WnPC

View previous topic View next topic Go down

WnPC

Post by samanthaa17 on Sat May 16, 2009 11:53 am

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:50:09 PM, on 16/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\Iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Mcafee\MWL\MwlGui.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Documents and Settings\Hvsnt15\Application Data\winav.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Mcafee\MWL\MwlSvc.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Safari\Safari.exe
C:\Documents and Settings\Hvsnt15\My Documents\HijackThis\hijackgpthis.exe

samanthaa17
Novice
Novice

Status :
Online
Offline

Posts Posts : 15
Joined Joined : 2009-05-16
Gender Gender : Female
OS OS : Windows XP

View user profile

Back to top Go down

WnPC (cont''d)

Post by samanthaa17 on Sat May 16, 2009 11:54 am

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [MWLExe] C:\PROGRA~1\Mcafee\MWL\MWLGuiSt.exe
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [Cake Wipe Inside Wma] C:\Documents and Settings\All Users\Application Data\flag barb cake wipe\soft plus.exe
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [Army Online Move Tick] C:\Documents and Settings\All Users\Application Data\file cash army online\real bird.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Part browse safe hold] C:\Documents and Settings\All Users\Application Data\Audio 4 part browse\internet live.exe
O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [Antivirus] C:\Program Files\Antivirus 2008\Antvrs.exe
O4 - HKCU\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q c:\DOCUME~1\hvsnt15\LOCALS~1\temp\TEMPOR~1.SH!\Content.SH!\K6RQAIQ7.SH! c:\DOCUME~1\hvsnt15\LOCALS~1\temp\TEMPOR~1.SH!\Content.SH! c:\DOCUME~1\hvsnt15\LOCALS~1\temp\TEMPOR~1.SH! c:\DOCUME~1\hvsnt15\LOCALS~1\temp\HSPERF~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\N9P689ZE\WHITE_~1.SH!
O4 - HKCU\..\Run: [amoksupport] C:\DOCUME~1\Hvsnt15\APPLIC~1\INSIDE~1\AXISLOCKS.exe
O4 - HKCU\..\Run: [AVScan] C:\Documents and Settings\Hvsnt15\Application Data\winav.exe
O4 - HKCU\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\K0E0O8BC\T_1_~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\K0E0O8BC\TABUI_~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\FKV28F9V\CALLUR~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\AFCSV1E9\HEADER~2.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\KFE54G2D\EL_1_~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\AFCSV1E9\CONTRO~2.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\FKV28F9V\CONTRO~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\AFCSV1E9\OPTION~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\AFCSV1E9\FRESH%~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\K0E0O8BC\ADS_2_~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\K0E0O8BC\FF2_1_~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\AFCSV1E9\FF2_1_~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\EDP8C7UF\FRIEND~2.SH! C:\DOCUM
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - [You must be registered and logged in to see this link.]
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O8 - Extra context menu item: Easy-WebPrint Add To Print List - [You must be registered and logged in to see this link.] Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - [You must be registered and logged in to see this link.] Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - [You must be registered and logged in to see this link.] Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - [You must be registered and logged in to see this link.] Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_AU&c=Q305&bd=presario&pf=laptop
O15 - Trusted Zone: [You must be registered and logged in to see this link.]
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - [You must be registered and logged in to see this link.]
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [You must be registered and logged in to see this link.]
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - [You must be registered and logged in to see this link.]
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: McAfee Wireless Network Security Service (MWLSvc) - McAfee, Inc. - C:\Program Files\Mcafee\MWL\MwlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 16997 bytes


I have been having trouble with my computer ever since someone in my family has 'accidently' fallen for this WnPC program to help our laptop with other problems! It's difficult to use the computer, as the pop ups turn every second, and it's very frustrating. Please Help, as the other programs on my computer aren't functioning properly!


Last edited by samanthaa17 on Sat May 16, 2009 1:12 pm; edited 1 time in total (Reason for editing : I have edited because, more problems have arisen.)

samanthaa17
Novice
Novice

Status :
Online
Offline

Posts Posts : 15
Joined Joined : 2009-05-16
Gender Gender : Female
OS OS : Windows XP

View user profile

Back to top Go down

Re: WnPC

Post by Belahzur on Sat May 16, 2009 1:50 pm

Hello.

  • Open HijackThis
  • Choose "Do a system scan only"
  • Check the boxes in front of these lines:


    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O4 - HKLM\..\Run: [Cake Wipe Inside Wma] C:\Documents and Settings\All Users\Application Data\flag barb cake wipe\soft plus.exe
    O4 - HKLM\..\Run: [Army Online Move Tick] C:\Documents and Settings\All Users\Application Data\file cash army online\real bird.exe
    O4 - HKLM\..\Run: [Part browse safe hold] C:\Documents and Settings\All Users\Application Data\Audio 4 part browse\internet live.exe
    O4 - HKCU\..\Run: [Antivirus] C:\Program Files\Antivirus 2008\Antvrs.exe
    O4 - HKCU\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P7 /q c:\DOCUME~1\hvsnt15\LOCALS~1\temp\TEMPOR~1.SH!\Content.SH!\K6RQAIQ7.SH! c:\DOCUME~1\hvsnt15\LOCALS~1\temp\TEMPOR~1.SH!\Content.SH! c:\DOCUME~1\hvsnt15\LOCALS~1\temp\TEMPOR~1.SH! c:\DOCUME~1\hvsnt15\LOCALS~1\temp\HSPERF~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\N9P689ZE\WHITE_~1.SH!
    O4 - HKCU\..\Run: [amoksupport] C:\DOCUME~1\Hvsnt15\APPLIC~1\INSIDE~1\AXISLOCKS.exe
    O4 - HKCU\..\Run: [AVScan] C:\Documents and Settings\Hvsnt15\Application Data\winav.exe
    O4 - HKCU\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\K0E0O8BC\T_1_~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\K0E0O8BC\TABUI_~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\FKV28F9V\CALLUR~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\AFCSV1E9\HEADER~2.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\KFE54G2D\EL_1_~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\AFCSV1E9\CONTRO~2.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\FKV28F9V\CONTRO~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\AFCSV1E9\OPTION~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\AFCSV1E9\FRESH%~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\K0E0O8BC\ADS_2_~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\K0E0O8BC\FF2_1_~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\AFCSV1E9\FF2_1_~1.SH! C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\Content.IE5\EDP8C7UF\FRIEND~2.SH! C:\DOCUM


  • Press "Fix Checked"
  • Close Hijack This.

Download [You must be registered and logged in to see this link.]

Double-click Lop S&D.exe
Choose the language, then choose Option 2 (Fix + Hosts)
Wait till the end of the scan
Post the log which is created: (%SystemDrive%\lopR.txt)


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre

View user profile

Back to top Go down

Lop S&D results

Post by samanthaa17 on Sat May 16, 2009 11:13 pm

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 2.00GHz )
BIOS : Rev 1.0
USER : Hvsnt15 ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Activated)
Firewall : McAfee Personal Firewall (Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:43 Go)
D:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( Sun 17/05/2009| 8:48 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ FIX

Deleted! - C:\WINDOWS\Tasks\A2D27022918E1DE6.job
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse\Ace camp.dat
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse\Ace camp.exe
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse\internet live.dat
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse\internet live.exe
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse\Soap Cdrom.exe
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData\globData.mk4
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\file cash army online\real bird.dat
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\file cash army online\real bird.exe
Deleted! - C:\DOCUME~1\Hvsnt15\APPLIC~1\inside~1\AXISLOCKS.exe
Deleted! - C:\DOCUME~1\Hvsnt15\APPLIC~1\inside~1\bdteevwc.exe
Deleted! - C:\DOCUME~1\Hvsnt15\APPLIC~1\inside~1\diefdybn.exe
Deleted! - C:\DOCUME~1\Hvsnt15\APPLIC~1\inside~1\draw online team.exe
Deleted! - C:\DOCUME~1\Hvsnt15\APPLIC~1\inside~1\Grey Wma Tick Win.exe
Deleted! - C:\DOCUME~1\Hvsnt15\APPLIC~1\inside~1\hyqqeiwp.exe
Deleted! - C:\DOCUME~1\Hvsnt15\APPLIC~1\inside~1\kbxuykzc.exe
Deleted! - C:\DOCUME~1\Hvsnt15\APPLIC~1\inside~1\koejzsem.exe
Deleted! - C:\DOCUME~1\Hvsnt15\APPLIC~1\inside~1\kzzjbrll.exe
Deleted! - C:\DOCUME~1\Hvsnt15\APPLIC~1\inside~1\sgdxfuet.exe
Deleted! - C:\DOCUME~1\Hvsnt15\APPLIC~1\inside~1\sruhtofw.exe
Deleted! - C:\DOCUME~1\Hvsnt15\APPLIC~1\inside~1\uhnherjg.exe
Deleted! - C:\DOCUME~1\Hvsnt15\LOCALS~1\Temp\sta16.exe
Deleted! - C:\Program Files\Circle Developement\Uninstall.exe
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\file cash army online
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\flag barb cake wipe
Deleted! - C:\DOCUME~1\Hvsnt15\APPLIC~1\inside~1
Deleted! - C:\Program Files\inside~1
Deleted! - C:\Program Files\Circle Developement
-
[ Hosts file ] .. Restored!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing folders in APPLIC~1

[02/05/2009|03:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ {8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[05/08/2008|04:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Adobe
[18/08/2008|07:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Apple
[15/01/2007|10:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Apple Computer
[16/05/2009|09:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ AppRanger
[25/08/2008|10:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ AVS4YOU
[13/01/2007|03:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ BigPond
[13/03/2007|04:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ CanonBJ
[30/01/2008|04:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Emotum
[02/07/2008|01:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ FLEXnet
[05/08/2008|07:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Google
[26/02/2007|03:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ HP
[17/12/2007|06:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Installations
[27/12/2006|09:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ InstallShield
[27/01/2008|07:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Knowledge Adventure
[27/04/2009|05:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Logishrd
[17/12/2008|04:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Logitech
[11/05/2008|12:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ McAfee
[17/12/2008|06:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Messenger Plus!
[28/03/2009|06:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Microsoft
[27/02/2007|07:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Microsoft Corporation
[19/01/2008|06:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Microsoft Help
[16/11/2007|02:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Musicnotes
[01/10/2007|03:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ NCH Swift Sound
[17/12/2007|06:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ PC Suite
[10/01/2007|10:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ QuickTime
[27/09/2008|11:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ SiteAdvisor
[05/08/2008|07:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ SpeedBit
[30/01/2008|03:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Symantec
[05/08/2008|07:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ TEMP
[15/01/2007|09:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Windows Genuine Advantage
[23/12/2007|10:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ WLInstaller
[01/04/2007|11:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ yahoo!

[19/02/2007|03:43] C:\DOCUME~1\APPLIC~1\APPLIC~1\ Microsoft

[27/12/2006|08:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ Microsoft

[04/06/2007|07:20] C:\DOCUME~1\Guest\APPLIC~1\ Identities
[04/06/2007|07:21] C:\DOCUME~1\Guest\APPLIC~1\ McAfee
[04/06/2007|07:22] C:\DOCUME~1\Guest\APPLIC~1\ Microsoft

[05/04/2009|11:35] C:\DOCUME~1\Hvsnt15\APPLIC~1\ Adobe
[31/03/2008|09:23] C:\DOCUME~1\Hvsnt15\APPLIC~1\ AdobeUM
[16/05/2008|10:43] C:\DOCUME~1\Hvsnt15\APPLIC~1\ Antivirus
[27/10/2008|05:41] C:\DOCUME~1\Hvsnt15\APPLIC~1\ Apple Computer
[25/08/2008|10:16] C:\DOCUME~1\Hvsnt15\APPLIC~1\ AVS4YOU
[13/01/2007|03:01] C:\DOCUME~1\Hvsnt15\APPLIC~1\ BigPond
[19/02/2009|10:58] C:\DOCUME~1\Hvsnt15\APPLIC~1\ BitZipper
[13/03/2007|04:15] C:\DOCUME~1\Hvsnt15\APPLIC~1\ CD-LabelPrint
[22/08/2008|04:01] C:\DOCUME~1\Hvsnt15\APPLIC~1\ DivX
[16/02/2008|02:24] C:\DOCUME~1\Hvsnt15\APPLIC~1\ Gamelab
[22/02/2009|10:24] C:\DOCUME~1\Hvsnt15\APPLIC~1\ GetRightToGo
[18/01/2008|07:43] C:\DOCUME~1\Hvsnt15\APPLIC~1\ Google
[14/10/2008|09:06] C:\DOCUME~1\Hvsnt15\APPLIC~1\ GrabPro
[29/03/2007|03:58] C:\DOCUME~1\Hvsnt15\APPLIC~1\ HP
[30/12/2006|09:41] C:\DOCUME~1\Hvsnt15\APPLIC~1\ Identities
[14/11/2008|02:24] C:\DOCUME~1\Hvsnt15\APPLIC~1\ Image Zone Express
[04/06/2007|04:06] C:\DOCUME~1\Hvsnt15\APPLIC~1\ imeem
[03/10/2008|03:04] C:\DOCUME~1\Hvsnt15\APPLIC~1\ ImTOO Software Studio
[03/01/2007|12:51] C:\DOCUME~1\Hvsnt15\APPLIC~1\ InterVideo
[03/01/2007|12:06] C:\DOCUME~1\Hvsnt15\APPLIC~1\ Leadertech
[13/01/2007|03:36] C:\DOCUME~1\Hvsnt15\APPLIC~1\ Macromedia
[11/05/2008|08:31] C:\DOCUME~1\Hvsnt15\APPLIC~1\ McAfee
[27/01/2007|10:36] C:\DOCUME~1\Hvsnt15\APPLIC~1\ Megaupload
[17/12/2008|04:07] C:\DOCUME~1\Hvsnt15\APPLIC~1\ Microsoft
[02/11/2008|07:41] C:\DOCUME~1\Hvsnt15\APPLIC~1\ Moyea
[29/08/2008|11:20] C:\DOCUME~1\Hvsnt15\APPLIC~1\ Mozilla
[19/02/2007|03:43] C:\DOCUME~1\Hvsnt15\APPLIC~1\ MySpace
[01/10/2007|03:17] C:\DOCUME~1\Hvsnt15\APPLIC~1\ NCH Swift Sound
[17/12/2007|07:14] C:\DOCUME~1\Hvsnt15\APPLIC~1\ Nokia
[24/02/2009|07:06] C:\DOCUME~1\Hvsnt15\APPLIC~1\ Nokia Multimedia Player
[17/10/2008|12:48] C:\DOCUME~1\Hvsnt15\APPLIC~1\ Orbit
[17/12/2007|06:42] C:\DOCUME~1\Hvsnt15\APPLIC~1\ PC Suite
[03/01/2007|12:06] C:\DOCUME~1\Hvsnt15\APPLIC~1\ Sonic
[15/01/2007|08:08] C:\DOCUME~1\Hvsnt15\APPLIC~1\ Sun
[30/12/2006|11:28] C:\DOCUME~1\Hvsnt15\APPLIC~1\ Template
[01/06/2008|09:50] C:\DOCUME~1\Hvsnt15\APPLIC~1\ Webroot
[20/11/2008|10:46] C:\DOCUME~1\Hvsnt15\APPLIC~1\ WinFF
[22/12/2008|05:12] C:\DOCUME~1\Hvsnt15\APPLIC~1\ yahoo!

[11/11/2007|09:38] C:\DOCUME~1\LOCALS~1\APPLIC~1\ McAfee
[31/01/2007|06:26] C:\DOCUME~1\LOCALS~1\APPLIC~1\ Microsoft
[19/10/2008|10:56] C:\DOCUME~1\LOCALS~1\APPLIC~1\ SACore
[16/05/2008|08:40] C:\DOCUME~1\LOCALS~1\APPLIC~1\ Webroot
[21/12/2008|02:40] C:\DOCUME~1\LOCALS~1\APPLIC~1\ Yahoo!

[21/10/2008|06:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\ Macromedia
[13/05/2008|07:57] C:\DOCUME~1\NETWOR~1\APPLIC~1\ Microsoft


--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

[28/02/2009 08:53 AM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[15/12/2008 12:17 AM][--a------] C:\WINDOWS\tasks\McDefragTask.job
[01/05/2009 01:00 AM][--a------] C:\WINDOWS\tasks\McQcTask.job
[11/05/2009 08:00 PM][--a------] C:\WINDOWS\tasks\sam.job
[03/05/2009 09:00 AM][--a------] C:\WINDOWS\tasks\Cleanup.job
[17/05/2009 08:28 AM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[04/08/2004 10:00 PM][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing Folders in C:\Program Files

[05/04/2009|11:35] C:\Program Files\ Adobe
[12/09/2008|01:18] C:\Program Files\ Apple Software Update
[02/05/2009|03:52] C:\Program Files\ Bonjour
[13/03/2007|04:07] C:\Program Files\ Canon
[13/03/2007|04:02] C:\Program Files\ CanonBJ
[17/12/2008|04:00] C:\Program Files\ Common Files
[27/12/2006|08:32] C:\Program Files\ ComPlus Applications
[05/08/2008|07:43] C:\Program Files\ DAP
[17/12/2007|06:42] C:\Program Files\ DIFX
[04/03/2007|04:30] C:\Program Files\ directx
[02/11/2008|08:31] C:\Program Files\ DivX
[13/05/2009|03:41] C:\Program Files\ DVDVideoSoft
[26/11/2008|07:41] C:\Program Files\ Google
[19/01/2008|06:22] C:\Program Files\ GRETECH
[26/02/2007|03:13] C:\Program Files\ Hewlett-Packard
[26/02/2007|03:15] C:\Program Files\ HP
[27/12/2006|09:09] C:\Program Files\ HPQ
[23/08/2008|03:39] C:\Program Files\ Ilusion Software
[17/12/2008|04:08] C:\Program Files\ InstallShield Installation Information
[27/12/2006|08:52] C:\Program Files\ Intel
[30/12/2006|07:44] C:\Program Files\ InterActual
[18/04/2009|12:02] C:\Program Files\ Internet Explorer
[27/12/2006|08:56] C:\Program Files\ InterVideo
[02/05/2009|03:55] C:\Program Files\ iPod
[02/05/2009|03:55] C:\Program Files\ iTunes
[27/03/2009|05:30] C:\Program Files\ Java
[02/11/2008|08:48] C:\Program Files\ K-Lite Codec Pack
[27/03/2009|05:47] C:\Program Files\ LimeWire
[27/04/2009|05:27] C:\Program Files\ Logitech
[16/05/2009|01:50] C:\Program Files\ MalwareScanner
[20/03/2009|02:24] C:\Program Files\ McAfee
[30/12/2006|09:01] C:\Program Files\ McAfee.com
[12/12/2008|01:03] C:\Program Files\ Messenger
[31/03/2009|03:17] C:\Program Files\ Messenger Plus! Live
[11/10/2008|05:06] C:\Program Files\ Microsoft
[17/09/2007|06:41] C:\Program Files\ Microsoft CAPICOM 2.1.0.2
[27/12/2006|08:36] C:\Program Files\ microsoft frontpage
[16/05/2009|03:26] C:\Program Files\ Microsoft Office
[04/03/2007|04:32] C:\Program Files\ Microsoft Picture It! 2002
[30/03/2009|08:42] C:\Program Files\ Microsoft Silverlight
[11/10/2008|05:25] C:\Program Files\ Microsoft SQL Server Compact Edition
[28/03/2009|06:58] C:\Program Files\ Microsoft Sync Framework
[15/09/2007|11:31] C:\Program Files\ Microsoft Works
[12/12/2008|12:30] C:\Program Files\ Movie Maker
[24/10/2008|08:55] C:\Program Files\ MSN
[27/12/2006|08:32] C:\Program Files\ MSN Gaming Zone
[16/08/2007|05:37] C:\Program Files\ MSXML 4.0
[26/02/2007|03:12] C:\Program Files\ MySpace
[01/10/2007|03:26] C:\Program Files\ NCH Swift Sound
[12/12/2008|12:17] C:\Program Files\ NetMeeting
[17/12/2007|06:41] C:\Program Files\ Nokia
[27/12/2006|08:34] C:\Program Files\ Online Services
[12/12/2008|12:17] C:\Program Files\ Outlook Express
[17/12/2007|06:40] C:\Program Files\ PC Connectivity Solution
[02/05/2009|02:34] C:\Program Files\ QuickTime
[26/03/2009|08:46] C:\Program Files\ Safari
[13/03/2007|04:05] C:\Program Files\ Sonic
[27/12/2006|08:48] C:\Program Files\ Synaptics
[27/12/2006|08:43] C:\Program Files\ Uninstall Information
[09/02/2008|07:28] C:\Program Files\ Virtools Web Player 3.5
[27/12/2006|08:46] C:\Program Files\ WIDCOMM
[13/09/2007|12:01] C:\Program Files\ Windows Journal Viewer
[28/03/2009|07:05] C:\Program Files\ Windows Live
[28/03/2009|06:49] C:\Program Files\ Windows Live SkyDrive
[15/09/2007|12:23] C:\Program Files\ Windows Media Connect 2
[12/12/2008|12:17] C:\Program Files\ Windows Media Player
[12/12/2008|12:17] C:\Program Files\ Windows NT
[27/12/2006|08:34] C:\Program Files\ WindowsUpdate
[02/11/2008|09:48] C:\Program Files\ WinFF
[27/12/2006|08:36] C:\Program Files\ xerox

samanthaa17
Novice
Novice

Status :
Online
Offline

Posts Posts : 15
Joined Joined : 2009-05-16
Gender Gender : Female
OS OS : Windows XP

View user profile

Back to top Go down

Re: WnPC

Post by samanthaa17 on Sat May 16, 2009 11:13 pm

--------------------\\ Listing Folders in C:\Program Files\Common Files

[05/04/2009|11:32] C:\Program Files\Common Files\ Adobe
[02/05/2009|02:27] C:\Program Files\Common Files\ Apple
[12/09/2008|10:51] C:\Program Files\Common Files\ AVSMedia
[13/05/2009|03:41] C:\Program Files\Common Files\ DVDVideoSoft
[26/02/2007|03:11] C:\Program Files\Common Files\ Hewlett-Packard
[26/02/2007|03:15] C:\Program Files\Common Files\ HP
[27/12/2006|09:05] C:\Program Files\Common Files\ InstallShield
[28/03/2007|04:51] C:\Program Files\Common Files\ Java
[27/01/2008|03:55] C:\Program Files\Common Files\ Knowledge Adventure
[27/04/2009|05:43] C:\Program Files\Common Files\ logishrd
[12/04/2008|09:43] C:\Program Files\Common Files\ Logitech
[02/07/2008|01:39] C:\Program Files\Common Files\ Macrovision Shared
[20/11/2007|09:52] C:\Program Files\Common Files\ McAfee
[16/05/2009|03:26] C:\Program Files\Common Files\ Microsoft Shared
[27/12/2006|08:33] C:\Program Files\Common Files\ MSSoap
[17/12/2007|06:41] C:\Program Files\Common Files\ Nokia
[27/12/2006|07:19] C:\Program Files\Common Files\ ODBC
[17/12/2007|06:41] C:\Program Files\Common Files\ PCSuite
[27/12/2006|08:33] C:\Program Files\Common Files\ Services
[27/12/2006|09:02] C:\Program Files\Common Files\ Sonic Shared
[27/12/2006|07:19] C:\Program Files\Common Files\ SpeechEngines
[03/11/2008|05:38] C:\Program Files\Common Files\ Symantec Shared
[12/12/2008|02:05] C:\Program Files\Common Files\ System
[27/12/2006|09:03] C:\Program Files\Common Files\ TiVo Shared
[11/10/2008|04:18] C:\Program Files\Common Files\ Windows Live

--------------------\\ Process

( 66 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

No Lop folder found !

--------------------\\ Searching within the Registry

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme


--------------------\\ Searching for other infections


No other infections found !

[F:388][D:24]-> C:\DOCUME~1\Hvsnt15\LOCALS~1\Temp
[F:26][D:0]-> C:\DOCUME~1\Hvsnt15\Cookies
[F:747][D:199]-> C:\DOCUME~1\Hvsnt15\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - Sun 17/05/2009| 9:10 - Option : [2]

--------------------\\ Scan completed at 9:10:36

samanthaa17
Novice
Novice

Status :
Online
Offline

Posts Posts : 15
Joined Joined : 2009-05-16
Gender Gender : Female
OS OS : Windows XP

View user profile

Back to top Go down

Re: WnPC

Post by samanthaa17 on Sat May 16, 2009 11:14 pm

Thanks HEAPS for the help you've given me!
My computer is working fine again!
Smile

samanthaa17
Novice
Novice

Status :
Online
Offline

Posts Posts : 15
Joined Joined : 2009-05-16
Gender Gender : Female
OS OS : Windows XP

View user profile

Back to top Go down

Re: WnPC

Post by Belahzur on Sat May 16, 2009 11:16 pm

Hello.
Good work so far, but still more to do.

  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
  • Double click DDS.scr to run.
  • When complete, two logs will open. Save both of the report to your Desktop.
  • Copy and paste BOTH LOGS back here, ignore any warning that says not to post attach.txt


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: WnPC

Post by samanthaa17 on Sun May 17, 2009 6:33 am

How do you if the DDS program is working?? Cause I cant tell if its scanning?
Don't worry it worked! LOL!


Last edited by samanthaa17 on Sun May 17, 2009 6:42 am; edited 1 time in total

samanthaa17
Novice
Novice

Status :
Online
Offline

Posts Posts : 15
Joined Joined : 2009-05-16
Gender Gender : Female
OS OS : Windows XP

View user profile

Back to top Go down

DDS LOG (1)

Post by samanthaa17 on Sun May 17, 2009 6:36 am

DDS (Ver_09-05-14.01) - NTFSx86
Run by Hvsnt15 at 16:28:47.17 on Sun 17/05/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.63 [GMT 10:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\Iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Mcafee\MWL\MwlGui.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\Mcafee\MWL\MwlSvc.exe
C:\Program Files\Safari\Safari.exe
C:\WINDOWS\system32\wuauclt.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Documents and Settings\Hvsnt15\My Documents\dds.scr

============== Pseudo HJT Report ===============

uSearch Bar = [You must be registered and logged in to see this link.]
uStart Page = [You must be registered and logged in to see this link.]
uSearch Page = [You must be registered and logged in to see this link.]
uDefault_Search_URL = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
mSearch Bar = [You must be registered and logged in to see this link.]
mDefault_Page_URL = [You must be registered and logged in to see this link.]
mSearch Page = [You must be registered and logged in to see this link.]
mDefault_Search_URL = [You must be registered and logged in to see this link.]
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = [You must be registered and logged in to see this link.]
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
mURLSearchHooks: H - No File
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: McAfee Phishing Filter: {377c180e-6f0e-4d4c-980f-f45bd3d40cf4} - c:\progra~1\mcafee\msk\mcapbho.dll
BHO: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - c:\program files\windows live\family safety\fssbho.dll
BHO: EWPBrowseObject Class: {68f9551e-0411-48e4-9aaf-4bc42a6a46be} - c:\program files\canon\easy-webprint\EWPBrowseLoader.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\progra~1\mcafee\viruss~1\scriptsn.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [Nokia.PCSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [WatchDog] c:\program files\intervideo\dvd check\DVDCheck.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe
mRun: [Easy-PrintToolBox] c:\program files\canon\easy-printtoolbox\BJPSMAIN.EXE /logon
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe
mRun: [McAfee Backup] c:\program files\mcafee\mbk\McAfeeDataBackup.exe
mRun: [MBkLogOnHook] c:\program files\mcafee\mbk\LogOnHook.exe
mRun: [mcagent_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey
mRun: [PCSuiteTrayApplication] c:\program files\nokia\nokia pc suite 6\LaunchApplication.exe -startup
mRun: [MWLExe] c:\progra~1\mcafee\mwl\MWLGuiSt.exe
mRun: [McENUI] c:\progra~1\mcafee\mhn\McENUI.exe /hide
mRun: [fssui] "c:\program files\windows live\family safety\fsui.exe" -autorun
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SpyHunter Security Suite] c:\program files\enigma software group\spyhunter\SpyHunter3.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [Nokia.PCSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dvdche~1.lnk - c:\program files\intervideo\dvd check\DVDCheck.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Toolband.dll/RC_Print.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - [You must be registered and logged in to see this link.]
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - [You must be registered and logged in to see this link.]
DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - [You must be registered and logged in to see this link.]
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - [You must be registered and logged in to see this link.]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - [You must be registered and logged in to see this link.]
DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} - [You must be registered and logged in to see this link.]
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - [You must be registered and logged in to see this link.]
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [You must be registered and logged in to see this link.]
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - [You must be registered and logged in to see this link.]
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: igfxcui - igfxsrvc.dll
Notify: WRNotifier - WRLogonNTF.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

samanthaa17
Novice
Novice

Status :
Online
Offline

Posts Posts : 15
Joined Joined : 2009-05-16
Gender Gender : Female
OS OS : Windows XP

View user profile

Back to top Go down

Re: WnPC

Post by samanthaa17 on Sun May 17, 2009 6:37 am

============= SERVICES / DRIVERS ===============

R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2006-12-30 201320]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-3-28 55152]
R2 fsssvc;Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2009-2-6 533360]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2008-9-26 210216]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2006-12-30 359248]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2006-12-30 144704]
R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-1-14 226656]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2006-12-30 695624]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2006-12-30 79304]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2006-12-30 35240]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2006-12-30 40488]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2006-12-30 33832]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [2008-1-30 194304]

============== File Associations ===============

regfile="%1" %*

=============== Created Last 30 ================

2009-05-17 08:47 --d----- C:\Lop SD
2009-05-16 16:14 --d----- c:\windows\logs
2009-05-16 16:14 --d----- c:\docume~1\alluse~1\applic~1\AppRanger
2009-05-16 13:57 382 a------- C:\spyhunter.fix
2009-05-16 13:23 423,784 a------- c:\windows\system32\XceedBkp.dll
2009-05-16 13:23 65,536 a------- c:\windows\system32\vbalProgBar6.ocx
2009-05-16 13:23 57,399 a------- c:\windows\system32\Registry Control.ocx
2009-05-16 13:23 24,576 a------- c:\windows\system32\SmartSubClass.dll
2009-05-16 13:23 597,834 a------- c:\windows\system32\AS-IFce1.ocx
2009-05-16 13:23 265,753 a------- c:\windows\system32\AS-Exp2.ocx
2009-05-16 13:23 188,416 a------- c:\windows\system32\actsplash.ocx
2009-05-16 13:23 --d----- c:\program files\MalwareScanner
2009-05-16 13:20 164,144 a------- c:\windows\system32\COMCT232.OCX
2009-05-16 13:20 118,784 a------- c:\windows\system32\msstdfmt.dll
2009-05-16 13:20 109,248 a------- c:\windows\system32\MSWINSCK.OCX
2009-05-16 13:20 1,066,176 a------- c:\windows\system32\mscomctl.ocx
2009-05-16 13:20 140,288 a------- c:\windows\system32\comdlg32.ocx
2009-05-16 13:20 115,016 a------- c:\windows\system32\MSINET.OCX
2009-05-14 11:07 1,097,728 a------- c:\docume~1\hvsnt15\applic~1\winav.exe
2009-05-13 18:33 186 a------- c:\docume~1\hvsnt15\applic~1\asd.bat
2009-05-02 15:54 --d----- c:\docume~1\alluse~1\applic~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-05-02 15:52 --d----- c:\program files\Bonjour
2009-05-02 15:50 1,900,544 a------- c:\windows\system32\usbaaplrc.dll
2009-04-27 17:38 2,686,104 a------- c:\windows\system32\drivers\LV302V32.SYS
2009-04-27 17:37 195,096 a------- c:\windows\system32\lvci11901262.dll
2009-04-27 17:37 768,024 a------- c:\windows\system32\drivers\lvrs.sys

==================== Find3M ====================

2009-05-06 12:35 32,480 a------- c:\docume~1\hvsnt15\applic~1\wklnhst.dat
2009-04-17 13:40 89,444 a---h--- c:\windows\system32\mlfcache.dat
2009-04-17 13:34 113,544 a------- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-03-27 17:31 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-26 15:23 36,864 a------- c:\windows\system32\drivers\usbaapl.sys
2009-03-19 16:32 23,400 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-07 00:22 284,160 a------- c:\windows\system32\pdh.dll
2009-03-03 10:18 826,368 a------- c:\windows\system32\wininet.dll
2009-02-21 04:09 78,336 a------- c:\windows\system32\ieencode.dll
2007-10-14 15:23 100 ac------ c:\documents and settings\hvsnt15\inquiry.dat
2008-12-12 14:05 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008121220081213\index.dat

============= FINISH: 16:35:20.26 ===============

samanthaa17
Novice
Novice

Status :
Online
Offline

Posts Posts : 15
Joined Joined : 2009-05-16
Gender Gender : Female
OS OS : Windows XP

View user profile

Back to top Go down

Re: WnPC

Post by samanthaa17 on Sun May 17, 2009 6:38 am

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-05-14.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 27/12/2006 9:38:49 AM
System Uptime: 17/05/2009 4:19:51 PM (0 hours ago)

Motherboard: HP | | 309A
Processor: Intel(R) Pentium(R) M processor 2.00GHz | U1 | 1995/mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 75 GiB total, 43.468 GiB free.
D: is CDROM ()
E: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) PRO/Wireless 2200BG Network Connection
Device ID: PCI\VEN_8086&DEV_4220&SUBSYS_12F6103C&REV_05\4&1D3F0FBB&0&48F0
Manufacturer: Intel(R) Corporation
Name: Intel(R) PRO/Wireless 2200BG Network Connection
PNP Device ID: PCI\VEN_8086&DEV_4220&SUBSYS_12F6103C&REV_05\4&1D3F0FBB&0&48F0
Service: w29n51

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: -sammi-
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: -sammi-
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd

==== System Restore Points ===================

RP100: 21/02/2009 9:18:47 AM - Software Distribution Service 3.0
RP101: 26/02/2009 4:22:29 PM - Software Distribution Service 3.0
RP102: 6/03/2009 3:25:38 PM - Software Distribution Service 3.0
RP103: 11/03/2009 11:21:53 PM - Software Distribution Service 3.0
RP104: 14/03/2009 11:06:57 PM - Software Distribution Service 3.0
RP105: 21/03/2009 4:42:48 PM - System Checkpoint
RP106: 21/03/2009 6:04:25 PM - Installed Adobe Photoshop Elements 6.0.
RP107: 27/03/2009 6:30:14 PM - Installed Java(TM) 6 Update 13
RP108: 28/03/2009 7:56:34 PM - Installed DirectX
RP109: 29/03/2009 8:57:52 PM - Software Distribution Service 3.0
RP110: 30/03/2009 3:32:12 PM - Software Distribution Service 3.0
RP111: 30/03/2009 3:44:04 PM - Installed Windows XP WgaNotify.
RP112: 31/03/2009 4:40:13 PM - System Checkpoint
RP113: 3/04/2009 10:47:05 PM - System Checkpoint
RP114: 5/04/2009 12:18:55 PM - Removed Adobe Photoshop Elements 6.0.
RP115: 6/04/2009 6:37:22 PM - System Checkpoint
RP116: 17/04/2009 1:15:49 PM - Software Distribution Service 3.0
RP117: 18/04/2009 11:25:02 AM - Software Distribution Service 3.0
RP118: 27/04/2009 5:29:38 PM - Logitech QuickCam v11.90.1262
RP119: 28/04/2009 10:16:16 PM - System Checkpoint
RP120: 30/04/2009 5:03:57 PM - Software Distribution Service 3.0
RP121: 2/05/2009 2:26:56 PM - Installed QuickTime
RP122: 2/05/2009 3:53:12 PM - Installed iTunes
RP123: 7/05/2009 2:52:05 PM - System Checkpoint

==== Installed Programs ======================

1400
1400_Help
1400Trb
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0
Adobe Shockwave Player 11
Agere Systems AC'97 Modem
AiO_Scan
AiOSoftware
Apple Mobile Device Support
Apple Software Update
AutoUpdate
Bonjour
Broadcom 802.11 Wireless LAN Adapter
BufferChm
Canon iP4300
Canon Setup Utility 2.3
Canon Utilities Easy-PhotoPrint
Canon Utilities Easy-PrintToolBox
CD-LabelPrint
Choice Guard
ContentSAFER for Wizmax
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
Critical Update for Windows Media Player 11 (KB959772)
Destinations
DeviceManagementQFolder
DivX Converter
DivX Player
DivX Web Player
DocProc
Easy-WebPrint
eSupportQFolder
Fax
Free YouTube to iPod Converter version 3.1
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954708)
HP Help and Support
HP Image Zone Express
HP Imaging Device Functions 5.3
HP Integrated Module with Bluetooth wireless technology
HP PSC & OfficeJet 5.3.B
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
HPProductAssistant
Intel(R) Graphics Media Accelerator Driver for Mobile
InterActual Player
InterVideo DVD Check
InterVideo WinDVD
iTunes
J2SE Runtime Environment 5.0 Update 3
Java(TM) 6 Update 13
Junk Mail filter update
K-Lite Codec Pack 4.2.5 (Full)
LimeWire 5.1.2
Logitech Audio Echo Cancellation Component
Logitech Desktop Messenger
Logitech Legacy USB Camera Driver Package
Logitech QuickCam
Logitech QuickCam Driver Package
Logitech Video Enumerator
McAfee SecurityCenter
Messenger Plus! Live & Sponsor (CiD)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Word Viewer 2003
Microsoft Picture It! Photo 2002
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows Journal Viewer
Microsoft Works
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MVision
NewCopy
Nokia Connectivity Cable Driver
Nokia PC Suite
PC Connectivity Solution
Picasa 3
ProductContext
QuickTime
Readme
Realtek AC'97 Audio
REALTEK Gigabit and Fast Ethernet NIC Driver
Safari
Scan
ScannerCopy

samanthaa17
Novice
Novice

Status :
Online
Offline

Posts Posts : 15
Joined Joined : 2009-05-16
Gender Gender : Female
OS OS : Windows XP

View user profile

Back to top Go down

Re: WnPC

Post by samanthaa17 on Sun May 17, 2009 6:38 am

Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961373)
Segoe UI
Shockwave
SolutionCenter
Sonic Audio Module
Sonic Copy Module
Sonic Data Module
Sonic MyDVD Plus
Sonic Update Manager
SpyHunter
Status
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515 drivers.
TIxx21
TrayApp
Uninstall 1.0.0.1
Uninstall Malware Scanner
Unload
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
WavePad Uninstall
WebFldrs XP
WebReg
Windows Driver Package - 2Wire (2WIREPCP) Net (09/18/2002 1.4.0.5)
Windows Driver Package - NETGEAR Inc. (RTLWUSB) Net (02/07/2007 5.1283.0207.2007)
Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)
Windows Driver Package - Nokia Modem (02/15/2007 3.1)
Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1)
Windows Genuine Advantage Notifications (KB905474)
Windows Imaging Component
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinFF 0.43

==== Event Viewer Messages From Past Week ========

17/05/2009 4:24:58 PM, error: Service Control Manager [7016] - The BrSplService service has reported an invalid current state 0.
17/05/2009 4:05:39 PM, error: DCOM [10001] - Unable to start a DCOM Server: {C7E39D60-7A9F-42BF-ABB1-03DC0FA4F493} as /. The error: "%233" Happened while starting this command: c:\PROGRA~1\mcafee.com\agent\mcagent.exe -Embedding
17/05/2009 4:03:49 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
16/05/2009 9:43:03 PM, error: System Error [1003] - Error code 100000d1, parameter1 e1de1000, parameter2 00000002, parameter3 00000000, parameter4 aae3cb00.
16/05/2009 8:58:13 PM, error: System Error [1003] - Error code 100000d1, parameter1 e1d4d000, parameter2 00000002, parameter3 00000000, parameter4 aae52b00.
16/05/2009 2:14:23 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
16/05/2009 2:14:22 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
16/05/2009 2:13:39 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the mcmscsvc service.
16/05/2009 12:49:10 PM, error: System Error [1003] - Error code 100000d1, parameter1 e1f30000, parameter2 00000002, parameter3 00000000, parameter4 aa87db00.
16/05/2009 12:48:04 PM, error: System Error [1003] - Error code 100000d1, parameter1 e1f39000, parameter2 00000002, parameter3 00000000, parameter4 aa87db00.

==== End Of File ===========================

samanthaa17
Novice
Novice

Status :
Online
Offline

Posts Posts : 15
Joined Joined : 2009-05-16
Gender Gender : Female
OS OS : Windows XP

View user profile

Back to top Go down

Re: WnPC

Post by samanthaa17 on Sun May 17, 2009 10:18 am

The WnPC malware has turned up again!!
After my sister has gone on! What to do???

samanthaa17
Novice
Novice

Status :
Online
Offline

Posts Posts : 15
Joined Joined : 2009-05-16
Gender Gender : Female
OS OS : Windows XP

View user profile

Back to top Go down

Re: WnPC

Post by samanthaa17 on Sun May 17, 2009 12:39 pm

Umm.. my sister and I have maybe discovered what triggered the WnPC thing to come back! It may because she has used MSN Instant Messenger???

samanthaa17
Novice
Novice

Status :
Online
Offline

Posts Posts : 15
Joined Joined : 2009-05-16
Gender Gender : Female
OS OS : Windows XP

View user profile

Back to top Go down

Re: WnPC

Post by Belahzur on Sun May 17, 2009 1:19 pm

I see that you are running Limewire.
P2P(Peer to peer) applications are designed to help you easily share and distribute files between you and a group of people. But they can also be used to distribute malware, and thus are not considered safe.
The removal of these programs is optional, but highly recommended.

If Limewire is not removed, then I won't help you.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

  • Adobe Reader 7.0
  • J2SE Runtime Environment 5.0 Update 3
  • LimeWire 5.1.2
  • Messenger Plus! Live & Sponsor (CiD)

Note: I ask that you uninstall Messenger Plus because that is how you got infected.

Please download the [You must be registered and logged in to see this link.].

  • Save it to your desktop.
  • Please double-click OTMoveIt3.exe to run it.
  • Copy the bolded text below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose CopyCrying


    :files
    c:\docume~1\hvsnt15\applic~1\winav.exe
    c:\docume~1\hvsnt15\applic~1\asd.bat
    C:\Program Files\Limewire
    c:\docume~1\hvsnt15\applic~1\Limewire
    c:\program files\MalwareScanner
    C:\Lop SD
    C:\Documents and Settings\Hvsnt15\My Documents\dds.scr


  • Return to OTMoveIt3, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt3
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: WnPC

Post by samanthaa17 on Sun May 17, 2009 1:36 pm

========== FILES ==========
c:\docume~1\hvsnt15\applic~1\winav.exe moved successfully.
c:\docume~1\hvsnt15\applic~1\asd.bat moved successfully.
C:\Program Files\LimeWire\lib moved successfully.
C:\Program Files\LimeWire moved successfully.
File/Folder c:\docume~1\hvsnt15\applic~1\Limewire not found.
c:\program files\MalwareScanner\Skin moved successfully.
c:\program files\MalwareScanner\logs moved successfully.
c:\program files\MalwareScanner\Language moved successfully.
c:\program files\MalwareScanner\Help moved successfully.
c:\program files\MalwareScanner moved successfully.
C:\Lop SD\Backup-Lop\WINDOWS\Tasks moved successfully.
C:\Lop SD\Backup-Lop\WINDOWS moved successfully.
C:\Lop SD\Backup-Lop\Reg moved successfully.
C:\Lop SD\Backup-Lop\Program Files\Circle Developement moved successfully.
C:\Lop SD\Backup-Lop\Program Files moved successfully.
C:\Lop SD\Backup-Lop\Hosts moved successfully.
C:\Lop SD\Backup-Lop\DOCUME~1\Hvsnt15\LOCALS~1\Temp moved successfully.
C:\Lop SD\Backup-Lop\DOCUME~1\Hvsnt15\LOCALS~1 moved successfully.
C:\Lop SD\Backup-Lop\DOCUME~1\Hvsnt15\APPLIC~1\INSIDE~1 moved successfully.
C:\Lop SD\Backup-Lop\DOCUME~1\Hvsnt15\APPLIC~1 moved successfully.
C:\Lop SD\Backup-Lop\DOCUME~1\Hvsnt15 moved successfully.
C:\Lop SD\Backup-Lop\DOCUME~1\ALLUSE~1\APPLIC~1\file cash army online moved successfully.
C:\Lop SD\Backup-Lop\DOCUME~1\ALLUSE~1\APPLIC~1\espionServerData moved successfully.
C:\Lop SD\Backup-Lop\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse moved successfully.
C:\Lop SD\Backup-Lop\DOCUME~1\ALLUSE~1\APPLIC~1 moved successfully.
C:\Lop SD\Backup-Lop\DOCUME~1\ALLUSE~1 moved successfully.
C:\Lop SD\Backup-Lop\DOCUME~1 moved successfully.
C:\Lop SD\Backup-Lop moved successfully.
C:\Lop SD moved successfully.
File/Folder C:\Documents and Settings\Hvsnt15\My Documents\dds.scr not found.

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05172009_233611

samanthaa17
Novice
Novice

Status :
Online
Offline

Posts Posts : 15
Joined Joined : 2009-05-16
Gender Gender : Female
OS OS : Windows XP

View user profile

Back to top Go down

Re: WnPC

Post by Belahzur on Sun May 17, 2009 1:48 pm

We can remove OTMoveIt now.

  • Please double-click OTMoveIt3.exe to run it again.
  • Press the green CleanUp! button.
  • Press Yes cleanup process prompt, do the same for the reboot prompt.
How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: WnPC

Post by samanthaa17 on Sun May 17, 2009 2:04 pm

OMG! My computer is working really good now! No more interruptions! Ahhh, peace at last! THANKS HEAPS!

samanthaa17
Novice
Novice

Status :
Online
Offline

Posts Posts : 15
Joined Joined : 2009-05-16
Gender Gender : Female
OS OS : Windows XP

View user profile

Back to top Go down

Re: WnPC

Post by Belahzur on Sun May 17, 2009 2:14 pm

We need to make a new restore point.

To turn off System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (or the Turn off System Restore on all drives check box), and then click OK.
4. Click Yes when you receive the prompt to the turn off System Restore.

Now we need to make a new restore point.
To turn on System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (To turn on System Restore), and then click OK.

Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems. As happy as we are to help you, for your sake we would rather not have repeat customers. Goofy

1) Please navigate to [You must be registered and logged in to see this link.] and download all the "critical updates" for Windows. This can patch many of the security holes through which attackers can gain access to your computer.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates , or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

2) In order to protect yourself against spyware, you should consider installing and running the following free programs:

[You must be registered and logged in to see this link.]
A tutorial on using Ad-Aware to remove spyware from your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]
A tutorial on using Spybot to remove spyware from your computer may be found [You must be registered and logged in to see this link.]. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

[You must be registered and logged in to see this link.]
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found [You must be registered and logged in to see this link.].

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

3) Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
[You must be registered and logged in to see this link.]
I also recommand the following add-ons for Firefox, they will help keep you safe from malicious scripts or activeX exploits.
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.

To help you keep your software updated, please considering using this free software program that will check for program updates.
[You must be registered and logged in to see this link.]

5) Finally, consider maintaining a firewall. Some good free firewalls are [You must be registered and logged in to see this link.], or
[You must be registered and logged in to see this link.]
A tutorial on understanding and using firewalls may be found [You must be registered and logged in to see this link.].

Please also read Tony Klein's excellent article: [You must be registered and logged in to see this link.]

If you would take a moment to fill out our feedback form, we would appreciate it.
The link can be found [You must be registered and logged in to see this link.].

Hopefully this should take care of your problems! Good luck. Big Grin


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: WnPC

Post by samanthaa17 on Mon May 18, 2009 7:22 am

I dont use Internet Explorer, I use Safari. Is that good?? Coz like, I haven gotten any pop up ads, or virused from using it.

samanthaa17
Novice
Novice

Status :
Online
Offline

Posts Posts : 15
Joined Joined : 2009-05-16
Gender Gender : Female
OS OS : Windows XP

View user profile

Back to top Go down

Re: WnPC

Post by Belahzur on Mon May 18, 2009 1:30 pm

Safari is fine to use. Smile


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum