Supposed to be doing my BSL homework!!!

1235710

Comments

  • RussJK
    RussJK Posts: 2,359 Forumite
    Hmm sorry about that - I'd only jumped into the thread before to help you do the Hijackthis log for the original poster who had asked for one! If no one else jumps in, I'll take a look when I get back from voting.

    You might want to run TDSSkiller since there's no obvious Hijack from skimming through the log you posted. Also run Hitmanpro (hold down left ctrl while you do it) afterwards. Is King Kong search something you asked for? and what is researchnow?
    http://support.kaspersky.com/downloads/utils/tdsskiller.zip
    http://www.surfright.nl/en/hitmanpro
  • top_drawer_2
    top_drawer_2 Posts: 2,469 Forumite
    RussJK wrote: »
    Hmm sorry about that - I'd only jumped into the thread before to help you do the Hijackthis log for the original poster who had asked for one! If no one else jumps in, I'll take a look when I get back from voting.

    You might want to run TDSSkiller since there's no obvious Hijack from skimming through the log you posted. Also run Hitmanpro (hold down left ctrl while you do it) afterwards. Is King Kong search something you asked for? and what is researchnow?
    http://support.kaspersky.com/downloads/utils/tdsskiller.zip
    http://www.surfright.nl/en/hitmanpro

    No problem, will be popping out shortly to do the same.

    Run the TDSSKiller and nothing to report, one suspicious thing but didnt offer the option of getting rid of it when I clicked "next". Hitman pro, run as directed - nothing. Kaspersky also nothing found. I'm baffled....

    The A-Z on signstation still doesnt run, says a plug-in failed to initialise.

    Jen
  • RussJK
    RussJK Posts: 2,359 Forumite
    edited 5 May 2011 at 6:16PM
    top_drawer wrote: »
    Run the TDSSKiller and nothing to report, one suspicious thing but didnt offer the option of getting rid of it when I clicked "next". Hitman pro, run as directed - nothing. Kaspersky also nothing found. I'm baffled....

    Could you find the TDSSkiller log? It's located in the root folder of the C drive, i.e. go to Computer, C, then look for TDSSkiller.blah.txt. Just copy paste the contents into here (unless it is ÿþ2 or something gibberish).

    Have you deliberately installed KingKongCapture? and is researchnow something you use?

    In regards to the emails, are they definitely coming from your computer? Does it only happen when you are online? Does the IP address match yours? You've said the sent folder is gone which is suspicious - is the folder itself gone, or is it just empty? What mail program do you use?

    You'll probably need to run Combofix, but one of the others more familiar with that will walk you through it. I've not used it much as I usually opt for a reinstall if it comes to needing something like that. Edit: in this case a simple reinstall wouldn't be enough, as you'd probably have to wipe the MBR as well.
  • top_drawer_2
    top_drawer_2 Posts: 2,469 Forumite
    Log:
    2011/05/05 18:17:49.0621 5220 TDSS rootkit removing tool 2.5.0.0 May 1 2011 14:20:16
    2011/05/05 18:17:49.0861 5220 ================================================================================
    2011/05/05 18:17:49.0861 5220 SystemInfo:
    2011/05/05 18:17:49.0861 5220
    2011/05/05 18:17:49.0861 5220 OS Version: 6.0.6002 ServicePack: 2.0
    2011/05/05 18:17:49.0862 5220 Product type: Workstation
    2011/05/05 18:17:49.0862 5220 ComputerName: JENNIFER-PC
    2011/05/05 18:17:49.0863 5220 UserName: Jennifer
    2011/05/05 18:17:49.0863 5220 Windows directory: C:\Windows
    2011/05/05 18:17:49.0863 5220 System windows directory: C:\Windows
    2011/05/05 18:17:49.0863 5220 Processor architecture: Intel x86
    2011/05/05 18:17:49.0863 5220 Number of processors: 2
    2011/05/05 18:17:49.0863 5220 Page size: 0x1000
    2011/05/05 18:17:49.0863 5220 Boot type: Normal boot
    2011/05/05 18:17:49.0863 5220 ================================================================================
    2011/05/05 18:17:50.0278 5220 Initialize success
    2011/05/05 18:17:52.0071 1700 ================================================================================
    2011/05/05 18:17:52.0072 1700 Scan started
    2011/05/05 18:17:52.0072 1700 Mode: Manual;
    2011/05/05 18:17:52.0072 1700 ================================================================================
    2011/05/05 18:17:55.0298 1700 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
    2011/05/05 18:17:55.0389 1700 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
    2011/05/05 18:17:55.0438 1700 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
    2011/05/05 18:17:55.0475 1700 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
    2011/05/05 18:17:55.0514 1700 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
    2011/05/05 18:17:55.0634 1700 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
    2011/05/05 18:17:55.0735 1700 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
    2011/05/05 18:17:55.0814 1700 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
    2011/05/05 18:17:55.0868 1700 aliide (5c42a992e68724d2cd3ddb4fc3b0409f) C:\Windows\system32\drivers\aliide.sys
    2011/05/05 18:17:55.0905 1700 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
    2011/05/05 18:17:55.0938 1700 amdide (849dfacdde533da5d1810f0caf84eb19) C:\Windows\system32\drivers\amdide.sys
    2011/05/05 18:17:55.0973 1700 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
    2011/05/05 18:17:56.0035 1700 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
    2011/05/05 18:17:56.0349 1700 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
    2011/05/05 18:17:56.0461 1700 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
    2011/05/05 18:17:56.0555 1700 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
    2011/05/05 18:17:56.0607 1700 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
    2011/05/05 18:17:56.0710 1700 AtiPcie (a356e45e8432432c06981ea63a1e0fe8) C:\Windows\system32\DRIVERS\AtiPcie.sys
    2011/05/05 18:17:56.0863 1700 AVGIDSDriver (fdc788f9c135f1d3d1ef632e955d386f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
    2011/05/05 18:17:56.0964 1700 AVGIDSEH (c59c9bc3f0612bd207ccdc5d8cb9ce39) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
    2011/05/05 18:17:57.0002 1700 AVGIDSFilter (c5559de2ec66cede15a1664f6d183d8e) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
    2011/05/05 18:17:57.0060 1700 AVGIDSShim (ae5e9667fa40206796d1bd5bd0427a8a) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
    2011/05/05 18:17:57.0143 1700 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\Windows\system32\DRIVERS\avgldx86.sys
    2011/05/05 18:17:57.0170 1700 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\Windows\system32\DRIVERS\avgmfx86.sys
    2011/05/05 18:17:57.0261 1700 Avgrkx86 (ffbe8adeb1fd8640540bf6e4a137b3ef) C:\Windows\system32\DRIVERS\avgrkx86.sys
    2011/05/05 18:17:57.0357 1700 Avgtdix (69e6adf5cbbdeb5f2b727c93937a5823) C:\Windows\system32\DRIVERS\avgtdix.sys
    2011/05/05 18:17:57.0486 1700 BCM43XX (509f672686af40f95859fde67108449b) C:\Windows\system32\DRIVERS\bcmwl6.sys
    2011/05/05 18:17:57.0524 1700 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
    2011/05/05 18:17:57.0659 1700 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
    2011/05/05 18:17:57.0856 1700 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
    2011/05/05 18:17:57.0949 1700 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
    2011/05/05 18:17:58.0120 1700 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
    2011/05/05 18:17:58.0235 1700 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
    2011/05/05 18:17:58.0278 1700 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
    2011/05/05 18:17:58.0481 1700 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
    2011/05/05 18:17:58.0514 1700 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
    2011/05/05 18:17:58.0593 1700 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
    2011/05/05 18:17:58.0692 1700 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
    2011/05/05 18:17:58.0785 1700 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
    2011/05/05 18:17:58.0827 1700 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
    2011/05/05 18:17:58.0890 1700 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
    2011/05/05 18:17:59.0070 1700 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
    2011/05/05 18:17:59.0132 1700 cmdide (de11a06e187756ecb86cfa82dac40ff7) C:\Windows\system32\drivers\cmdide.sys
    2011/05/05 18:17:59.0178 1700 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
    2011/05/05 18:17:59.0222 1700 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
    2011/05/05 18:17:59.0264 1700 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
    2011/05/05 18:17:59.0413 1700 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\Windows\system32\DRIVERS\ctxusbm.sys
    2011/05/05 18:17:59.0489 1700 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
    2011/05/05 18:17:59.0627 1700 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
    2011/05/05 18:17:59.0749 1700 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
    2011/05/05 18:17:59.0872 1700 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
    2011/05/05 18:17:59.0936 1700 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\dsunidrv.sys
    2011/05/05 18:18:00.0042 1700 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
    2011/05/05 18:18:00.0157 1700 e1express (7505290504c8e2d172fa378cc0497bcc) C:\Windows\system32\DRIVERS\e1e6032.sys
    2011/05/05 18:18:00.0244 1700 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
    2011/05/05 18:18:00.0378 1700 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
    2011/05/05 18:18:00.0489 1700 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
    2011/05/05 18:18:00.0636 1700 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
    2011/05/05 18:18:00.0687 1700 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
    2011/05/05 18:18:00.0728 1700 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
    2011/05/05 18:18:00.0841 1700 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
    2011/05/05 18:18:00.0894 1700 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
    2011/05/05 18:18:00.0930 1700 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
    2011/05/05 18:18:01.0009 1700 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
    2011/05/05 18:18:01.0101 1700 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
    2011/05/05 18:18:01.0135 1700 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
    2011/05/05 18:18:01.0224 1700 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    2011/05/05 18:18:01.0321 1700 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
    2011/05/05 18:18:01.0490 1700 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
    2011/05/05 18:18:01.0737 1700 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
    2011/05/05 18:18:01.0770 1700 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
    2011/05/05 18:18:01.0872 1700 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
    2011/05/05 18:18:01.0940 1700 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
    2011/05/05 18:18:02.0032 1700 HSF_DPV (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys
    2011/05/05 18:18:02.0101 1700 HSXHWAZL (31f949d452201f2f0af0c88d7db512cd) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
    2011/05/05 18:18:02.0204 1700 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
    2011/05/05 18:18:02.0351 1700 hwdatacard (92ca47da32009ccc00a5aded04abbd78) C:\Windows\system32\DRIVERS\ewusbmdm.sys
    2011/05/05 18:18:02.0451 1700 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
    2011/05/05 18:18:02.0616 1700 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
    2011/05/05 18:18:02.0688 1700 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
    2011/05/05 18:18:02.0737 1700 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
    2011/05/05 18:18:02.0853 1700 intelide (1b16626beae3a52e611fc681cd796f86) C:\Windows\system32\drivers\intelide.sys
    2011/05/05 18:18:02.0959 1700 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
    2011/05/05 18:18:03.0054 1700 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    2011/05/05 18:18:03.0200 1700 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
    2011/05/05 18:18:03.0286 1700 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
    2011/05/05 18:18:03.0401 1700 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
    2011/05/05 18:18:03.0480 1700 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
    2011/05/05 18:18:03.0582 1700 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
    2011/05/05 18:18:03.0619 1700 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
    2011/05/05 18:18:03.0699 1700 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
    2011/05/05 18:18:03.0754 1700 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
    2011/05/05 18:18:03.0805 1700 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\DRIVERS\kbdhid.sys
    2011/05/05 18:18:03.0888 1700 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
    2011/05/05 18:18:03.0980 1700 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
    2011/05/05 18:18:04.0050 1700 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
    2011/05/05 18:18:04.0103 1700 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
    2011/05/05 18:18:04.0211 1700 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
    2011/05/05 18:18:04.0295 1700 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
    2011/05/05 18:18:04.0417 1700 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
    2011/05/05 18:18:04.0466 1700 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
    2011/05/05 18:18:04.0568 1700 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
    2011/05/05 18:18:04.0675 1700 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
    2011/05/05 18:18:04.0733 1700 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
    2011/05/05 18:18:04.0769 1700 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
    2011/05/05 18:18:04.0837 1700 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
    2011/05/05 18:18:04.0885 1700 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
    2011/05/05 18:18:04.0945 1700 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
    2011/05/05 18:18:04.0998 1700 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
    2011/05/05 18:18:05.0123 1700 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
    2011/05/05 18:18:05.0219 1700 mrxsmb (5fe5cf325f5b02ebc60832d3440cb414) C:\Windows\system32\DRIVERS\mrxsmb.sys
    2011/05/05 18:18:05.0307 1700 mrxsmb10 (30b9c769446af379a2afb72b0392604d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    2011/05/05 18:18:05.0355 1700 mrxsmb20 (fea239b3ec4877e2b7e23204af589ddf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    2011/05/05 18:18:05.0431 1700 msahci (0d1c042188ffe61a702a9df5944de5ba) C:\Windows\system32\drivers\msahci.sys
    2011/05/05 18:18:05.0457 1700 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
    2011/05/05 18:18:05.0557 1700 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
    2011/05/05 18:18:05.0652 1700 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
    2011/05/05 18:18:05.0767 1700 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
    2011/05/05 18:18:05.0841 1700 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
    2011/05/05 18:18:05.0930 1700 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
    2011/05/05 18:18:06.0025 1700 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
    2011/05/05 18:18:06.0078 1700 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
    2011/05/05 18:18:06.0163 1700 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
    2011/05/05 18:18:06.0189 1700 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
    2011/05/05 18:18:06.0335 1700 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
    2011/05/05 18:18:06.0475 1700 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
    2011/05/05 18:18:06.0545 1700 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
    2011/05/05 18:18:06.0608 1700 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
    2011/05/05 18:18:06.0649 1700 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
    2011/05/05 18:18:06.0707 1700 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
    2011/05/05 18:18:06.0905 1700 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
    2011/05/05 18:18:06.0961 1700 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
    2011/05/05 18:18:07.0052 1700 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
    2011/05/05 18:18:07.0096 1700 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
    2011/05/05 18:18:07.0143 1700 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
    2011/05/05 18:18:07.0247 1700 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
    2011/05/05 18:18:07.0339 1700 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
    2011/05/05 18:18:07.0405 1700 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
    2011/05/05 18:18:07.0456 1700 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
  • top_drawer_2
    top_drawer_2 Posts: 2,469 Forumite
    2011/05/05 18:18:07.0505 1700 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
    2011/05/05 18:18:07.0575 1700 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
    2011/05/05 18:18:07.0731 1700 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
    2011/05/05 18:18:07.0883 1700 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
    2011/05/05 18:18:07.0958 1700 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
    2011/05/05 18:18:08.0014 1700 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
    2011/05/05 18:18:08.0112 1700 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
    2011/05/05 18:18:08.0166 1700 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
    2011/05/05 18:18:08.0239 1700 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
    2011/05/05 18:18:08.0296 1700 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
    2011/05/05 18:18:08.0430 1700 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
    2011/05/05 18:18:08.0649 1700 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
    2011/05/05 18:18:08.0707 1700 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
    2011/05/05 18:18:08.0836 1700 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
    2011/05/05 18:18:08.0927 1700 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
    2011/05/05 18:18:09.0060 1700 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
    2011/05/05 18:18:09.0124 1700 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
    2011/05/05 18:18:09.0193 1700 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
    2011/05/05 18:18:09.0317 1700 R300 (554685122b4f973e21d66c2baaf29543) C:\Windows\system32\DRIVERS\atikmdag.sys
    2011/05/05 18:18:09.0491 1700 RapportBuka (e2aa111b00f5205ffd52a57f48b4f642) C:\Windows\system32\drivers\RapportBuka.sys
    2011/05/05 18:18:09.0677 1700 RapportKELL (c2c15a95a8e4897bcebe7ac8164f7002) C:\Program Files\Trusteer\Rapport\bin\RapportKELL.sys
    2011/05/05 18:18:09.0716 1700 RapportPG (3c2a69b9e8673e31a2976362023caff1) C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
    2011/05/05 18:18:09.0788 1700 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
    2011/05/05 18:18:09.0864 1700 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
    2011/05/05 18:18:09.0943 1700 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
    2011/05/05 18:18:10.0005 1700 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
    2011/05/05 18:18:10.0085 1700 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
    2011/05/05 18:18:10.0151 1700 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
    2011/05/05 18:18:10.0258 1700 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
    2011/05/05 18:18:10.0341 1700 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
    2011/05/05 18:18:10.0426 1700 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
    2011/05/05 18:18:10.0527 1700 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys
    2011/05/05 18:18:10.0604 1700 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\drivers\rimsptsk.sys
    2011/05/05 18:18:10.0660 1700 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\drivers\rixdptsk.sys
    2011/05/05 18:18:10.0801 1700 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
    2011/05/05 18:18:10.0924 1700 S2usbser (2f0caec1079a0c1a153129a696e449f8) C:\Windows\system32\DRIVERS\S2usbser.sys
    2011/05/05 18:18:10.0997 1700 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
    2011/05/05 18:18:11.0137 1700 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
    2011/05/05 18:18:11.0248 1700 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    2011/05/05 18:18:11.0358 1700 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
    2011/05/05 18:18:11.0540 1700 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
    2011/05/05 18:18:11.0624 1700 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
    2011/05/05 18:18:11.0872 1700 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
    2011/05/05 18:18:12.0236 1700 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
    2011/05/05 18:18:12.0329 1700 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
    2011/05/05 18:18:12.0429 1700 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
    2011/05/05 18:18:12.0517 1700 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
    2011/05/05 18:18:12.0565 1700 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
    2011/05/05 18:18:12.0617 1700 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
    2011/05/05 18:18:12.0715 1700 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
    2011/05/05 18:18:12.0791 1700 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
    2011/05/05 18:18:12.0912 1700 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
    2011/05/05 18:18:13.0085 1700 srv2 (a5940ca32ed206f90be9fabdf6e92de4) C:\Windows\system32\DRIVERS\srv2.sys
    2011/05/05 18:18:13.0180 1700 srvnet (37aa1d560d5fa486c4b11c2f276ada61) C:\Windows\system32\DRIVERS\srvnet.sys
    2011/05/05 18:18:13.0322 1700 STHDA (9cea131b5eb0ea653f6b3ea80b54956d) C:\Windows\system32\drivers\stwrt.sys
    2011/05/05 18:18:13.0431 1700 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
    2011/05/05 18:18:13.0489 1700 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
    2011/05/05 18:18:13.0527 1700 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
    2011/05/05 18:18:13.0563 1700 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
    2011/05/05 18:18:13.0688 1700 SynTP (1f5192248a364d4ab68db063d18a2139) C:\Windows\system32\DRIVERS\SynTP.sys
    2011/05/05 18:18:13.0834 1700 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
    2011/05/05 18:18:13.0903 1700 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
    2011/05/05 18:18:14.0020 1700 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
    2011/05/05 18:18:14.0081 1700 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
    2011/05/05 18:18:14.0122 1700 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
    2011/05/05 18:18:14.0173 1700 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
    2011/05/05 18:18:14.0303 1700 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
    2011/05/05 18:18:14.0438 1700 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
    2011/05/05 18:18:14.0575 1700 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
    2011/05/05 18:18:14.0642 1700 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
    2011/05/05 18:18:14.0718 1700 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
    2011/05/05 18:18:14.0784 1700 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
    2011/05/05 18:18:14.0875 1700 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
    2011/05/05 18:18:14.0926 1700 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
    2011/05/05 18:18:14.0985 1700 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
    2011/05/05 18:18:15.0040 1700 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
    2011/05/05 18:18:15.0095 1700 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
    2011/05/05 18:18:15.0400 1700 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
    2011/05/05 18:18:15.0430 1700 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
    2011/05/05 18:18:15.0492 1700 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
    2011/05/05 18:18:15.0540 1700 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
    2011/05/05 18:18:15.0619 1700 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
    2011/05/05 18:18:15.0689 1700 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
    2011/05/05 18:18:15.0820 1700 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\DRIVERS\usbser.sys
    2011/05/05 18:18:15.0945 1700 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    2011/05/05 18:18:16.0157 1700 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
    2011/05/05 18:18:16.0293 1700 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
    2011/05/05 18:18:16.0567 1700 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
    2011/05/05 18:18:16.0652 1700 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
    2011/05/05 18:18:16.0699 1700 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
    2011/05/05 18:18:16.0767 1700 viaide (c0ace9d0f5a5ee0b00f58345947a57fc) C:\Windows\system32\drivers\viaide.sys
    2011/05/05 18:18:16.0828 1700 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
    2011/05/05 18:18:16.0903 1700 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
    2011/05/05 18:18:16.0948 1700 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
    2011/05/05 18:18:16.0995 1700 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
    2011/05/05 18:18:17.0057 1700 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
    2011/05/05 18:18:17.0112 1700 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/05/05 18:18:17.0138 1700 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/05/05 18:18:17.0194 1700 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
    2011/05/05 18:18:17.0568 1700 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
    2011/05/05 18:18:17.0932 1700 winachsf (6d2350bb6e77e800fc4be4e5b7a2e89a) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
    2011/05/05 18:18:18.0124 1700 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    2011/05/05 18:18:18.0224 1700 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
    2011/05/05 18:18:18.0321 1700 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
    2011/05/05 18:18:18.0453 1700 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
    2011/05/05 18:18:18.0558 1700 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
    2011/05/05 18:18:18.0601 1700 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
    2011/05/05 18:18:18.0705 1700 ================================================================================
    2011/05/05 18:18:18.0705 1700 Scan finished
    2011/05/05 18:18:18.0705 1700 ================================================================================
    King Kong Capture I think was something to do with reducing photograph sizes - something I had to do ages ago, dont think I have used it since.
    Research Now is something I agreed to allow Valued Opinions install on my computer to track me around the web, I stopped getting payments for it so thought I had deleted it.
    I dont think they can be coming from my computer since I am the only person who uses it and it isnt me! I get one too and they are clearly spam.
    I use AOL (I know I know... I keep meaning to change over to gmail completely but never get round to it) the sent folder is just empty although new items are appearing (that I have sent today) fine.
    Thank you for your help,
    Jen
  • top_drawer_2
    top_drawer_2 Posts: 2,469 Forumite
    Had to do it in two posts it was so big!
  • RussJK
    RussJK Posts: 2,359 Forumite
    edited 5 May 2011 at 7:59PM
    This is in response to the Hijackthis log. It looks like its a lot of work, but it shouldn't take you too long. None of it particular helps with the main problem, but should significantly speed things up.

    Run Hijackthis again, check the boxes next to these and select "Fix Checked":
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://kingkongsearch.com/search-ver...rsion=1.2.0.26
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://kingkongsearch.com/search-ver...rsion=1.2.0.26R3 - URLSearchHook: KKTBCatch Class - {DAB46A0D-8939-4056-B80C-028DCE8999EF} - C:\PROGRA~1\KINGKO~1\Capture\KKCATC~1.DLL
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
    O2 - BHO: KKTB Helper - {DAB46A0D-8939-4056-B80C-028DCE8999EF} - C:\PROGRA~1\KINGKO~1\Capture\KKCATC~1.DLL
    O3 - Toolbar: King Kong - {2E6F4C13-49FB-4DF3-B601-030D1D470E32} - C:\PROGRA~1\KINGKO~1\Capture\KKBROW~1.DLL
    O4 - HKLM\..\Run: [KingKongCapture] C:\Program Files\King Kong Software\Capture\KingKongCapture.exe
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite....x/qtplugin.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab


    If you don't want these anymore, feel free to check the boxes and select "Fix checked" under HijackThis:
    O15 - Trusted Zone: http://redirects.researchnow.co.uk
    O15 - Trusted Zone: http://www.valuedopinions.co.uk


    Do you deliberately have a password manager installed?
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"


    Can safely stop all these from autostarting if you use Start > Run > msconfig, and untick them in the Startups tab, as none need to automatically start with Windows:
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
    O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
    O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
    O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Jennifer\AppData\Local\Google\Update\Goo gleUpdate.exe" /c
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
    O4 - Global Startup: QuickSet.lnk = ?


    These ones are your choice whether to stop them running, decide on whether you use the programs or not:
    O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" (you might wish this to start if you want the functionality)
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')


    You appear to have some aspect of McAfee still present on the computer. Run the McAfee removal tool from here (http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe), then run Appremover (www.appremover.com) and press Next until you reach the option to "check for failed uninstall".

    Afterwards, you can check and "Fix checked" with these under HijackThis if they are still there:
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
    O4 - Global Startup: McAfee Security Scan Plus.lnk = ?


    Press start, Run, type services.msc and press enter, then find all these and make sure they are set to Manual and not Automatic (double click on them, and change the Startup type)
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: ServiceLayer - Nokia - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
  • RussJK
    RussJK Posts: 2,359 Forumite
    top_drawer wrote: »
    Run the TDSSKiller and nothing to report, one suspicious thing but didnt offer the option of getting rid of it when I clicked "next".

    Could you maybe run TDSSkiller again, and take a screenshot of when it finds the suspicious thing? Unfortunately the logs make no mention of a suspicious item.

    Hold down ALT + 'Prt Scr' while you are on the TDSSkiller window, load MSPaint (start, run, Mspaint) then paste it into it, and save it as a PNT or JPG. Afterwards email it to russ_temp@fmail.co.uk please.
  • top_drawer_2
    top_drawer_2 Posts: 2,469 Forumite
    RussJK wrote: »
    Could you maybe run TDSSkiller again, and take a screenshot of when it finds the suspicious thing? Unfortunately the logs make no mention of a suspicious item.

    Hold down ALT + 'Prt Scr' while you are on the TDSSkiller window, load MSPaint (start, run, Mspaint) then paste it into it, and save it as a PNT or JPG. Afterwards email it to [EMAIL="russ_temp@fmail.co.uk"]russ_temp@fmail.co.uk[/EMAIL] please.

    I have done everything you directed (struggled to find some of the files but hopefully I've got them all). Ran the TDSSkiller again and it found nothing, running the Hitman again to check it wasnt that programme that found something.

    Looking at it now it seems to have found LOADS of cookies.

    Thank you so much for all your help - there is no way I could have done this on my own and I simply cant afford to pay someone to do it for me.

    Jen
  • RussJK
    RussJK Posts: 2,359 Forumite
    top_drawer wrote: »
    Looking at it now it seems to have found LOADS of cookies. Thank you so much for all your help - there is no way I could have done this on my own and I simply cant afford to pay someone to do it for me.

    No problem, although I don't feel like I'm getting at the problem directly.

    Do you have access to another computer, one with a CD burner? If not, does yours have a CD burner and do you have some spare discs?

    Secondly, do you have a Vista Recovery Disc, which the computer might have asked originally for you to make? Also, do you have the original Vista install disks? Most laptops these days don't, but rather have a separate partition from which a factory restore can be done.

    Basically I think you should make some bootable antivirus disks, so you can do some scans from outside of Windows, in case there is a rootkit running on the computer. I also think you need a Vista Recovery disk, so you can fix things if Windows becomes unbootable for some reason. Lastly, it would be an idea to make a Ubuntu LiveCD, which lets you run a fully feature operating system with browser etc from a disk - can come in handy, letting you back things up safely and to access the web to ask for help if you ever need it.
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 349.9K Banking & Borrowing
  • 252.7K Reduce Debt & Boost Income
  • 453K Spending & Discounts
  • 242.8K Work, Benefits & Business
  • 619.7K Mortgages, Homes & Bills
  • 176.4K Life & Family
  • 255.8K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 15.1K Coronavirus Support Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture