ----a-w- c:\program files\common files\OnlineFilesManager.dll

2010-08-20 11:30:38 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643}

2010-08-20 11:16:14 0 d-----w- c:\program files\IconPackager

2010-08-19 14:52:27 0 d-----w- c:\program files\common files\Stardock

2010-08-19 12:05:11 0 d-----w- c:\program files\ObjectDock

==================== Find3M ====================

2010-08-12 12:48:08 232968 ----a-w- c:\windows\system32\nvdrsdb0.bin

2010-08-12 12:48:05 232968 ----a-w- c:\windows\system32\nvdrsdb1.bin

2010-07-26 08:13:40 108032 ----a-w- c:\windows\system32\ff_vfw.dll

2010-07-09 22:38:00 6343040 ----a-w- c:\windows\system32\nv4_disp.dll

2010-07-09 22:38:00 61440 ----a-w- c:\windows\system32\OpenCL.dll

2010-07-09 22:38:00 4595712 ----a-w- c:\windows\system32\nvcuda.dll

2010-07-09 22:38:00 2914408 ----a-w- c:\windows\system32\nvcuvid.dll

2010-07-09 22:38:00 2506344 ----a-w- c:\windows\system32\nvcuvenc.dll

2010-07-09 22:38:00 236136 ----a-w- c:\windows\system32\nvcodins.dll

2010-07-09 22:38:00 236136 ----a-w- c:\windows\system32\nvcod.dll

2010-07-09 22:38:00 2195030 ----a-w- c:\windows\system32\nvdata.bin

2010-07-09 22:38:00 1388544 ----a-w- c:\windows\system32\nvapi.dll

2010-07-09 22:38:00 13549568 ----a-w- c:\windows\system32\nvoglnt.dll

2010-07-09 22:38:00 10260480 ----a-w- c:\windows\system32\nvcompiler.dll

2010-07-09 14:24:26 81920 ----a-w- c:\windows\system32\nvwddi.dll

2010-07-09 14:24:18 277608 ----a-w- c:\windows\system32\nvmccs.dll

2010-07-09 14:24:18 110696 ----a-w- c:\windows\system32\nvmctray.dll

2010-07-09 14:24:16 155752 ----a-w- c:\windows\system32\nvsvc32.exe

2010-07-09 14:24:16 145000 ----a-w- c:\windows\system32\nvcolor.exe

2010-07-09 14:24:16 13923432 ----a-w- c:\windows\system32\nvcpl.dll

2009-11-19 19:08:02 3749224 ----a-w- c:\program files\common files\adlmint_libFNP.dll

2009-11-19 19:08:02 2941288 ----a-w- c:\program files\common files\adlmint.dll

2006-06-23 20:48:54 32768 ----a-r- c:\windows\inf\UpdateUSB.exe

============= FINISH: 23:30:49.06 ===============

Link to post
Share on other sites

To re-enable your Emulation drivers, double click DeFogger to run the tool.

  • The application window will appear
  • Click the Re-enable button to re-enable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger will now ask to reboot the machine - click OK

IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_enable which will appear on your desktop.

Your Emulation drivers are now re-enabled.

Link to post
Share on other sites

Go to Start > Run and type in Services.msc then click OK

Click the Extended tab.

Scroll down until you find SPTD

Click once on the service to highlight it.

Click Start

Right-Click on the service.

Click on 'Properties'

Select the 'General' tab

Click the Arrow-down tab on the right-hand side on the 'Start-up Type' box

From the drop-down menu, click on ' Boot'

The service is now enabled

Link to post
Share on other sites

S what should I do now?
You might try updating to IE7 or 8

If that doesn't update then I suggest contacting MS.

Issues with getting Windows Updates.

This is a free service and toll-free call.

1-866-PCSAFETY

or

1-866-727-2338

It is available 24 hours a day for the U.S. and Canada.

Link to post
Share on other sites

As far as I know it only disbales CD/DVD drives, not Virtual drives.

Try it again.

Please download DeFogger to your desktop.

Double click DeFogger to run the tool.

  • The application window will appear
  • Click the Enable button to enable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger will now ask to reboot the machine - click OK

IMPORTANT! If you receive an error

Link to post
Share on other sites

One more thing:

When the computer boots it take longer then ussual. It shows just wallpaper for about 1-2 minutes before the icons appear.

Explorer.exe memory goes up to 380 MB !!! before it shows error.

That sounds like something other than an infection.

What programs are in the Start-up Folder?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.