We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Hijackthis log- blocked
Ader1
Posts: 420 Forumite
in Techie Stuff
I'm trying to post a log but I keep getting the message:
"Your request has been blocked."
Why should that be the case?
"Your request has been blocked."
Why should that be the case?
0
Comments
-
It's a forum bug since a recent update. For some reason it doesn't like system32 references. Change them all to system 32 (with the space) or system42 and the log should post OK.0
-
Thank you. Here we are:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:42:20, on 21/09/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System42\smss.exe
C:\WINDOWS\system42\winlogon.exe
C:\WINDOWS\system42\services.exe
C:\WINDOWS\system42\lsass.exe
C:\WINDOWS\system42\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System42\svchost.exe
C:\WINDOWS\system42\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System42\svchost.exe
C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
C:\WINDOWS\system42\nvsvc42.exe
C:\WINDOWS\System42\svchost.exe
C:\WINDOWS\system42\svchost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System42\DLA\DLACTRLW.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\ACTIV Software\ACTIVdriver\ActivControl2.exe
C:\progra~1\scansoft\paperp~1\pptd40nt.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system42\ctfmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\system42\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system42\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=0061103
R3 - URLSearchHook: (no name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System42\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL42.EXE C:\WINDOWS\system42\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System42\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ActivControl] C:\Program Files\ACTIV Software\ACTIVdriver\ActivControl2.exe
O4 - HKLM\..\Run: [PaperPort PTD] c:\progra~1\scansoft\paperp~1\pptd40nt.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\RunOnce: [0006 - C:\Documents and Settings\Ty Ni\Start Menu\Programs\hp deskjet 980c series v3.2] C:\WINDOWS\command.com /c rmdir "C:\Documents and Settings\Ty Ni\Start Menu\Programs\hp deskjet 980c series v3.2"
O4 - HKLM\..\RunOnce: [0011 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit\global\content] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit\global\content"
O4 - HKLM\..\RunOnce: [0012 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit\global] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit\global"
O4 - HKLM\..\RunOnce: [0013 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit"
O4 - HKLM\..\RunOnce: [0014 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages"
O4 - HKLM\..\RunOnce: [0015 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern\global\skin] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern\global\skin"
O4 - HKLM\..\RunOnce: [0016 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern\global] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern\global"
O4 - HKLM\..\RunOnce: [0017 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern"
O4 - HKLM\..\RunOnce: [0027 - C:\Documents and Settings\Ty Ni\Start Menu\Programs\hp deskjet 980c series v3.2] C:\WINDOWS\command.com /c rmdir "C:\Documents and Settings\Ty Ni\Start Menu\Programs\hp deskjet 980c series v3.2"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system42\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system42\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system42\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system42\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.samsungsetup.com
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab
O16 - DPF: {644E442F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E42070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1226861208428
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system42\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system42\browseui.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 42\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system42\nvsvc42.exe
--
End of file - 13087 bytes0 -
ram and commit charge from task manager?
backup and reinstall windows, or:
tick and fix
O15 - Trusted Zone: http://www.samsungsetup.com
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/tech...bs/tgctlsr.cab
O16 - DPF: {644E442F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6E42070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1226861208428
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/sof...iveXPlugin.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe...bat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
R3 - URLSearchHook: (no name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrow serrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System42\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstan ce.dll (file missing)
In internet explorer, click on tools, internet options, advanced, disable script debugging
replace mse with avast free
uninstall citrix
reset IE to defaults under tools internet options, advanced
disable ctfmon - control panel, regional and language options,languages, details, advanced, tick the Turn off advanced text services, ok
start, run, services.msc, disable these services. (make a note of any services you disable,
Google update service - google update may also add a task to c:\windows\tasks that can be deleted.
SSDP Discovery Service
Remote Registry
WebClient
Distributed Link Tracking Client
disable this lot from startup using msconfig, startup tab
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System42\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ActivControl] C:\Program Files\ACTIV Software\ACTIVdriver\ActivControl2.exe
O4 - HKLM\..\Run: [PaperPort PTD] c:\progra~1\scansoft\paperp~1\pptd40nt.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\RunOnce: [0006 - C:\Documents and Settings\Ty Ni\Start Menu\Programs\hp deskjet 980c series v3.2] C:\WINDOWS\command.com /c rmdir "C:\Documents and Settings\Ty Ni\Start Menu\Programs\hp deskjet 980c series v3.2"
O4 - HKLM\..\RunOnce: [0011 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit\global\content] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit\global\content"
O4 - HKLM\..\RunOnce: [0012 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit\global] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit\global"
O4 - HKLM\..\RunOnce: [0013 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit"
O4 - HKLM\..\RunOnce: [0014 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages"
O4 - HKLM\..\RunOnce: [0015 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern\global\skin] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern\global\skin"
O4 - HKLM\..\RunOnce: [0016 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern\global] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern\global"
O4 - HKLM\..\RunOnce: [0017 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern"
O4 - HKLM\..\RunOnce: [0027 - C:\Documents and Settings\Ty Ni\Start Menu\Programs\hp deskjet 980c series v3.2] C:\WINDOWS\command.com /c rmdir "C:\Documents and Settings\Ty Ni\Start Menu\Programs\hp deskjet 980c series v3.2"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system42\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system42\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system42\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe!!
