We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide
Internet explorer opening pop ups
Comments
-
Goto sheduled tasks ~
To open Scheduled Tasks, click Start, click All Programs, point to Accessories, point to System Tools, and then click Scheduled Tasks.
Stop this from running ~
c:\windows\Tasks\AF6AD04F91854217.job
- c:\docume~1\steve\applic~1\curbwa~1\AimHeckFile.ex e
(if you can manage it)
then (or
) ~
Open notepad and copy/paste the text in RED below
Folder::
c:\program files\curb wait hold
c:\documents and settings\Steve\Application Data\curb wait hold
c:\documents and settings\All Users\Application Data\Comp Jugs Ball That
File::
c:\documents and settings\All Users\Application Data\Comp Jugs Ball That\Dumb Clock.exe
Save this as "CFScript"
Then drag the CFScript into ComboFix.exe as you see in the screenshot below.
This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThis log.
Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
then run LSPFIX
Download HostsXpert
http://majorgeeks.com/Hoster_d4626.html
and then follow the below steps.
* Unzip HostsXpert.zip
* It will create a folder named HostsXpert in whatever folder you extract it to.
* Run HostsXpert.exe by double clicking on it.
* click the Make Writeable? button.
* click Restore Microsoft's Hosts File and then click OK.
* Click the X to exit the program
Please do a scan with Kaspersky Online Scanner
(Needs to be run in internet explorer)
Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
Click on the Accept button and install any components it needs.- The program will install and then begin downloading the latest definition files.
- After the files have been downloaded on the left side of the page in the Scan section select My Computer
- This will start the program and scan your system.
- The scan will take a while, so be patient and let it run.
- Once the scan is complete, click on View scan report
- Now, click on the Save Report as button.
- Save the file to your desktop.
- Copy and paste that information in your next post.
:idea:0 -
Did everything you said.
Thsi is what I ended up with
C:\Documents and Settings\Steve\My Documents\LimeWire\Saved\bleeding love jesse mccartney.sndInfected: Trojan-Downloader.WMA.GetCodec.s1C:\Documents and Settings\Steve\My Documents\My Music\My Music\BBAssistant.exeInfected: not-a-virus:RiskTool.Win32.PsKill.k1C:\System Volume Information\_restore{847EFD80-7A7E-4349-AFA1-E4168C583A44}\RP118\A0038047.exeInfected: Trojan.Win32.Obfuscated.actx1The selected area was scanned.NO to pasty tax We won!!!! Just shows that people power works! Don't be apathetic to your cause!0 -
Open notepad and copy/paste the text in RED below
File::
C:\Documents and Settings\Steve\My Documents\LimeWire\Saved\bleeding love jesse mccartney.snd
C:\Documents and Settings\Steve\My Documents\My Music\My Music\BBAssistant.exe
C:\System Volume Information\_restore{847EFD80-7A7E-4349-AFA1-E4168C583A44}\RP118\A0038047.exe
Save this as "CFScript"
Then drag the CFScript into ComboFix.exe as you see in the screenshot below.
This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThis log.
Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
__________________:idea:0 -
Mr Rik.
After all that work you set for me
The pop ups have stopped!!!!!!!!!!!!!! :j:beer:
Shall I still do the last combo fix thing?NO to pasty tax We won!!!! Just shows that people power works! Don't be apathetic to your cause!0 -
yes ~ else you could reinfect yourself:idea:0
-
Her tis. Great advice...thanks
ComboFix 09-04-04.01 - Steve 2009-04-10 7:18:00.4 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.383.156 [GMT 1:00]
Running from: c:\documents and settings\Steve\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Steve\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
FW: ZoneAlarm Firewall *enabled*
* Created a new restore point
FILE ::
c:\documents and settings\Steve\My Documents\LimeWire\Saved\bleeding love jesse mccartney.snd
c:\documents and settings\Steve\My Documents\My Music\My Music\BBAssistant.exe
c:\system volume information\_restore{847EFD80-7A7E-4349-AFA1-E4168C583A44}\RP118\A0038047.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Steve\My Documents\LimeWire\Saved\bleeding love jesse mccartney.snd
c:\documents and settings\Steve\My Documents\My Music\My Music\BBAssistant.exe
c:\system volume information\_restore{847EFD80-7A7E-4349-AFA1-E4168C583A44}\RP118\A0038047.exe
.
((((((((((((((((((((((((( Files Created from 2009-03-10 to 2009-04-10 )))))))))))))))))))))))))))))))
.
2009-04-10 07:16 . 2006-03-02 23:42 73,728 --a
C:\pv.exe
2009-04-06 17:34 . 2009-04-06 17:34 <DIR> d
c:\documents and settings\Steve\Tracing
2009-04-06 17:32 . 2009-04-06 17:32 <DIR> d
c:\program files\Microsoft Silverlight
2009-04-06 17:32 . 2009-04-06 17:32 <DIR> d
c:\program files\Microsoft Office Outlook Connector
2009-04-06 17:30 . 2009-02-06 18:08 55,152 --a
c:\windows\system32\drivers\fssfltr_tdi.sys
2009-04-06 17:28 . 2009-04-06 17:28 <DIR> d
c:\program files\Microsoft Sync Framework
2009-04-06 17:24 . 2006-11-29 13:06 3,426,072 --a
c:\windows\system32\d3dx9_32.dll
2009-04-06 17:23 . 2009-04-06 17:23 <DIR> d
c:\program files\Microsoft SQL Server Compact Edition
2009-04-06 17:16 . 2009-04-06 17:16 <DIR> d
c:\program files\Windows Live SkyDrive
2009-04-06 17:16 . 2009-04-06 17:16 <DIR> d
c:\program files\Microsoft
2009-04-04 21:15 . 2009-04-04 21:15 <DIR> d--hs---- C:\FOUND.008
2009-04-04 11:58 . 2009-04-04 11:58 <DIR> d
c:\program files\MSXML 4.0
2009-04-04 11:31 . 2009-04-04 11:31 <DIR> d
c:\windows\system32\scripting
2009-04-04 11:31 . 2009-04-04 11:31 <DIR> d
c:\windows\system32\en
2009-04-04 11:31 . 2009-04-04 11:31 <DIR> d
c:\windows\system32\bits
2009-04-04 11:31 . 2009-04-04 11:31 <DIR> d
c:\windows\l2schemas
2009-04-03 18:24 . 2009-04-03 18:24 <DIR> d
C:\Sounds
2009-04-03 18:21 . 2009-04-03 18:21 <DIR> d
c:\program files\LG Electronics
2009-04-03 18:21 . 2008-09-04 06:27 24,832 --a
c:\windows\system32\drivers\lgusbmodem.sys
2009-04-03 18:21 . 2008-09-04 06:28 19,968 --a
c:\windows\system32\drivers\lgusbdiag.sys
2009-04-03 18:21 . 2008-09-04 06:27 13,056 --a
c:\windows\system32\drivers\lgusbbus.sys
2009-04-03 18:18 . 2007-11-08 16:26 1,164,728 --a
c:\windows\system32\NMSDVDXU.dll
2009-04-03 18:18 . 2005-03-18 16:55 630,784 --a
c:\windows\system32\vsflex8u.ocx
2009-04-03 18:18 . 2005-09-26 22:55 419,240 --a
c:\windows\system32\Vsflex7L.ocx
2009-04-03 18:18 . 2000-05-22 00:00 244,416 --a
c:\windows\system32\Msflxgrd.ocx
2009-04-03 18:17 . 2009-04-03 18:17 <DIR> d
c:\program files\LG PC Suite II
2009-04-03 18:17 . 2009-04-03 18:17 <DIR> d
c:\documents and settings\Steve\Application Data\LG Electronics
2009-04-02 17:15 . 2009-04-02 17:15 <DIR> d
c:\documents and settings\Steve\Application Data\muvee Technologies
2009-04-02 16:49 . 2009-04-02 16:49 <DIR> d
c:\documents and settings\All Users\Application Data\TEMP
2009-03-27 06:30 . 2009-03-27 06:30 <DIR> d
c:\program files\SUPERAntiSpyware
2009-03-27 06:30 . 2009-03-27 06:30 <DIR> d
c:\program files\Common Files\Wise Installation Wizard
2009-03-27 06:30 . 2009-03-27 06:30 <DIR> d
c:\documents and settings\Steve\Application Data\SUPERAntiSpyware.com
2009-03-27 06:30 . 2009-03-27 06:30 <DIR> d
c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-03-25 06:42 . 2009-03-25 06:42 <DIR> d
c:\program files\Malwarebytes' Anti-Malware
2009-03-25 06:42 . 2009-03-25 06:42 <DIR> d
c:\documents and settings\Steve\Application Data\Malwarebytes
2009-03-25 06:42 . 2009-03-25 06:42 <DIR> d
c:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-25 06:42 . 2009-02-11 10:19 38,496 --a
c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-25 06:42 . 2009-02-11 10:19 15,504 --a
c:\windows\system32\drivers\mbam.sys
2009-03-24 19:16 . 2009-03-24 19:16 <DIR> d
c:\program files\iTunes
2009-03-24 19:16 . 2009-03-24 19:16 <DIR> d
c:\program files\iPod
2009-03-24 19:16 . 2009-03-24 19:16 <DIR> d
c:\documents and settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-24 19:14 . 2009-03-24 19:14 <DIR> d
c:\program files\Bonjour
2009-03-24 19:13 . 2009-03-24 19:13 <DIR> d
c:\program files\QuickTime
2009-03-24 19:11 . 2009-03-05 23:59 1,900,544 --a
c:\windows\system32\usbaaplrc.dll
2009-03-23 18:59 . 2009-03-23 18:59 <DIR> d
c:\program files\Common Files\Windows Live
2009-03-21 06:11 . 2009-03-21 06:11 <DIR> d--hs---- C:\FOUND.007
2009-03-10 14:42 . 2009-03-10 14:42 <DIR> d
c:\program files\Windows Media Connect 2
2009-03-10 14:38 . 2009-03-10 14:38 <DIR> d
c:\windows\system32\LogFiles
2009-03-10 14:38 . 2009-03-10 14:38 <DIR> d
c:\windows\system32\drivers\UMDF
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-09 21:19 32 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-04-09 21:19 32 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-04-07 16:08 5,349,371
w c:\windows\Internet Logs\tvDebug.zip
2009-04-07 16:07 90,112 ----a-w c:\windows\DUMP1f07.tmp
2009-04-04 19:27 90,112 ----a-w c:\windows\DUMP17b4.tmp
2009-03-30 09:13 2,588,672
w c:\windows\Internet Logs\xDBB.tmp
2009-03-30 09:13 1,389,056
w c:\windows\Internet Logs\xDBC.tmp
2009-03-09 04:19 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-03-05 22:59 36,864 ----a-w c:\windows\system32\drivers\usbaapl.sys
2009-02-28 22:06 678,912
w c:\windows\Internet Logs\xDBA.tmp
2009-02-28 21:23 90,112 ----a-w c:\windows\DUMP762a.tmp
2009-02-20 23:55 698,880
w c:\windows\Internet Logs\xDB9.tmp
2009-02-15 14:31 2,457,600
w c:\windows\Internet Logs\xDB7.tmp
2009-02-15 14:31 1,673,728
w c:\windows\Internet Logs\xDB8.tmp
2009-02-15 12:27 90,112 ----a-w c:\windows\DUMPee24.tmp
2009-02-09 11:13 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:13 1,846,784
w c:\windows\system32\dllcache\win32k.sys
2009-02-06 18:03 307,576 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-02 14:09 10,520 ----a-w c:\windows\system32\avgrsstx.dll
2009-01-22 17:18 90,112 ----a-w c:\windows\DUMP5cd5.tmp
2009-01-22 17:18 1,633,792
w c:\windows\Internet Logs\xDB6.tmp
2009-01-22 17:18 1,497,600
w c:\windows\Internet Logs\xDB5.tmp
2009-01-22 15:35 90,112 ----a-w c:\windows\DUMP882b.tmp
2009-01-16 20:35 3,594,752
w c:\windows\system32\dllcache\mshtml.dll
.
((((((((((((((((((((((((((((( SnapShot_2009-04-07_ 7.15.30.53 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-11-22 13:15:14 144,792 ----a-w c:\windows\system32\java.exe
+ 2009-03-09 04:19:12 144,792 ----a-w c:\windows\system32\java.exe
- 2008-11-22 13:15:14 144,792 ----a-w c:\windows\system32\javaw.exe
+ 2009-03-09 04:19:14 144,792 ----a-w c:\windows\system32\javaw.exe
- 2008-11-22 13:15:14 148,888 ----a-w c:\windows\system32\javaws.exe
+ 2009-03-09 04:19:14 148,888 ----a-w c:\windows\system32\javaws.exe
+ 2009-04-10 05:24:30 16,384 ----a-w c:\windows\Temp\Perflib_Perfdata_4cc.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\System32\NVMCTRAY.DLL" [2002-12-27 49152]
"MoneyAgent"="c:\program files\Microsoft Money\System\mnyexpr.exe" [2003-06-18 200704]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-28 68856]
"EPSON Stylus SX200 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE" [2007-12-13 188928]
"EPSON Stylus SX200 Series (Copy 1)"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE" [2007-12-13 188928]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"HeavyWeatherPublisher"="c:\heavyweather upload\HeavyWeatherPublisher.exe" [2004-02-23 1302528]
"Aim6"="c:\program files\AIM6\aim6.exe" [2007-05-09 50736]
"Creative Live! Cam Manager"="c:\program files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2007-06-07 155648]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-03-23 1830128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2002-12-27 4263936]
"IW ControlCenter"="c:\program files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe" [2003-03-12 836096]
"PinnacleDriverCheck"="c:\windows\System32\PSDrvCheck.exe" [2003-05-05 393728]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-02 1601304]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"Microsoft Works Update Detection"="c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-06-10 50688]
"V0410Mon.exe"="c:\windows\V0410Mon.exe" [2007-06-07 32768]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-12 342312]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"nwiz"="nwiz.exe" [2002-12-27 c:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 12:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-02 15:09 10520 c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPASTATUS]
2003-02-26 14:18 620032 c:\program files\Internet Explorer\Connection Wizard\status.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe"=
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-11-18 325128]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-11-18 107272]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-03-23 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-03-23 72944]
R1 vobcom;vobcom;c:\windows\system32\drivers\vobcom.sys [2001-10-04 9728]
R1 vobiw;vobiw;c:\windows\system32\drivers\vobIW.sys [2003-04-10 187392]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-11-22 903960]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-11-22 298264]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-04-06 55152]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R3 cdrdrv;Cdrdrv;c:\windows\system32\drivers\Cdrdrv.sys [2002-12-13 64000]
R3 RLDesignVirtualAudioCableWdm;Live! Cam Virtual;c:\windows\system32\drivers\livecamv.sys [2009-01-27 31616]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-03-23 7408]
S3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 V0410Afx;Creative Camera VF0410 Audio Effects Driver;c:\windows\system32\drivers\V0410AFX.sys [2009-01-27 142656]
S3 V0410Aud;Creative Camera VF0410 Noise Cancellation APO;c:\windows\system32\drivers\V0410Aud.sys [2009-01-27 94720]
S3 V0410Dev;Creative Camera VF0410 Driver;c:\windows\system32\drivers\V0410Dev.sys [2009-01-27 244672]
S3 V0410Vfx;Creative Camera VF0410 Video VFX Driver;c:\windows\system32\drivers\V0410Vfx.sys [2009-01-27 7168]
.
Contents of the 'Scheduled Tasks' folder
2009-02-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
2009-01-16 c:\windows\Tasks\DriverRobot.job
- c:\program files\Driver Robot\DriverRobot.exe []
.
.
Supplementary Scan
.
uStart Page = hxxp://www.bbc.co.uk/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-GB\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - [URL]file://c:\windows\Java\classes\dajava.cab[/URL]
DPF: Microsoft XML Parser for Java - [URL]file:///C:/WINDOWS/Java/classes/xmldso.cab[/URL]
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-10 07:20:49
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
DLLs Loaded Under Running Processes
- - - - - - - > 'winlogon.exe'(636)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
Completion time: 2009-04-10 7:22:16
ComboFix-quarantined-files.txt 2009-04-10 06:22:14
ComboFix4.txt 2009-04-01 06:01:26
ComboFix3.txt 2009-04-03 05:09:18
ComboFix2.txt 2009-04-07 06:16:30
Pre-Run: 77,316,194,304 bytes free
Post-Run: 77,850,673,152 bytes free
226 --- E O F --- 2009-04-05 06:46:21NO to pasty tax We won!!!! Just shows that people power works! Don't be apathetic to your cause!0 -
Jobs a topper
If you wish to speed your computer up a little ~
Download CCLEANER (Make sure you click 'DOWNLOAD LATEST VERSION' ~ make sure YAHOO TOOLBAR is unticked on installation)
http://www.filehippo.com/download_ccleaner/
Run the CLEANER scan (UNTICK 'cookies')
Then run the REGISTRY scan (Backup the registry when it asks)
Then defrag with DEFRAGGLER:idea:0 -
Great done all that, and everything is tickety boo. Marvelous help. Many thanks again.
:beer:NO to pasty tax We won!!!! Just shows that people power works! Don't be apathetic to your cause!0 -
Cheques to the usual address :idea:0
-
Forgot to mention
AVG is awful. You might want to consider changing to AVIRA (Far better):idea:0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 353.6K Banking & Borrowing
- 254.2K Reduce Debt & Boost Income
- 455.1K Spending & Discounts
- 246.6K Work, Benefits & Business
- 603K Mortgages, Homes & Bills
- 178.1K Life & Family
- 260.6K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards