Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Could someone look at these logs please.....

  • 15-08-2009 11:09am
    #1
    Registered Users, Registered Users 2 Posts: 1,536 ✭✭✭


    Hi All
    I have a prob with my lappie, desktop has been hijacked and its slow as a big slow thing.
    I tried all the steps outlined in the "Things to do before posting" and no luck.
    Anyway here's the HiJackThis log

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:03:58, on 15/08/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\LogMeIn\x86\RaMaint.exe
    C:\Program Files\LogMeIn\x86\LogMeIn.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\LogMeIn\x86\LMIGuardian.exe
    C:\Program Files\CDBurnerXP\NMSAccessU.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\VistaDrive\VistaDrive.exe
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\Program Files\LClock\LClock.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Google\Gmail Notifier\gnotify.exe
    C:\WINDOWS\tsnp2std.exe
    C:\WINDOWS\vsnp2std.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\LogMeIn\x86\LMIGuardian.exe
    C:\Documents and Settings\Fa\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
    C:\Program Files\Dodatki\Total CMA Pack\TOTALCMD.EXE
    C:\Documents and Settings\Fa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Fa\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Fa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Fa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Fa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files\MyPhoneExplorer\MyPhoneExplorer.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe
    O4 - HKLM\..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe -H
    O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [BVRPLiveUpdate] C:\Program Files\Avanquest update\Engine\Setup.exe -s /PATCH,/SRCUPDATEC:\DOCUME~1\ALLUSE~1\APPLIC~1\SONYER~1\SONYER~1\LIVEUP~1\LISTOF~1.DAT
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
    O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
    O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Fa\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Creative Detector U] "C:\Program Files\Creative\MediaSource5\CTDetctu.exe" /R
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [Total CMA Pack] C:\Program Files\Dodatki\Total CMA Pack\Total CMA Pack.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
    O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
    O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - Unknown owner - hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00 (file missing)

    --
    End of file - 8515 bytes


    And the Rooter log is here

    Rooter.exe (v1.0.2) by Eric_71
    .
    SeDebugPrivilege granted successfully ...
    .
    Windows XP . (5.1.2600) Service Pack 2
    [32_bits] - x86 Family 15 Model 2 Stepping 9, GenuineIntel
    .
    Error OpenService (wscsvc) : 1060
    [SharedAccess] RUNNING (state:4)
    .
    Internet Explorer 6.0.2900.2180
    Mozilla Firefox 3.0.9 (en-US)
    .
    C:\ [Fixed-NTFS] .. ( Total:37 Go - Free:2 Go )
    D:\ [CD_Rom]
    .
    Scan : 12:08.51
    Path : C:\Documents and Settings\Fa\My Documents\Downloads\Rooter.exe
    User : Fa ( Administrator -> YES )
    .
    \\ Processes
    .
    Locked [System Process] (0)
    ______ System (4)
    ______ \SystemRoot\System32\smss.exe (432)
    ______ \??\C:\WINDOWS\system32\csrss.exe (480)
    ______ \??\C:\WINDOWS\system32\winlogon.exe (516)
    ______ C:\WINDOWS\system32\services.exe (564)
    ______ C:\WINDOWS\system32\lsass.exe (576)
    ______ C:\WINDOWS\system32\svchost.exe (716)
    ______ C:\WINDOWS\system32\svchost.exe (792)
    ______ C:\WINDOWS\System32\svchost.exe (836)
    ______ C:\WINDOWS\system32\svchost.exe (980)
    ______ C:\WINDOWS\system32\spoolsv.exe (1300)
    ______ C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (1664)
    ______ C:\WINDOWS\system32\CTsvcCDA.EXE (1700)
    ______ C:\Program Files\Java\jre6\bin\jqs.exe (1732)
    ______ C:\Program Files\LogMeIn\x86\RaMaint.exe (1784)
    ______ C:\Program Files\LogMeIn\x86\LogMeIn.exe (1900)
    ______ C:\PROGRA~1\AVG\AVG8\avgrsx.exe (1952)
    ______ C:\PROGRA~1\AVG\AVG8\avgnsx.exe (1964)
    ______ C:\Program Files\LogMeIn\x86\LMIGuardian.exe (448)
    ______ C:\Program Files\CDBurnerXP\NMSAccessU.exe (476)
    ______ C:\WINDOWS\system32\PnkBstrA.exe (504)
    ______ C:\WINDOWS\system32\svchost.exe (140)
    ______ C:\PROGRA~1\AVG\AVG8\avgemc.exe (732)
    ______ C:\Program Files\AVG\AVG8\avgcsrvx.exe (1192)
    ______ C:\WINDOWS\system32\WgaTray.exe (700)
    ______ C:\WINDOWS\Explorer.EXE (1168)
    ______ C:\WINDOWS\system32\igfxtray.exe (2096)
    ______ C:\WINDOWS\system32\hkcmd.exe (2144)
    ______ C:\WINDOWS\system32\svchost.exe (2192)
    ______ C:\WINDOWS\VistaDrive\VistaDrive.exe (2232)
    ______ C:\Program Files\Unlocker\UnlockerAssistant.exe (2264)
    ______ C:\Program Files\LClock\LClock.exe (2272)
    ______ C:\PROGRA~1\AVG\AVG8\avgtray.exe (2292)
    ______ C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (2304)
    ______ C:\WINDOWS\SOUNDMAN.EXE (2316)
    ______ C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe (2340)
    ______ C:\WINDOWS\System32\svchost.exe (2488)
    ______ C:\Program Files\Common Files\Real\Update_OB\realsched.exe (2500)
    ______ C:\Program Files\Google\Gmail Notifier\gnotify.exe (2512)
    ______ C:\WINDOWS\tsnp2std.exe (2588)
    ______ C:\WINDOWS\vsnp2std.exe (2664)
    ______ C:\Program Files\Java\jre6\bin\jusched.exe (2724)
    ______ C:\WINDOWS\system32\ctfmon.exe (2756)
    ______ C:\Program Files\LogMeIn\x86\LMIGuardian.exe (2764)
    ______ C:\Documents and Settings\Fa\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (2788)
    ______ C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe (2804)
    ______ C:\Program Files\Windows Live\Messenger\msnmsgr.exe (2852)
    ______ C:\Program Files\DNA\btdna.exe (3008)
    ______ C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe (3076)
    ______ C:\Program Files\Dodatki\Total CMA Pack\TOTALCMD.EXE (3228)
    ______ C:\Documents and Settings\Fa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (3220)
    ______ C:\Documents and Settings\Fa\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe (3316)
    ______ C:\WINDOWS\system32\wuauclt.exe (3832)
    ______ C:\Documents and Settings\Fa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (2120)
    ______ C:\Documents and Settings\Fa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (1100)
    ______ C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (3920)
    ______ C:\WINDOWS\system32\NOTEPAD.EXE (1736)
    ______ C:\Documents and Settings\Fa\My Documents\Downloads\Rooter.exe (3928)
    .
    \\ Device\Harddisk0\
    .
    \Device\Harddisk0 [Sectors : 63 x 512 Bytes]
    .
    \Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:32256 | Length:39999504384)
    .
    \\ Scheduled Tasks
    .
    \\ Registry
    .
    .
    \\ Files & Folders
    .
    \\ Scan completed at 12:09.50
    .
    C:\Rooter$\Rooter_2.txt - (15/08/2009 | 12:09.50)


    Thanks in advance guys


    HB


Comments

  • Closed Accounts Posts: 1,970 ✭✭✭ActorSeeksJob


    hi

    Please download DDS and save it to your desktop.
    • Disable any script blocking protection
    • Double click dds.pif to run the tool.
    • When done, two DDS.txts will open.
    • Save both reports to your desktop.


    Please include the contents of the following in your next reply:

    DDS.txt
    Attach.txt.


  • Registered Users, Registered Users 2 Posts: 1,536 ✭✭✭hamsterboy


    Cheers for the reply ActorSeeksJob

    Heres the DDS.txt

    DDS (Ver_09-07-30.01) - NTFSx86
    Run by Fa at 19:15:35.62 on 15/08/2009
    Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_13
    Microsoft Windows XP Professional 5.1.2600.2.1252.353.1033.18.1015.578 [GMT 1:00]


    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\LogMeIn\x86\RaMaint.exe
    C:\Program Files\LogMeIn\x86\LogMeIn.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\LogMeIn\x86\LMIGuardian.exe
    C:\Program Files\CDBurnerXP\NMSAccessU.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\igfxtray.exe
    svchost.exe
    C:\WINDOWS\VistaDrive\VistaDrive.exe
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Google\Gmail Notifier\gnotify.exe
    C:\WINDOWS\tsnp2std.exe
    C:\WINDOWS\vsnp2std.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\LogMeIn\x86\LMIGuardian.exe
    C:\Documents and Settings\Fa\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
    C:\Documents and Settings\Fa\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\Fa\Desktop\dds.pif
    C:\Documents and Settings\Fa\Desktop\dds.pif

    ============== Pseudo HJT Report ===============

    uStart Page = about:blank
    uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
    mWinlogon: SfcDisable=-99 (0xffffff9d)
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
    uRun: [Google Update] "c:\documents and settings\fa\local settings\application data\google\update\GoogleUpdate.exe" /c
    uRun: [Gadwin PrintScreen] c:\program files\gadwin systems\printscreen\PrintScreen.exe /nosplash
    uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    uRun: [Creative Detector U] "c:\program files\creative\mediasource5\CTDetctu.exe" /R
    uRun: [Total CMA Pack] c:\program files\dodatki\total cma pack\Total CMA Pack.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [VistaDrive] c:\windows\vistadrive\VistaDrive.exe
    mRun: [UnlockerAssistant] c:\program files\unlocker\UnlockerAssistant.exe -H
    mRun: [LClock] c:\program files\lclock\LClock.exe
    mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
    mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
    mRun: [SoundMan] SOUNDMAN.EXE
    mRun: [AudioDeck] c:\program files\via\viaudioi\sbadeck\ADeck.exe 1
    mRun: [NWEReboot]
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [BVRPLiveUpdate] c:\program files\avanquest update\engine\setup.exe -s /patch,/srcupdatec:\docume~1\alluse~1\applic~1\sonyer~1\sonyer~1\liveup~1\LISTOF~1.DAT
    mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
    mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\program files\google\gmail notifier\gnotify.exe
    mRun: [tsnp2std] c:\windows\tsnp2std.exe
    mRun: [snp2std] c:\windows\vsnp2std.exe
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
    dRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
    dRunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\device~1.lnk - c:\program files\olympus\devicedetector\DevDtct2.exe
    uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
    mPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
    mPolicies-explorer: HideRunAsVerb = 1 (0x1)
    mPolicies-system: SynchronousMachineGroupPolicy = 0 (0x0)
    mPolicies-system: SynchronousUserGroupPolicy = 0 (0x0)
    dPolicies-explorer: NoSMHelp = 1 (0x1)
    dPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
    Notify: avgrsstarter - avgrsstx.dll
    Notify: igfxcui - igfxsrvc.dll
    Notify: LMIinit - LMIinit.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll

    ================= FIREFOX ===================

    FF - ProfilePath -
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

    ============= SERVICES / DRIVERS ===============

    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-2-15 335752]
    R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-2-15 27784]
    R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-15 108552]
    R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-2-15 907032]
    R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-2-15 298776]
    R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2008-7-24 12856]
    R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2009-2-15 47640]
    S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2009-2-15 90536]
    S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2009-2-15 15016]
    S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2009-2-15 122152]
    S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2009-2-15 115496]
    S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2009-2-15 25768]
    S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2009-2-15 111912]
    S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2009-2-15 117672]
    S4 LMIRfsClientNP;LMIRfsClientNP; [x]

    =============== Created Last 30 ================

    2009-08-15 19:14 <DIR> --d-h--- c:\windows\PIF
    2009-08-15 11:54 <DIR> --d
    C:\Rooter$
    2009-08-15 11:50 <DIR> --d
    c:\program files\Trend Micro
    2009-08-13 20:34 114,688 a
    c:\windows\system32\OdiOlDVR.dll
    2009-08-13 20:34 86,016 a
    c:\windows\system32\STRDEVAPI.dll
    2009-08-13 20:34 53,248 a
    c:\windows\system32\OdiAPI.dll
    2009-08-13 20:18 73,728 a
    c:\windows\system32\VNUSB.dll
    2009-08-13 20:18 73,728 a
    c:\windows\system32\DW90USB.DLL
    2009-08-13 20:18 39,096 a
    c:\windows\system32\drivers\DW90USB.SYS
    2009-08-13 20:18 38,496 a
    c:\windows\system32\drivers\VNUSB.sys
    2009-08-13 20:02 <DIR> --d
    c:\program files\Olympus
    2009-08-12 03:07 <DIR> --d
    c:\windows\ServicePackFiles
    2009-08-12 00:02 80,896
    c:\windows\system32\dllcache\tlntsess.exe
    2009-08-12 00:02 76,288
    c:\windows\system32\dllcache\telnet.exe
    2009-08-12 00:02 134,144
    c:\windows\system32\dllcache\wkssvc.dll
    2009-08-12 00:02 84,992
    c:\windows\system32\dllcache\avifil32.dll
    2009-08-12 00:02 58,880
    c:\windows\system32\dllcache\atl.dll
    2009-08-12 00:02 204,800
    c:\windows\system32\dllcache\mswebdvd.dll
    2009-08-12 00:02 1,871,872
    c:\windows\system32\dllcache\mstscax.dll
    2009-08-12 00:01 128,512
    c:\windows\system32\dllcache\dhtmled.ocx
    2009-08-12 00:00 1,315,328
    c:\windows\system32\dllcache\msoe.dll
    2009-08-04 17:55 22 a
    c:\windows\popcinfot.dat
    2009-08-04 15:44 <DIR> --d
    C:\MAME32_v0.106_Arcade_Starter_Pack
    2009-08-02 18:39 <DIR> --d
    C:\Games
    2009-07-23 22:03 5,120 a--sh--- c:\windows\system32\Thumbs.db
    2009-07-22 22:49 <DIR> --d
    C:\Temp
    2009-07-22 22:48 <DIR> --d
    c:\docume~1\fa\applic~1\Thinstall

    ==================== Find3M ====================

    2009-08-05 10:11 204,800 a
    c:\windows\system32\mswebdvd.dll
    2009-07-18 21:30 3,069,440
    c:\windows\system32\dllcache\mshtml.dll
    2009-07-18 17:00 1,509,888
    c:\windows\system32\dllcache\shdocvw.dll
    2009-07-17 19:55 58,880 a
    c:\windows\system32\atl.dll
    2009-07-13 23:43 286,208 a
    c:\windows\system32\wmpdxm.dll
    2009-07-13 23:43 10,841,088
    c:\windows\system32\dllcache\wmp.dll
    2009-07-13 23:43 286,208
    c:\windows\system32\dllcache\wmpdxm.dll
    2009-07-07 18:12 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
    2009-07-07 18:12 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    2009-07-03 11:32 335,752 a
    c:\windows\system32\drivers\avgldx86.sys
    2009-06-25 20:00 11,952 a
    c:\windows\system32\avgrsstx.dll
    2009-06-22 12:40 18,432
    c:\windows\system32\dllcache\iedw.exe
    2009-06-16 15:45 119,808 a
    c:\windows\system32\t2embed.dll
    2009-06-16 15:45 81,920 a
    c:\windows\system32\fontsub.dll
    2009-06-16 15:45 119,808
    c:\windows\system32\dllcache\t2embed.dll
    2009-06-16 15:45 81,920
    c:\windows\system32\dllcache\fontsub.dll
    2009-06-12 12:50 76,288 a
    c:\windows\system32\telnet.exe
    2009-06-10 15:21 84,992 a
    c:\windows\system32\avifil32.dll
    2009-06-10 07:26 134,144 a
    c:\windows\system32\wkssvc.dll
    2009-06-09 16:06 1,871,872 a
    c:\windows\system32\mstscax.dll
    2009-06-03 20:27 1,290,752 a
    c:\windows\system32\quartz.dll
    2009-06-03 20:27 1,290,752
    c:\windows\system32\dllcache\quartz.dll
    2009-05-21 14:59 1,017,344 a
    c:\windows\system32\libeay32.dll
    2009-05-21 14:59 200,704 a
    c:\windows\system32\ssleay32.dll
    2009-04-11 17:50 281 a
    c:\program files\Local Disk (C).lnk
    2009-03-05 13:46 22,328 a
    c:\docume~1\fa\applic~1\PnkBstrK.sys

    ============= FINISH: 19:15:55.43 ===============



    and heres the Attach.txt

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_09-07-30.01)

    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 15/02/2009 09:40:18
    System Uptime: 15/08/2009 17:30:41 (2 hours ago)

    Motherboard: Uniwill | | 755II5
    Processor: Mobile Intel(R) Celeron(R) CPU 2.50GHz | CPU 1 | 2500/100mhz

    ==== Disk Partitions =========================

    D: is CDROM ()

    ==== Disabled Device Manager Items =============

    Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
    Description: PCI Modem
    Device ID: PCI\VEN_8086&DEV_24C6&SUBSYS_103C1734&REV_02\3&267A616A&0&FE
    Manufacturer:
    Name: PCI Modem
    PNP Device ID: PCI\VEN_8086&DEV_24C6&SUBSYS_103C1734&REV_02\3&267A616A&0&FE
    Service:

    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: Serial
    Device ID: ROOT\LEGACY_SERIAL\0000
    Manufacturer:
    Name: Serial
    PNP Device ID: ROOT\LEGACY_SERIAL\0000
    Service: Serial

    ==== System Restore Points ===================

    No restore point in system.

    ==== Installed Programs ======================

    2007 Microsoft Office Suite Service Pack 1 (SP1)
    7-Zip 4.65
    Acrobat.com
    Adobe AIR
    Adobe Flash Player 10 Plugin
    Adobe Photoshop Lightroom 2.2
    Adobe Reader 9.1
    Adobe Shockwave Player 11.5
    Apple Software Update
    µTorrent
    AutoUpdate
    Avanquest update
    AVG Free 8.5
    AviSplit Classic Version 1.43
    CCleaner (remove only)
    CDBurnerXP
    Choice Guard
    Cool Edit Pro 2.1
    Creative Jukebox Driver
    Creative MediaSource
    Critical Update for Windows Media Player 11 (KB959772)
    DivX Codec
    DivX Converter
    DivX Player
    DivX Version Checker
    DivX Web Player
    FastStone Image Viewer 3.6
    FilmOn HDi Player
    Free WMA to MP3 Converter 1.16
    Gadwin PrintScreen
    Google Chrome
    Google Gears
    Google Gmail Notifier
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Intel(R) Extreme Graphics Driver
    Java(TM) 6 Update 13
    Kel's CPL 24-in-One Bonus Pack!
    LogMeIn
    Magic ISO Maker v5.5 (build 0273)
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Professional Plus 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Software Update for Web Folders (English) 12
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Mozilla Firefox (3.0.9)
    Mp3tag v2.43
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 6 Service Pack 2 (KB954459)
    MusicBrainz Picard 0.10
    MyPhoneExplorer
    Olympus Digital Wave Player
    OpenSource AVI Splitter (remove only)
    Platform
    Poster Forge 1.02
    PPMate Network TV 2.0.0.41
    PunkBuster Services
    Quake Live Mozilla Plugin
    Quick AVI Splitter v2.0
    QuickTime
    RAD Video Tools
    RealPlayer
    Realtek AC'97 Audio
    Security Update for 2007 Microsoft Office System (KB951550)
    Security Update for 2007 Microsoft Office System (KB951944)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB969679)
    Security Update for Microsoft Office Excel 2007 (KB969682)
    Security Update for Microsoft Office PowerPoint 2007 (KB957789)
    Security Update for Microsoft Office Publisher 2007 (KB969693)
    Security Update for Microsoft Office system 2007 (KB954326)
    Security Update for Microsoft Office system 2007 (KB969613)
    Security Update for Microsoft Office Word 2007 (KB969604)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958215)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960714)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB963027)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969897)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972260)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Segoe UI
    Sony Ericsson PC Suite 4.010.00
    SopCast 3.0.3
    Total CMA Pack 0.43 (public)
    TVAnts 1.0
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office Outlook 2007 (KB969907)
    Update for Outlook 2007 Junk Email Filter (kb972691)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB961503)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB973815)
    USB2.0 PC Camera (SN9C201&202)
    VC80CRTRedist - 8.0.50727.762
    VIA Platform Device Manager
    Vista Drive Indicator!
    VLC media player 0.9.2
    Winamp
    Windows Genuine Advantage Notifications (KB905474)
    Windows Imaging Component
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Messenger
    Windows Live Sign-in Assistant
    Windows Live Upload Tool
    WinRAR archiver

    ==== Event Viewer Messages From Past Week ========

    15/08/2009 11:26:53, error: Service Control Manager [7034] - The PnkBstrA service terminated unexpectedly. It has done this 1 time(s).
    15/08/2009 11:26:50, error: Service Control Manager [7034] - The NMSAccessU service terminated unexpectedly. It has done this 1 time(s).
    15/08/2009 11:26:49, error: Service Control Manager [7034] - The LogMeIn service terminated unexpectedly. It has done this 1 time(s).
    15/08/2009 11:26:47, error: Service Control Manager [7034] - The LogMeIn Maintenance Service service terminated unexpectedly. It has done this 1 time(s).
    15/08/2009 11:26:47, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
    15/08/2009 11:26:47, error: Service Control Manager [7034] - The Creative Service for CDROM Access service terminated unexpectedly. It has done this 1 time(s).
    15/08/2009 11:26:47, error: Service Control Manager [7031] - The AVG Free8 WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
    11/08/2009 17:57:14, error: Application Popup [877] - There was error [DATABASE OPEN FAILED] processing the driver database.
    11/08/2009 17:57:14, error: Application Popup [877] - There was error [DATABASE NOT LOADED] processing the driver database.

    ==== End Of File ===========================


    Cheers Again

    HB


  • Closed Accounts Posts: 1,970 ✭✭✭ActorSeeksJob


    hi

    Download TFC to your desktop
    • Open the file and close any other windows.
    • It will close all programs itself when run, make sure to let it run uninterrupted.
    • Click the Start button to begin the process. The program should not take long to finish its job
    • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean




    Please download Malwarebytes' Anti-Malware from Here

    Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Quick Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.
    Extra Note:
    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.






    Go to Kaspersky website and perform an online antivirus scan.
    1. Read through the requirements and privacy statement and click on Accept button.
    2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
    3. When the downloads have finished, click on Settings.
    4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
        Spyware, Adware, Dialers, and other potentially dangerous programs
        Archives
        Mail databases
      [*]Click on My Computer under Scan.
      [*]Once the scan is complete, it will display the results. Click on View Scan Report.
      [*]You will see a list of infected items there. Click on Save Report As....
      [*]Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.


    Advertisement