> . !!!! ----> .0 -
ram and commit charge from task manager?
backup and reinstall windows, or:
tick and fix
O15 - Trusted Zone: http://www.samsungsetup.com
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/tech...bs/tgctlsr.cab
O16 - DPF: {644E442F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6E42070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1226861208428
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/sof...iveXPlugin.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe...bat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
R3 - URLSearchHook: (no name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrow serrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System42\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstan ce.dll (file missing)
In internet explorer, click on tools, internet options, advanced, disable script debugging
replace mse with avast free
uninstall citrix
reset IE to defaults under tools internet options, advanced
disable ctfmon - control panel, regional and language options,languages, details, advanced, tick the Turn off advanced text services, ok
start, run, services.msc, disable these services. (make a note of any services you disable,
Google update service - google update may also add a task to c:\windows\tasks that can be deleted.
SSDP Discovery Service
Remote Registry
WebClient
Distributed Link Tracking Client
disable this lot from startup using msconfig, startup tab
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System42\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ActivControl] C:\Program Files\ACTIV Software\ACTIVdriver\ActivControl2.exe
O4 - HKLM\..\Run: [PaperPort PTD] c:\progra~1\scansoft\paperp~1\pptd40nt.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\RunOnce: [0006 - C:\Documents and Settings\Ty Ni\Start Menu\Programs\hp deskjet 980c series v3.2] C:\WINDOWS\command.com /c rmdir "C:\Documents and Settings\Ty Ni\Start Menu\Programs\hp deskjet 980c series v3.2"
O4 - HKLM\..\RunOnce: [0011 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit\global\content] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit\global\content"
O4 - HKLM\..\RunOnce: [0012 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit\global] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit\global"
O4 - HKLM\..\RunOnce: [0013 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit"
O4 - HKLM\..\RunOnce: [0014 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages"
O4 - HKLM\..\RunOnce: [0015 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern\global\skin] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern\global\skin"
O4 - HKLM\..\RunOnce: [0016 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern\global] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern\global"
O4 - HKLM\..\RunOnce: [0017 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern"
O4 - HKLM\..\RunOnce: [0027 - C:\Documents and Settings\Ty Ni\Start Menu\Programs\hp deskjet 980c series v3.2] C:\WINDOWS\command.com /c rmdir "C:\Documents and Settings\Ty Ni\Start Menu\Programs\hp deskjet 980c series v3.2"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system42\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system42\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system42\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
Thanks Closed.
I couldn't find Citrix in add remove programmes
I haven't yet replaced MSE with Avast
When you say:
. Do you mean to uncheck box next to 'disable script debugging'?disable script debugging
Commit Charg (k)
Totla 504772
Limit 4032672
Peak 990448
By ram is guess you mean Physical Memory
Toatal 2095080
Avilable 1410240
Systme Cache 10501400 -
This is the log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:10:28, on 23/09/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System42\smss.exe
C:\WINDOWS\System42\winlogon.exe
C:\WINDOWS\System42\services.exe
C:\WINDOWS\System42\lsass.exe
C:\WINDOWS\System42\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System42\svchost.exe
C:\WINDOWS\System42\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System42\svchost.exe
C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
C:\WINDOWS\System42\nvsvc32.exe
C:\WINDOWS\System42\svchost.exe
C:\WINDOWS\System42\svchost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\System42\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=0061103
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System42\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunOnce: [0006 - C:\Documents and Settings\Ty Ni\Start Menu\Programs\hp deskjet 980c series v3.2] C:\WINDOWS\command.com /c rmdir "C:\Documents and Settings\Ty Ni\Start Menu\Programs\hp deskjet 980c series v3.2"
O4 - HKLM\..\RunOnce: [0011 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit\global\content] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit\global\content"
O4 - HKLM\..\RunOnce: [0012 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit\global] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit\global"
O4 - HKLM\..\RunOnce: [0013 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages\widget-toolkit"
O4 - HKLM\..\RunOnce: [0014 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\packages"
O4 - HKLM\..\RunOnce: [0015 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern\global\skin] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern\global\skin"
O4 - HKLM\..\RunOnce: [0016 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern\global] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern\global"
O4 - HKLM\..\RunOnce: [0017 - C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern] C:\WINDOWS\command.com /c rmdir "C:\Program Files\hewlett-packard\hp deskjet assistant\bin\chrome\skins\modern"
O4 - HKLM\..\RunOnce: [0027 - C:\Documents and Settings\Ty Ni\Start Menu\Programs\hp deskjet 980c series v3.2] C:\WINDOWS\command.com /c rmdir "C:\Documents and Settings\Ty Ni\Start Menu\Programs\hp deskjet 980c series v3.2"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System42\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System42\CTFMON.EXE (User 'Default user')
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System42\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System42\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System42\browseui.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System42\nvsvc32.exe
--
End of file - 8575 bytes0 -
did you do all steps
disable debugging should be ticked to stop this
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE!!
> . !!!! ----> .0 -
I uninstalled MSE antivirus and installed Avast 2013 Free antivirus. I looked at the MSE programme and I think it was just over 21 MB in size. The Avast programme is 340 MB in size. Was it wise of me to replace MSE with Avast?0
-
you'll be lucky to find any software from that company that uses so little disk space, least of all, antivirus.
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe still running at boot!!
> . !!!! ----> .0 -
Thank you Closed. It's a lot quicker now. :-)0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.3K Banking & Borrowing
- 253.7K Reduce Debt & Boost Income
- 454.4K Spending & Discounts
- 245.3K Work, Benefits & Business
- 601.1K Mortgages, Homes & Bills
- 177.6K Life & Family
- 259.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards