We’d like to remind Forumites to please avoid political debate on the Forum.

This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide

Hijack this log

2

Comments

  • cliffsave
    cliffsave Posts: 17 Forumite
    Dunnit!

    first part of ComboFix log follows - thanks

    ComboFix 09-07-05.04 - Cliff 06/07/2009 13:47.1 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1470.849 [GMT 1:00]
    Running from: d:\my documents\My Downloads\ComboFix\QWERTY.exe
    AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
    FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    c:\documents and settings\Cliff.ABC-715E450756C\Local Settings\Temporary Internet Files\mcc3C.tmp
    c:\recycler\NPROTECT
    c:\recycler\S-1-5-21-1202660629-2077806209-839522115-1003
    c:\recycler\S-1-5-21-1202660629-2077806209-839522115-1005
    c:\recycler\S-1-5-21-1292428093-1390067357-725345543-1003
    c:\recycler\S-1-5-21-1343024091-1637723038-1417001333-1003
    c:\recycler\S-1-5-21-1454471165-725345543-839522115-1004
    c:\recycler\S-1-5-21-1460304000-782189750-1497286466-1005
    c:\recycler\S-1-5-21-1644491937-651377827-725345543-1003
    c:\recycler\S-1-5-21-343818398-1965331169-839522115-1003
    c:\recycler\S-1-5-21-790525478-2139871995-725345543-1003
    c:\recycler\S-1-5-21-790525478-2139871995-725345543-500
    c:\windows\Installer\138ef3.msp
    c:\windows\Installer\213459d.msp
    c:\windows\Installer\9c31bd.msi
    c:\windows\system32\twain.dll
    .
    ((((((((((((((((((((((((( Files Created from 2009-06-06 to 2009-07-06 )))))))))))))))))))))))))))))))
    .
    2009-07-06 10:24 . 2009-07-06 10:24
    d
    w- c:\documents and settings\All Users.WINDOWS\Application Data\RegCure
    2009-07-06 10:24 . 2009-07-06 10:24
    d
    w- c:\program files\RegCure
    2009-07-06 07:19 . 2009-03-30 09:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
    2009-07-06 07:19 . 2009-02-13 11:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
    2009-07-06 07:19 . 2009-03-24 15:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
    2009-07-06 07:19 . 2009-02-13 11:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
    2009-07-06 07:19 . 2009-07-06 07:19
    d
    w- c:\program files\Avira
    2009-07-06 07:19 . 2009-07-06 07:19
    d
    w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira
    2009-07-06 06:46 . 2009-07-06 06:46
    d
    w- c:\program files\CCleaner
    2009-07-05 18:58 . 2009-07-05 18:58
    d-sh--w- c:\documents and settings\Cliff.ABC-715E450756C\IECompatCache
    2009-07-05 18:57 . 2009-07-05 18:57
    d-sh--w- c:\documents and settings\Cliff.ABC-715E450756C\PrivacIE
    2009-07-05 18:06 . 2009-07-05 18:06
    d-sh--w- c:\documents and settings\LocalService.NT AUTHORITY.000\IETldCache
    2009-07-05 18:03 . 2009-07-05 18:03
    d-sh--w- c:\documents and settings\Cliff.ABC-715E450756C\IETldCache
    2009-07-05 17:42 . 2009-06-02 10:12 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
    2009-07-05 17:41 . 2009-07-05 17:42
    d
    w- c:\windows\ie8updates
    2009-07-05 17:40 . 2009-04-30 21:22 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
    2009-07-05 17:40 . 2009-04-30 21:22 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
    2009-07-05 17:37 . 2009-07-05 17:40
    dc-h--w- c:\windows\ie8
    2009-07-05 12:16 . 2009-07-05 12:16
    d
    w- c:\documents and settings\Cliff.ABC-715E450756C\Application Data\Malwarebytes
    2009-07-05 12:16 . 2009-06-17 10:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-07-05 12:16 . 2009-07-05 12:16
    d
    w- c:\program files\Malwarebytes' Anti-Malware
    2009-07-05 12:16 . 2009-07-05 12:16
    d
    w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
    2009-07-05 12:16 . 2009-06-17 10:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
    2009-07-05 12:14 . 2008-02-05 18:08 262144 ----a-w- c:\program files\Uninstall Spy Blocker.dll
    2009-07-02 09:34 . 2009-02-19 14:27 62760 ----a-w- c:\documents and settings\Cliff.ABC-715E450756C\Application Data\Mozilla\Firefox\Profiles\oq52zycz.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
    2009-06-28 10:54 . 2009-06-28 10:54
    d
    w- c:\documents and settings\Cliff.ABC-715E450756C\Local Settings\Application Data\AVG Security Toolbar
    2009-06-28 08:23 . 2009-06-14 15:07 1004800 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\AVG Security Toolbar\IEToolbar.dll
    2009-06-27 09:16 . 2009-06-28 08:23
    d
    w- c:\documents and settings\All Users.WINDOWS\Application Data\AVG Security Toolbar
    2009-06-27 09:16 . 2009-06-27 09:16
    d
    w- c:\documents and settings\LocalService.NT AUTHORITY.000\Application Data\AVGTOOLBAR
    2009-06-20 13:51 . 2009-06-20 13:51 79512 ---ha-w- c:\windows\system32\mlfcache.dat
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-07-06 12:57 . 2008-03-17 22:56
    d
    w- c:\documents and settings\All Users.WINDOWS\Application Data\Kontiki
    2009-07-06 12:18 . 2009-01-16 23:18
    d
    w- c:\program files\MediaMonkey
    2009-07-06 09:02 . 2008-10-06 11:25
    d
    w- c:\documents and settings\All Users.WINDOWS\Application Data\CanonIJPLM
    2009-07-06 06:29 . 2008-06-08 15:22
    d
    w- c:\documents and settings\Cliff.ABC-715E450756C\Application Data\AVGTOOLBAR
    2009-07-06 06:29 . 2008-06-08 15:21
    d
    w- c:\documents and settings\All Users.WINDOWS\Application Data\avg8
    2009-07-05 22:35 . 2007-06-23 14:36
    d
    w- c:\documents and settings\All Users.WINDOWS\Application Data\Google Updater
    2009-07-05 17:18 . 2005-02-09 22:50
    d--h--w- c:\program files\InstallShield Installation Information
    2009-07-05 12:10 . 2008-01-06 16:34
    d
    w- c:\program files\Windows Live Toolbar
    2009-07-04 22:58 . 2009-07-05 08:29 3036672 ----a-w- c:\windows\Internet Logs\xDBD.tmp
    2009-07-03 22:17 . 2009-07-04 08:32 2821632 ----a-w- c:\windows\Internet Logs\xDBC.tmp
    2009-07-03 20:17 . 2005-11-10 20:13
    d
    w- c:\program files\Trend Micro
    2009-07-02 22:21 . 2009-07-03 08:27 3077120 ----a-w- c:\windows\Internet Logs\xDBB.tmp
    2009-06-29 18:47 . 2008-02-14 09:16
    d---a-w- c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
    2009-06-29 15:26 . 2007-06-23 10:40 499712 ----a-w- c:\windows\system32\msvcp71.dll
    2009-06-26 19:09 . 2009-06-26 21:43 3052544 ----a-w- c:\windows\Internet Logs\xDBA.tmp
    2009-06-23 07:50 . 2005-05-14 06:40
    d
    w- c:\program files\Google
    2009-06-20 13:01 . 2007-07-29 12:05
    d
    w- c:\documents and settings\All Users.WINDOWS\Application Data\Microsoft Help
    2009-06-20 12:55 . 2007-07-30 13:31
    d
    w- c:\program files\Windows Desktop Search
    2009-05-28 06:29 . 2008-10-05 10:50 13495860 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
    2009-05-26 17:17 . 2005-04-24 07:52
    d
    w- c:\program files\Common Files\Macromedia
    2009-05-26 17:17 . 2005-04-24 07:52
    d
    w- c:\program files\Macromedia
    2009-05-24 23:24 . 2008-05-26 22:18 350208
    w- c:\windows\system32\mssph.dll
    2009-05-22 15:01 . 2009-05-22 15:03 3388928 ----a-w- c:\windows\Internet Logs\xDB9.tmp
    2009-05-16 17:22 . 2009-05-18 08:09 1144320 ----a-w- c:\windows\Internet Logs\xDB7.tmp
    2009-05-16 17:22 . 2009-05-18 08:09 3384320 ----a-w- c:\windows\Internet Logs\xDB8.tmp
    2009-05-15 22:40 . 2009-05-16 06:31 3383808 ----a-w- c:\windows\Internet Logs\xDB6.tmp
    2009-05-15 22:40 . 2009-05-16 06:31 2872832 ----a-w- c:\windows\Internet Logs\xDB5.tmp
    2009-05-14 17:01 . 2007-09-18 18:59
    d
    w- c:\documents and settings\All Users.WINDOWS\Application Data\DVD Shrink
    2009-05-13 05:15 . 2004-08-04 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
    2009-05-12 17:07 . 2009-05-11 11:22
    d
    w- c:\documents and settings\All Users.WINDOWS\Application Data\Motive
    2009-05-11 18:19 . 2009-05-11 11:32
    d
    w- c:\documents and settings\Cliff.ABC-715E450756C\Application Data\Motive
    2009-05-11 11:33 . 2005-02-27 22:28
    d
    w- c:\program files\Yahoo!
    2009-05-11 11:22 . 2009-05-11 11:21
    d
    w- c:\program files\Common Files\Motive
    2009-05-11 11:21 . 2009-05-11 11:21
    d
    w- c:\program files\BT Broadband Desktop Help
    2009-05-11 11:21 . 2009-05-11 11:21
    d
    w- c:\program files\BTHomeHub
    2009-05-11 10:44 . 2009-05-11 10:46 3336704 ----a-w- c:\windows\Internet Logs\xDB3.tmp
    2009-05-10 07:04 . 2008-09-27 22:04
    d
    w- c:\documents and settings\Cliff.ABC-715E450756C\Application Data\Canon
    2009-05-09 23:53 . 2008-06-08 15:21
    d
    w- c:\program files\AVG
    2009-05-09 16:17 . 2007-06-23 10:39
    d
    w- c:\documents and settings\All Users.WINDOWS\Application Data\avg7
    2009-05-09 15:26 . 2009-05-04 08:07
    d
    w- c:\documents and settings\Cliff.ABC-715E450756C\Application Data\Line 6
    2009-05-09 04:52 . 2009-05-04 08:47
    d
    w- c:\documents and settings\Cliff.ABC-715E450756C\Application Data\Ableton
    2009-05-09 04:49 . 2009-05-04 08:46
    d
    w- c:\program files\Ableton
    2009-05-07 15:32 . 2004-08-04 12:00 345600 ----a-w- c:\windows\system32\localspl.dll
    2009-05-04 14:35 . 2009-05-04 15:38 3307520 ----a-w- c:\windows\Internet Logs\xDB2.tmp
    2009-05-01 18:30 . 2009-05-01 18:30 3366912 ----a-w- c:\windows\system32\GPhotos.scr
    2009-04-25 07:11 . 2009-04-24 19:09 352256 ----a-w- c:\windows\system32\drivers\BUSB2902.sys
    2009-04-25 07:11 . 2008-07-30 16:20 33792 ----a-w- c:\windows\system32\drivers\busbwdm.sys
    2009-04-22 06:42 . 2009-04-22 06:42 152576 ----a-w- c:\documents and settings\Cliff.ABC-715E450756C\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
    2009-04-18 17:52 . 2009-04-18 17:52 306432 ----a-w- c:\windows\system32\TuneUpDefragService.exe
    2009-04-17 12:26 . 2004-08-04 12:00 1847168 ----a-w- c:\windows\system32\win32k.sys
    2009-04-15 14:51 . 2004-08-04 12:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll
    2009-04-08 06:00 . 2009-04-08 06:07 3180544 ----a-w- c:\windows\Internet Logs\xDB4.tmp
    2007-06-23 10:12 . 2007-06-23 10:12 278528 ----a-w- c:\program files\Common Files\FDEUnInstaller.exe
    1998-12-09 03:53 . 1998-12-09 03:53 99840 ----a-w- c:\program files\Common Files\IRAABOUT.DLL
    1998-12-09 03:53 . 1998-12-09 03:53 70144 ----a-w- c:\program files\Common Files\IRAMDMTR.DLL
    1998-12-09 03:53 . 1998-12-09 03:53 48640 ----a-w- c:\program files\Common Files\IRALPTTR.DLL
    1998-12-09 03:53 . 1998-12-09 03:53 31744 ----a-w- c:\program files\Common Files\IRAWEBTR.DLL
    1998-12-09 03:53 . 1998-12-09 03:53 186368 ----a-w- c:\program files\Common Files\IRAREG.DLL
    1998-12-09 03:53 . 1998-12-09 03:53 17920 ----a-w- c:\program files\Common Files\IRASRIAL.DLL
    2006-07-01 08:22 . 2006-07-01 08:22 8 --sha-r- c:\windows\neoqaz2.dll
    .
    Sigcheck
    [7] 2004-08-04 12:00 14336 8F078AE4ED187AAABC0A305146DE6716 c:\windows\$NtServicePackUninstall$\svchost.exe
    [7] 2008-04-14 00:12 14336 27C6D03BCDB8CFEB96B716F3D8BE3E18 c:\windows\ServicePackFiles\i386\svchost.exe
    [7] 2008-04-14 00:12 14336 27C6D03BCDB8CFEB96B716F3D8BE3E18 c:\windows\system32\svchost.exe
    [-] 2005-03-02 18:19 577024 1800F293BCCC8EDE8A70E12B88D80036 c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
    [-] 2007-03-08 15:48 578048 7AA4F6C00405DFC4B70ED4214E7D687B c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
    [-] 2007-03-08 15:36 577536 B409909F6E2E8A7067076ED748ABF1E7 c:\windows\$NtServicePackUninstall$\user32.dll
    [7] 2004-08-04 12:00 577024 C72661F8552ACE7C5C85E16A3CF505C4 c:\windows\$NtUninstallKB890859$\user32.dll
    [-] 2005-03-02 18:09 577024 DE2DB164BBB35DB061AF0997E4499054 c:\windows\$NtUninstallKB925902$\user32.dll
    [7] 2008-04-14 00:12 578560 B26B135FF1B9F60C9388B4A7D16F600B c:\windows\ServicePackFiles\i386\user32.dll
    [7] 2008-04-14 00:12 578560 B26B135FF1B9F60C9388B4A7D16F600B c:\windows\system32\user32.dll
    [7] 2004-08-04 12:00 82944 2ED0B7F12A60F90092081C50FA0EC2B2 c:\windows\$NtServicePackUninstall$\ws2_32.dll
    [7] 2008-04-14 00:12 82432 2CCC474EB85CEAA3E1FA1726580A3E5A c:\windows\ServicePackFiles\i386\ws2_32.dll
    [7] 2008-04-14 00:12 82432 2CCC474EB85CEAA3E1FA1726580A3E5A c:\windows\system32\ws2_32.dll
    [7] 2007-04-25 09:08 823808 431DEFBB4A3D7B0DC062C1B064623A2F c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\wininet.dll
    [7] 2007-06-27 14:40 824320 D6ED5E042C5207553E7F5E842918137F c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll
    [7] 2007-08-20 10:02 825344 357D54BF94FE9D6D8505A96B5C2A3BCA c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
    [7] 2007-10-10 23:47 825344 0E5D918F87EFA7D2424D66B499C7EB04 c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
    [7] 2007-12-07 02:01 825344 B5B411BB229AE6EAD7652A32ED47BFB9 c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
    [7] 2008-03-01 13:03 827392 6316C2F0C61271C8ABDFF7429174879E c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
    [7] 2008-04-23 03:35 827392 41546B396A526918DA7995A02EA04E51 c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
    [7] 2008-06-23 16:01 827904 C66402A06B83B036C195242C0C8CF83C c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
    [7] 2008-08-26 09:08 827904 77C192FE56A70D7FA0247BA0A6201C32 c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
    [7] 2008-10-16 20:24 827904 0D5B75171FF51775B630A431B6C667E8 c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
    [7] 2008-12-20 23:56 827904 044E0A4E9FE97C0FB9AFE9C89E2A82E6 c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
    [7] 2009-03-03 00:17 828416 C8667854873938CA13C986F16B0CD183 c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
    [7] 2009-04-29 04:49 828928 62CCA075F44015147B8971DAFFBCFF76 c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll
    [7] 2009-05-13 05:10 915456 C0EB6850C8A02A154281749DC61FAF22 c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll
    [7] 2004-08-04 12:00 656384 C0823FC5469663BA63E7DB88F9919D70 c:\windows\ie7\wininet.dll
    [7] 2006-11-07 20:03 818688 92995334F993E6E49C25C6D02EC04401 c:\windows\ie7updates\KB933566-IE7\wininet.dll
    [7] 2007-04-25 08:41 822784 0586A7F0B2FDB94D624F399D4728E7C8 c:\windows\ie7updates\KB937143-IE7\wininet.dll
    [7] 2007-06-27 14:34 823808 8068CBB58FE60CC95AEB2CFF70178208 c:\windows\ie7updates\KB939653-IE7\wininet.dll
    [7] 2007-08-20 10:04 824832 774435E499D8E9643EC961A6103C361F c:\windows\ie7updates\KB942615-IE7\wininet.dll
    [7] 2007-10-10 23:56 824832 30C1E0F34AD2972C72A01DB5C74AB065 c:\windows\ie7updates\KB944533-IE7\wininet.dll
    [7] 2007-12-07 02:21 824832 806D274C9A6C3AAEA5EAE8E4AF841E04 c:\windows\ie7updates\KB947864-IE7\wininet.dll
    [7] 2008-03-01 13:06 826368 AD21461AEF8244EDEC2EF18E55E1DCF3 c:\windows\ie7updates\KB950759-IE7\wininet.dll
    [7] 2008-04-23 04:16 826368 F6589BE784647CFDBC22EA51CCB1A57A c:\windows\ie7updates\KB953838-IE7\wininet.dll
    [7] 2008-06-23 16:57 826368 8C13D4A7479FA0A026EDA8ABCE82C0ED c:\windows\ie7updates\KB956390-IE7\wininet.dll
    [7] 2008-08-26 07:24 826368 EF8EBA98145BFA44E80D17A3B3453300 c:\windows\ie7updates\KB958215-IE7\wininet.dll
    [7] 2008-10-16 20:38 826368 6741EAF7B7F110E803A6E38F6E5FA6B0 c:\windows\ie7updates\KB961260-IE7\wininet.dll
    [7] 2008-12-20 23:15 826368 A82935D32D0672E8FF4E91AE398E901C c:\windows\ie7updates\KB963027-IE7\wininet.dll
    [7] 2009-03-03 00:18 826368 28775945CCD53DEE280EF58DEA1A94C4 c:\windows\ie7updates\KB969897-IE7\wininet.dll
    [7] 2009-04-29 04:56 827392 8E2D471157B0DF329D8D0EA5D83B0DDB c:\windows\ie8\wininet.dll
    [7] 2009-03-08 03:34 914944 6CE32F7778061CCC5814D5E0F282D369 c:\windows\ie8updates\KB969897-IE8\wininet.dll
    [7] 2008-04-14 00:12 666112 7A4F775ABB2F1C97DEF3E73AFA2FAEDD c:\windows\ServicePackFiles\i386\wininet.dll
    [-] 2007-04-18 12:31 658944 B7156CD97E739F3014BC4D61758F868A c:\windows\SoftwareDistribution\Download\493760be868721503b9abd615f71e312\sp2gdr\wininet.dll
    [-] 2007-04-18 12:46 665600 4261BA03AFD659DE04F0A17DFBDD454D c:\windows\SoftwareDistribution\Download\493760be868721503b9abd615f71e312\sp2qfe\wininet.dll
    [7] 2009-05-13 05:15 915456 366C72AF6970DB7BB39AB0142BF09DB5 c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3GDR\wininet.dll
    [7] 2009-05-13 05:10 915456 C0EB6850C8A02A154281749DC61FAF22 c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3QFE\wininet.dll
    [7] 2009-05-13 05:15 915456 366C72AF6970DB7BB39AB0142BF09DB5 c:\windows\system32\wininet.dll
    [7] 2009-05-13 05:15 915456 366C72AF6970DB7BB39AB0142BF09DB5 c:\windows\system32\dllcache\wininet.dll
    [-] 2006-04-20 12:18 360576 B2220C618B42A2212A59D91EBD6FC4B4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
    [-] 2007-10-30 16:53 360832 64798ECFA43D78C7178375FCDD16D8C8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
    [7] 2008-06-20 10:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
    [7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
    [7] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
    [7] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\$NtServicePackUninstall$\tcpip.sys
    [7] 2004-08-04 12:00 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\$NtUninstallKB917953$\tcpip.sys
    [-] 2006-04-20 11:51 359808 1DBF125862891817F374F407626967F4 c:\windows\$NtUninstallKB941644$\tcpip.sys
    [7] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\$NtUninstallKB951748$\tcpip.sys
    [-] 2007-10-30 17:20 360064 90CAFF4B094573449A0872A0F919B178 c:\windows\$NtUninstallKB951748_0$\tcpip.sys
    [7] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\ServicePackFiles\i386\tcpip.sys
    [7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\system32\dllcache\tcpip.sys
    [7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\system32\drivers\tcpip.sys
    [7] 2004-08-04 12:00 502272 01C3346C241652F43AED8E2149881BFE c:\windows\$NtServicePackUninstall$\winlogon.exe
    [7] 2008-04-14 00:12 507904 ED0EF0A136DEC83DF69F04118870003E c:\windows\ServicePackFiles\i386\winlogon.exe
    [7] 2008-04-14 00:12 507904 ED0EF0A136DEC83DF69F04118870003E c:\windows\system32\winlogon.exe
    [7] 2004-08-04 12:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\$NtServicePackUninstall$\ndis.sys
    [7] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\ServicePackFiles\i386\ndis.sys
    [7] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\system32\drivers\ndis.sys
    [7] 2004-08-04 12:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\$NtServicePackUninstall$\ip6fw.sys
    [7] 2008-04-13 18:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\ServicePackFiles\i386\ip6fw.sys
    [7] 2008-04-13 18:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\system32\drivers\ip6fw.sys
    [-] 2005-03-02 00:36 2056832 D8ABA3EAB509627E707A3B14F00FBB6B c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
    [-] 2007-02-28 09:15 2059392 4D3DBDCCBF97F5BA1E74F322B155C3BA c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
    [7] 2009-02-06 10:30 2066176 607352B9CB3D708C67F6039097801B5A c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
    [7] 2008-08-14 14:39 2066048 A25E9B86EFFB2AF33BF51E676B68BFB0 c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
    [-] 2007-02-28 08:38 2015744 A58AC1C6199EF34228ABEE7FC057AE09 c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
    [7] 2004-08-04 12:00 2015232 FB142B7007CA2EEA76966C6C5CC12150 c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe
    [-] 2005-03-02 00:34 2015232 3CD941E472DDF3534E53038535719771 c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe
    [7] 2008-08-14 09:33 2023936 8206B5F94A6A9450E934029420C1693F c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
    [7] 2008-04-13 18:31 2023936 7F653A89F6E89E3AE0D49830EECE35D4 c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
    [7] 2009-02-07 18:02 2066048 5BA7F2141BC6DB06100D0E5A732C617A c:\windows\Driver Cache\i386\ntkrnlpa.exe
    [7] 2008-04-13 18:31 2065792 109F8E3E3C82E337BB71B6BC9B895D61 c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
    [7] 2009-02-06 10:32 2023936 65D4220799E6FC2CB079070A6393CC0E c:\windows\system32\ntkrnlpa.exe
    [7] 2009-02-07 18:02 2066048 5BA7F2141BC6DB06100D0E5A732C617A c:\windows\system32\dllcache\ntkrnlpa.exe
    [-] 2005-03-02 01:04 2179456 28187802B7C368C0D3AEF7D4C382AABB c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
    [-] 2007-02-28 09:55 2182144 5A5C8DB4AA962C714C8371FBDF189FC9 c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
    [7] 2009-02-07 18:35 2189184 EFE8EACE83EAAD5849A7A548FB75B584 c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
    [7] 2008-08-14 15:11 2189184 31914172342BFF330063F343AC6958FE c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
    [-] 2007-02-28 09:08 2136064 1220FAF071DEA8653EE21DE7DCDA8BFD c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
    [7] 2004-08-04 12:00 2148352 626309040459C3915997EF98EC1C8D40 c:\windows\$NtUninstallKB890859$\ntoskrnl.exe
    [-] 2005-03-02 00:57 2135552 48B3E89AF7074CEE0314A3E0C7FAFFDB c:\windows\$NtUninstallKB931784$\ntoskrnl.exe
    [7] 2008-08-14 10:09 2145280 F6F8245B3A2E9CA834DD318E7AE0C6D0 c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
    [7] 2008-04-13 19:24 2145280 40F8880122A030A7E9E1FEDEA833B33D c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
    [7] 2009-02-06 11:08 2189056 7A95B10A73737EBF24139AAA63F5212B c:\windows\Driver Cache\i386\ntoskrnl.exe
    [7] 2008-04-13 19:27 2188928 0C89243C7C3EE199B96FCC16990E0679 c:\windows\ServicePackFiles\i386\ntoskrnl.exe
    [7] 2009-02-06 11:06 2145280 0CBA44D0938D57F334C0862424148B70 c:\windows\system32\ntoskrnl.exe
    [7] 2009-02-06 11:08 2189056 7A95B10A73737EBF24139AAA63F5212B
  • cliffsave
    cliffsave Posts: 17 Forumite
    Won't let me post with links.

    I will post further after I have taken my wife to Hospital - sorry, must go

    C
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    The log still has a load of AVG in it. Did you not uninstall AVG??
    If not you MUST now uninstall
    Then run the 32 bit AVG removal tool
    http://www.avg.com/download-tools

    Open Internet Explorer ~
    goto TOOLS and MANAGE ADDONS and disable AVG TOOLBAR

    Goto add/remove programs and attempt to remove (IF its there) ~
    UNINSTALL SPY BLOCKER
    If its not there then we'll have to use other means

    then ~
    Download CCLEANER
    http://www.ccleaner.com/download/builds/downloading-slim
    Run the CLEANER scan ~ removes temp files etc of which are infected
    Then run the REGISTRY scan (Backup the registry when it asks)
    :idea:
  • MrsE_2
    MrsE_2 Posts: 24,161 Forumite
    10,000 Posts Combo Breaker
    Browntoa wrote: »
    looking at your log I would run combofix (Rogue Sysprocleaner)

    http://www.bleepingcomputer.com/combofix/how-to-use-combofix

    and post that log

    it takes about 20 minutes to run

    I ran that, as I've been having a little freezing problem.

    It says I have to enter a licence number?

    Something called regcure????
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    MrsE wrote: »
    I ran that, as I've been having a little freezing problem.

    It says I have to enter a licence number?

    Something called regcure????

    You clicked the wrong download link

    Also ~ you should NEVER run combofix if you dont know what your doing
    :idea:
  • MrsE_2
    MrsE_2 Posts: 24,161 Forumite
    10,000 Posts Combo Breaker
    aliEnRIK wrote: »
    You clicked the wrong download link

    Also ~ you should NEVER run combofix if you dont know what your doing

    :o:o:o:o:o:o:o:o

    I uninstalled it:o
  • cliffsave
    cliffsave Posts: 17 Forumite
    I think our threads have got crossed - any more and we could be knitting!

    I did uninstall AVG and it doesn't show on "add/ remove programs"

    I will do as you suggest and come back to you - Thanks again

    Cliff
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    Well im not getting crossed ~ im simply reading the log ~
    2009-06-28 10:54 . 2009-06-28 10:54
    d
    w- c:\documents and settings\Cliff.ABC-715E450756C\Local Settings\Application Data\AVG Security Toolbar
    2009-06-28 08:23 . 2009-06-14 15:07 1004800 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\AVG Security Toolbar\IEToolbar.dll
    2009-06-27 09:16 . 2009-06-28 08:23
    d
    w- c:\documents and settings\All Users.WINDOWS\Application Data\AVG Security Toolbar
    2009-05-09 23:53 . 2008-06-08 15:21
    d
    w- c:\program files\AVG

    So probably just the toolbar to remove then
    :idea:
  • cliffsave
    cliffsave Posts: 17 Forumite
    I ran the 32 bit AVG removal tool again but nothing seems to have happened - it didn't seek a reboot or anything - and according to Task Manager avgnt.exe and avguard.exe are still running and I can't end either process that way ("Access is denied").

    I opened Internet Explorer and it told me that both AVG Security toolbar and AVC Security Toolbat BHO were already disabled.

    UNINSTALL SPY BLOCKER isn't shown in add/remove programs.

    I have CCLEANER downloaded and will now run the CLEANER and REGISTRY scans.

    Thanks again
    C
  • cliffsave
    cliffsave Posts: 17 Forumite
    Dunnit!

    Should I run COMBOFIX or HIiJack This! ?

    Thanks
    C
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 353.5K Banking & Borrowing
  • 254.2K Reduce Debt & Boost Income
  • 455K Spending & Discounts
  • 246.6K Work, Benefits & Business
  • 602.9K Mortgages, Homes & Bills
  • 178.1K Life & Family
  • 260.6K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 37.7K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture