Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Another POP UP problem!!!

  • 29-10-2007 2:14pm
    #1
    Registered Users, Registered Users 2 Posts: 4,274 ✭✭✭


    Hi All,

    I'm experiencing similar problems to a lot of users here. I am getting unwanted pop ups... I've tried all the spyware programs under the sun and having no luck.

    Can anyone offer any help?!


Comments

  • Registered Users, Registered Users 2 Posts: 17,980 ✭✭✭✭Gavin "shels"


    There could be something on your computer. Do a virus scan and that might help. Are you using Internet Explorer?


  • Closed Accounts Posts: 793 ✭✭✭white_falcon


    Hi All,

    I'm experiencing similar problems to a lot of users here. I am getting unwanted pop ups... I've tried all the spyware programs under the sun and having no luck.

    Can anyone offer any help?!

    what are the pop ups of
    what spyware programs have u tried?


  • Registered Users, Registered Users 2 Posts: 4,274 ✭✭✭_feedback_


    what are the pop ups of
    what spyware programs have u tried?

    The most recent one i've tried was CounterSpy there have been others, I'm not sure which ones...

    I've uploaded a couple of examples of the pop ups


  • Closed Accounts Posts: 793 ✭✭✭white_falcon


    Try these programs:

    http://www.safer-networking.org/en/download/

    http://www.javacoolsoftware.com/sbdownload.html

    http://www.afterdawn.com/software/desktop_software/desktop_security/smitfraudfix.cfm

    http://free.grisoft.com/freeweb.php/doc/2/

    If you still have problems after that come back again :)

    They should resolve it though..

    Its basically just spyware, but it just depends which of those programs will get rid of it. One of them will for you, but if not, come back :)


  • Closed Accounts Posts: 1,970 ✭✭✭ActorSeeksJob


    Do this

    Download WinPFind3U.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind3u on your desktop.
    • Open the WinPFind3u folder and double-click on WinPFind3U.exe to start the program.
    • Under Additional Scans on the bottom right, check the boxes for Reg - Disabled MS Config Items.
    • Now click the Run Scan button on the toolbar.
    • When the scan is complete Notepad will open with the report file loaded in it.
    • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
    Use the Add Reply button and Copy/Paste the information back here in an attachment. I will review it when it comes in. The last line is < End of Report >, so make sure that is the last line in the attached report.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 4,274 ✭✭✭_feedback_


    Thanks a lot ASJ .... this is the report



    WinPFind3 logfile created on: 11/11/2007 13:19:55
    WinPFind3U by OldTimer - Version 1.0.42 Folder = D:\Documents and Settings\Kev\Desktop\WinPFind3u\
    Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
    Internet Explorer (Version = 7.0.5730.11)

    447.48 Mb Total Physical Memory | 91.75 Mb Available Physical Memory | 20.50% Memory free
    1.03 Gb Paging File | 0.71 Gb Available in Paging File | 69.40% Paging File free
    Paging file location(s): C:\pagefile.sys 0 0;

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 29.99 Gb Total Space | 22.17 Gb Free Space | 73.93% Space Free
    Drive D: | 150.30 Gb Total Space | 122.21 Gb Free Space | 81.31% Space Free
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded

    Computer Name: KEVIN
    Current User Name: Kev
    Logged in as Administrator.
    Current Boot Mode: Normal


    [Processes - Non-Microsoft Only]
    aboard.exe -> %SystemDrive%\APPS\ABOARD\ABOARD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 24576 bytes | Modified Date = 02/05/2003 10:31:50 | Attr = ]
    aolacsd.exe -> %CommonProgramFiles%\AOL\ACS\AOLacsd.exe -> America Online, Inc. [Ver = 2.0.20.1.UK.223 | Size = 1135728 bytes | Modified Date = 08/04/2004 07:38:26 | Attr = ]
    aosd.exe -> %SystemDrive%\APPS\ABOARD\AOSD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 69632 bytes | Modified Date = 02/05/2003 10:31:38 | Attr = ]
    applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 06/09/2007 12:28:18 | Attr = ]
    ccapp.exe -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 103.0.5.2 | Size = 58992 bytes | Modified Date = 14/07/2005 21:16:00 | Attr = ]
    ccevtmgr.exe -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 103.0.5.2 | Size = 198256 bytes | Modified Date = 14/07/2005 21:16:30 | Attr = ]
    ccproxy.exe -> %CommonProgramFiles%\Symantec Shared\CCPROXY.EXE -> Symantec Corporation [Ver = 103.0.4.3 | Size = 235120 bytes | Modified Date = 23/03/2005 15:01:04 | Attr = ]
    ccsetmgr.exe -> %CommonProgramFiles%\Symantec Shared\CCSETMGR.EXE -> Symantec Corporation [Ver = 103.0.5.2 | Size = 181872 bytes | Modified Date = 14/07/2005 21:16:44 | Attr = ]
    clcapsvc.exe -> %SystemDrive%\APPS\Powercinema\Kernel\TV\CLCapSvc.exe -> [Ver = 4.00.1710 | Size = 221266 bytes | Modified Date = 11/05/2005 12:50:14 | Attr = ]
    clmlserver.exe -> %ProgramFiles%\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -> Cyberlink [Ver = 1, 1, 0, 1619 | Size = 61440 bytes | Modified Date = 11/05/2005 12:52:00 | Attr = ]
    clmlservice.exe -> %ProgramFiles%\CyberLink\Shared Files\CLML_NTService\CLMLService.exe -> Cyberlink [Ver = 1, 1, 0, 1619 | Size = 737381 bytes | Modified Date = 11/05/2005 12:52:04 | Attr = ]
    clsched.exe -> %SystemDrive%\APPS\Powercinema\Kernel\TV\CLSched.exe -> [Ver = 4.00.1710 | Size = 110672 bytes | Modified Date = 11/05/2005 12:50:34 | Attr = ]
    e_fatiace.exe -> %System32%\spool\drivers\w32x86\3\E_FATIACE.EXE -> SEIKO EPSON CORPORATION [Ver = 4.00 | Size = 98304 bytes | Modified Date = 08/02/2005 04:00:00 | Attr = ]
    hidservice.exe -> %SystemDrive%\APPS\HIDSERVICE\HIDSERVICE.exe -> [Ver = | Size = 49152 bytes | Modified Date = 07/01/2005 11:01:52 | Attr = ]
    ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.4.3.1 | Size = 503608 bytes | Modified Date = 26/09/2007 13:41:56 | Attr = ]
    issvc.exe -> %ProgramFiles%\Norton Internet Security\ISSVC.exe -> Symantec Corporation [Ver = 8.0.5.14 | Size = 83584 bytes | Modified Date = 18/04/2005 18:49:24 | Attr = ]
    ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.4.3.1 | Size = 267064 bytes | Modified Date = 26/09/2007 13:42:04 | Attr = ]
    jucheck.exe -> %ProgramFiles%\Java\jre1.6.0_01\bin\jucheck.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 272024 bytes | Modified Date = 14/03/2007 02:43:42 | Attr = ]
    jusched.exe -> %ProgramFiles%\Java\jre1.6.0_01\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 83608 bytes | Modified Date = 14/03/2007 02:43:44 | Attr = ]
    monitor.exe -> %CommonProgramFiles%\Ulead Systems\AutoDetector\Monitor.exe -> Ulead Systems, Inc. [Ver = 2.0.0.0 | Size = 90112 bytes | Modified Date = 26/11/2004 10:43:34 | Attr = ]
    navapsvc.exe -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE -> Symantec Corporation [Ver = 11.0.16.2 | Size = 177264 bytes | Modified Date = 19/10/2005 12:54:14 | Attr = ]
    pcmservice.exe -> %SystemDrive%\APPS\Powercinema\PCMService.exe -> CyberLink Corp. [Ver = 4.0.0.0000 | Size = 127118 bytes | Modified Date = 11/05/2005 12:48:02 | Attr = ]
    realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3275 | Size = 180269 bytes | Modified Date = 07/08/2005 11:25:04 | Attr = ]
    sbcssvc.exe -> %ProgramFiles%\Sunbelt Software\CounterSpy\SBCSSvc.exe -> Sunbelt Software [Ver = 2.2.1156.0 | Size = 788976 bytes | Modified Date = 27/08/2007 12:09:12 | Attr = ]
    sbcstray.exe -> %ProgramFiles%\Sunbelt Software\CounterSpy\SBCSTray.exe -> Sunbelt Software [Ver = 2.2.1156.0 | Size = 698864 bytes | Modified Date = 27/08/2007 12:09:14 | Attr = ]
    slserv.exe -> %System32%\slserv.exe -> [Ver = 2.80.00(24Apr2000) | Size = 45056 bytes | Modified Date = 02/07/2003 16:40:08 | Attr = ]
    sndsrvc.exe -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 5.5.1.6 | Size = 206552 bytes | Modified Date = 05/04/2005 10:17:22 | Attr = ]
    soundman.exe -> %SystemRoot%\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 5.1.0.39 | Size = 77824 bytes | Modified Date = 17/05/2005 17:48:32 | Attr = ]
    spbbcsvc.exe -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCSvc.exe -> Symantec Corporation [Ver = 1,0,1,47 | Size = 173160 bytes | Modified Date = 21/07/2004 14:24:00 | Attr = ]
    taskswitch.exe -> %System32%\taskswitch.exe -> [Ver = | Size = 45632 bytes | Modified Date = 08/10/2001 11:59:36 | Attr = ]
    ulcdrsvr.exe -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> Ulead Systems, Inc. [Ver = 1, 0, 0, 3 | Size = 49152 bytes | Modified Date = 26/02/2004 08:52:00 | Attr = ]
    vttimer.exe -> %System32%\VTTimer.exe -> S3 Graphics, Inc. [Ver = 2.00.01-0307 | Size = 53248 bytes | Modified Date = 08/03/2005 02:33:28 | Attr = ]
    vttrayp.exe -> %System32%\VTTrayp.exe -> S3 Graphics Co., Ltd. [Ver = 2.00.36-0308B | Size = 147456 bytes | Modified Date = 11/03/2005 16:33:28 | Attr = ]
    winable.exe -> %ProgramFiles%\WinAble\winable.exe -> [Ver = | Size = 61440 bytes | Modified Date = 24/10/2007 17:27:56 | Attr = ]
    winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.42.0 | Size = 322560 bytes | Modified Date = 04/09/2007 10:47:26 | Attr = ]

    [Win32 Services - Non-Microsoft Only]
    (AOL ACS) AOL Connectivity Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\AOL\ACS\AOLacsd.exe -> America Online, Inc. [Ver = 2.0.20.1.UK.223 | Size = 1135728 bytes | Modified Date = 08/04/2004 07:38:26 | Attr = ]
    (Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 06/09/2007 12:28:18 | Attr = ]
    (ccEvtMgr) Symantec Event Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 103.0.5.2 | Size = 198256 bytes | Modified Date = 14/07/2005 21:16:30 | Attr = ]
    (ccProxy) Symantec Network Proxy [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCPROXY.EXE -> Symantec Corporation [Ver = 103.0.4.3 | Size = 235120 bytes | Modified Date = 23/03/2005 15:01:04 | Attr = ]
    (ccPwdSvc) Symantec Password Validation [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\CCPWDSVC.EXE -> Symantec Corporation [Ver = 103.0.5.2 | Size = 79472 bytes | Modified Date = 14/07/2005 21:16:40 | Attr = ]
    (ccSetMgr) Symantec Settings Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCSETMGR.EXE -> Symantec Corporation [Ver = 103.0.5.2 | Size = 181872 bytes | Modified Date = 14/07/2005 21:16:44 | Attr = ]
    (CLCapSvc) CyberLink Background Capture Service (CBCS) [Win32_Own | Auto | Running] -> %SystemDrive%\APPS\Powercinema\Kernel\TV\CLCapSvc.exe -> [Ver = 4.00.1710 | Size = 221266 bytes | Modified Date = 11/05/2005 12:50:14 | Attr = ]
    (CLSched) CyberLink Task Scheduler (CTS) [Win32_Own | Auto | Running] -> %SystemDrive%\APPS\Powercinema\Kernel\TV\CLSched.exe -> [Ver = 4.00.1710 | Size = 110672 bytes | Modified Date = 11/05/2005 12:50:34 | Attr = ]
    (CyberLink Media Library Service) CyberLink Media Library Service [Win32_Own | Auto | Running] -> %ProgramFiles%\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -> Cyberlink [Ver = 1, 1, 0, 1619 | Size = 61440 bytes | Modified Date = 11/05/2005 12:52:00 | Attr = ]
    (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 04/08/2004 13:00:00 | Attr = ]
    (GenericHidService) Generic Service for HID Keyboard Input Collections [Win32_Own | Auto | Running] -> %SystemDrive%\APPS\HIDSERVICE\HIDSERVICE.exe -> [Ver = | Size = 49152 bytes | Modified Date = 07/01/2005 11:01:52 | Attr = ]
    (IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 04/04/2005 00:41:10 | Attr = ]
    (iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.4.3.1 | Size = 503608 bytes | Modified Date = 26/09/2007 13:41:56 | Attr = ]
    (ISSVC) ISSVC [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton Internet Security\ISSVC.exe -> Symantec Corporation [Ver = 8.0.5.14 | Size = 83584 bytes | Modified Date = 18/04/2005 18:49:24 | Attr = ]
    (navapsvc) Norton AntiVirus Auto-Protect Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE -> Symantec Corporation [Ver = 11.0.16.2 | Size = 177264 bytes | Modified Date = 19/10/2005 12:54:14 | Attr = ]
    (SAVScan) SAVScan [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\SAVSCAN.EXE -> Symantec Corporation [Ver = 9.4.2.1 | Size = 198368 bytes | Modified Date = 07/03/2005 14:59:36 | Attr = ]
    (SBCSSvc) Sunbelt CounterSpy Antispyware [Win32_Own | Auto | Running] -> %ProgramFiles%\Sunbelt Software\CounterSpy\SBCSSvc.exe -> Sunbelt Software [Ver = 2.2.1156.0 | Size = 788976 bytes | Modified Date = 27/08/2007 12:09:12 | Attr = ]
    (SLService) SmartLinkService [Win32_Own | Auto | Running] -> %System32%\slserv.exe -> [Ver = 2.80.00(24Apr2000) | Size = 45056 bytes | Modified Date = 02/07/2003 16:40:08 | Attr = ]
    (SNDSrvc) Symantec Network Drivers Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 5.5.1.6 | Size = 206552 bytes | Modified Date = 05/04/2005 10:17:22 | Attr = ]
    (SPBBCSvc) Symantec SPBBCSvc [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCSvc.exe -> Symantec Corporation [Ver = 1,0,1,47 | Size = 173160 bytes | Modified Date = 21/07/2004 14:24:00 | Attr = ]
    (UleadBurningHelper) Ulead Burning Helper [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Ulead Systems\DVD\ULCDRSvr.exe -> Ulead Systems, Inc. [Ver = 1, 0, 0, 3 | Size = 49152 bytes | Modified Date = 26/02/2004 08:52:00 | Attr = ]

    [Registry - Non-Microsoft Only]
    < Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
    -> -> File not found
    ACTIVBOARD -> %SystemDrive%\APPS\ABOARD\ABOARD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 24576 bytes | Modified Date = 02/05/2003 10:31:50 | Attr = ]
    ccApp -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 103.0.5.2 | Size = 58992 bytes | Modified Date = 14/07/2005 21:16:00 | Attr = ]
    CoolSwitch -> %System32%\taskswitch.exe -> [Ver = | Size = 45632 bytes | Modified Date = 08/10/2001 11:59:36 | Attr = ]
    EPSON Stylus DX3800 Series -> %System32%\spool\drivers\w32x86\3\E_FATIACE.EXE -> SEIKO EPSON CORPORATION [Ver = 4.00 | Size = 98304 bytes | Modified Date = 08/02/2005 04:00:00 | Attr = ]
    iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.4.3.1 | Size = 267064 bytes | Modified Date = 26/09/2007 13:42:04 | Attr = ]
    PCMService -> %SystemDrive%\APPS\Powercinema\PCMService.exe -> CyberLink Corp. [Ver = 4.0.0.0000 | Size = 127118 bytes | Modified Date = 11/05/2005 12:48:02 | Attr = ]
    QuickTime Task -> %ProgramFiles%\QuickTime\QTTask.exe -> Apple Inc. [Ver = 7.2 | Size = 286720 bytes | Modified Date = 29/06/2007 05:24:52 | Attr = ]
    SBCSTray -> %ProgramFiles%\Sunbelt Software\CounterSpy\SBCSTray.exe -> Sunbelt Software [Ver = 2.2.1156.0 | Size = 698864 bytes | Modified Date = 27/08/2007 12:09:14 | Attr = ]
    SoundMan -> %SystemRoot%\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 5.1.0.39 | Size = 77824 bytes | Modified Date = 17/05/2005 17:48:32 | Attr = ]
    SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_01\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 83608 bytes | Modified Date = 14/03/2007 02:43:44 | Attr = ]
    Symantec NetDriver Monitor -> %ProgramFiles%\SymNetDrv\SNDMon.exe -> Symantec Corporation [Ver = 5.5.1.6 | Size = 100056 bytes | Modified Date = 05/10/2005 20:12:20 | Attr = ]
    TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.3275 | Size = 180269 bytes | Modified Date = 07/08/2005 11:25:04 | Attr = ]
    Ulead AutoDetector v2 -> %CommonProgramFiles%\Ulead Systems\AutoDetector\Monitor.exe -> Ulead Systems, Inc. [Ver = 2.0.0.0 | Size = 90112 bytes | Modified Date = 26/11/2004 10:43:34 | Attr = ]
    VTTimer -> %System32%\VTTimer.exe -> S3 Graphics, Inc. [Ver = 2.00.01-0307 | Size = 53248 bytes | Modified Date = 08/03/2005 02:33:28 | Attr = ]
    VTTrayp -> %System32%\VTTrayp.exe -> S3 Graphics Co., Ltd. [Ver = 2.00.36-0308B | Size = 147456 bytes | Modified Date = 11/03/2005 16:33:28 | Attr = ]
    WinampAgent -> %ProgramFiles%\Winamp3\winampa.exe -> File not found
    < OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
    IMAIL -> Installed = 1 ->
    MAPI -> Installed = 1 ->
    MSFS -> Installed = 1 ->
    < Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
    IpWins -> %ProgramFiles%\Ipwindows\ipwins.exe -> File not found
    WinAble -> %ProgramFiles%\WinAble\winable.exe -> [Ver = | Size = 61440 bytes | Modified Date = 24/10/2007 17:27:56 | Attr = ]
    WinPop -> %ProgramFiles%\WinPop\winpop.exe -> File not found
    < SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
    < Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
    < Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
    < CurrentVersion Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
    < CurrentVersion Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\{D8896466-0710-2057-0624-05110304002c} -> "C:\Program Files\Common Files\{D8896466-0710-2057-0624-05110304002c}\Update.exe" mc-110-12-0000140 ->
    < HOSTS File > (734 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
    127.0.0.1 localhost -> ->
    < Internet Explorer Settings > -> ->
    HKLM: Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
    HKLM: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
    HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
    HKLM: Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
    HKLM: Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
    HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
    HKLM: Search\\Default_Search_URL -> http://www.google.com/ie ->
    HKLM: SearchAssistant -> http://www.google.com/ie ->
    HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
    HKCU: Search Bar -> http://www.google.com/ie ->
    HKCU: Search Page -> http://www.google.com ->
    HKCU: Start Page -> http://www.google.ie/ ->
    HKCU: SearchAssistant -> http://www.google.com/ie ->
    HKCU: ProxyEnable -> 0 ->
    < Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
    msn.com [ - ] -> ->
    < BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> Adobe Systems Incorporated [Ver = 7.0.0.2004121400 | Size = 63136 bytes | Modified Date = 14/12/2004 00:56:50 | Attr = ]
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_01\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 501400 bytes | Modified Date = 14/03/2007 02:43:40 | Attr = ]
    {9ECB9560-04F9-4bbc-943D-298DDF1699E1} [HKLM] -> %CommonProgramFiles%\Symantec Shared\AdBlocking\NISShExt.dll [CNisExtBho Class] -> Symantec Corporation [Ver = 8.0.2.5 | Size = 103568 bytes | Modified Date = 28/10/2004 15:58:00 | Attr = ]
    {BDF3E430-B101-42AD-A544-FADC6B084872} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [CNavExtBho Class] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218736 bytes | Modified Date = 19/10/2005 12:54:30 | Attr = ]
    {C1B4DEC2-2623-438e-9CA2-C9043AB28508} [HKLM] -> %CommonProgramFiles%\{38896466-0710-2057-0624-05110304002c}\Bar888.dll [Bar888] -> [Ver = 1, 0, 0, 1 | Size = 100352 bytes | Modified Date = 06/03/2007 16:51:56 | Attr = ]
    {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} [HKLM] -> %ProgramFiles%\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll [EpsonToolBandKicker Class] -> SEIKO EPSON CORPORATION [Ver = 1, 1, 0, 0 | Size = 368640 bytes | Modified Date = 22/02/2005 12:50:34 | Attr = ]
    < Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
    {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} [HKLM] -> %CommonProgramFiles%\Symantec Shared\AdBlocking\NISShExt.dll [Norton Internet Security] -> Symantec Corporation [Ver = 8.0.2.5 | Size = 103568 bytes | Modified Date = 28/10/2004 15:58:00 | Attr = ]
    {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218736 bytes | Modified Date = 19/10/2005 12:54:30 | Attr = ]
    {C1B4DEC2-2623-438e-9CA2-C9043AB28508} [HKLM] -> %CommonProgramFiles%\{38896466-0710-2057-0624-05110304002c}\Bar888.dll [Bar888] -> [Ver = 1, 0, 0, 1 | Size = 100352 bytes | Modified Date = 06/03/2007 16:51:56 | Attr = ]
    {EE5D279F-081B-4404-994D-C6B60AAEBA6D} [HKLM] -> %ProgramFiles%\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll [EPSON Web-To-Page] -> SEIKO EPSON CORPORATION [Ver = 1, 1, 0, 0 | Size = 368640 bytes | Modified Date = 22/02/2005 12:50:34 | Attr = ]
    < Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
    ShellBrowser\\{119DBEDA-9C41-4F97-94B4-B6BCD01133CF} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
    ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218736 bytes | Modified Date = 19/10/2005 12:54:30 | Attr = ]
    WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKLM] -> %CommonProgramFiles%\Symantec Shared\AdBlocking\NISShExt.dll [Norton Internet Security] -> Symantec Corporation [Ver = 8.0.2.5 | Size = 103568 bytes | Modified Date = 28/10/2004 15:58:00 | Attr = ]
    WebBrowser\\{119DBEDA-9C41-4F97-94B4-B6BCD01133CF} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
    WebBrowser\\{EE5D279F-081B-4404-994D-C6B60AAEBA6D} [HKLM] -> %ProgramFiles%\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll [EPSON Web-To-Page] -> SEIKO EPSON CORPORATION [Ver = 1, 1, 0, 0 | Size = 368640 bytes | Modified Date = 22/02/2005 12:50:34 | Attr = ]
    < Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.6.0_01\bin\npjpi160_01.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 132760 bytes | Modified Date = 14/03/2007 02:43:42 | Attr = ]
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.6.0_01\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.10.6 | Size = 501400 bytes | Modified Date = 14/03/2007 02:43:40 | Attr = ]
    {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> Reg Data - Value does not exist [ButtonText: Real.com] -> File not found
    {e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
    < Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
    E&xport to Microsoft Excel -> -> File not found
    < DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
    {260B3D94-8639-4052-A172-6F46F81D49B8} -> () ->
    {AAAEF736-4DB8-4736-8889-AEABA250F2A9} -> (Realtek RTL8139/810x Family Fast Ethernet NIC) ->
    < Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
    ipp -> Reg Data - Key not found -> File not found
    msdaipp -> Reg Data - Key not found -> File not found
    < Protocol Filters [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ ->
    text/html -> Reg Data - Key not found -> File not found
    < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
    {8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.6.0_01 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab ->
    {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_02 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab ->
    {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_01 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab ->
    {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.6.0_01 - CodeBase = http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab ->
    {D27CDB6E-AE6D-11CF-96B8-444553540000} -> - CodeBase = http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab ->


    [Registry - Additional Scans - Non-Microsoft Only]

    [Files/Folders - Created Within 30 days]
    QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 19/10/2007 16:56:32 | Attr = ]
    QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 19/10/2007 16:56:32 | Attr = H ]
    DRVSTORE -> %System32%\DRVSTORE -> [Folder | Created Date = 19/10/2007 16:52:59 | Attr = ]

    [Files/Folders - Modified Within 30 days]
    hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 469291008 bytes | Modified Date = 11/11/2007 13:12:54 | Attr = HS]
    Program Files -> %ProgramFiles% -> [Folder | Modified Date = 11/11/2007 13:14:16 | Attr = R ]
    Temp -> %SystemDrive%\Temp -> [Folder | Modified Date = 10/11/2007 17:51:10 | Attr = ]
    WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 29/10/2007 14:01:26 | Attr = ]
    bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 11/11/2007 13:13:00 | Attr = S]
    Iedit.INI -> %SystemRoot%\Iedit.INI -> [Ver = | Size = 30 bytes | Modified Date = 04/11/2007 17:53:08 | Attr = ]
    inf -> %SystemRoot%\inf -> [Folder | Modified Date = 19/10/2007 16:53:04 | Attr = H ]
    Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 29/10/2007 12:38:14 | Attr = HS]
    PREFETCH -> %SystemRoot%\PREFETCH -> [Folder | Modified Date = 11/11/2007 13:19:20 | Attr = ]
    QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 19/10/2007 16:56:48 | Attr = ]
    QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 11/11/2007 13:14:24 | Attr = H ]
    security -> %SystemRoot%\security -> [Folder | Modified Date = 29/10/2007 11:44:12 | Attr = ]
    system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 273 bytes | Modified Date = 10/11/2007 17:47:20 | Attr = ]
    system32 -> %System32% -> [Folder | Modified Date = 10/11/2007 19:36:16 | Attr = HS]
    Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 19/10/2007 16:53:24 | Attr = S]
    Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 11/11/2007 13:18:52 | Attr = ]
    win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 710 bytes | Modified Date = 10/11/2007 17:47:20 | Attr = ]
    WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 19/10/2007 16:52:44 | Attr = ]
    AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 19/10/2007 16:53:24 | Attr = ]
    SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 11/11/2007 13:13:28 | Attr = H ]
    Symantec NetDetect.job -> %SystemRoot%\tasks\Symantec NetDetect.job -> [Ver = | Size = 360 bytes | Modified Date = 04/11/2007 16:14:20 | Attr = ]
    CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 09/11/2007 18:46:36 | Attr = ]
    drivers -> %System32%\drivers -> [Folder | Modified Date = 29/10/2007 12:38:06 | Attr = ]
    DRVSTORE -> %System32%\DRVSTORE -> [Folder | Modified Date = 19/10/2007 16:53:00 | Attr = ]
    perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 53220 bytes | Modified Date = 06/11/2007 18:26:32 | Attr = ]
    perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 381124 bytes | Modified Date = 06/11/2007 18:26:32 | Attr = ]
    PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 439376 bytes | Modified Date = 06/11/2007 18:26:32 | Attr = ]
    wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 1158 bytes | Modified Date = 08/11/2007 18:15:14 | Attr = ]

    [File String Scan - Non-Microsoft Only]
    WSUD , -> %System32%\ALSNDMGR.CPL -> Realtek Semiconductor Corp. [Ver = 2.2.0.44 | Size = 18726912 bytes | Modified Date = 18/05/2005 14:17:54 | Attr = ]
    PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41397 bytes | Modified Date = 04/08/2004 13:00:00 | Attr = ]
    winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 04/08/2004 13:00:00 | Attr = ]
    Thawte Consulting , -> %System32%\XceedZip.dll -> Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com [Ver = 6.0.5411.0 | Size = 493400 bytes | Modified Date = 22/06/2006 15:40:28 | Attr = ]
    UPX! , UPX0 , -> %System32%\xtz.exe -> @ [Ver = 1.00 | Size = 35328 bytes | Modified Date = 06/03/2007 16:52:32 | Attr = ]
    PTech , -> %System32%\drivers\mtlstrm.sys -> [Ver = 3.40.02RC | Size = 1301128 bytes | Modified Date = 02/07/2003 15:26:36 | Attr = ]

    < End of report >


  • Closed Accounts Posts: 1,970 ✭✭✭ActorSeeksJob


    Please go to Start > Control Panel > Add or Remove Programs > Remove Winable


    Start WinPFind3U. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.
    [Kill Explorer]
    [Processes - Non-Microsoft Only]
    YY -> winable.exe -> %ProgramFiles%\WinAble\winable.exe
    [Registry - Non-Microsoft Only]
    < Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    YN -> ->
    < Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    YN -> IpWins -> %ProgramFiles%\Ipwindows\ipwins.exe
    YY -> WinAble -> %ProgramFiles%\WinAble\winable.exe
    YN -> WinPop -> %ProgramFiles%\WinPop\winpop.exe
    < BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    YY -> {C1B4DEC2-2623-438e-9CA2-C9043AB28508} [HKLM] -> %CommonProgramFiles%\{38896466-0710-2057-0624-05110304002c}\Bar888.dll [Bar888]
    < Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
    YY -> {C1B4DEC2-2623-438e-9CA2-C9043AB28508} [HKLM] -> %CommonProgramFiles%\{38896466-0710-2057-0624-05110304002c}\Bar888.dll [Bar888]
    < Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
    YN -> ShellBrowser\\{119DBEDA-9C41-4F97-94B4-B6BCD01133CF} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found]
    YN -> WebBrowser\\{119DBEDA-9C41-4F97-94B4-B6BCD01133CF} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found]
    < Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
    YN -> {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -> Reg Data - Value does not exist [ButtonText: Real.com]
    YN -> {e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001]
    < Protocol Filters [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\
    YN -> text/html -> Reg Data - Key not found
    [File String Scan - Non-Microsoft Only]
    NY -> UPX! , UPX0 , -> %System32%\xtz.exe
    [Empty Temp Folders]
    [Start Explorer]
    [Reboot]

    The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here along with a new WinPFind3u scan(attach the WinPFind3 scan report).

    I will review the information when it comes back in.


  • Registered Users, Registered Users 2 Posts: 4,274 ✭✭✭_feedback_


    Hey ASJ ....

    I've tried running that fix a few times and each time it's not completing ... the program (WinPFind3u) just seems to freeze with the not responding message coming up ??


  • Closed Accounts Posts: 1,970 ✭✭✭ActorSeeksJob


    Make sure you have all programs closed, and don't use the PC for anything while the fix is running. If that fails, just run WinPFind3.exe again and post the log since it may have already worked.


Advertisement