mswind18 Posted November 29, 2010 Author ID:352864 Share Posted November 29, 2010 OK, I got it now.....I will run from another login....also I have a good chunk of time today to work this out...thxs Link to post Share on other sites More sharing options...
LDTate Posted November 29, 2010 ID:352867 Share Posted November 29, 2010 Don't forget I need a new one from your login as well. Link to post Share on other sites More sharing options...
mswind18 Posted November 29, 2010 Author ID:352922 Share Posted November 29, 2010 This is from another account....nothing abnormal found2010/11/29 11:12:21.0390 TDSS rootkit removing tool 2.4.10.0 Nov 28 2010 18:35:562010/11/29 11:12:21.0390 ================================================================================2010/11/29 11:12:21.0390 SystemInfo:2010/11/29 11:12:21.0390 2010/11/29 11:12:21.0390 OS Version: 5.1.2600 ServicePack: 2.02010/11/29 11:12:21.0390 Product type: Workstation2010/11/29 11:12:21.0390 ComputerName: SAMSELMAIN2010/11/29 11:12:21.0390 UserName: Mom22010/11/29 11:12:21.0390 Windows directory: C:\WINDOWS2010/11/29 11:12:21.0390 System windows directory: C:\WINDOWS2010/11/29 11:12:21.0390 Processor architecture: Intel x862010/11/29 11:12:21.0390 Number of processors: 12010/11/29 11:12:21.0390 Page size: 0x10002010/11/29 11:12:21.0390 Boot type: Normal boot2010/11/29 11:12:21.0390 ================================================================================2010/11/29 11:12:23.0234 Initialize success2010/11/29 11:12:26.0062 ================================================================================2010/11/29 11:12:26.0062 Scan started2010/11/29 11:12:26.0062 Mode: Manual; 2010/11/29 11:12:26.0062 ================================================================================2010/11/29 11:12:29.0125 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS2010/11/29 11:12:29.0359 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys2010/11/29 11:12:29.0578 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys2010/11/29 11:12:29.0843 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys2010/11/29 11:12:30.0109 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys2010/11/29 11:12:30.0328 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys2010/11/29 11:12:30.0578 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys2010/11/29 11:12:31.0109 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys2010/11/29 11:12:31.0296 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys2010/11/29 11:12:31.0468 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys2010/11/29 11:12:31.0640 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys2010/11/29 11:12:31.0828 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys2010/11/29 11:12:31.0984 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\System32\DRIVERS\alim1541.sys2010/11/29 11:12:32.0171 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\System32\DRIVERS\amdagp.sys2010/11/29 11:12:32.0343 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys2010/11/29 11:12:32.0546 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys2010/11/29 11:12:32.0750 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys2010/11/29 11:12:32.0937 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys2010/11/29 11:12:33.0109 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys2010/11/29 11:12:33.0281 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys2010/11/29 11:12:33.0390 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys2010/11/29 11:12:33.0718 ati2mtag (bf94a12f9d86b28fecf00b24b7129013) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys2010/11/29 11:12:34.0203 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys2010/11/29 11:12:34.0468 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys2010/11/29 11:12:34.0734 BCMModem (41347688046d49cde0f6d138a534f73d) C:\WINDOWS\system32\DRIVERS\BCMSM.sys2010/11/29 11:12:34.0921 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys2010/11/29 11:12:35.0171 BHDrvx86 (76154fa6a742c613b44bb636b1a7c057) C:\WINDOWS\System32\Drivers\N360\0308000.029\BHDrvx86.sys2010/11/29 11:12:35.0609 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys2010/11/29 11:12:35.0859 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys2010/11/29 11:12:36.0078 ccHP (8973ff34b83572d867b5b928905ad5ac) C:\WINDOWS\System32\Drivers\N360\0308000.029\ccHPx86.sys2010/11/29 11:12:36.0359 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys2010/11/29 11:12:36.0609 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys2010/11/29 11:12:36.0828 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys2010/11/29 11:12:37.0078 Cdr4_xp (bf79e659c506674c0497cc9c61f1a165) C:\WINDOWS\system32\drivers\Cdr4_xp.sys2010/11/29 11:12:37.0296 Cdralw2k (18eb04a0dfd3ffae2ab736c3c1dfea34) C:\WINDOWS\system32\drivers\Cdralw2k.sys2010/11/29 11:12:37.0531 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys2010/11/29 11:12:37.0796 cdudf_xp (072070a498d5fad70c3a99a5f0b1331b) C:\WINDOWS\system32\drivers\cdudf_xp.sys2010/11/29 11:12:38.0203 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\System32\DRIVERS\cmdide.sys2010/11/29 11:12:38.0484 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys2010/11/29 11:12:38.0765 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys2010/11/29 11:12:39.0015 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys2010/11/29 11:12:39.0265 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys2010/11/29 11:12:39.0546 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys2010/11/29 11:12:39.0796 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys2010/11/29 11:12:40.0062 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys2010/11/29 11:12:40.0281 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys2010/11/29 11:12:40.0515 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys2010/11/29 11:12:40.0750 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys2010/11/29 11:12:41.0234 dvd_2K (a3997baab606caa92f27e07bc4f070f0) C:\WINDOWS\system32\drivers\dvd_2K.sys2010/11/29 11:12:41.0453 E100B (56ab585a307909c4447d5900a10c6bc7) C:\WINDOWS\system32\DRIVERS\e100b325.sys2010/11/29 11:12:41.0718 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys2010/11/29 11:12:42.0062 EL90XBC (6e883bf518296a40959131c2304af714) C:\WINDOWS\system32\DRIVERS\el90xbc5.sys2010/11/29 11:12:42.0296 EraserUtilRebootDrv (850259334652d392e33ee3412562e583) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys2010/11/29 11:12:42.0562 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys2010/11/29 11:12:42.0781 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys2010/11/29 11:12:42.0984 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys2010/11/29 11:12:43.0203 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys2010/11/29 11:12:43.0421 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\drivers\fltmgr.sys2010/11/29 11:12:43.0640 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys2010/11/29 11:12:43.0890 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys2010/11/29 11:12:44.0125 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys2010/11/29 11:12:44.0390 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys2010/11/29 11:12:44.0640 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys2010/11/29 11:12:44.0875 grmnusb (cd007d03a9284bfe67d49c01213132bf) C:\WINDOWS\system32\drivers\grmnusb.sys2010/11/29 11:12:45.0156 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys2010/11/29 11:12:45.0406 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys2010/11/29 11:12:45.0625 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys2010/11/29 11:12:45.0890 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys2010/11/29 11:12:46.0140 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys2010/11/29 11:12:46.0390 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys2010/11/29 11:12:46.0578 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys2010/11/29 11:12:46.0765 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\System32\DRIVERS\i2omp.sys2010/11/29 11:12:46.0953 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys2010/11/29 11:12:47.0171 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys2010/11/29 11:12:47.0437 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys2010/11/29 11:12:47.0656 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys2010/11/29 11:12:47.0875 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys2010/11/29 11:12:48.0125 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys2010/11/29 11:12:48.0359 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys2010/11/29 11:12:48.0593 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys2010/11/29 11:12:48.0828 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys2010/11/29 11:12:49.0203 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys2010/11/29 11:12:49.0453 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys2010/11/29 11:12:49.0750 IDSxpx86 (74e8463447101ecf0165ddc7e5168b7e) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20101124.002\IDSxpx86.sys2010/11/29 11:12:50.0000 ikhfile (f24866ee5c0819e9b1b58f2c00af078e) C:\WINDOWS\system32\drivers\ikhfile.sys2010/11/29 11:12:50.0296 ikhlayer (9a2cff8e3ef0a35f23f544fab915c060) C:\WINDOWS\System32\drivers\ikhlayer.sys2010/11/29 11:12:50.0531 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys2010/11/29 11:12:50.0781 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys2010/11/29 11:12:51.0203 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys2010/11/29 11:12:51.0343 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys2010/11/29 11:12:51.0515 ip6fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys2010/11/29 11:12:51.0703 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys2010/11/29 11:12:51.0859 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys2010/11/29 11:12:52.0031 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys2010/11/29 11:12:52.0140 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys2010/11/29 11:12:52.0390 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys2010/11/29 11:12:52.0546 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys2010/11/29 11:12:52.0734 itchfltr (8f1ba487b35f0c8f637e05113aa815f8) C:\WINDOWS\system32\DRIVERS\itchfltr.sys2010/11/29 11:12:52.0875 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys2010/11/29 11:12:53.0000 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys2010/11/29 11:12:53.0140 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys2010/11/29 11:12:53.0265 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys2010/11/29 11:12:53.0421 l8042pr2 (80794cc09e6aea4c10ec35ae6ba86ad4) C:\WINDOWS\system32\DRIVERS\L8042Pr2.sys2010/11/29 11:12:53.0812 LCcfltr (fb5e7a5c86c0b58aa155487b141b8457) C:\WINDOWS\system32\drivers\lccfltr.sys2010/11/29 11:12:54.0000 LHidFlt2 (9de00e4938d396384504af5ddcc45770) C:\WINDOWS\system32\DRIVERS\LHidFlt2.sys2010/11/29 11:12:54.0140 LHidUsb (a8742865e15a57b426efcc5ff744d6d3) C:\WINDOWS\system32\Drivers\LHidUsb.Sys2010/11/29 11:12:54.0296 LKbdFlt2 (b3e69110fba2c07b634e6bf20fe9f9ac) C:\WINDOWS\system32\DRIVERS\LKbdFlt2.sys2010/11/29 11:12:54.0468 LMouFlt2 (6d8f6f74341d804a2552d5c6edc98cb9) C:\WINDOWS\system32\DRIVERS\LMouFlt2.sys2010/11/29 11:12:54.0734 mmc_2K (e97e3fe03b6f271336cb2fbb24734989) C:\WINDOWS\system32\drivers\mmc_2K.sys2010/11/29 11:12:54.0875 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys2010/11/29 11:12:55.0031 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys2010/11/29 11:12:55.0203 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys2010/11/29 11:12:55.0390 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys2010/11/29 11:12:55.0531 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys2010/11/29 11:12:55.0687 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys2010/11/29 11:12:55.0859 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys2010/11/29 11:12:56.0015 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys2010/11/29 11:12:56.0187 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys2010/11/29 11:12:56.0468 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys2010/11/29 11:12:56.0687 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys2010/11/29 11:12:56.0921 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys2010/11/29 11:12:57.0187 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys2010/11/29 11:12:57.0406 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys2010/11/29 11:12:57.0562 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys2010/11/29 11:12:58.0046 NAVENG (49d802531e5984cf1fe028c6c129b9d8) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101129.002\NAVENG.SYS2010/11/29 11:12:58.0312 NAVEX15 (158676a5758c1fa519563b3e72fbf256) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101129.002\NAVEX15.SYS2010/11/29 11:12:58.0609 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys2010/11/29 11:12:58.0843 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys2010/11/29 11:12:59.0062 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys2010/11/29 11:12:59.0281 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys2010/11/29 11:12:59.0500 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys2010/11/29 11:12:59.0734 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys2010/11/29 11:12:59.0968 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys2010/11/29 11:13:00.0234 NMSCFG (847d6d775524fa5e58d851ddec566a12) C:\WINDOWS\system32\drivers\NMSCFG.SYS2010/11/29 11:13:00.0468 NPDriver (57883a0c8ab1d93fce74d79b5fe8b4ff) C:\WINDOWS\system32\Drivers\NPDRIVER.SYS2010/11/29 11:13:00.0703 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys2010/11/29 11:13:01.0000 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys2010/11/29 11:13:01.0250 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys2010/11/29 11:13:01.0734 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys2010/11/29 11:13:02.0046 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys2010/11/29 11:13:02.0312 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys2010/11/29 11:13:02.0562 omci (1d98907d80461371437a7c898c58c8ae) C:\WINDOWS\system32\DRIVERS\omci.sys2010/11/29 11:13:02.0906 P16X (e433c553d00d76fbc616294b60a7a530) C:\WINDOWS\system32\drivers\P16X.sys2010/11/29 11:13:03.0187 P3 (3e16eff2a6fed2d8d7f5a66dfe65d183) C:\WINDOWS\system32\DRIVERS\p3.sys2010/11/29 11:13:03.0421 PalmUSBD (240c0d4049a833b16b63b636acf01672) C:\WINDOWS\system32\drivers\PalmUSBD.sys2010/11/29 11:13:03.0671 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys2010/11/29 11:13:03.0890 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys2010/11/29 11:13:04.0093 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys2010/11/29 11:13:04.0312 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys2010/11/29 11:13:04.0671 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\System32\DRIVERS\pciide.sys2010/11/29 11:13:04.0921 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys2010/11/29 11:13:05.0765 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys2010/11/29 11:13:06.0015 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys2010/11/29 11:13:06.0250 PfModNT (2f5532f9b0f903b26847da674b4f55b2) C:\WINDOWS\System32\PfModNT.sys2010/11/29 11:13:06.0531 PnkBstrK (f4ba8e3e515a3dd9dd29a031d6f94e02) C:\WINDOWS\system32\drivers\PnkBstrK.sys2010/11/29 11:13:06.0765 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys2010/11/29 11:13:06.0984 Processor (0d97d88720a4087ec93af7dbb303b30a) C:\WINDOWS\system32\DRIVERS\processr.sys2010/11/29 11:13:07.0218 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys2010/11/29 11:13:07.0437 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys2010/11/29 11:13:07.0671 pwd_2k (070eddd0e4a5be55dd590d8b30dbff22) C:\WINDOWS\system32\drivers\pwd_2k.sys2010/11/29 11:13:07.0890 PxHelp20 (0457e25bb122b854e267cf552dcdc370) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys2010/11/29 11:13:08.0140 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys2010/11/29 11:13:08.0390 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys2010/11/29 11:13:08.0625 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys2010/11/29 11:13:08.0875 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys2010/11/29 11:13:09.0140 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys2010/11/29 11:13:09.0343 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys2010/11/29 11:13:09.0625 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys2010/11/29 11:13:09.0843 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys2010/11/29 11:13:10.0093 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys2010/11/29 11:13:10.0296 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys2010/11/29 11:13:10.0515 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys2010/11/29 11:13:10.0765 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys2010/11/29 11:13:11.0015 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys2010/11/29 11:13:11.0234 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys2010/11/29 11:13:11.0546 SDdriver (ac2e5fa94155bc0c4c7ab8f97e181f6f) C:\WINDOWS\system32\Drivers\sddriver.sys2010/11/29 11:13:12.0000 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys2010/11/29 11:13:12.0171 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys2010/11/29 11:13:12.0312 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys2010/11/29 11:13:12.0468 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys2010/11/29 11:13:12.0765 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\System32\DRIVERS\sisagp.sys2010/11/29 11:13:12.0937 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS2010/11/29 11:13:13.0109 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys2010/11/29 11:13:13.0390 SPBBCDrv (dc4dc886d3779c446f9b0e9d6b006e72) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys2010/11/29 11:13:13.0718 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys2010/11/29 11:13:13.0937 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys2010/11/29 11:13:14.0171 SRS_SSCFilter (53ff9a8b3748399f143d7572b7888dd7) C:\WINDOWS\system32\drivers\srs_sscfilter_i386.sys2010/11/29 11:13:14.0453 SRTSP (e81f6caeab9ad5732e94c07c97866aa2) C:\WINDOWS\System32\Drivers\N360\0308000.029\SRTSP.SYS2010/11/29 11:13:14.0718 SRTSPX (e28de499d942b08058bffac69d4122b6) C:\WINDOWS\system32\drivers\N360\0308000.029\SRTSPX.SYS2010/11/29 11:13:14.0953 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys2010/11/29 11:13:15.0218 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys2010/11/29 11:13:15.0406 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys2010/11/29 11:13:15.0656 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys2010/11/29 11:13:15.0906 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys2010/11/29 11:13:16.0187 SymEFA (d0885f6e24259a6c65e68d6ad749910a) C:\WINDOWS\system32\drivers\N360\0308000.029\SYMEFA.SYS2010/11/29 11:13:16.0437 SymEvent (a54ff04bd6e75dc4d8cb6f3e352635e0) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS2010/11/29 11:13:16.0687 SYMFW (1e825026436c4eac3e1a11d1e9c33f2c) C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMFW.SYS2010/11/29 11:13:16.0921 SYMIDS (7a20b7d774ef0f16cf81b898bfeca772) C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMIDS.SYS2010/11/29 11:13:17.0140 SymIM (c6db9f873b09c63f5cb1de10c08bf6f9) C:\WINDOWS\system32\DRIVERS\SymIM.sys2010/11/29 11:13:17.0187 SymIMMP (c6db9f873b09c63f5cb1de10c08bf6f9) C:\WINDOWS\system32\DRIVERS\SymIM.sys2010/11/29 11:13:17.0390 symlcbrd (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\System32\drivers\symlcbrd.sys2010/11/29 11:13:17.0640 SYMNDIS (5ab7d00ea6b7a6fcd5067c632ec6f039) C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMNDIS.SYS2010/11/29 11:13:17.0890 SYMTDI (e4fa8bbb96e314e9508865de1a767538) C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMTDI.SYS2010/11/29 11:13:18.0140 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys2010/11/29 11:13:18.0390 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys2010/11/29 11:13:18.0625 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys2010/11/29 11:13:18.0890 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys2010/11/29 11:13:19.0156 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys2010/11/29 11:13:19.0359 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys2010/11/29 11:13:19.0562 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys2010/11/29 11:13:19.0812 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\System32\DRIVERS\toside.sys2010/11/29 11:13:20.0109 UdfReadr_xp (27e66e79fd742c107fdb23280e17d869) C:\WINDOWS\system32\drivers\UdfReadr_xp.sys2010/11/29 11:13:20.0343 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys2010/11/29 11:13:20.0609 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys2010/11/29 11:13:20.0859 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys2010/11/29 11:13:21.0140 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\WINDOWS\system32\Drivers\usbaapl.sys2010/11/29 11:13:21.0375 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys2010/11/29 11:13:21.0625 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys2010/11/29 11:13:21.0843 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys2010/11/29 11:13:22.0078 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys2010/11/29 11:13:22.0546 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys2010/11/29 11:13:22.0781 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS2010/11/29 11:13:22.0984 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys2010/11/29 11:13:23.0187 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys2010/11/29 11:13:23.0406 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\System32\DRIVERS\viaagp.sys2010/11/29 11:13:23.0640 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\System32\DRIVERS\viaide.sys2010/11/29 11:13:23.0875 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys2010/11/29 11:13:24.0093 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys2010/11/29 11:13:24.0296 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys2010/11/29 11:13:24.0515 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys2010/11/29 11:13:24.0765 WmBEnum (bc3ecbcb40147bdae3ad2fd0b4b346d8) C:\WINDOWS\system32\drivers\WmBEnum.sys2010/11/29 11:13:25.0046 WmFilter (19f9881d8b3484fedb605d0216876898) C:\WINDOWS\system32\drivers\WmFilter.sys2010/11/29 11:13:25.0328 WmVirHid (7a51545a6409a25eedbdbd97d019e8cc) C:\WINDOWS\system32\drivers\WmVirHid.sys2010/11/29 11:13:25.0562 WmXlCore (1f083b3bc73017e60c3ca85cf4a70753) C:\WINDOWS\system32\drivers\WmXlCore.sys2010/11/29 11:13:25.0796 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys2010/11/29 11:13:26.0078 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys2010/11/29 11:13:26.0484 ================================================================================2010/11/29 11:13:26.0484 Scan finished2010/11/29 11:13:26.0484 ================================================================================ Link to post Share on other sites More sharing options...
LDTate Posted November 29, 2010 ID:352927 Share Posted November 29, 2010 Good.We shall see what Combofix shows Link to post Share on other sites More sharing options...
mswind18 Posted November 29, 2010 Author ID:353029 Share Posted November 29, 2010 I was getting nervous.....started the program and it seemed the"creating report" part was running too long....certainly not as long in my (the problem) directory....so I stopped and ran again...and just let it run.....report finally appeared (attached) also note I think I did not run combofix as you requested earlier today from the problem account....should I run again?Here is from a good account.ComboFix 10-11-28.05 - Mom2 11/29/2010 12:32:26.3.1 - x86Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.314 [GMT -5:00]Running from: c:\documents and settings\Dad\My Documents\Downloads\ComboFix.exeAV: Norton 360 *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}FW: Norton 360 *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}.((((((((((((((((((((((((( Files Created from 2010-10-28 to 2010-11-29 ))))))))))))))))))))))))))))))).2010-11-29 16:08 . 2010-11-29 16:08 -------- d-----w- c:\documents and settings\Greg\Local Settings\Application Data\AOL Toolbar2010-11-29 16:03 . 2010-11-29 16:03 -------- d-----w- c:\documents and settings\Greg\Application Data\Malwarebytes2010-11-21 12:34 . 2010-11-21 12:34 -------- d-----w- c:\documents and settings\Mom2\Local Settings\Application Data\AOL Toolbar2010-11-15 10:19 . 2010-11-15 10:19 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\AOL2010-11-15 04:16 . 2010-11-15 04:16 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL Toolbar2010-11-15 04:16 . 2010-11-15 04:16 -------- d-----w- c:\program files\Common Files\Software Update Utility2010-11-15 04:12 . 2010-11-15 04:12 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL OCP2010-11-15 04:10 . 2010-11-15 04:21 -------- d-----w- c:\program files\AOL 9.52010-11-15 04:10 . 2010-11-15 04:18 -------- d-----w- c:\program files\Common Files\aolshare2010-11-14 16:23 . 2010-11-14 16:23 -------- dc----w- C:\Install AOL Communicator2010-11-14 16:23 . 2010-11-14 16:23 -------- dc----w- C:\Install Winamp2010-11-14 16:23 . 2010-11-14 16:23 -------- dc----w- C:\Install ICQ2010-11-14 16:23 . 2010-11-14 16:23 -------- dc----w- C:\AOL Instant Messenger2010-11-14 16:22 . 2010-11-14 16:22 -------- d-----w- c:\program files\Learn2.com.(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2010-11-29 15:29 . 2009-03-06 03:49 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr2010-11-29 15:29 . 2007-04-04 00:35 214520 ----a-w- c:\windows\system32\PnkBstrB.exe2010-11-29 15:22 . 2007-04-04 00:35 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys2010-11-24 23:46 . 2010-01-07 00:30 41856 ----a-w- c:\windows\system32\drivers\imapi.sys2010-11-24 04:39 . 2006-10-27 18:33 963 -c-ha-w- c:\windows\win.tmp2006-04-05 16:26 . 2006-09-23 21:46 233472 -c--a-w- c:\program files\ShellEnglishLC.dll2006-04-05 16:26 . 2006-09-23 21:46 36864 -c--a-w- c:\program files\ShellDLLResEnglish.dll2006-04-05 16:26 . 2006-09-23 21:46 483328 -c--a-w- c:\program files\Shell2EnglishLC.dll2006-04-05 16:26 . 2006-09-23 21:46 208896 -c--a-w- c:\program files\ShellLC.dll2006-04-05 16:26 . 2006-09-23 21:46 114688 -c--a-w- c:\program files\RTFCtrl.dll2006-04-05 16:26 . 2006-09-23 21:46 102400 -c--a-w- c:\program files\MXExHand.dll2006-04-05 16:24 . 2006-09-23 21:46 45056 -c--a-w- c:\program files\DMUtilsResEnglish.dll2006-04-05 16:24 . 2006-09-23 21:46 184320 -c--a-w- c:\program files\DMUtils.dll2006-04-05 16:23 . 2006-09-23 21:46 86016 -c--a-w- c:\program files\DMTutorialResEnglish.dll2006-04-05 16:23 . 2006-09-23 21:46 90112 -c--a-w- c:\program files\DMTutorial.dll2006-04-05 16:22 . 2006-09-23 21:46 159744 -c--a-w- c:\program files\DMSetupResEnglish.dll2006-04-05 16:22 . 2006-09-23 21:46 303104 -c--a-w- c:\program files\DMSetup.dll2006-04-05 16:21 . 2006-09-23 21:46 118784 -c--a-w- c:\program files\ODIFCopy.dll2006-04-05 16:21 . 2006-09-23 21:46 98304 -c--a-w- c:\program files\ODIMan.dll2006-04-05 16:21 . 2006-09-23 21:46 20480 -c--a-w- c:\program files\DMInfoResEnglish.dll2006-04-05 16:20 . 2006-09-23 21:46 151552 -c--a-w- c:\program files\DMInfo.dll2006-04-05 16:19 . 2006-09-23 21:46 3497984 -c--a-w- c:\program files\ODIJump.dll2006-04-05 16:19 . 2006-09-23 21:46 176128 -c--a-w- c:\program files\ODICtrl.dll2006-04-05 16:19 . 2006-09-23 21:46 94208 -c--a-w- c:\program files\ODIFrmt.dll2006-04-05 16:18 . 2006-09-23 21:46 61440 -c--a-w- c:\program files\CDEject.exe2006-04-05 16:18 . 2006-09-23 21:46 49152 ----a-w- c:\program files\DataLifeguard.exe2006-04-05 16:18 . 2006-09-23 21:46 266240 -c--a-w- c:\program files\ShellDLL.dll2006-04-05 16:17 . 2006-09-23 21:46 139264 -c--a-w- c:\program files\ODIPart.dll2006-04-05 16:16 . 2006-09-23 21:46 176128 -c--a-w- c:\program files\ODIDev.dll2006-04-05 16:16 . 2006-09-23 21:46 49152 -c--a-w- c:\program files\Scsilib.dll2006-04-05 16:15 . 2006-09-23 21:46 94208 -c--a-w- c:\program files\mxdlgsup.dll2006-04-05 16:15 . 2006-09-23 21:46 102400 -c--a-w- c:\program files\MXPM.dll2004-12-08 14:50 . 2004-12-08 14:50 2112103 -c--a-w- c:\program files\BHODemon20Setup_2020.exe2004-12-02 13:24 . 2004-12-02 13:22 16706160 -c--a-w- c:\program files\AdbeRdr60_enu_full.exe2004-12-02 13:22 . 2004-12-02 13:22 6811656 -c--a-w- c:\program files\psa201se_us.exe2003-04-03 12:47 . 2003-04-03 12:47 1684194 -c--a-w- c:\program files\SpamNet1.0Beta9.exe2003-02-18 01:31 . 2003-02-18 01:31 2430662 -c--a-w- c:\program files\spybotsd11.exe2003-02-09 03:10 . 2003-02-09 03:10 37376 -c-ha-w- c:\program files\iblock.exe2003-01-17 04:22 . 2003-01-17 04:22 3781808 -c-ha-w- c:\program files\zaSetup_1001.exe2003-01-11 15:07 . 2003-01-11 14:41 8839120 -c-ha-w- c:\program files\AcroReader51_ENU.exe2003-01-11 14:41 . 2003-01-11 04:22 13736688 -c-ha-w- c:\program files\AcroReader51_ENU_full.exe2000-03-13 16:13 . 2006-09-23 21:46 509984 -c--a-w- c:\program files\50comupd.exe.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"LDM"="\Program\BackWeb-8876480.exe" [bU]"SpokeSysTray"="c:\program files\Spoke Client\SpokeSysTray.exe" [2008-08-11 1875920]"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-24 68856][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928]"HPDJ Taskbar Utility"="c:\windows\System32\spool\drivers\w32x86\3\hpztsb01.exe" [2000-12-12 192512]"EM_EXEC"="c:\progra~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2002-07-01 28672]"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2002-09-25 290816]"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]"NSWosCheck"="c:\program files\Norton SystemWorks\osCheck.exe" [2007-09-18 25472]"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]"AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2006-10-23 71216]"HostManager"="c:\program files\Common Files\AOL\1188076909\ee\AOLSoftware.exe" [2010-02-10 41800][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"ALUAlert"="c:\program files\Symantec\LiveUpdate\ALUNotify.exe" [2007-08-23 152952]"Spyware Doctor"="c:\program files\Spyware Doctor\swdoctor.exe" [2006-12-11 2115728]c:\documents and settings\Dad\Start Menu\Programs\Startup\HotSync Manager.LNK - c:\program files\Palm\Hotsync.exe [2004-6-9 471040]c:\documents and settings\All Users\Start Menu\Programs\Startup\DataViz Inc Messenger.lnk - c:\program files\Common Files\DataViz\DvzIncMsgr.exe [2007-2-2 28672]Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2002-12-22 45056][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]@="FSFilter Activity Monitor"[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HOTSYNCSHORTCUTNAME.lnk]path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HOTSYNCSHORTCUTNAME.lnkbackup=c:\windows\pss\HOTSYNCSHORTCUTNAME.lnkCommon Startup[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]2002-04-10 20:44 679936 -c--a-w- c:\program files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]2006-10-23 12:50 71216 ----a-r- c:\program files\Common Files\AOL\ACS\AOLDial.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]2009-11-11 04:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]2007-06-24 10:41 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot"Camera Detector"=c:\progra~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]"DisableMonitoring"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]"DisableMonitoring"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]"DisableMonitoring"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="f:\\America Online 9.0\\waol.exe"="c:\\Program Files\\America Online 9.0\\waol.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpofxm08.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposfx08.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqCopy.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpfccopy.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpzwiz01.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqPhUnl.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqDIA.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpoews01.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqnrs08.exe"="c:\\Program Files\\Activision\\Call of Duty 2\\cod2mp_s.exe"="c:\\Program Files\\Call of Duty Game of the Year Edition\\CoDMP.exe"="c:\\Program Files\\Palm\\Hotsync.exe"="c:\\WINDOWS\\SYSTEM32\\LEXPPS.EXE"="c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"="c:\\Program Files\\Real\\RealPlayer\\realplay.exe"="c:\\Program Files\\Bonjour\\mDNSResponder.exe"="c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"="c:\\Program Files\\Common Files\\AOL\\1188076909\\ee\\aolsoftware.exe"="c:\\Program Files\\AOL 9.5\\waol.exe"="c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-04-16 135664]S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0308000.029\SYMEFA.SYS [2009-08-22 310320]S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\Drivers\N360\0308000.029\BHDrvx86.sys [2009-08-22 259632]S1 ccHP;Symantec Hash Provider;c:\windows\System32\Drivers\N360\0308000.029\ccHPx86.sys [2009-08-22 482432]S1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20101124.002\IDSxpx86.sys [2010-10-19 341880]S2 N360;Norton 360;c:\program files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe [2009-08-22 117640]S2 NProtectService;Norton UnErase Protection;c:\progra~1\NORTON~1\NORTON~1\NPROTECT.EXE [2005-11-04 95832]S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-05-26 102448]--- Other Services/Drivers In Memory ---*NewlyCreated* - PNKBSTRB*NewlyCreated* - PNKBSTRK*Deregistered* - klmd25*Deregistered* - mchInjDrv.Contents of the 'Scheduled Tasks' folder2010-11-25 c:\windows\Tasks\AppleSoftwareUpdate.job- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]2010-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-16 15:37]2010-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-16 15:37]2010-11-01 c:\windows\Tasks\Norton SystemWorks One Button Checkup.job- c:\program files\Norton SystemWorks\OBC.exe [2007-09-18 12:22]..------- Supplementary Scan -------.uStart Page = hxxp://www.dellnet.com/uSearch Page = hxxp://www.google.comuSearch Bar = hxxp://www.google.com/iemLocal Page = about:blankmStart Page = about:blankmSearch Bar = hxxp://www.google.com/ieuInternet Connection Wizard,ShellNext = iexploreuInternet Settings,ProxyOverride = hxxp://localhost;uSearchAssistant = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://www.google.com/search?q=%sIE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.htmlDPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cabDPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cabDPF: vzTCPConfig - hxxp://www2.verizon.net/help/fios_settings_POTT20009/include/vzTCPConfig.CABFF - ProfilePath - c:\documents and settings\Mom2\Application Data\Mozilla\Firefox\Profiles\nusav8en.default\FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dllFF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dllFF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dllFF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dllFF - plugin: c:\program files\Mozilla Firefox\plugins\npdnupdater2.dllFF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dllFF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}FF - Extension: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}FF - Extension: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - c:\documents and settings\Mom2\Application Data\Mozilla\Firefox\Profiles\nusav8en.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}FF - Extension: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ffFF - Extension: Norton Toolbar: {7BA52691-1876-45ce-9EE6-54BCB3B04BBC} - c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn---- FIREFOX POLICIES ----FF - user.js: yahoo.homepage.dontask - true.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2010-11-29 12:58Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]"ImagePath"="\"c:\program files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.8.0.41\diMaster.dll\" /prefetch:1"[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mchInjDrv]"ImagePath"="\??\c:\windows\TEMP\mc23.tmp".--------------------- LOCKED REGISTRY KEYS ---------------------[HKEY_USERS\S-1-5-21-3013870458-1111066612-3762109593-1005\Software\Microsoft\SystemCertificates\AddressBook*]@Allowed: (Read) (RestrictedCode)@Allowed: (Read) (RestrictedCode)[HKEY_USERS\S-1-5-21-3013870458-1111066612-3762109593-1005\Software\Policies\Microsoft\SystemCertificates\AddressBook*]@Allowed: (Read) (S-1-5-21-3013870458-1111066612-3762109593-1005)@Allowed: (Read) (S-1-5-21-3013870458-1111066612-3762109593-1005)@Allowed: (Read) (RestrictedCode)@Allowed: (Read) (RestrictedCode)[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]"Enabled"=dword:00000001[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]@Denied: (A 2) (Everyone)@="IFlashBroker4"[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}"[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".--------------------- DLLs Loaded Under Running Processes ---------------------- - - - - - - > 'winlogon.exe'(520)c:\windows\system32\Ati2evxx.dll- - - - - - - > 'explorer.exe'(29564)c:\program files\Logitech\iTouch\iTchHk.dllc:\program files\Common Files\Logitech\Scrolling\LgMsgHk.dllc:\progra~1\Logitech\MOUSEW~1\SYSTEM\LGMOUSHK.dllc:\windows\system32\WPDShServiceObj.dllc:\windows\system32\PortableDeviceTypes.dllc:\windows\system32\PortableDeviceApi.dll.Completion time: 2010-11-29 13:48:54ComboFix-quarantined-files.txt 2010-11-29 18:48ComboFix2.txt 2010-11-25 02:07Pre-Run: 12,074,573,824 bytes freePost-Run: 12,042,928,128 bytes free- - End Of File - - 646C70035D6DBD164ACB54A29851041E Link to post Share on other sites More sharing options...
LDTate Posted November 29, 2010 ID:353034 Share Posted November 29, 2010 I think I did not run combofix as you requested earlier today from the problem account....should I run again?Yes. Link to post Share on other sites More sharing options...
mswind18 Posted November 29, 2010 Author ID:353155 Share Posted November 29, 2010 Here is the report from the affected account....this also took longer than the one I ran the other day (for the first time).... Link to post Share on other sites More sharing options...
mswind18 Posted November 29, 2010 Author ID:353157 Share Posted November 29, 2010 Sorry about that forgot to post...here it is...ComboFix 10-11-28.05 - Dad 11/29/2010 15:02:07.4.1 - x86Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.407 [GMT -5:00]Running from: c:\documents and settings\Dad\My Documents\Downloads\ComboFix.exeAV: Norton 360 *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}FW: Norton 360 *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}.((((((((((((((((((((((((( Files Created from 2010-10-28 to 2010-11-29 ))))))))))))))))))))))))))))))).2010-11-21 12:34 . 2010-11-21 12:34 -------- d-----w- c:\documents and settings\Mom2\Local Settings\Application Data\AOL Toolbar2010-11-15 10:19 . 2010-11-15 10:19 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\AOL2010-11-15 04:16 . 2010-11-15 04:16 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL Toolbar2010-11-15 04:16 . 2010-11-15 04:16 -------- d-----w- c:\program files\Common Files\Software Update Utility2010-11-15 04:12 . 2010-11-15 04:12 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL OCP2010-11-15 04:10 . 2010-11-15 04:21 -------- d-----w- c:\program files\AOL 9.52010-11-15 04:10 . 2010-11-15 04:18 -------- d-----w- c:\program files\Common Files\aolshare2010-11-14 16:23 . 2010-11-14 16:23 -------- dc----w- C:\Install AOL Communicator2010-11-14 16:23 . 2010-11-14 16:23 -------- dc----w- C:\Install Winamp2010-11-14 16:23 . 2010-11-14 16:23 -------- dc----w- C:\Install ICQ2010-11-14 16:23 . 2010-11-14 16:23 -------- dc----w- C:\AOL Instant Messenger2010-11-14 16:22 . 2010-11-14 16:22 -------- d-----w- c:\program files\Learn2.com.(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2010-11-29 15:29 . 2009-03-06 03:49 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr2010-11-29 15:29 . 2007-04-04 00:35 214520 ----a-w- c:\windows\system32\PnkBstrB.exe2010-11-29 15:22 . 2007-04-04 00:35 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys2010-11-24 23:46 . 2010-01-07 00:30 41856 ----a-w- c:\windows\system32\drivers\imapi.sys2010-11-24 04:39 . 2006-10-27 18:33 963 -c-ha-w- c:\windows\win.tmp2006-04-05 16:26 . 2006-09-23 21:46 233472 -c--a-w- c:\program files\ShellEnglishLC.dll2006-04-05 16:26 . 2006-09-23 21:46 36864 -c--a-w- c:\program files\ShellDLLResEnglish.dll2006-04-05 16:26 . 2006-09-23 21:46 483328 -c--a-w- c:\program files\Shell2EnglishLC.dll2006-04-05 16:26 . 2006-09-23 21:46 208896 -c--a-w- c:\program files\ShellLC.dll2006-04-05 16:26 . 2006-09-23 21:46 114688 -c--a-w- c:\program files\RTFCtrl.dll2006-04-05 16:26 . 2006-09-23 21:46 102400 -c--a-w- c:\program files\MXExHand.dll2006-04-05 16:24 . 2006-09-23 21:46 45056 -c--a-w- c:\program files\DMUtilsResEnglish.dll2006-04-05 16:24 . 2006-09-23 21:46 184320 -c--a-w- c:\program files\DMUtils.dll2006-04-05 16:23 . 2006-09-23 21:46 86016 -c--a-w- c:\program files\DMTutorialResEnglish.dll2006-04-05 16:23 . 2006-09-23 21:46 90112 -c--a-w- c:\program files\DMTutorial.dll2006-04-05 16:22 . 2006-09-23 21:46 159744 -c--a-w- c:\program files\DMSetupResEnglish.dll2006-04-05 16:22 . 2006-09-23 21:46 303104 -c--a-w- c:\program files\DMSetup.dll2006-04-05 16:21 . 2006-09-23 21:46 118784 -c--a-w- c:\program files\ODIFCopy.dll2006-04-05 16:21 . 2006-09-23 21:46 98304 -c--a-w- c:\program files\ODIMan.dll2006-04-05 16:21 . 2006-09-23 21:46 20480 -c--a-w- c:\program files\DMInfoResEnglish.dll2006-04-05 16:20 . 2006-09-23 21:46 151552 -c--a-w- c:\program files\DMInfo.dll2006-04-05 16:19 . 2006-09-23 21:46 3497984 -c--a-w- c:\program files\ODIJump.dll2006-04-05 16:19 . 2006-09-23 21:46 176128 -c--a-w- c:\program files\ODICtrl.dll2006-04-05 16:19 . 2006-09-23 21:46 94208 -c--a-w- c:\program files\ODIFrmt.dll2006-04-05 16:18 . 2006-09-23 21:46 61440 -c--a-w- c:\program files\CDEject.exe2006-04-05 16:18 . 2006-09-23 21:46 49152 ----a-w- c:\program files\DataLifeguard.exe2006-04-05 16:18 . 2006-09-23 21:46 266240 -c--a-w- c:\program files\ShellDLL.dll2006-04-05 16:17 . 2006-09-23 21:46 139264 -c--a-w- c:\program files\ODIPart.dll2006-04-05 16:16 . 2006-09-23 21:46 176128 -c--a-w- c:\program files\ODIDev.dll2006-04-05 16:16 . 2006-09-23 21:46 49152 -c--a-w- c:\program files\Scsilib.dll2006-04-05 16:15 . 2006-09-23 21:46 94208 -c--a-w- c:\program files\mxdlgsup.dll2006-04-05 16:15 . 2006-09-23 21:46 102400 -c--a-w- c:\program files\MXPM.dll2004-12-08 14:50 . 2004-12-08 14:50 2112103 -c--a-w- c:\program files\BHODemon20Setup_2020.exe2004-12-02 13:24 . 2004-12-02 13:22 16706160 -c--a-w- c:\program files\AdbeRdr60_enu_full.exe2004-12-02 13:22 . 2004-12-02 13:22 6811656 -c--a-w- c:\program files\psa201se_us.exe2003-04-03 12:47 . 2003-04-03 12:47 1684194 -c--a-w- c:\program files\SpamNet1.0Beta9.exe2003-02-18 01:31 . 2003-02-18 01:31 2430662 -c--a-w- c:\program files\spybotsd11.exe2003-02-09 03:10 . 2003-02-09 03:10 37376 -c-ha-w- c:\program files\iblock.exe2003-01-17 04:22 . 2003-01-17 04:22 3781808 -c-ha-w- c:\program files\zaSetup_1001.exe2003-01-11 15:07 . 2003-01-11 14:41 8839120 -c-ha-w- c:\program files\AcroReader51_ENU.exe2003-01-11 14:41 . 2003-01-11 04:22 13736688 -c-ha-w- c:\program files\AcroReader51_ENU_full.exe2000-03-13 16:13 . 2006-09-23 21:46 509984 -c--a-w- c:\program files\50comupd.exe.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-24 68856]"AOL Fast Start"="c:\program files\AOL 9.5\AOL.EXE" [2010-03-23 29520][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928]"HPDJ Taskbar Utility"="c:\windows\System32\spool\drivers\w32x86\3\hpztsb01.exe" [2000-12-12 192512]"EM_EXEC"="c:\progra~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2002-07-01 28672]"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2002-09-25 290816]"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]"NSWosCheck"="c:\program files\Norton SystemWorks\osCheck.exe" [2007-09-18 25472]"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]"AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2006-10-23 71216]"HostManager"="c:\program files\Common Files\AOL\1188076909\ee\AOLSoftware.exe" [2010-02-10 41800][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"ALUAlert"="c:\program files\Symantec\LiveUpdate\ALUNotify.exe" [2007-08-23 152952]"Spyware Doctor"="c:\program files\Spyware Doctor\swdoctor.exe" [2006-12-11 2115728]c:\documents and settings\Dad\Start Menu\Programs\Startup\HotSync Manager.LNK - c:\program files\Palm\Hotsync.exe [2004-6-9 471040]c:\documents and settings\All Users\Start Menu\Programs\Startup\DataViz Inc Messenger.lnk - c:\program files\Common Files\DataViz\DvzIncMsgr.exe [2007-2-2 28672]Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2002-12-22 45056][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]@="FSFilter Activity Monitor"[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HOTSYNCSHORTCUTNAME.lnk]path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HOTSYNCSHORTCUTNAME.lnkbackup=c:\windows\pss\HOTSYNCSHORTCUTNAME.lnkCommon Startup[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]2002-04-10 20:44 679936 -c--a-w- c:\program files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]2006-10-23 12:50 71216 ----a-r- c:\program files\Common Files\AOL\ACS\AOLDial.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]2009-11-11 04:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]2007-06-24 10:41 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot"Camera Detector"=c:\progra~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]"DisableMonitoring"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]"DisableMonitoring"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]"DisableMonitoring"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="f:\\America Online 9.0\\waol.exe"="c:\\Program Files\\America Online 9.0\\waol.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpofxm08.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposfx08.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqCopy.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpfccopy.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpzwiz01.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqPhUnl.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqDIA.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpoews01.exe"="c:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqnrs08.exe"="c:\\Program Files\\Activision\\Call of Duty 2\\cod2mp_s.exe"="c:\\Program Files\\Call of Duty Game of the Year Edition\\CoDMP.exe"="c:\\Program Files\\Palm\\Hotsync.exe"="c:\\WINDOWS\\SYSTEM32\\LEXPPS.EXE"="c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"="c:\\Program Files\\Real\\RealPlayer\\realplay.exe"="c:\\Program Files\\Bonjour\\mDNSResponder.exe"="c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"="c:\\Program Files\\Common Files\\AOL\\1188076909\\ee\\aolsoftware.exe"="c:\\Program Files\\AOL 9.5\\waol.exe"="c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-04-16 135664]S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0308000.029\SYMEFA.SYS [2009-08-22 310320]S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\Drivers\N360\0308000.029\BHDrvx86.sys [2009-08-22 259632]S1 ccHP;Symantec Hash Provider;c:\windows\System32\Drivers\N360\0308000.029\ccHPx86.sys [2009-08-22 482432]S1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20101124.002\IDSxpx86.sys [2010-10-19 341880]S2 N360;Norton 360;c:\program files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe [2009-08-22 117640]S2 NProtectService;Norton UnErase Protection;c:\progra~1\NORTON~1\NORTON~1\NPROTECT.EXE [2005-11-04 95832]S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-05-26 102448]--- Other Services/Drivers In Memory ---*NewlyCreated* - PNKBSTRB*NewlyCreated* - PNKBSTRK*Deregistered* - klmd25*Deregistered* - mchInjDrv.Contents of the 'Scheduled Tasks' folder2010-11-25 c:\windows\Tasks\AppleSoftwareUpdate.job- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]2010-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-16 15:37]2010-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-16 15:37]2010-11-01 c:\windows\Tasks\Norton SystemWorks One Button Checkup.job- c:\program files\Norton SystemWorks\OBC.exe [2007-09-18 12:22]..------- Supplementary Scan -------.uLocal Page = C:\WINDOWSabout.htmuStart Page = hxxp://www.google.com/uSearch Page = hxxp://www.google.comuSearch Bar = hxxp://www.google.com/iemLocal Page = about:blankmStart Page = about:blankmSearch Bar = hxxp://www.google.com/ieuInternet Connection Wizard,ShellNext = iexploreuSearchAssistant = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://www.google.com/search?q=%sIE: &AIM Search - c:\program files\AIM Toolbar\AIMBar.dll/aimsearch.htmIE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.htmlTrusted Zone: finefind.netDPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cabDPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cabDPF: vzTCPConfig - hxxp://www2.verizon.net/help/fios_settings_POTT20009/include/vzTCPConfig.CABFF - ProfilePath - c:\documents and settings\Dad\Application Data\Mozilla\Firefox\Profiles\46d37nqd.dad\FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/FF - prefs.js: network.proxy.type - 0FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dllFF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dllFF - plugin: c:\program files\Mozilla Firefox\plugins\npdnupdater2.dllFF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dllFF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}FF - Extension: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}FF - Extension: Adobe DLM (powered by getPlus®): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - c:\documents and settings\Dad\Application Data\Mozilla\Firefox\Profiles\46d37nqd.dad\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}FF - Extension: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ffFF - Extension: Norton Toolbar: {7BA52691-1876-45ce-9EE6-54BCB3B04BBC} - c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn---- FIREFOX POLICIES ----FF - user.js: network.cookie.cookieBehavior - 0FF - user.js: privacy.clearOnShutdown.cookies - falseFF - user.js: security.warn_viewing_mixed - falseFF - user.js: security.warn_viewing_mixed.show_once - falseFF - user.js: security.warn_submit_insecure - falseFF - user.js: security.warn_submit_insecure.show_once - false.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2010-11-29 15:37Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]"ImagePath"="\"c:\program files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.8.0.41\diMaster.dll\" /prefetch:1"[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mchInjDrv]"ImagePath"="\??\c:\windows\TEMP\mc23.tmp".--------------------- LOCKED REGISTRY KEYS ---------------------[HKEY_USERS\S-1-5-21-3013870458-1111066612-3762109593-1005\Software\Microsoft\SystemCertificates\AddressBook*]@Allowed: (Read) (RestrictedCode)@Allowed: (Read) (RestrictedCode)[HKEY_USERS\S-1-5-21-3013870458-1111066612-3762109593-1005\Software\Policies\Microsoft\SystemCertificates\AddressBook*]@Allowed: (Read) (S-1-5-21-3013870458-1111066612-3762109593-1005)@Allowed: (Read) (S-1-5-21-3013870458-1111066612-3762109593-1005)@Allowed: (Read) (RestrictedCode)@Allowed: (Read) (RestrictedCode)[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]"Enabled"=dword:00000001[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]@Denied: (A 2) (Everyone)@="IFlashBroker4"[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}"[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".--------------------- DLLs Loaded Under Running Processes ---------------------- - - - - - - > 'winlogon.exe'(520)c:\windows\system32\Ati2evxx.dll- - - - - - - > 'explorer.exe'(43068)c:\program files\Logitech\iTouch\iTchHk.dllc:\program files\Common Files\Logitech\Scrolling\LgMsgHk.dllc:\windows\System32\shdoclc.dllc:\progra~1\Logitech\MOUSEW~1\SYSTEM\LGMOUSHK.dllc:\windows\system32\WPDShServiceObj.dllc:\windows\system32\PortableDeviceTypes.dllc:\windows\system32\PortableDeviceApi.dll.Completion time: 2010-11-29 16:49:15ComboFix-quarantined-files.txt 2010-11-29 21:48ComboFix2.txt 2010-11-29 18:49ComboFix3.txt 2010-11-25 02:07Pre-Run: 11,900,088,320 bytes freePost-Run: 12,105,166,848 bytes free- - End Of File - - C71348CEEB57BEFF015A165E85AF5CEE Link to post Share on other sites More sharing options...
LDTate Posted November 29, 2010 ID:353178 Share Posted November 29, 2010 Please copy the contents of the following quote box into Notepad:REGEDIT4[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]"WallpaperStyle"=-"Wallpaper"=-"NoDispBackgroundPage"=-"NoDispAppearancePage"=-[HKEY_CURRENT_USER\Control Panel\Desktop]"Wallpaper"=-"WallpaperStyle"=-[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]"NoActiveDesktopChanges"=-"NoActiveDesktop"=-"NoSaveSettings"=-"ClassicShell"=-"NoThemesTab"=-[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]"NoChangingWallPaper"=-Save it to C: as fixme.regThen, locate fixme.reg and <double-click> it.You will receive a prompt similar to: "Do you wish to merge the information into the registry?".Answer 'Yes' and wait for a message to appear similar to "Merged Successfully"Reboot. Link to post Share on other sites More sharing options...
mswind18 Posted November 30, 2010 Author ID:353279 Share Posted November 30, 2010 No luck still. Link to post Share on other sites More sharing options...
mastershake Posted November 30, 2010 ID:353336 Share Posted November 30, 2010 Sorry to interject.Did you try this.Right-Click->View->Show Desktop Icons Link to post Share on other sites More sharing options...
mswind18 Posted November 30, 2010 Author ID:353499 Share Posted November 30, 2010 This should be a little embarrassing after all this:Mastershake; you are on the right track.......I found this before your post..."" To resolve this behavior, turn on the Show Desktop Icons feature: 1. Right-click the desktop. 2. Point to Arrange Icons By. 3. Click Show Desktop Icons. ""FixedSorry to interject.Did you try this.Right-Click->View->Show Desktop Icons Link to post Share on other sites More sharing options...
LDTate Posted November 30, 2010 ID:353637 Share Posted November 30, 2010 I thought what we tried before would have done the same thing1. Click Start, and then click Control Panel. 2. Double-click Display, click the Desktop tab, and then click Customize Desktop. 3. Select Restore Defaults Good job The following will implement some cleanup procedures as well as reset System Restore points:For XP: Click START run Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.For Vista / Windows 7 Click START Search Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.If you used DeFoggerTo re-enable your Emulation drivers, double click DeFogger to run the tool. The application window will appear Click the Re-enable button to re-enable your CD Emulation drivers Click Yes to continue A 'Finished!' message will appear Click OK DeFogger will now ask to reboot the machine - click OKIMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_enable which will appear on your desktop.Your Emulation drivers are now re-enabled.Here's my usual all clean postTo be on the safe side, I would also change all my passwords. This infection appears to have been cleaned, but as the malware could be configured to run any program a remote attacker requires, it's impossible to be 100% sure that any machine is clean.Log looks good Make your Internet Explorer more secure - This can be done by following these simple instructions:From within Internet Explorer click on the Tools menu and then click on Options.Click once on the Security tabClick once on the Internet icon so it becomes highlighted.Click once on the Custom Level button.Change the Download signed ActiveX controls to PromptChange the Download unsigned ActiveX controls to DisableChange the Initialize and script ActiveX controls not marked as safe to DisableChange the Installation of desktop items to PromptChange the Launching programs and files in an IFRAME to PromptChange the Navigate sub-frames across different domains to PromptWhen all these settings have been made, click on the OK button. If it prompts you as to whether or not you want to save the settings, press the Yes button.Next press the Apply button and then the OK to exit the Internet Properties page.[*]Update your AntiVirus Software - It is imperative that you update your Antivirus software at least once a week(Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.[*]Use a Firewall - I can not stress how important it is that you use a Firewall on your computer.Without a firewall your computer is succeptible to being hacked and taken over.I am very serious about this and see it happen almost every day with my clients.Simply using a Firewall in its default configuration can lower your risk greatly.[*] WOT , Web of Trust, As 'Googling' is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:Green to go Yellow for caution Red to stop WOT has an addon available for both Firefox and IE.[*]Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly.This will ensure your computer has always the latest security updates available installed on your computer.If there are new updates to install, install them immediately, reboot your computer, and revisit the siteuntil there are no more critical updates.Only run one Anti-Virus and Firewall program.I would suggest you read:PC Safety and Security--What Do I Need?.How to Prevent Malware: Link to post Share on other sites More sharing options...
mswind18 Posted December 1, 2010 Author ID:353952 Share Posted December 1, 2010 You're right....however it was a couple days ago, I may have fat fingered the process, don't remember.....Will do the clean up recommendations!Thanks for your help and patience!mark Link to post Share on other sites More sharing options...
LDTate Posted December 1, 2010 ID:354285 Share Posted December 1, 2010 You're more than welcome. Glad we were able to helpPeace be with you Link to post Share on other sites More sharing options...
LDTate Posted December 3, 2010 ID:355709 Share Posted December 3, 2010 Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you. Link to post Share on other sites More sharing options...
Recommended Posts