internet explorer wont launch

17891012

Comments

  • shaun40400
    shaun40400 Posts: 4,134 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    seem to have put half of them in quarantine..
    WAS DEBT FREE & STILL BAAARRRRRKING :cool:
    hello my name is shaun,,,and im not so addicted to farmville,still addicted to football:o:o
    BAAAARRRRRRRRRRKING er insanely so :o
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    Download SUPERANTISPYWARE (Make sure you click 'DOWNLOAD LATEST VERSION')
    http://www.filehippo.com/download_superantispyware/
    UPDATE and PERFORM COMPLETE SCAN
    (Then goto console and LOGS and post the log it created then untick it from STARTING UP WITH WINDOWS)
    :idea:
  • shaun40400
    shaun40400 Posts: 4,134 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 07/03/2009 at 11:53 AM

    Application Version : 4.26.1006

    Core Rules Database Version : 3969
    Trace Rules Database Version: 1909

    Scan type : Complete Scan
    Total Scan Time : 00:27:12

    Memory items scanned : 787
    Memory threats detected : 0
    Registry items scanned : 7372
    Registry threats detected : 0
    File items scanned : 23380
    File threats detected : 0


    woop woop :j
    WAS DEBT FREE & STILL BAAARRRRRKING :cool:
    hello my name is shaun,,,and im not so addicted to farmville,still addicted to football:o:o
    BAAAARRRRRRRRRRKING er insanely so :o
  • shaun40400
    shaun40400 Posts: 4,134 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    presume all is ok now?

    1 what are the 6 kaspersky finds?,,,,,,,,old entries?
    2 what were the 121 that malwere found that kaspersky dident?/
    3 kaspersky runs on the pc on its own and i do nothing....is that ok??
    4 should i run Malwarebytes' and SUPERAntiSpyware say once a wk or month??
    WAS DEBT FREE & STILL BAAARRRRRKING :cool:
    hello my name is shaun,,,and im not so addicted to farmville,still addicted to football:o:o
    BAAAARRRRRRRRRRKING er insanely so :o
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    Your going to have to show me the 6 threats before I have any clue. As for running kaspersky it depends how its set. I presume it auto scans every now and then? If not then you need to manually scan monthly or so

    Most of the malware was MYWEBSEARCH which malwarebytes seeems to be the only one thats really capable of fixing (And dont presume theyre ALL gone as its constantly evolving)

    Id suggest running malwarebytes and SAS alternating weekly until your sure its clean then goto running em monthly or so
    :idea:
  • shaun40400
    shaun40400 Posts: 4,134 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    thank you for all your help
    will do a scan with kaspersky later and see if it pops up the 6 items and post here
    thanks again
    WAS DEBT FREE & STILL BAAARRRRRKING :cool:
    hello my name is shaun,,,and im not so addicted to farmville,still addicted to football:o:o
    BAAAARRRRRRRRRRKING er insanely so :o
  • shaun40400
    shaun40400 Posts: 4,134 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    aliEnRIK wrote: »
    Your going to have to show me the 6 threats before I have any clue. As for running kaspersky it depends how its set. I presume it auto scans every now and then?yes daily updates and scans daily as well If not then you need to manually scan monthly or so

    Most of the malware was MYWEBSEARCH which malwarebytes seeems to be the only one thats really capable of fixing (And dont presume theyre ALL gone as its constantly evolving)

    Id suggest running malwarebytes and SAS alternating weekly until your sure its clean then goto running em monthly or so
    will do
    managed to get report off kaspersky eventually THIS IS FROM THE DESK TOP
    lappy is behaving its self:j
    will post separately
    WAS DEBT FREE & STILL BAAARRRRRKING :cool:
    hello my name is shaun,,,and im not so addicted to farmville,still addicted to football:o:o
    BAAAARRRRRRRRRRKING er insanely so :o
  • shaun40400
    shaun40400 Posts: 4,134 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    detected: riskware Trojan.generic Running process: D:\TEMP\NSF3306.TMP\ZUMIE.EXE
    deleted: adware not-a-virus:AdWare.Win32.OneStep.dmz File: D:\Temp\nsf3306.tmp\zumie.dll
    detected: riskware Trojan.generic Running process: C:\USERS\USER\APPDATA\LOCALLOW\MYWEBSEARCH\BAR\SETUPS\MWSAUTSP.EXE
    deleted: adware not-a-virus:AdWare.Win32.OneStep.dmz File: C:\Program Files\Zumie\zumie.dll
    not found: virus Heur.Invader (modification) File: c:\downloads\combofix.exe//PE_Patch.UPX/32788R22FWJFW\catchme.cfexe
    not found: virus Heur.Invader (modification) File: E:\ComboFix.exe//PE_Patch.UPX/32788R22FWJFW\catchme.cfexe
    WAS DEBT FREE & STILL BAAARRRRRKING :cool:
    hello my name is shaun,,,and im not so addicted to farmville,still addicted to football:o:o
    BAAAARRRRRRRRRRKING er insanely so :o
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    Theres really NO need to scan daily. That just wears your hard drive out faster, and slows the computer down whilst its doing it
    Weekly or even monthly is fine (Unless of course you believe its infected)


    Open notepad and copy/paste the text in RED below

    File::
    D:\TEMP\NSF3306.TMP\ZUMIE.EXE
    D:\Temp\nsf3306.tmp\zumie.dll
    C:\USERS\USER\APPDATA\LOCALLOW\MYWEBSEARCH\BAR\SET UPS\MWSAUTSP.EXE
    C:\Program Files\Zumie\zumie.dll
    c:\downloads\combofix.exe//PE_Patch.UPX/32788R22FWJFW\catchme.cfexe
    E:\ComboFix.exe//PE_Patch.UPX/32788R22FWJFW\catchme.cfexe

    Save this as "CFScript"

    Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

    CFScript.gif


    This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply

    Combofix should never take more that 20 minutes including the reboot if malware is detected.
    If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
    :idea:
  • shaun40400
    shaun40400 Posts: 4,134 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    ComboFix 09-07-01.04 - User 08/07/2009 12:05.2 - NTFSx86
    Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.353.1033.18.2046.1261 [GMT 1:00]
    Running from: c:\downloads\ComboFix.exe
    Command switches used :: c:\users\User\Desktop\CFScript.txt
    AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
    FW: Kaspersky Anti-Virus *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
    SP: Kaspersky Anti-Virus *disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
    SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

    FILE ::
    "c:\downloads\combofix.exe//PE_Patch.UPX/32788R22FWJFW\catchme.cfexe"
    "c:\program files\Zumie\zumie.dll"
    "c:\users\USER\APPDATA\LOCALLOW\MYWEBSEARCH\BAR\SET UPS\MWSAUTSP.EXE"
    "d:\temp\nsf3306.tmp\zumie.dll"
    "d:\temp\NSF3306.TMP\ZUMIE.EXE"
    "e:\combofix.exe//pe_patch.upx/32788r22fwjfw\catchme.cfexe"
    .

    ((((((((((((((((((((((((( Files Created from 2009-06-08 to 2009-07-08 )))))))))))))))))))))))))))))))
    .

    2009-07-08 11:10 . 2009-07-08 11:10
    d
    w- c:\users\User\AppData\Local\temp
    2009-07-06 07:28 . 2009-07-06 07:28
    d
    w- c:\program files\Common Files\PCSuite
    2009-07-06 07:26 . 2008-08-26 09:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
    2009-07-06 07:26 . 2009-07-06 07:26
    d
    w- c:\program files\PC Connectivity Solution
    2009-07-06 07:20 . 2009-07-06 07:19 33773208 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_eng.exe
    2009-07-06 07:19 . 2009-07-06 07:19 95232 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\pcswpcsi.exe
    2009-07-06 07:19 . 2009-07-06 07:19 8192 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstCCD.exe
    2009-07-06 07:19 . 2009-07-06 07:19 61440 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
    2009-07-06 07:19 . 2009-07-06 07:19 10240 ----a-w- c:\programdata\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCS.exe
    2009-07-03 10:21 . 2009-07-03 10:21 117760 ----a-w- c:\users\User\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
    2009-07-03 10:19 . 2009-07-03 10:19
    d
    w- c:\program files\SUPERAntiSpyware
    2009-07-03 07:37 . 2009-07-03 07:37
    d
    w- c:\users\User\AppData\Roaming\Malwarebytes
    2009-07-03 07:37 . 2009-06-17 10:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-07-03 07:37 . 2009-07-03 07:37
    d
    w- c:\program files\Malwarebytes' Anti-Malware
    2009-07-03 07:37 . 2009-07-03 07:37
    d
    w- c:\programdata\Malwarebytes
    2009-07-03 07:37 . 2009-06-17 10:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
    2009-07-01 14:50 . 2009-07-01 14:50
    d
    w- c:\program files\CCleaner
    2009-06-29 17:45 . 2009-06-29 17:45
    d
    w- c:\windows\system32\Adobe
    2009-06-29 05:56 . 2009-06-29 05:56
    d
    w- c:\program files\Microsoft
    2009-06-28 21:10 . 2009-06-28 21:10
    d
    w- c:\users\User\AppData\Roaming\DivX
    2009-06-28 09:15 . 2009-06-28 09:15
    d
    w- c:\program files\Trend Micro
    2009-06-19 13:27 . 2009-06-19 13:27
    d
    w- c:\program files\Common Files\Skype
    2009-06-19 13:27 . 2009-06-19 13:27
    d
    r- c:\program files\Skype
    2009-06-14 17:58 . 2009-04-30 12:37 293376 ----a-w- c:\windows\system32\psisdecd.dll
    2009-06-14 17:58 . 2009-04-30 12:37 428544 ----a-w- c:\windows\system32\EncDec.dll
    2009-06-10 19:08 . 2009-04-21 11:55 2033152 ----a-w- c:\windows\system32\win32k.sys
    2009-06-10 19:08 . 2009-04-23 12:42 636928 ----a-w- c:\windows\system32\localspl.dll
    2009-06-10 19:08 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-07-08 11:10 . 2008-07-08 15:36
    d
    w- c:\users\User\AppData\Roaming\Skype
    2009-07-08 11:06 . 2008-08-07 10:30 58555424 --sha-w- c:\windows\system32\drivers\fidbox.dat
    2009-07-08 07:09 . 2008-08-07 10:30
    d
    w- c:\programdata\Kaspersky Lab
    2009-07-08 07:00 . 2008-07-08 15:37
    d
    w- c:\users\User\AppData\Roaming\skypePM
    2009-07-07 23:06 . 2008-08-07 10:30 787160 --sha-w- c:\windows\system32\drivers\fidbox.idx
    2009-07-07 23:05 . 2009-05-08 14:02 12 ----a-w- c:\windows\bthservsdp.dat
    2009-07-07 23:05 . 2008-11-29 13:52
    d
    w- c:\program files\LogMeIn
    2009-07-06 13:15 . 2009-03-08 18:12
    d
    w- c:\users\User\AppData\Roaming\Nokia
    2009-07-06 13:13 . 2009-07-06 13:13 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
    2009-07-06 07:28 . 2009-03-08 18:11
    d
    w- c:\program files\Common Files\Nokia
    2009-07-06 07:28 . 2009-03-08 18:07
    d
    w- c:\program files\Nokia
    2009-07-06 07:26 . 2009-03-08 18:11
    d
    w- c:\program files\DIFX
    2009-07-06 07:19 . 2009-03-08 18:06
    d
    w- c:\programdata\Installations
    2009-07-03 10:19 . 2008-07-09 09:44
    d
    w- c:\users\User\AppData\Roaming\SUPERAntiSpyware.com
    2009-07-03 10:18 . 2008-07-12 00:47
    d
    w- c:\program files\Common Files\Wise Installation Wizard
    2009-06-22 10:40 . 2008-07-09 17:39
    d
    w- c:\users\User\AppData\Roaming\Canon
    2009-06-19 16:27 . 2008-07-09 19:03
    d
    w- c:\users\User\AppData\Roaming\dvdcss
    2009-06-19 13:27 . 2008-07-08 15:35
    d
    w- c:\programdata\Skype
    2009-06-09 16:28 . 2009-05-07 11:49
    d
    w- c:\programdata\CanonIJPLM
    2009-06-07 11:12 . 2009-06-07 11:12 3351812 ----a-w- c:\programdata\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\msxml6Exec.exe
    2009-06-07 11:12 . 2009-06-07 11:12 36864 ----a-w- c:\programdata\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\Sleep.exe
    2009-06-07 11:12 . 2009-06-07 11:12 3181612 ----a-w- c:\programdata\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\vcredistExec.exe
    2009-06-07 11:09 . 2009-06-07 11:12 24376008 ----a-w- c:\programdata\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\NokiaSoftwareUpdaterSetup_1.6.13EN.exe
    2009-05-20 17:41 . 2008-08-07 10:31 94643 ----a-w- c:\windows\system32\drivers\klick.dat
    2009-05-20 17:41 . 2008-08-07 10:31 105395 ----a-w- c:\windows\system32\drivers\klin.dat
    2009-05-13 12:29 . 2006-11-02 11:18
    d
    w- c:\program files\Windows Mail
    2009-05-11 11:47 . 2009-05-11 11:47 1302600 ----a-w- c:\windows\system32\WUDFUpdate_01007.dll
    2009-04-24 16:05 . 2009-06-10 19:07 827904 ----a-w- c:\windows\system32\wininet.dll
    2009-04-24 16:02 . 2009-06-10 19:07 78336 ----a-w- c:\windows\system32\ieencode.dll
    2009-04-24 13:44 . 2009-06-10 19:07 26624 ----a-w- c:\windows\system32\ieUnatt.exe
    2009-04-15 16:27 . 2009-04-15 16:27 75048 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
    2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
    2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
    .

    ((((((((((((((((((((((((((((( SnapShot@2009-07-02_19.03.47 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2008-07-07 13:06 . 2009-07-08 05:36 38898 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2006-11-02 13:05 . 2009-07-08 05:36 65762 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    - 2009-03-08 18:07 . 2009-02-09 06:37 91136 c:\windows\System32\nmwcdcls.dll
    + 2009-03-08 18:07 . 2009-02-09 07:37 91136 c:\windows\System32\nmwcdcls.dll
    + 2009-07-06 07:26 . 2008-08-26 09:26 18816 c:\windows\System32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
    - 2009-03-08 18:11 . 2008-08-26 09:26 18816 c:\windows\System32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
    + 2009-02-09 07:37 . 2009-02-09 07:37 22016 c:\windows\System32\DriverStore\FileRepository\ccdcmbo.inf_0b649316\ccdcmbo.sys
    + 2009-02-09 07:37 . 2009-02-09 07:37 91136 c:\windows\System32\DriverStore\FileRepository\ccdcmb.inf_0c298eaf\nmwcdcls.dll
    + 2009-02-09 07:37 . 2009-02-09 07:37 17664 c:\windows\System32\DriverStore\FileRepository\ccdcmb.inf_0c298eaf\ccdcmb.sys
    - 2009-02-09 06:37 . 2009-02-09 06:37 22016 c:\windows\System32\drivers\ccdcmbo.sys
    + 2009-02-09 07:37 . 2009-02-09 07:37 22016 c:\windows\System32\drivers\ccdcmbo.sys
    + 2009-02-09 07:37 . 2009-02-09 07:37 17664 c:\windows\System32\drivers\ccdcmb.sys
    - 2009-02-09 06:37 . 2009-02-09 06:37 17664 c:\windows\System32\drivers\ccdcmb.sys
    - 2006-11-02 13:02 . 2009-07-02 19:03 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2006-11-02 13:02 . 2009-07-08 05:34 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2006-11-02 13:02 . 2009-07-08 05:34 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2006-11-02 13:02 . 2009-07-02 19:03 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2006-11-02 13:02 . 2009-07-02 19:03 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2006-11-02 13:02 . 2009-07-08 05:34 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-07-03 10:19 . 2009-07-03 10:19 65024 c:\windows\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
    + 2009-07-03 10:19 . 2009-07-03 10:19 18944 c:\windows\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
    + 2009-07-06 07:28 . 2009-07-06 07:28 15086 c:\windows\Installer\{3D39E775-DDDA-4327-B747-0BDC5F191331}\ARPPRODUCTICON.exe
    + 2009-07-06 07:26 . 2009-07-06 07:26 10134 c:\windows\Installer\{0C973594-7DDF-4BD0-84ED-3517F7622037}\ARPPRODUCTICON.exe
    - 2006-11-02 10:25 . 2009-06-12 17:40 86016 c:\windows\inf\infstor.dat
    + 2006-11-02 10:25 . 2009-07-06 07:29 86016 c:\windows\inf\infstor.dat
    + 2006-11-02 10:25 . 2009-07-06 13:14 51200 c:\windows\inf\infpub.dat
    - 2006-11-02 10:25 . 2009-06-28 21:19 51200 c:\windows\inf\infpub.dat
    + 2008-07-10 23:03 . 2009-07-06 23:47 2914 c:\windows\System32\WDI\ERCQueuedResolutions.dat
    - 2008-07-10 23:03 . 2009-06-29 00:27 2914 c:\windows\System32\WDI\ERCQueuedResolutions.dat
    + 2008-07-07 12:31 . 2009-07-08 05:36 9662 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1756546199-607225433-1553080639-1000_UserData.bin
    + 2009-03-19 13:48 . 2009-03-19 13:48 8320 c:\windows\System32\DriverStore\FileRepository\nmwcdnsuc.inf_545c47c7\nmwcdnsuc.sys
    + 2009-02-09 07:37 . 2009-02-09 07:37 7808 c:\windows\System32\DriverStore\FileRepository\ccdcmbm.inf_65311714\usbser_lowerflt.sys
    + 2009-02-09 07:37 . 2009-02-09 07:37 7808 c:\windows\System32\DriverStore\FileRepository\ccdcmbcj.inf_6fbfd776\usbser_lowerfltj.sys
    - 2009-02-09 06:37 . 2009-02-09 06:37 7808 c:\windows\System32\drivers\usbser_lowerfltj.sys
    + 2009-02-09 07:37 . 2009-02-09 07:37 7808 c:\windows\System32\drivers\usbser_lowerfltj.sys
    + 2009-02-09 07:37 . 2009-02-09 07:37 7808 c:\windows\System32\drivers\usbser_lowerflt.sys
    - 2009-02-09 06:37 . 2009-02-09 06:37 7808 c:\windows\System32\drivers\usbser_lowerflt.sys
    + 2009-07-08 05:34 . 2009-07-08 05:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2009-07-08 05:34 . 2009-07-08 05:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2009-07-06 07:25 . 2009-07-06 07:25 3262 c:\windows\Installer\{52D02A2B-03D2-4E34-A358-DC5D951FD296}\ARPPRODUCTICON.exe
    + 2008-07-11 16:09 . 2009-07-08 07:45 274262 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
    - 2006-11-02 10:33 . 2009-07-02 18:30 599942 c:\windows\System32\perfh009.dat
    + 2006-11-02 10:33 . 2009-07-08 05:40 599942 c:\windows\System32\perfh009.dat
    + 2006-11-02 10:33 . 2009-07-08 05:40 105448 c:\windows\System32\perfc009.dat
    - 2006-11-02 10:33 . 2009-07-02 18:30 105448 c:\windows\System32\perfc009.dat
    - 2009-02-09 06:37 . 2009-02-09 06:37 659968 c:\windows\System32\nmwcdcocls.dll
    + 2009-02-09 07:37 . 2009-02-09 07:37 659968 c:\windows\System32\nmwcdcocls.dll
    + 2009-05-11 12:30 . 2009-05-11 12:30 547840 c:\windows\System32\DriverStore\FileRepository\pccswpddriver.inf_b43d96b2\PCCSWpdDriver.dll
    + 2009-03-19 13:48 . 2009-03-19 13:48 136704 c:\windows\System32\DriverStore\FileRepository\nmwcdnsu.inf_add8f2b2\nmwcdnsu.sys
    + 2009-02-09 07:37 . 2009-02-09 07:37 659968 c:\windows\System32\DriverStore\FileRepository\ccdcmb.inf_0c298eaf\nmwcdcocls.dll
    + 2009-05-11 12:30 . 2009-05-11 12:30 547840 c:\windows\System32\drivers\UMDF\PCCSWpdDriver.dll
    + 2009-07-06 07:28 . 2009-07-06 07:28 850432 c:\windows\Installer\1cb88f.msi
    + 2009-07-06 07:26 . 2009-07-06 07:26 549888 c:\windows\Installer\1cb7dd.msi
    + 2009-07-06 07:25 . 2009-07-06 07:25 331264 c:\windows\Installer\1cb7a7.msi
    - 2006-11-02 10:25 . 2009-06-28 21:19 143360 c:\windows\inf\infstrng.dat
    + 2006-11-02 10:25 . 2009-07-06 13:14 143360 c:\windows\inf\infstrng.dat
    + 2009-02-09 07:32 . 2009-02-09 07:32 1112288 c:\windows\System32\wdfcoinstaller01007.dll
    - 2009-02-09 06:32 . 2009-02-09 06:32 1112288 c:\windows\System32\wdfcoinstaller01007.dll
    + 2009-05-11 11:47 . 2009-05-11 11:47 1302600 c:\windows\System32\DriverStore\FileRepository\pccswpddriver.inf_b43d96b2\WUDFUpdate_01007.dll
    + 2009-02-09 07:32 . 2009-02-09 07:32 1112288 c:\windows\System32\DriverStore\FileRepository\ccdcmb.inf_0c298eaf\wdfcoinstaller01007.dll
    + 2009-07-03 10:19 . 2009-07-03 10:19 1516544 c:\windows\Installer\6b283d.msi
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-18 1233920]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-04 149040]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
    "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-05-26 24264488]
    "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-09-12 86016]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-12 8497696]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-12 81920]
    "LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2004-12-14 458752]
    "LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2004-12-14 217088]
    "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-05-04 161328]
    "InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-05-04 1057328]
    "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-07-12 185632]
    "LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-07-24 63048]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
    "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
    "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
    "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
    "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
    "Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "NSSInstallation"="c:\windows\System32\Adobe\Shockwave 11\nssstub.exe" [2009-06-29 284024]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    GetRight.lnk - c:\program files\GetRight\GetRight.exe [2008-7-14 4628752]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2008-12-22 11:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1.0\r3hook.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{5F13D41C-D065-4F54-B511-0CF4DB1B5663}"= c:\program files\Skype\Phone\Skype.exe:Skype
    "TCP Query User{0F868930-CA74-4818-B6CA-6230DB0676B9}c:\\program files\\common files\\ahead\\nero web\\setupx.exe"= UDP:c:\program files\common files\ahead\nero web\setupx.exe:MSI starter
    "UDP Query User{A7E440C8-3833-41BF-9237-6CAD07B1A0F6}c:\\program files\\common files\\ahead\\nero web\\setupx.exe"= TCP:c:\program files\common files\ahead\nero web\setupx.exe:MSI starter
    "TCP Query User{00870DB1-4FCC-41A3-B287-710872E53E3D}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
    "UDP Query User{8832C011-946A-424F-B72D-99A1682072D8}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
    "TCP Query User{A3156747-9E84-41E9-B110-5DF8FB8C570C}c:\\program files\\real\\realplayer\\realplay.exe"= UDP:c:\program files\real\realplayer\realplay.exe:RealPlayer
    "UDP Query User{84832A49-570E-45E9-A8DF-3BF9E0541567}c:\\program files\\real\\realplayer\\realplay.exe"= TCP:c:\program files\real\realplayer\realplay.exe:RealPlayer
    "{87767BAA-DFCE-46E6-96B3-0489B89618FB}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
    "{5B8FF5B1-0F74-46BF-8BC1-0AC416938661}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
    "{E0EDC4EF-275D-40B3-9AFA-16444426E745}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
    "{0E01BF61-3C13-433C-A273-B8C3492F307F}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
    "{22D117D9-9068-4AAE-B2E4-89A165C42CF1}"= UDP:d:\temp\7zS1855.tmp\SymNRT.exe:Norton Removal Tool
    "{B8438FC7-E93E-445C-BF69-5784D2CF0F08}"= TCP:d:\temp\7zS1855.tmp\SymNRT.exe:Norton Removal Tool

    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [04/04/2007 14:59 20760]
    R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [23/06/2009 11:01 9968]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [23/06/2009 11:01 72944]
    R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [24/07/2008 19:46 12856]
    R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\System32\drivers\LMIRfsDriver.sys [29/11/2008 14:53 47640]
    R2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE [30/03/2009 16:28 1533808]
    R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\System32\drivers\RTL8187.sys [19/11/2007 06:59 288256]
    S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [23/06/2009 11:01 7408]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ
    WindowsMobile REG_MULTI_SZ wcescomm rapimgr
    LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
    .
    Contents of the 'Scheduled Tasks' folder

    2009-07-07 c:\windows\Tasks\User_Feed_Synchronization-{AFF2E081-2DCA-420B-A322-F80129B87CA7}.job
    - c:\windows\system32\msfeedssync.exe [2008-07-07 22:33]
    .
    .
    Supplementary Scan
    .
    uStart Page = about:blank
    uInternet Settings,ProxyOverride = *.local
    IE: Download with GetRight - c:\program files\GetRight\GRdownload.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    IE: Open with GetRight Browser - c:\program files\GetRight\GRbrowse.htm
    TCP: {469470B7-0AA3-43CA-8148-869FB1B1257C} = 208.67.222.222,192.168.11.1
    TCP: {480C3D93-F143-491A-878C-3FAA55138BFA} = 208.67.222.222,192.168.11.1
    FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\aewoge7y.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1408409&SearchSource=3&q=
    FF - prefs.js: browser.startup.homepage - hxxp://uk.yahoo.com/
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1408409&SearchSource=2&q=
    FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
    FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
    FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
    .

    **************************************************************************
    WAS DEBT FREE & STILL BAAARRRRRKING :cool:
    hello my name is shaun,,,and im not so addicted to farmville,still addicted to football:o:o
    BAAAARRRRRRRRRRKING er insanely so :o
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 349.8K Banking & Borrowing
  • 252.6K Reduce Debt & Boost Income
  • 453K Spending & Discounts
  • 242.8K Work, Benefits & Business
  • 619.6K Mortgages, Homes & Bills
  • 176.4K Life & Family
  • 255.7K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 15.1K Coronavirus Support Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture