Problems with my other computer

Page 1 of 2 1, 2  Next

View previous topic View next topic Go down

Solved Problems with my other computer

Post by spacephrawgg on 5th February 2009, 4:23 pm

I'm not sure how I contracted the problem(s);

I just removed all things viewpoint (i am in safe mode btw) but my computer runs awfully slowly still.

I have Macafee, which chronically refuses to a) run, and b) find anything ever. I'm about to uninstall ad-aware because as I recently found on another computer, it slows everything down.

I have yet to install spyware doctor and will shortly.

Can you advise? Thanks awfully much (again) 8D!

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 5th February 2009, 4:50 pm

Need a HJT log please.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 5th February 2009, 5:09 pm

Please remind me how I get/make an HJT log.

Also, FF keeps crashing every so often for no reason.

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 5th February 2009, 5:11 pm

You are running an old version of Hijack This, and we need to use the new version before we can do anything else.

Please download the current version of HijackThis from [You must be registered and logged in to see this link.]

  • Double click and run the installer.
  • It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  • After installing, you should get the user agreement, press accept and Hijack This will run.
  • Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 5th February 2009, 6:38 pm

The link you gave doesnt work 8>(

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 5th February 2009, 7:03 pm

A rootkit is blocking it, so lets do a rootkit scan.

1. Please download The Avenger by Swandog46 to your Desktop
Link: [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.].

  • Click on Avenger.zip to open the file
  • Extract avenger.exe to your desktop

2. Now, start The Avenger program by clicking on its icon on your desktop.

  • Leave the script box empty.
  • Leave the ticked box "Scan for rootkit" ticked.
  • Then tick "Disable any rootkits found"
  • Now click on the Execute to begin execution of the script.
  • Answer "Yes" twice when prompted.

    The Avenger will automatically do the following:

  • It will Restart your computer.
  • On reboot, it will briefly open a black command window on your desktop, this is normal.
  • After the restart, it creates a log file that should open with the results of Avengerís actions. This log file will be located at C:\avenger.txt
  • The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
3. Please copy/paste the content of c:\avenger.txt into your reply.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 6th February 2009, 4:46 am

I am unable to connect to either recommended link.

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 6th February 2009, 4:54 am

Sorry for the double post - I should also point out that my McAfee thing is giving me trouble too. I have McAfee site advisor installed and it keeps giving me this popup that says it's been updated and it asks if I want to make Yahoo my default search tool, and "enable [something or other]" and something else and if i click "finish" at the bottom, it crashes FF, so I X out of it but then it opens a brand new FF window opening to the FF/google start page. On my other computer I have Norton and don't have these problems. Is this a bug or is McAfee crap?

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 6th February 2009, 4:58 pm

Don't know, but we need to get the avenger on your machine.
Can you get the avenger from here?
[You must be registered and logged in to see this link.]


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 7th February 2009, 12:59 am

Correction, I did get it to work. I will post the log file shortly.

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 7th February 2009, 1:04 am

Okay, standing by. Smile


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 7th February 2009, 5:12 pm

I think this is what you asked for:

Logfile of The Avenger Version 2.0, (c) by Swandog46
[You must be registered and logged in to see this link.]

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.

Hidden driver "TDSSserv.sys" found!
ImagePath: \systemroot\system32\drivers\TDSSmxst.sys
Driver disabled successfully.

Rootkit scan completed.


Completed script processing.

*******************

Finished! Terminate.

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 7th February 2009, 5:25 pm

Hello.
We need to use the avenger again to kill the rootkit.

2. Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+CCrying


Drivers to delete:
TDSSserv.sys

Files to delete:
C:\WINDOWS\system32\drivers\TDSSmxst.sys

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.


3. Now, start The Avenger program by clicking on its icon on your desktop.

  • Under "Input script here:", paste in the script from the quote box above.
  • Leave the ticked box "Scan for rootkit" ticked.
  • Then tick "Disable any rootkits found"
  • Now click on the Execute to begin execution of the script.
  • Answer "Yes" twice when prompted.

    The Avenger will automatically do the following:

  • It will Restart your computer.
  • On reboot, it will briefly open a black command window on your desktop, this is normal.
  • After the restart, it creates a log file that should open with the results of Avengerís actions. This log file will be located at C:\avenger.txt
  • The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
4. Please copy/paste the content of c:\avenger.txt into your reply.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 7th February 2009, 6:34 pm

Here's the log file:

Logfile of The Avenger Version 2.0, (c) by Swandog46
[You must be registered and logged in to see this link.]

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Driver "TDSSserv.sys" deleted successfully.

Error: file "C:\WINDOWS\system32\drivers\TDSSmxst.sys" not found!
Deletion of file "C:\WINDOWS\system32\drivers\TDSSmxst.sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Completed script processing.

*******************

Finished! Terminate.






Also simultaneously. McAfee periodically tells me it has found and blocked this "virando" trojan (not sure if that's the real name of it.)

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 7th February 2009, 6:43 pm

It's okay, now the rootkit is gone and files are unconvered, Mcafee will go crazy.

Please don't let Mcafee delete anything or do anything for us, I will do it all, this way I know where we stand and if any files remain.

  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
  • Double click DDS.scr to run
  • When complete, DDS.txt will open.
  • Save the report to your Desktop.
  • Copy and paste DDS.txt back here, I don't need to see attach.txt.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 7th February 2009, 6:52 pm

McAffee won't stop reporting that vundo.gen.ab trojan and wont allow me to stop McAffee itself.

Meanwhile, here's the DDS log file, in a few parts:

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.335 [GMT -5:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated)
FW: McAfee Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Clamware\ClamWin\bin\ClamTray.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\LxrJD31s.exe
C:\Documents and Settings\Jon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\AIM6\aolsoftware.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\dds.com
C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = about:blank
uSearch Page = [You must be registered and logged in to see this link.]
mSearch Bar = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = [You must be registered and logged in to see this link.]
uURLSearchHooks: AOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol\aol toolbar 3.1\aoltb.dll
uURLSearchHooks: H - No File
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn1\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn1\yt.dll
BHO: NoExplorer - No File
BHO: SpywareGuardDLBLOCK.CBrowserHelper: {4a368e80-174f-4872-96b5-0b27ddd11db2} - c:\program files\spywareguard\dlprotect.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Super Ad Blocker Toolbar: {b4b3001e-0f56-4e51-8250-bde11547ec55} - c:\program files\superadblocker.com\super ad blocker\sabtb.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn1\yt.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aol toolbar 3.1\aoltb.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [DW4]
uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US [You must be registered and logged in to see this link.]
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
uRun: [Google Update] "c:\documents and settings\jon\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [Dell Wireless Manager UI] c:\windows\system32\WLTRAY
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe
mRun: [ClamWin] "c:\program files\clamware\clamwin\bin\ClamTray.exe" --logon
mRun: [PCMService] "c:\program files\dell\media experience\PCMService.exe"
mRun: [mcagent_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey
mRun: [Sunkist2k] c:\program files\multimedia card reader\shwicon2k.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
dRun: [Spyware Doctor]
StartupFolder: c:\docume~1\jon\startm~1\programs\startup\spywar~1.lnk - c:\program files\spywareguard\sgmain.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\americ~1.lnk - c:\program files\america online 9.0\aoltray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
uPolicies-system: DisableRegistryTools = 1 (0x1)
IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.1\resources\en-us\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - [You must be registered and logged in to see this link.]
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
IE: {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - {A1EDC4A1-940F-48E0-8DFD-E38F1D501021} - c:\progra~1\spywar~1\tools\iesdpb.dll
IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 3.1\aoltb.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - [You must be registered and logged in to see this link.]

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 7th February 2009, 6:53 pm

more:

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - [You must be registered and logged in to see this link.]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
DPF: {B49C4597-8721-4789-9250-315DFBD9F525} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [You must be registered and logged in to see this link.]
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - [You must be registered and logged in to see this link.]
Handler: junomsg - {C4D10830-379D-11d4-9B2D-00C04F1579A5} - c:\program files\juno\bin\jmsgpph.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: SABWinLogon - c:\program files\superadblocker.com\super ad blocker\SABWINLO.DLL
Notify: __c00D99BF - c:\windows\system32\__c00D99BF.dat
AppInit_DLLs: agckiu.dll xmjisw.dll ghekwx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
STS: c:\windows\system32\tyshb36rfjdf.dll: {d5bf49a2-94f1-42bd-f434-3604812c807d} - c:\windows\system32\tyshb36rfjdf.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll
SEH: SpywareGuard.Handler: {81559c35-8464-49f7-bb0e-07a383bef910} - c:\program files\spywareguard\spywareguard.dll
LSA: Authentication Packages = msv1_0 c:\windows\system32\fcccaXno

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\jon\applic~1\mozilla\firefox\profiles\viz2txmf.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\program files\mozilla firefox\components\SABFF.DLL
FF - plugin: c:\documents and settings\jon\local settings\application data\google\update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPMGWRAP.DLL
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPMySrWB.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDFE0BD779-44EE-4A4B-AA2E-743C63F2E5E6", "AllAccess");

============= SERVICES / DRIVERS ===============

R1 ikhfile;File Security Kernel Anti-Spyware Driver;c:\windows\system32\drivers\ikhfile.sys [2006-5-9 30592]
R1 ikhlayer;Kernel Anti-Spyware Driver;c:\windows\system32\drivers\ikhlayer.sys [2006-1-12 51072]
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2007-8-6 201320]
R1 SABDIFSV;SABDIFSV;c:\program files\superadblocker.com\super ad blocker\SABDIFSV.SYS [2005-10-10 5632]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2008-9-5 206096]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2007-8-6 79304]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2007-8-6 35240]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2007-8-6 40488]
S2 0100511233898305mcinstcleanup;McAfee Application Installer Cleanup (0100511233898305);c:\windows\temp\010051~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service --> c:\windows\temp\010051~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2007-8-6 33832]
S3 PWIPENUM;PWIPENUM;\??\c:\program files\panicware\pop-up stopper anti-spyware\pwipenum.sys --> c:\program files\panicware\pop-up stopper anti-spyware\PWIPENUM.SYS [?]

=============== Created Last 30 ================

2009-02-07 13:51 368,961 a------- c:\program files\dds.com
2009-02-07 13:50 --d----- c:\program files\SpywareGuard
2009-02-07 13:49 2,062,665 a------- c:\program files\spywareguardsetup.exe
2009-02-07 13:45 --d----- c:\program files\Spybot - Search & Destroy
2009-02-07 13:45 --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-02-07 13:43 --d----- c:\program files\New Folder (2)
2009-02-05 11:49 --d----- c:\program files\Stopzilla
2009-02-05 09:45 1,557,715 ---sh--- c:\windows\system32\ckendvjc.ini
2009-02-05 09:44 129,024 a------- c:\windows\system32\fhwlblpo.dll

==================== Find3M ====================

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 7th February 2009, 6:53 pm

2009-02-06 09:16 460,099 a--sh--- c:\windows\system32\onXacccf.ini2
2009-02-05 10:29 2,710 a------- c:\windows\system32\TDSSdbcj.dll
2008-12-27 22:24 129,024 a------- c:\windows\system32\oudbmbpe.dll
2008-12-23 21:15 129,024 a------- c:\windows\system32\yarpycxp.dll
2008-12-20 18:21 129,024 a------- c:\windows\system32\umoyfple.dll
2008-12-20 18:21 129,024 a------- c:\windows\system32\lhutzn.dll
2008-12-19 10:11 129,024 a------- c:\windows\system32\pozccr.dll
2008-12-19 10:11 129,024 a------- c:\windows\system32\ktyrvmul.dll
2008-12-13 01:40 3,593,216 a------- c:\windows\system32\dllcache\mshtml.dll
2008-07-18 06:24 3,518,422 a------- c:\program files\flvplayer_setup.exe
2008-06-30 04:16 23,510,720 a------- c:\program files\dotnetfx.exe
2008-06-30 04:15 1,427,520 a------- c:\program files\Silverlight.exe
2008-04-06 03:12 1,565,191 a------- c:\program files\AntiSpywareDeluxeSetup.exe
2008-02-27 08:28 1,491,592 a------- c:\program files\install_flash_player.exe
2008-01-28 06:45 25,755,448 a------- c:\program files\wmp11-windowsxp-x86-enu.exe
2008-01-02 19:25 6,876,336 a------- c:\program files\RecoverMyFiles-Setup.exe
2007-04-12 01:45 9,453,630 a------- c:\program files\vlc-0.8.6a-win32.exe
2007-02-26 23:23 3,782,589 a------- c:\program files\LastFM_Win_1.1.3.0.exe
2007-02-26 06:00 3,537,447 a------- c:\program files\MP3Rocket-Win.exe
2007-02-19 02:16 3,428,033 a------- c:\program files\iMP3Tunes-Win.exe
2006-11-26 21:35 5,669,872 a------- c:\program files\wpsetup.exe
2006-11-25 21:33 3,789,316 a------- c:\program files\netpumper-1.25.1-setup-NP_0210.exe
2006-10-14 21:42 8,799,656 a------- c:\program files\Azureus_2.5.0.0_Win32.setup.exe
2006-10-14 21:37 8,963,034 a------- c:\program files\Azureus_2.5.0.0_OSX.dmg
2005-11-22 01:21 1,508 a------- c:\program files\uninstal.log
2005-09-05 14:16 353,888 a------- c:\program files\LimeWireWin.exe
2005-08-24 23:04 488,032 a------- c:\program files\PopUpStopper.exe
2005-08-24 23:00 4,436,776 a------- c:\program files\SuperAdBlocker.exe
2005-08-23 22:53 22,040,920 a------- c:\program files\iTunesSetup.exe
2005-08-23 19:27 2,855,080 a------- c:\program files\aawsepersonal.exe
2005-08-23 14:02 323,072 a------- c:\program files\ScreenShotSetup.msi
2002-05-21 10:00 1,362 a----r-- c:\program files\ReadMe.txt
2008-10-07 09:18 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008100720081008\index.dat

============= FINISH: 13:56:02.06 ===============

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 7th February 2009, 7:01 pm

Hello.
Please close Mcafee, right click the M icon in the tray > exit it.

Please download the [You must be registered and logged in to see this link.].

  • Save it to your desktop.
  • Please double-click OTMoveIt3.exe to run it.
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose CopyCrying


    :services
    0100511233898305mcinstcleanup

    :files
    c:\windows\system32\ckendvjc.ini
    c:\windows\system32\fhwlblpo.dll
    c:\windows\system32\onXacccf.ini2
    c:\windows\system32\TDSSdbcj.dll
    c:\windows\system32\oudbmbpe.dll
    c:\windows\system32\yarpycxp.dll
    c:\windows\system32\umoyfple.dll
    c:\windows\system32\lhutzn.dll
    c:\windows\system32\pozccr.dll
    c:\windows\system32\ktyrvmul.dll
    c:\windows\system32\__c00D99BF.dat
    c:\program files\netpumper-1.25.1-setup-NP_0210.exe

    :reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00D99BF]
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"=""
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    "Authentication Packages"=hex(7):6d,73,76,31,5f,30,00,00

    :commands
    [purity]
    [emptytemp]
    [reboot]


  • Return to OTMoveIt3, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt3
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 8th February 2009, 2:53 am

Here's the OTmoveit log:

========== SERVICES/DRIVERS ==========
Service 0100511233898305mcinstcleanup stopped successfully.
Service 0100511233898305mcinstcleanup deleted successfully.
========== FILES ==========
File/Folder c:\windows\system32\ckendvjc.ini not found.
File/Folder c:\windows\system32\fhwlblpo.dll not found.
c:\windows\system32\onXacccf.ini2 moved successfully.
LoadLibrary failed for c:\windows\system32\TDSSdbcj.dll
c:\windows\system32\TDSSdbcj.dll NOT unregistered.
c:\windows\system32\TDSSdbcj.dll moved successfully.
File/Folder c:\windows\system32\oudbmbpe.dll not found.
File/Folder c:\windows\system32\yarpycxp.dll not found.
File/Folder c:\windows\system32\umoyfple.dll not found.
File/Folder c:\windows\system32\lhutzn.dll not found.
File/Folder c:\windows\system32\pozccr.dll not found.
File/Folder c:\windows\system32\ktyrvmul.dll not found.
File/Folder c:\windows\system32\__c00D99BF.dat not found.
c:\program files\netpumper-1.25.1-setup-NP_0210.exe moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00D99BF\\ deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLs"|"" /E : value set successfully!
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa\\"Authentication Packages"|hex(7):6d,73,76,31,5f,30,00,00 /E : value set successfully!
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Jon\LOCALS~1\Temp\ClamWin1.log scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Jon\LOCALS~1\Temp\etilqs_d0quQVqmcd1O7z0SWG6U scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Jon\LOCALS~1\Temp\Perflib_Perfdata_17f8.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Jon\LOCALS~1\Temp\~DF7054.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Jon\LOCALS~1\Temp\~DF721F.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Jon\LOCALS~1\Temp\~DFA39A.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Jon\LOCALS~1\Temp\~DFAB5C.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Jon\LOCALS~1\Temp\~DFB1AF.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Jon\LOCALS~1\Temp\~DFC79A.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Jon\LOCALS~1\Temp\~DFD1A5.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\mcafee_QhdTL9GkGdi1w4b scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_8gNFeiTUpdpQv9b scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_gStGgahzpNJAa5c scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_NZFahAu9d1iNZS7 scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_q3BTM2fdSNjaDFO scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mcmsc_sBeAV5xecoF1bWT scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_a90.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_glrnKUKtmhk4xIO scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_pGoLMYPGAA999Sx scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\sqlite_sojw5wgGwASnMeP scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\WFV16.tmp scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Jon\Local Settings\Application Data\Mozilla\Firefox\Profiles\viz2txmf.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Jon\Local Settings\Application Data\Mozilla\Firefox\Profiles\viz2txmf.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Jon\Local Settings\Application Data\Mozilla\Firefox\Profiles\viz2txmf.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Jon\Local Settings\Application Data\Mozilla\Firefox\Profiles\viz2txmf.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Jon\Local Settings\Application Data\Mozilla\Firefox\Profiles\viz2txmf.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02072009_143227

Files moved on Reboot...
C:\DOCUME~1\Jon\LOCALS~1\Temp\ClamWin1.log moved successfully.
File C:\DOCUME~1\Jon\LOCALS~1\Temp\etilqs_d0quQVqmcd1O7z0SWG6U not found!
File C:\DOCUME~1\Jon\LOCALS~1\Temp\Perflib_Perfdata_17f8.dat not found!
File C:\DOCUME~1\Jon\LOCALS~1\Temp\~DF7054.tmp not found!
C:\DOCUME~1\Jon\LOCALS~1\Temp\~DF721F.tmp moved successfully.
File C:\DOCUME~1\Jon\LOCALS~1\Temp\~DFA39A.tmp not found!
C:\DOCUME~1\Jon\LOCALS~1\Temp\~DFAB5C.tmp moved successfully.
File C:\DOCUME~1\Jon\LOCALS~1\Temp\~DFB1AF.tmp not found!
File C:\DOCUME~1\Jon\LOCALS~1\Temp\~DFC79A.tmp not found!
File C:\DOCUME~1\Jon\LOCALS~1\Temp\~DFD1A5.tmp not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
C:\WINDOWS\temp\mcafee_QhdTL9GkGdi1w4b moved successfully.
C:\WINDOWS\temp\mcmsc_8gNFeiTUpdpQv9b moved successfully.
File C:\WINDOWS\temp\mcmsc_gStGgahzpNJAa5c not found!
File C:\WINDOWS\temp\mcmsc_NZFahAu9d1iNZS7 not found!
File C:\WINDOWS\temp\mcmsc_q3BTM2fdSNjaDFO not found!
File C:\WINDOWS\temp\mcmsc_sBeAV5xecoF1bWT not found!
C:\WINDOWS\temp\Perflib_Perfdata_a90.dat moved successfully.
C:\WINDOWS\temp\sqlite_glrnKUKtmhk4xIO moved successfully.
C:\WINDOWS\temp\sqlite_pGoLMYPGAA999Sx moved successfully.
C:\WINDOWS\temp\sqlite_sojw5wgGwASnMeP moved successfully.
File C:\WINDOWS\temp\WFV16.tmp not found!
C:\Documents and Settings\Jon\Local Settings\Application Data\Mozilla\Firefox\Profiles\viz2txmf.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Jon\Local Settings\Application Data\Mozilla\Firefox\Profiles\viz2txmf.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Jon\Local Settings\Application Data\Mozilla\Firefox\Profiles\viz2txmf.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Jon\Local Settings\Application Data\Mozilla\Firefox\Profiles\viz2txmf.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Jon\Local Settings\Application Data\Mozilla\Firefox\Profiles\viz2txmf.default\urlclassifier3.sqlite moved successfully.

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 8th February 2009, 3:10 am

A minute ago I was attempting to look at something in another tab in FF and the thing crashed on me without warning. Just thought I'd mention.

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 8th February 2009, 3:08 pm

What version of Firefox are you using?
Try re-installing it.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 8th February 2009, 3:43 pm

I just updated FF to the latest version and still have the funny McAffee problem.

As for the scan reports, what now?

Thanks again!

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 8th February 2009, 3:44 pm

Please run DDS again, I think there maybe a leftover.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 8th February 2009, 4:00 pm

By DDS you mean avenger?

Btw I ran spybot and it found among other things, three trojans. I anticipated that you would want me not to delete anything without hte proper scans so I did nothing about it.

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 8th February 2009, 4:04 pm

Where did Spybot find these trojans?
Can you post the Spybot report.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 8th February 2009, 4:30 pm

I lost the old report because I had to reboot. How do I get a text version of the report?

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 8th February 2009, 4:35 pm

Okay, nevermind.
Allow Spybot to fix the items, they may just be leftovers, let me know if they come back.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 8th February 2009, 4:49 pm

I will try to transcribe the listed items:

ad revolver (23 browser items)
anti-leech (6 entries, adware)
antispyware master (1 entry, malware)
bluestreak (1 browser entry)
burst media (7 entries, browser)
casalemedia (11 entries, browser)
CID.IE.Pop (2 entries, trojans)
doubleclick (2 entries browser)
fastclick (9 entries, browser)
hitslink (1 entry, browser)
irc.crt (1 entry, trojan)
mediaplex (8 entries browser)
microsoft.windowssecuritycenter.registrytools. (1 entry, security center)
netpumper (3 entries adware)
PWS.LDpinchIE (1 entry trojan)
Right Media (2 entries browser)
smitfraud-C. (1 entry malware)
Statcounter (52 entries browser)
virtumonde (2 entries, trojan)
virtumonde.sci (1 entry trojan)
Win32.agent.ammy (1 entry, trojan)
win32.TDSS.rtk (8 entries trojan)
zedo (7 entries, browser)


I am concerned about it "fixing" the windows security center thing despite the fact that it was giving me trouble. What do I do?

Also can i safely get out of safe mode now?


Last edited by spacephrawgg on 8th February 2009, 4:50 pm; edited 1 time in total (Reason for editing : thought of something else to say)

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 8th February 2009, 4:51 pm

Run DDS again.

You saved DDS here:
C:\Program Files\DDS.com


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 8th February 2009, 4:57 pm

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-02-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 8/8/2005 11:45:55 PM
System Uptime: 2/8/2009 10:46:37 AM (2 hours ago)

Motherboard: Dell Inc. | |
Processor: Intel(R) Pentium(R) M processor 2.00GHz | Microprocessor | 1994/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 71 GiB total, 6.35 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP788: 12/18/2008 9:58:01 AM - Software Distribution Service 3.0
RP789: 12/18/2008 9:58:01 AM - Software Distribution Service 3.0
RP790: 12/18/2008 9:58:03 AM - Software Distribution Service 3.0
RP791: 12/18/2008 9:58:10 AM - Software Distribution Service 3.0
RP792: 12/18/2008 9:58:10 AM - Software Distribution Service 3.0
RP793: 12/18/2008 9:58:10 AM - System Checkpoint
RP794: 12/18/2008 9:58:15 AM - Software Distribution Service 3.0
RP795: 12/18/2008 9:58:15 AM - System Checkpoint
RP796: 12/18/2008 9:58:16 AM - Software Distribution Service 3.0
RP797: 12/18/2008 9:58:17 AM - System Checkpoint
RP798: 12/18/2008 9:58:18 AM - Removed QuickTime
RP799: 12/18/2008 9:58:18 AM - Installed QuickTime
RP800: 12/18/2008 9:58:19 AM - System Checkpoint
RP801: 12/18/2008 9:58:19 AM - System Checkpoint
RP802: 12/18/2008 9:58:20 AM - System Checkpoint
RP803: 12/18/2008 9:58:21 AM - System Checkpoint
RP804: 12/18/2008 9:58:22 AM - System Checkpoint
RP805: 12/18/2008 9:58:23 AM - Software Distribution Service 3.0
RP806: 12/18/2008 9:58:23 AM - Software Distribution Service 3.0
RP807: 12/18/2008 9:58:38 AM - Last known good configuration
RP808: 2/6/2009 3:08:52 AM - System Checkpoint
RP809: 2/7/2009 3:19:27 AM - System Checkpoint
RP810: 2/7/2009 10:38:19 PM - Removed Ad-Aware

==== Installed Programs ======================

6300
6300_Help
6300Trb
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Reader 7.0.9
AIM 6
AiO_Scan_CDA
AiOSoftwareNPI
ALPS Touch Pad Driver
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Connectivity Services
AOL Instant Messenger
AOL Uninstaller (Choose which Products to Remove)
AOLIcon
Apple Mobile Device Support
Apple Software Update
ATI Control Panel
ATI Display Driver
AutoUpdate
Azureus
BitTorrent
Blender (remove only)
Bonjour
Broadcom Management Programs 2
BufferChm
Business Contact Manager for Outlook 2003
CiD Help
ClamWin Free Antivirus 0.91.2
Conexant D110 MDC V.9x Modem
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
cp_PosterPrintConfig
CueTour
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Media Experience
Dell Picture Studio v3.0
Dell System Restore
Dell Wireless WLAN Card
DellSupport
Destinations
DeviceFunctionQFolder
DeviceManagementQFolder
Digital Line Detect
DivX
DivX Player
DivX Web Player
DNA
DocProc
DocumentViewer
DocumentViewerQFolder
EarthLink setup files
eSupportQFolder
Fax_CDA
FLV Player 2.0, build 24
FullDPAppQFolder
GdiplusUpgrade
Get High Speed Internet!
Google Chrome
Google Earth
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HP Document Viewer 6.1
HP Imaging Device Functions 6.1
HP Photosmart Premier Software 6.1
HP PSC & OfficeJet 6.1.A
HP Solution Center and Imaging Support Tools 6.1
HP Update
HPProductAssistant
InstantShareDevices
Internal Network Card Power Management
Internet Explorer Default Page
iTunes
J2SE Runtime Environment 5.0 Update 4
J2SE Runtime Environment 5.0 Update 6
Jasc Paint Shop Photo Album 5
Jasc Paint Shop Pro Studio, Dell Editon
Jasc Paint Shop Pro Studio.01 , Dell Edition 1.0.1.1 Patch
Java 2 Runtime Environment, SE v1.4.2_03
Java(TM) SE Runtime Environment 6 Update 1
JD Secure 3.1
Juno
Last.fm 1.3.1.1
Learn2 Player (Uninstall Only)
LEGO Digital Designer
LimeWire 4.18.8
Linksys PrintServer Driver
Macromedia Shockwave Player
McAfee SecurityCenter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Small Business Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
MobileMe Control Panel
Modem Helper
Mozilla Firefox (3.0.6)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Multimedia Card Reader
Musicmatch for Windows Media Player
My Way Search Assistant
NetWaiting
NetZeroInstallers
NewCopy_CDA
PanoStandAlone
PhotoGallery
PhotoShow Express
Plaxo Toolbar for Outlook (with AIM Enhancements)
Pop-Up Stopper Free Edition
PowerDVD 5.5
ProductContextNPI
Qualxserve Service Agreement
QuickBooks Simple Start Edition
QuickSet
QuickTime
RandMap
Readme
RealPlayer
Recover My Files
Safari
Scan
ScannerCopy
ScreenShotSetup
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
SkinsHP1
SolutionCenter
Sonic Audio module
Sonic Copy Module
Sonic DLA
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Data
Sonic Update Manager
Sonic_PrimoSDK
Spybot - Search & Destroy
SpywareGuard v2.2
Status
The Weather Channel Desktop 6
Toolbox
TrayApp
Trillian
Unload
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
VectorVest Online
VideoLAN VLC media player 0.8.6a
Weather Services
WeatherBug
WeatherBug Browser Bar - powered by MyWebSearch
WebCyberCoach 3.2 Dell
WebFldrs XP
WebReg
Windows Defender
Windows Defender Signatures
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows XP Service Pack 3
Wings 3D 0.98.36
WinPatrol
WinRAR archiver
Yahoo! Messenger
Yahoo! Toolbar
ZyGoVideo 2.0

==== Event Viewer Messages From Past Week ========

2/5/2009 11:46:53 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
2/5/2009 11:33:45 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
2/5/2009 11:24:35 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
2/5/2009 10:31:04 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service McNASvc with arguments "" in order to run the server: {24F616A1-B755-4053-8018-C3425DC8B68A}
2/5/2009 10:29:51 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/5/2009 10:29:49 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: APPDRV Fips intelppm mfehidk SABDIFSV
2/5/2009 9:43:30 AM, error: Service Control Manager [7000] - The Viewpoint Manager Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/5/2009 9:43:30 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Viewpoint Manager Service service to connect.
2/5/2009 9:43:30 AM, error: Service Control Manager [7000] - The ASCTRM service failed to start due to the following error: The system cannot find the file specified.
2/6/2009 12:25:22 AM, error: Service Control Manager [7000] - The Viewpoint Manager Service service failed to start due to the following error: The system cannot find the path specified.
2/6/2009 12:25:22 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: IntelIde

==== End Of File ===========================

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 8th February 2009, 5:01 pm

Hello.
That is attach.txt, please post DDS.txt


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 8th February 2009, 5:05 pm

DDS (Ver_09-02-01.01) - NTFSx86 NETWORK
Run by Jon at 12:02:19.46 on Sun 02/08/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_01
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.576 [GMT -5:00]

AV: McAfee VirusScan *On-access scanning disabled* (Updated)
FW: McAfee Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ctfmon.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\dds.com

============== Pseudo HJT Report ===============

uStart Page = about:blank
uSearch Page = [You must be registered and logged in to see this link.]
mSearch Bar = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = [You must be registered and logged in to see this link.]
uURLSearchHooks: AOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol\aol toolbar 3.1\aoltb.dll
uURLSearchHooks: H - No File
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn1\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn1\yt.dll
BHO: NoExplorer - No File
BHO: SpywareGuardDLBLOCK.CBrowserHelper: {4a368e80-174f-4872-96b5-0b27ddd11db2} - c:\program files\spywareguard\dlprotect.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Super Ad Blocker Toolbar: {b4b3001e-0f56-4e51-8250-bde11547ec55} - c:\program files\superadblocker.com\super ad blocker\sabtb.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn1\yt.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aol toolbar 3.1\aoltb.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US [You must be registered and logged in to see this link.]
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
uRun: [Google Update] "c:\documents and settings\jon\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [Dell Wireless Manager UI] c:\windows\system32\WLTRAY
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe
mRun: [ClamWin] "c:\program files\clamware\clamwin\bin\ClamTray.exe" --logon
mRun: [PCMService] "c:\program files\dell\media experience\PCMService.exe"
mRun: [mcagent_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey
mRun: [Sunkist2k] c:\program files\multimedia card reader\shwicon2k.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\docume~1\jon\startm~1\programs\startup\spywar~1.lnk - c:\program files\spywareguard\sgmain.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\americ~1.lnk - c:\program files\america online 9.0\aoltray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.1\resources\en-us\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - [You must be registered and logged in to see this link.]
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 3.1\aoltb.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - [You must be registered and logged in to see this link.]
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - [You must be registered and logged in to see this link.]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
DPF: {B49C4597-8721-4789-9250-315DFBD9F525} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [You must be registered and logged in to see this link.]
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - [You must be registered and logged in to see this link.]
Handler: junomsg - {C4D10830-379D-11d4-9B2D-00C04F1579A5} - c:\program files\juno\bin\jmsgpph.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: SABWinLogon - c:\program files\superadblocker.com\super ad blocker\SABWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
STS: {D5BF49A2-94F1-42BD-F434-3604812C807D} - No File
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll
SEH: SpywareGuard.Handler: {81559c35-8464-49f7-bb0e-07a383bef910} - c:\program files\spywareguard\spywareguard.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\jon\applic~1\mozilla\firefox\profiles\viz2txmf.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\program files\mozilla firefox\components\SABFF.DLL
FF - plugin: c:\documents and settings\jon\local settings\application data\google\update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPMGWRAP.DLL
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPMySrWB.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\defaults\pref\activex.js - pref("capability.policy.default.ClassID.CIDFE0BD779-44EE-4A4B-AA2E-743C63F2E5E6", "AllAccess");

============= SERVICES / DRIVERS ===============

S1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2007-8-6 201320]
S1 SABDIFSV;SABDIFSV;c:\program files\superadblocker.com\super ad blocker\SABDIFSV.SYS [2005-10-10 5632]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2008-9-5 206096]
S2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2008-2-26 359248]
S2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2007-8-6 144704]
S2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\viewpoint\common\viewpointservice.exe" --> c:\program files\viewpoint\common\ViewpointService.exe [?]
S3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2007-8-6 695624]
S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2007-8-6 79304]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2007-8-6 35240]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2007-8-6 33832]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2007-8-6 40488]
S3 PWIPENUM;PWIPENUM;\??\c:\program files\panicware\pop-up stopper anti-spyware\pwipenum.sys --> c:\program files\panicware\pop-up stopper anti-spyware\PWIPENUM.SYS [?]
S4 WinDefend;Windows Defender Service;c:\program files\windows defender\MsMpEng.exe [2006-4-3 14032]

=============== Created Last 30 ================

2009-02-07 14:32 --d----- C:\_OTMoveIt
2009-02-07 13:51 368,961 a------- c:\program files\dds.com
2009-02-07 13:50 --d----- c:\program files\SpywareGuard
2009-02-07 13:49 2,062,665 a------- c:\program files\spywareguardsetup.exe
2009-02-07 13:45 --d----- c:\program files\Spybot - Search & Destroy
2009-02-07 13:45 --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-02-07 13:43 --d----- c:\program files\New Folder (2)
2009-02-05 11:49 --d----- c:\program files\Stopzilla

==================== Find3M ====================

2008-12-13 01:40 3,593,216 a------- c:\windows\system32\dllcache\mshtml.dll
2008-07-18 06:24 3,518,422 a------- c:\program files\flvplayer_setup.exe
2008-06-30 04:16 23,510,720 a------- c:\program files\dotnetfx.exe
2008-06-30 04:15 1,427,520 a------- c:\program files\Silverlight.exe
2008-04-06 03:12 1,565,191 a------- c:\program files\AntiSpywareDeluxeSetup.exe
2008-02-27 08:28 1,491,592 a------- c:\program files\install_flash_player.exe
2008-01-28 06:45 25,755,448 a------- c:\program files\wmp11-windowsxp-x86-enu.exe
2008-01-02 19:25 6,876,336 a------- c:\program files\RecoverMyFiles-Setup.exe
2007-04-12 01:45 9,453,630 a------- c:\program files\vlc-0.8.6a-win32.exe
2007-02-26 23:23 3,782,589 a------- c:\program files\LastFM_Win_1.1.3.0.exe
2007-02-26 06:00 3,537,447 a------- c:\program files\MP3Rocket-Win.exe
2007-02-19 02:16 3,428,033 a------- c:\program files\iMP3Tunes-Win.exe
2006-11-26 21:35 5,669,872 a------- c:\program files\wpsetup.exe
2006-10-14 21:42 8,799,656 a------- c:\program files\Azureus_2.5.0.0_Win32.setup.exe
2006-10-14 21:37 8,963,034 a------- c:\program files\Azureus_2.5.0.0_OSX.dmg
2005-11-22 01:21 1,508 a------- c:\program files\uninstal.log
2005-09-05 14:16 353,888 a------- c:\program files\LimeWireWin.exe
2005-08-24 23:04 488,032 a------- c:\program files\PopUpStopper.exe
2005-08-24 23:00 4,436,776 a------- c:\program files\SuperAdBlocker.exe
2005-08-23 22:53 22,040,920 a------- c:\program files\iTunesSetup.exe
2005-08-23 19:27 2,855,080 a------- c:\program files\aawsepersonal.exe
2005-08-23 14:02 323,072 a------- c:\program files\ScreenShotSetup.msi
2002-05-21 10:00 1,362 a----r-- c:\program files\ReadMe.txt
2008-10-07 09:18 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008100720081008\index.dat

============= FINISH: 12:03:01.03 ===============

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 8th February 2009, 5:08 pm

Log loos okay.
Fix everything in Spybot and see if it comes back.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 8th February 2009, 5:18 pm

when i started up in normal mode, spybot asked me if i wanted to allow a change in something called "bootkit" or something like that. On impulse I told it no. And then i proceeded with things as per normal and things are ok but a bit slow still which doesnt make sense because I've got a gig of ram on this thing. True the harddrive is mostly full but still it shouldnt be silly like this.

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 8th February 2009, 5:21 pm

Download [You must be registered and logged in to see this link.]

  • Double-click ATF-Cleaner.exe to run the program.
  • Click Select All found at the bottom of the list.
  • Click the Empty Selected button.
If you use Firefox browser, do this also:

  • Click Firefox at the top and choose Select All from the list.
  • Click the Empty Selected button.
  • NOTE : If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser, do this also:

  • Click Opera at the top and choose Select All from the list.
  • Click the Empty Selected button.
  • NOTE : If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 8th February 2009, 5:43 pm

Malwarebytes' Anti-Malware 1.33
Database version: 1738
Windows 5.1.2600 Service Pack 3

2/8/2009 12:49:50 PM
mbam-log-2009-02-08 (12-49-50).txt

Scan type: Quick Scan
Objects scanned: 61629
Time elapsed: 12 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 20
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d5bf49a2-94f1-42bd-f434-3604812c807d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\xpre (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Weather Services (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchwbbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchwbbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchwbbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchwbbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchwbtoolbar.temperaturebarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchwbtoolbar.temperaturebarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{4d25f926-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{d5bf49a2-94f1-42bd-f434-3604812c807d} (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\MyWaySA (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWaySA\SrchAsDe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWaySA\SrchAsDe\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\AntiSpywareDeluxeSetup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jon\Local Settings\Temporary Internet Files\Content.IE5\7P6O5QTN\winsinstall[1].exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jon\Local Settings\Temporary Internet Files\Content.IE5\MKZXG94O\v3020[1].exe (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jon\Local Settings\Temporary Internet Files\Content.IE5\I185Q7Q0\index[1] (Trojan.Vundo) -> Quarantined and deleted successfully.


edit: for the heck of it I am now running a full scan.


Last edited by spacephrawgg on 8th February 2009, 5:45 pm; edited 1 time in total (Reason for editing : thought of something else to say)

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 8th February 2009, 6:51 pm

should I turn the automatic updates for windows security center back on?

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 8th February 2009, 7:14 pm

Yes.
MBAM cleared quite alot. LMBO or ROFL

Things should be better now, there was no real files of malware present.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 8th February 2009, 10:40 pm

the full system scan yielded this result:
c:/system volume information/_restore (46DE8921-1D39-44D2-A9E9-64119261F211)/RP809/A0121220.dll

c:/system volume information/_restore (46DE8921-1D39-44D2-A9E9-64119261F211)/RP809/A0121306

c:/system volume information/_restore (46DE8921-1D39-44D2-A9E9-64119261F211)/RP809/A0121307

c:/system volume information/_restore (46DE8921-1D39-44D2-A9E9-64119261F211)/RP809/A0121309

c:/system volume information/_restore (46DE8921-1D39-44D2-A9E9-64119261F211)/RP809/A0121311

c:/system volume information/_restore (46DE8921-1D39-44D2-A9E9-64119261F211)/RP809/A0121300



Things seem alright now. I'll post again if not. Thanks for your help. What is the link to the survey where i can voice my satisfaction? You are awesome!

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 8th February 2009, 10:42 pm

Hello.
c:/system volume information is system restore points, we'll flush them soon.

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Updating Java:

  • Download the latest version of [You must be registered and logged in to see this link.].
  • Select the first option where it says "This release includes the highly anticipated...".
  • Click the "Download" button to the right.
  • In the Window that opens, select your platform and language, check the "agree" box, and click Continue.
  • Click on the link to download Windows Offline Installation and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add or Remove Programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
    - Examples of older versions in Add or Remove Programs:
    - Java 2 Runtime Environment, SE v1.4.2
    - J2SE Runtime Environment 5.0
    - J2SE Runtime Environment 5.0 Update 2
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Then from your desktop double-click on jre-6u11-windows-i586-p.exe that you downloaded to install the newest version.
Please make sure the new version of Java is installed before you run JavaRa.

Please download JavaRa from [You must be registered and logged in to see this link.]

  • First, unzip it.
  • Then run JavaRa.
  • Select English from the drop down menu and press Select.
  • This will open JavaRa.
  • Press Remove older versions
  • Press yes to the prompt.
  • It will make a log file of what it's removed.
  • Copy and paste the log back here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 8th February 2009, 11:14 pm

here's the full log file:

Malwarebytes' Anti-Malware 1.33
Database version: 1738
Windows 5.1.2600 Service Pack 3

2/8/2009 6:20:46 PM
mbam-log-2009-02-08 (18-20-46).txt

Scan type: Full Scan (C:\|)
Objects scanned: 179421
Time elapsed: 2 hour(s), 23 minute(s), 3 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP809\A0121220.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP809\A0121306.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP809\A0121307.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP809\A0121309.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP809\A0121311.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP809\A0121300.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 8th February 2009, 11:18 pm

More restore points. LMBO or ROFL

Please update Java using my above instructions.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 8th February 2009, 11:58 pm

Below is the java logfile:

JavaRa 1.12 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Sun Feb 08 18:54:03 2009

Found and removed: C:\Program Files\Java\j2re1.4.2_03

Found and removed: C:\Program Files\Java\jre1.5.0_04

Found and removed: C:\Program Files\Java\jre1.5.0_06

Found and removed: C:\Program Files\Java\jre1.6.0_01

Found and removed: C:\Windows\Installer\{7148F0A8-6813-11D6-A77B-00B0D0142030}

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4

Found and removed: Software\JavaSoft\Java2D\1.5.0_04

Found and removed: Software\JavaSoft\Java2D\1.5.0_06

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510004

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510004

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510004

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Classes\JavaPlugin.150_04

Found and removed: SOFTWARE\Classes\JavaPlugin.150_06

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_04

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_06

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_04

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_06

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510006

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150040}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150060}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Classes\JavaPlugin.160_01

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_01

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_01

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7148F0A8-6813-11D6-A77B-00B0D0142030}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F841731866D117AB7000B0D410203

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F841731866D117AB7000B0D410203

Found and removed: SOFTWARE\Classes\JavaPlugin.142_03

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.4.2_03

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.4.2_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.4.2_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_06

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\JavaPlugin.142_03

Found and removed: Software\Classes\JavaPlugin.160_01

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_01

Found and removed: Software\JavaSoft\Java2D\1.6.0_01

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_01

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_04\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_06\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_01.b06\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\core1.zip

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\core2.zip

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\core3.zip

------------------------------------

Finished reporting.



Spyware guard browser protection warns me that a " BHO (browser help object" has been added: (761397BB-D6F0-462C-B6EB-D4DAF1D9D92D43)

File location: c:/program files/Java/ire6/bin/ssv.dll

Should I remove or keep this?

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 9th February 2009, 12:05 am

Hello.

I see you have Adobe Reader version 7 installed on this machine, this is old and has holes malware can use to abuse to re-infect you, so we need to close these holes.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs if present.

  • Adobe Reader 7
  • CiD Help
Then download and install version 9 from here:
[You must be registered and logged in to see this link.]

You also have an old version of the VLC player installed.
Please update this too.

Remove version 0.8.6a and download version 0.9.8a from here:
[You must be registered and logged in to see this link.]

We need to make a new restore point.

To turn off System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (or the Turn off System Restore on all drives check box), and then click OK.
4. Click Yes when you receive the prompt to the turn off System Restore.

Now we need to make a new restore point.
To turn on System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (To turn on System Restore), and then click OK.

Let me know once you've done that.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 9th February 2009, 12:30 am

One thing at a time: i installed the new VLC thing and am in the process of installing the new adobe thing. Also I have turned off and then on the systems restore.

Meanwhile, win patrol said a new Window Services thing has been installed:
getPlus(R) Helper
C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

should I allow this change?

and Spywareguard browser protection says an attempt to change Internet Explorer settings has been detected in the form of a "BHO (browser help object):
(18DF081C-E8AD-4283-A596-FA578C2EBDC3)
progID: AcrolEHelperShim.AcroHelperShimObj.1
file location: C:/Program Files/common files/Adobe/acrobat/activeX/AcroIEHelperShim.dll

Should I remove or keep this thing?


Last edited by spacephrawgg on 9th February 2009, 12:31 am; edited 1 time in total (Reason for editing : thought of something else to say)

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 9th February 2009, 12:33 am

Please allow both.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 9th February 2009, 12:41 am

K. So what now?

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by Belahzur on 9th February 2009, 12:43 am

Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems. As happy as we are to help you, for your sake we would rather not have repeat customers. Goofy

1) Please navigate to [You must be registered and logged in to see this link.] and download all the "critical updates" for Windows. This can patch many of the security holes through which attackers can gain access to your computer.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates , or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

2) In order to protect yourself against spyware, you should consider installing and running the following free programs:

[You must be registered and logged in to see this link.]
A tutorial on using Ad-Aware to remove spyware from your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]
A tutorial on using Spybot to remove spyware from your computer may be found [You must be registered and logged in to see this link.]. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

[You must be registered and logged in to see this link.]
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found [You must be registered and logged in to see this link.].

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

3) Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
[You must be registered and logged in to see this link.]
I also recommand the following add-ons for Firefox, they will help keep you safe from malicious scripts or activeX exploits.
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.

To help you keep your software updated, please considering using this free software program that will check for program updates.
[You must be registered and logged in to see this link.]

5) Finally, consider maintaining a firewall. Some good free firewalls are [You must be registered and logged in to see this link.], or
[You must be registered and logged in to see this link.]
A tutorial on understanding and using firewalls may be found [You must be registered and logged in to see this link.].

Please also read Tony Klein's excellent article: [You must be registered and logged in to see this link.]

If you would take a moment to fill out our feedback form, we would appreciate it.
The link can be found [You must be registered and logged in to see this link.].

Hopefully this should take care of your problems! Good luck. Big Grin


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

Solved Re: Problems with my other computer

Post by spacephrawgg on 10th February 2009, 5:54 pm

One last question:

I use the film-strip view when looking through images but sometimes, like right now, when I hit the "view" pulldown menu, it doesnt give me the option of viewing things in "filmstrip". How do I get it to display that option?

Thanks.

spacephrawgg
Senior
Senior

Posts Posts : 210
Joined Joined : 2009-02-02
Gender Gender : Male
OS OS : XP
Points Points : 29491
# Likes # Likes : 0

View user profile

Back to top Go down

Page 1 of 2 1, 2  Next

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum