Branding_print



Go Back   Web User Forums > Security > HijackThis logs help and analysis
Reload this Page Log Check Please
Register FAQ / Help Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 03-07-09, 16:34
Denisimo Denisimo is offline
512Mbps
  
Join Date: Oct 2004
Location: East Sussex UK
Posts: 869
Default Log Check Please
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:06:55, on 03/07/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Users\x--n-i-c-k-y--x\AppData\Local\Temp\Temp3_HiJackThis.zip\HijackTh is.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sky.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=e...mp;ibd=5080624
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.aol.co.uk/web?isinit=true&query=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer Provided By Sky Broadband
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\s wg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Blubster] C:\Program Files\Blubster\Blubster.exe SILENT
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [2 setup] "C:\ProgramData\THIRDLESSLESS.l8ess"
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Belkin Wireless USB Utility.lnk = C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com (file missing)
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/reso...PUplden-gb.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/.../GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: McAfee Application Installer Cleanup (0024171246629571) (0024171246629571mcinstcleanup) - Unknown owner - C:\Windows\TEMP\002417~1.EXE (file missing)
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate1c9c8e7c0e9f134) (gupdate1c9c8e7c0e9f134) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\Windows\system32\lxcccoms.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 13777 bytes

Friends Laptop had severe infections Trojans Win32 Swizzor; Win32/Yektel,a; Win32 Fasec; and a worm, Win32: wri1edac. Ive clean it of these infections as far as I can tell and would appreciate you checking the log

Regards Denisimo
Reply With Quote
  #2  
Old 03-07-09, 22:37
bricat's Avatar
bricat bricat is online now
Global Moderator
256Tbps
  
Join Date: Jun 2003
Location: belfast
Posts: 32,358
Default Re: Log Check Please
there are 2 anti virus programs installed, uninstall 1 of them.

then :-

Download Combofix from any of the links below, and save it to your desktop. For information regarding this download, please visit this webpage: http://www.bleepingcomputer.com/comb...o-use-combofix

Link 1
Link 2


<font color="Purple">**Note: It is important that it is saved directly to your desktop**</font>

--------------------------------------------------------------------

1. <font color="blue">Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.</font>
If you don't know how to disable some of your security programs have a look :- HERE
--------------------------------------------------------------------

Double click on ComboFix.exe &amp; follow the prompts.
<ul type="square">When finished, it will produce a report for you. [*]Please post the C:\ComboFix.txt along with a new HijackThis log for further review.[/list]
<u> Please keep me informed about any changes to your problems during the different steps of the fix</u>


<font color="red"> FOR OTHER USERS, <u>DO NOT</u> RUN COMBOFIX UNLESS YOU ARE ASKED TO DO SO BY A HJT HELPER</font>
__________________
IF I HAVE SAVED YOU MONEY, PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST MALWARE.

Those are my principles. If you don't like them I have others
Reply With Quote
  #3  
Old 04-07-09, 09:22
Denisimo Denisimo is offline
512Mbps
  
Join Date: Oct 2004
Location: East Sussex UK
Posts: 869
Default Re: Log Check Please
Thank you for your help Bricat, I will not be able to do what you recommend until Sunday as my friend has her Laptop at present. I know that there are two anti-virus programs on the Laptop, I installed Avast as the owner had let McAfee expire. I have advised her to either renew McAfee and remove Avast or to continue with Avast, remove McAfee and get a good firewall rather than use Windows Firewall. I will post ComboFix report along with a fresh Hijackthis ASAP.

Warm regards Denisimo [img]/forums/images/graemlins/smile.gif[/img]
Reply With Quote
  #4  
Old 05-07-09, 18:50
Denisimo Denisimo is offline
512Mbps
  
Join Date: Oct 2004
Location: East Sussex UK
Posts: 869
Default Re: Log Check Please
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:28:19, on 05/07/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\Explorer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\x--n-i-c-k-y--x\AppData\Local\Temp\Temp1_HiJackThis.zip\HijackTh is.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=e...mp;ibd=5080624
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.aol.co.uk/web?isinit=true&amp;query=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\s wg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &amp;Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [2 setup] "C:\ProgramData\THIRDLESSLESS.l8ess"
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Belkin Wireless USB Utility.lnk = C:\Program Files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Add to Windows &amp;Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com (file missing)
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &amp;Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/reso...PUplden-gb.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/.../GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3. dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate1c9c8e7c0e9f134) (gupdate1c9c8e7c0e9f134) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\Windows\system32\lxcccoms.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11598 bytes



----------------------------------------------------------------------------------------------------------------------------------------------------------------
ComboFix 09-07-04.09 - x--n-i-c-k-y--x 05/07/2009 18:08.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2037.1098 [GMT 1:00]
Running from: c:\users\x--n-i-c-k-y--x\Desktop\ComboFix.exe
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1400113804-1914402855-3429530994-500
c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\$recycle.bin\S-1-5-21-932106471-3677661314-2765175489-500
c:\windows\system32\file.exe.tmp

.
((((((((((((((((((((((((( Files Created from 2009-06-05 to 2009-07-05 )))))))))))))))))))))))))))))))
.

2009-07-05 17:15 . 2009-07-05 17:15 -------- d-----w- c:\users\X~Mandy~X\AppData\Local\temp
2009-07-05 17:15 . 2009-07-05 17:15 -------- d-----w- c:\users\Guest\AppData\Local\temp
2009-07-03 13:45 . 2009-07-03 13:46 -------- d-----w- c:\windows\system32\ca-ES
2009-07-03 13:45 . 2009-07-03 13:46 -------- d-----w- c:\windows\system32\eu-ES
2009-07-03 13:45 . 2009-07-03 13:46 -------- d-----w- c:\windows\system32\vi-VN
2009-07-03 13:06 . 2009-07-03 13:06 -------- d-----w- c:\windows\system32\EventProviders
2009-07-03 13:02 . 2009-04-11 06:33 897000 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-07-03 13:00 . 2009-04-11 06:28 532992 ----a-w- c:\windows\system32\wpcao.dll
2009-07-03 12:59 . 2009-04-11 06:28 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-03 12:11 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.b in
2009-07-02 12:49 . 2009-07-02 12:50 -------- d-----w- c:\users\x--n-i-c-k-y--x\AppData\Local\Deployment
2009-07-02 12:49 . 2009-07-02 12:49 -------- d-----w- c:\users\x--n-i-c-k-y--x\AppData\Local\Apps
2009-07-02 12:01 . 2009-07-02 12:01 -------- d-----w- c:\users\x--n-i-c-k-y--x\AppData\Roaming\Malwarebytes
2009-07-02 12:00 . 2009-06-17 10:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-02 12:00 . 2009-07-02 12:00 -------- d-----w- c:\programdata\Malwarebytes
2009-07-02 12:00 . 2009-07-02 12:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-02 12:00 . 2009-06-17 10:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-02 08:09 . 2009-02-05 20:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-07-02 08:09 . 2009-02-05 20:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-07-02 08:09 . 2009-02-05 20:04 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-07-02 08:09 . 2009-02-05 20:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-07-02 08:09 . 2009-02-05 20:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-07-02 08:08 . 2009-02-05 20:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe
2009-07-02 08:08 . 2009-02-05 20:06 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-07-02 08:08 . 2009-07-02 08:08 -------- d-----w- c:\program files\Alwil Software
2009-07-02 07:20 . 2009-05-12 15:08 266400 ----a-r- c:\users\x--n-i-c-k-y--x\AppData\Roaming\McAfee\Supportability\MVTLogs\Re sults\detect.dll
2009-07-02 07:15 . 2009-07-02 07:18 -------- d-----w- c:\users\x--n-i-c-k-y--x\FCC07EEAFA184A2191059666603C6885.TMP
2009-07-02 07:14 . 2009-07-02 07:14 -------- d-----w- c:\users\x--n-i-c-k-y--x\AppData\Roaming\McAfee
2009-07-02 07:08 . 2009-07-02 07:08 49152 ----a-r- c:\users\x--n-i-c-k-y--x\AppData\Roaming\Microsoft\Installer\{FCC07EEA-FA18-4A21-9105-9666603C6885}\IconFCC07EEA1.exe
2009-07-02 07:08 . 2009-07-02 07:08 49152 ----a-r- c:\users\x--n-i-c-k-y--x\AppData\Roaming\Microsoft\Installer\{FCC07EEA-FA18-4A21-9105-9666603C6885}\IconFCC07EEA.exe
2009-07-01 21:09 . 2009-07-01 21:09 -------- d-----w- C:\PerfLogs
2009-06-26 17:06 . 2009-03-16 08:00 89104 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virus defs-2.5-e\20090625.007\NAVENG.SYS
2009-06-26 17:06 . 2009-03-16 08:00 876144 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virus defs-2.5-e\20090625.007\NAVEX15.SYS
2009-06-26 17:06 . 2009-03-16 08:00 177520 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virus defs-2.5-e\20090625.007\NAVENG32.DLL
2009-06-26 17:06 . 2009-03-16 08:00 1181040 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virus defs-2.5-e\20090625.007\NAVEX32A.DLL
2009-06-26 17:06 . 2008-12-17 08:38 750 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virus defs-2.5-e\20090625.007\hub.scr
2009-06-26 17:06 . 2009-03-16 08:00 371248 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virus defs-2.5-e\20090625.007\EECTRL.SYS
2009-06-26 17:06 . 2009-03-16 08:00 2414128 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virus defs-2.5-e\20090625.007\CCERASER.DLL
2009-06-26 17:06 . 2009-03-16 08:00 101936 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virus defs-2.5-e\20090625.007\ERASER.SYS
2009-06-26 17:06 . 2008-12-17 08:38 259368 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virus defs-2.5-e\20090625.007\ECMSVR32.DLL
2009-06-25 13:42 . 2009-06-25 13:42 -------- d-----w- c:\users\x--n-i-c-k-y--x\AppData\Local\Sony Ericsson
2009-06-25 13:26 . 2009-06-30 18:29 -------- d-----w- c:\program files\Avanquest update
2009-06-25 13:26 . 2009-06-25 13:26 -------- d-----w- c:\programdata\BVRP Software
2009-06-25 11:55 . 2008-07-27 18:00 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-06-25 11:47 . 2009-05-09 05:34 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-06-25 11:47 . 2009-05-09 05:50 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-25 11:36 . 2008-01-19 07:33 9728 ----a-w- c:\windows\system32\lsass.exe
2009-06-25 11:35 . 2009-06-25 11:35 -------- d-----w- c:\programdata\Sony Ericsson
2009-06-25 11:35 . 2009-06-25 11:35 -------- d-----w- c:\program files\Sony Ericsson
2009-06-25 11:35 . 2009-06-25 11:35 -------- d-----w- c:\users\x--n-i-c-k-y--x\AppData\Roaming\InstallShield
2009-06-25 11:34 . 2009-04-23 12:14 623616 ----a-w- c:\windows\system32\localspl.dll
2009-06-25 11:34 . 2009-04-21 11:39 2034688 ----a-w- c:\windows\system32\win32k.sys
2009-06-25 11:25 . 2009-04-23 12:15 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-06-22 17:38 . 2009-07-02 13:24 -------- d-----w- c:\program files\Common Files\Uninstall
2009-06-15 21:07 . 2009-06-15 21:07 48058800 ----a-w- c:\users\x--n-i-c-k-y--x\cjr3300EN [[lexmark]].exe
2009-06-10 15:13 . 2009-06-10 15:13 -------- d-----w- c:\users\x--n-i-c-k-y--x\{ae280e8b-3c43-4bf0-9150-13afa1342811}

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-07-05 17:00 . 2009-01-04 19:52 -------- d-----w- c:\program files\Norton Security Scan
2009-07-05 16:51 . 2008-06-24 04:06 -------- d-----w- c:\programdata\McAfee
2009-07-05 16:51 . 2008-06-24 04:06 -------- d-----w- c:\program files\McAfee
2009-07-03 17:00 . 2009-01-04 19:53 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-07-03 13:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-07-03 13:47 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-07-03 13:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-07-03 13:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-07-03 13:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-07-03 13:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-07-03 13:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-07-03 13:44 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-07-03 13:38 . 2009-07-03 13:38 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_ 00.Wdf
2009-07-02 08:26 . 2008-12-29 18:56 -------- d-----w- c:\programdata\GrimSizeAmen
2009-07-02 08:26 . 2008-12-29 18:56 -------- d-----w- c:\programdata\Admin Inter 1 Mags
2009-07-02 08:13 . 2008-12-29 18:56 -------- d-----w- c:\program files\Circle Developement
2009-07-02 06:55 . 2008-09-23 19:06 -------- d-----w- c:\users\x--n-i-c-k-y--x\AppData\Roaming\Apple Computer
2009-07-01 20:19 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-07-01 20:19 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-06-25 13:50 . 2009-02-03 07:58 -------- d-----w- c:\program files\Microsoft Silverlight
2009-06-25 13:28 . 2008-06-24 04:13 -------- d-----w- c:\program files\Microsoft Works
2009-06-25 13:26 . 2008-06-24 03:55 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-24 20:40 . 2008-12-31 22:20 -------- d-----w- c:\program files\RealArcade
2009-06-14 16:44 . 2008-12-04 21:11 -------- d-----w- c:\program files\Messenger Plus! Live
2009-06-10 15:24 . 2008-12-29 18:56 368128 ----a-w- c:\programdata\GrimSizeAmen\Second Time Global Remote.exe
2009-06-10 15:23 . 2008-12-29 18:56 561152 ----a-w- c:\programdata\GrimSizeAmen\MixLinkAxis.exe
2009-06-10 15:05 . 2008-12-10 14:27 -------- d-----w- c:\program files\Safari
2009-04-13 12:12 . 2009-04-13 12:12 75048 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
2009-04-11 06:33 . 2009-07-03 13:03 986600 ----a-w- c:\windows\system32\winload.exe
2009-04-11 06:33 . 2009-07-03 13:02 926184 ----a-w- c:\windows\system32\winresume.exe
2009-04-11 06:33 . 2009-07-03 13:01 292840 ----a-w- c:\windows\system32\drivers\volmgrx.sys
2009-04-11 06:33 . 2009-07-03 13:02 614376 ----a-w- c:\windows\system32\ci.dll
2009-04-11 06:28 . 2009-07-03 13:02 56320 ----a-w- c:\windows\system32\xmlfilter.dll
2009-04-11 06:27 . 2009-07-03 13:03 441344 ----a-w- c:\windows\system32\SearchIndexer.exe
2009-04-11 06:22 . 2009-07-03 12:59 7168 ----a-w- c:\windows\system32\f3ahvoas.dll
2009-04-11 06:21 . 2009-07-03 13:00 37376 ----a-w- c:\windows\system32\cdd.dll
2009-04-11 05:42 . 2009-07-03 13:00 93696 ----a-w- c:\windows\system32\drivers\bridge.sys
2009-04-11 05:03 . 2009-07-03 13:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2009-04-11 05:03 . 2009-07-03 13:03 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2009-04-11 04:57 . 2009-07-03 12:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-04-11 04:54 . 2009-07-03 12:59 2048 ----a-w- c:\windows\system32\mferror.dll
2009-04-11 04:51 . 2009-07-03 13:00 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2009-04-11 04:47 . 2009-07-03 13:00 273920 ----a-w- c:\windows\system32\drivers\afd.sys
2009-04-11 04:46 . 2009-07-03 13:00 69120 ----a-w- c:\windows\system32\drivers\rassstp.sys
2009-04-11 04:46 . 2009-07-03 13:00 121344 ----a-w- c:\windows\system32\drivers\ndiswan.sys
2009-04-11 04:46 . 2009-07-03 12:59 41472 ----a-w- c:\windows\system32\drivers\raspppoe.sys
2009-04-11 04:46 . 2009-07-03 12:59 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2009-04-11 04:46 . 2009-07-03 13:00 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2009-04-11 04:46 . 2009-07-03 13:00 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-04-11 04:45 . 2009-07-03 13:00 72192 ----a-w- c:\windows\system32\drivers\tdx.sys
2009-04-11 04:45 . 2009-07-03 13:00 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2009-04-11 04:45 . 2009-07-03 13:01 185856 ----a-w- c:\windows\system32\drivers\netbt.sys
2009-04-11 04:45 . 2009-07-03 13:01 401408 ----a-w- c:\windows\system32\drivers\http.sys
2009-04-11 04:45 . 2009-07-03 13:00 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-04-11 04:45 . 2009-07-03 13:00 66560 ----a-w- c:\windows\system32\drivers\smb.sys
2009-04-11 04:43 . 2009-07-03 13:00 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2009-04-11 04:43 . 2009-07-03 13:02 196096 ----a-w- c:\windows\system32\drivers\usbhub.sys
2009-04-11 04:43 . 2009-07-03 13:00 62208 ----a-w- c:\windows\system32\drivers\ohci1394.sys
2009-04-11 04:42 . 2009-07-03 13:02 226304 ----a-w- c:\windows\system32\drivers\usbport.sys
2009-04-11 04:42 . 2009-07-03 13:00 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys
2009-04-11 04:42 . 2009-07-03 13:00 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys
2009-04-11 04:42 . 2009-07-03 13:01 39936 ----a-w- c:\windows\system32\drivers\usbehci.sys
2009-04-11 04:42 . 2009-07-03 13:00 167936 ----a-w- c:\windows\system32\drivers\portcls.sys
2009-04-11 04:42 . 2009-07-03 13:00 12800 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-04-11 04:42 . 2009-07-03 13:00 39424 ----a-w- c:\windows\system32\drivers\hidclass.sys
2009-04-11 04:42 . 2009-07-03 13:00 52992 ----a-w- c:\windows\system32\drivers\stream.sys
2009-04-11 04:42 . 2009-07-03 13:03 561152 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2009-04-11 04:39 . 2009-07-03 13:00 16384 ----a-w- c:\windows\system32\iscsilog.dll
2009-04-11 04:39 . 2009-07-03 13:00 67072 ----a-w- c:\windows\system32\drivers\cdrom.sys
2009-04-11 04:39 . 2009-07-03 13:00 19456 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2009-04-11 04:38 . 2009-07-03 13:01 149504 ----a-w- c:\windows\system32\drivers\ks.sys
2009-04-11 04:27 . 2009-07-03 12:59 2560 ----a-w- c:\windows\system32\msimsg.dll
2009-04-11 04:23 . 2009-07-03 13:02 626176 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-04-11 04:23 . 2009-07-03 13:00 76288 ----a-w- c:\windows\system32\drivers\dxg.sys
2009-04-11 04:23 . 2009-07-03 13:00 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-04-11 04:22 . 2009-07-03 13:00 33280 ----a-w- c:\windows\system32\drivers\watchdog.sys
2009-04-11 04:19 . 2009-07-03 13:01 89088 ----a-w- c:\windows\system32\drivers\sdbus.sys
2009-04-11 04:15 . 2009-07-03 13:02 288768 ----a-w- c:\windows\system32\drivers\srv.sys
2009-04-11 04:15 . 2009-07-03 13:01 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-04-11 04:15 . 2009-07-03 13:01 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-04-11 04:14 . 2009-07-03 13:02 114688 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2009-04-11 04:14 . 2009-07-03 13:01 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-04-11 04:14 . 2009-07-03 13:02 225280 ----a-w- c:\windows\system32\drivers\rdbss.sys
2009-04-11 04:14 . 2009-07-03 13:01 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2009-04-11 04:14 . 2009-07-03 13:01 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-04-11 04:14 . 2009-07-03 13:00 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2009-04-11 04:14 . 2009-07-03 13:00 35328 ----a-w- c:\windows\system32\drivers\npfs.sys
2009-04-11 04:13 . 2009-07-03 13:00 226816 ----a-w- c:\windows\system32\drivers\udfs.sys
2009-04-11 04:13 . 2009-07-03 13:00 136704 ----a-w- c:\windows\system32\drivers\exfat.sys
2009-04-11 04:13 . 2009-07-03 13:00 142848 ----a-w- c:\windows\system32\drivers\fastfat.sys
2009-04-11 04:12 . 2009-07-03 13:02 617984 ----a-w- c:\windows\system32\adtschema.dll
2009-04-11 02:52 . 2009-07-03 13:03 684032 ----a-w- c:\windows\system32\drivers\spsys.sys
2009-04-11 01:59 . 2009-07-03 13:02 107612 ----a-w- c:\windows\system32\StructuredQuerySchema.bin
2009-04-07 10:40 . 2009-04-07 10:39 680 ----a-w- c:\users\x--n-i-c-k-y--x\AppData\Local\d3d9caps.dat
2008-06-24 03:58 . 2008-06-24 03:58 76 --sh--r- c:\windows\CT4CET.bin
2008-10-16 18:53 . 2008-06-24 11:15 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries &amp; legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\En hancedStorageShell]
@="{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}"
[HKEY_CLASSES_ROOT\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}]
2009-04-11 06:28 114176 ----a-w- c:\windows\System32\EhStorShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"2 setup"="c:\programdata\THIRDLESSLESS.l8ess" [X]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2008-06-24 68856]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-07-02 393216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-29 17920]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-05-04 167936]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2008-03-04 36864]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-06 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-06 166424]
"Persistence"="c:\windows\system32\igfxpers.ex e" [2008-03-06 133656]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0\bin\jusched.exe" [2008-06-24 77824]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-08 3444736]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-06-24 29744]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-12-21 184320]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-02-06 454000]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-06 177472]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp. exe" [2009-02-05 81000]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-11-12 405504]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Belkin Wireless USB Utility.lnk - c:\program files\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe [2005-10-28 1404928]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-6-24 50688]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-2-22 1193240]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"BindDirectlyToPropertySetStorage"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-06-24 04:15 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleD esktopNetwork3.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):36,71,4f,a3,e5,fb,c9,01

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [02/07/2009 09:09 114768]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\AEstSrv.exe [24/06/2008 04:43 73728]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswF sBlk.sys [02/07/2009 09:09 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\as wMonFlt.sys [02/07/2009 09:08 51792]
R2 fssfltr;FssFltr;c:\windows\System32\drivers\fssflt r.sys [03/02/2009 08:57 55264]
R2 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 533360]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\System32\drivers\IntcHdmi.sys [24/06/2008 12:37 111616]
R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\System32\drivers\OEM02Dev.sys [24/06/2008 12:37 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\System32\drivers\OEM02Vfx.sys [24/06/2008 12:37 7424]
S2 gupdate1c9c8e7c0e9f134;Google Update Service (gupdate1c9c8e7c0e9f134);c:\program files\Google\Update\GoogleUpdate.exe [29/04/2009 17:29 133104]
S3 ST330;ST330;c:\windows\System32\drivers\st330.sys [23/09/2008 17:05 30464]
S3 STBUS;STBUS;c:\windows\System32\drivers\stbus.sys [23/09/2008 17:05 12672]
S3 stppp;Speedtouch PPP Adapter Adapter;c:\windows\System32\drivers\stppp.sys [23/09/2008 17:05 35328]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\&gt;{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-29 16:28]

2009-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-29 16:28]

2009-07-05 c:\windows\Tasks\Norton Security Scan for x--n-i-c-k-y--x.job
- c:\program files\Norton Security Scan\Nss.exe [2008-09-19 16:20]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Blubster - c:\program files\Blubster\Blubster.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.aol.co.uk/web?isinit=true&amp;query=%s
IE: &amp;Search
IE: Add to Windows &amp;Live Favorites - http://favorites.live.com/quickadd.aspx
IE: {{08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com
Trusted Zone: internet
Trusted Zone: mcafee.com
.

************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-05 18:16
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b4
.
Completion time: 2009-07-05 18:20
ComboFix-quarantined-files.txt 2009-07-05 17:20

Pre-Run: 63,567,044,608 bytes free
Post-Run: 63,844,454,400 bytes free

291 --- E O F --- 2009-07-03 13:19



I removed one of the antivirus programs as you requested Bricat.
Re Combobox. Ran without incident. It deleted 3 files befor finishing its' scan then produced the log.

Regards Denisimo [img]/forums/images/graemlins/smile.gif[/img]
Reply With Quote
  #5  
Old 05-07-09, 22:34
bricat's Avatar
bricat bricat is online now
Global Moderator
256Tbps
  
Join Date: Jun 2003
Location: belfast
Posts: 32,358
Default Re: Log Check Please
that looks clean now, just some tidying up to do.

[*] Click START then RUN[*] Now type Combofix /u in the runbox and click OK


<ul type="square">[*][/list]

<u>The above procedure will</u>:<ul type="square">
[*] Delete the following:
  • ComboFix and its associated files and folders.
  • VundoFix backups, if present
  • The C:\Deckard folder, if present
  • The C:_OtMoveIt folder, if present
[*] Reset the clock settings.[*] Hide file extensions, if required.[*] Hide System/Hidden files, if required.[*] Reset System Restore.[/list]
Then :-

<font color="blue">Download and scan with</font> CCleaner
  1. <font color="red">CCleaner installs the Yahoo Toolbar as an option which IS checkmarked by default during the installation.</font>
    IF you do NOT want it, REMOVE the checkmark when provided with the option OR download the toolbar-free or Slim versions instead of the Standard Build.
  2. Before first use, select Options &gt; Advanced and UNCHECK <font color="blue">"Only delete files in Windows Temp folder older than 48 hours" </font>
    Then select "Cookies"
    Move any cookies you wish to retain, e.g. login cookies, in the left-hand window to the right-hand window by highlighting them and clicking the right arrow in the centre.
  3. Then select the items you wish to clean up.
    In the Windows Tab:

    <font color="green">• Clean all entries in the "Internet Explorer" section.
    • Clean all the entries in the "Windows Explorer" section.
    • Clean all entries in the "Advanced" section.
    • Clean any others that you choose.
    Leave the system section at default.     </font>


    In the Applications Tab:

    <font color="green">• Clean all entries in the Mozilla Firefox Section.
    • Clean all in the Opera section if you use it.
    • Clean Sun Java in the Internet Section.
    • Clean any others that you choose.
    </font>
  4. Click the "Run Cleaner" button.
  5. A pop up box will appear advising this process will permanently delete files from your system.
  6. Click "OK" and it will scan and clean your system.
  7. Click "exit" when done.

then DEFRAG your C:\ drive.

to help speed up your system.

then let us know how the computer is running.


HOW DID I GET INFECTED
__________________
IF I HAVE SAVED YOU MONEY, PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST MALWARE.

Those are my principles. If you don't like them I have others
Reply With Quote
  #6  
Old 05-07-09, 23:45
Denisimo Denisimo is offline
512Mbps
  
Join Date: Oct 2004
Location: East Sussex UK
Posts: 869
Default Re: Log Check Please
Will do as you direct. Thanks Bricat I will report back tomorrow.

Denisimo
Reply With Quote
  #7  
Old 06-07-09, 19:57
Denisimo Denisimo is offline
512Mbps
  
Join Date: Oct 2004
Location: East Sussex UK
Posts: 869
Default Re: Log Check Please
Hi Bricat. I did as directed and everything appears to be running fine now. I have introduced the owner to Kerio Firewall as she does not want to renew McAfee subscriptions and I know it's more secure than Windows Firewall. Hopefully she will follow my advice and pay attention to security issues in the future. One can hope [img]/forums/images/graemlins/smile.gif[/img]

Thank you very much for your time and help. I'm a little rusty on Windows since moving to a Mac Pro (find it better for my photography).

Warm regards to you, Stanley, Madelaine, and the rest of the Webuser advisers
Reply With Quote
  #8  
Old 06-07-09, 20:37
bricat's Avatar
bricat bricat is online now
Global Moderator
256Tbps
  
Join Date: Jun 2003
Location: belfast
Posts: 32,358
Default Re: Log Check Please
glad you're sorted.

happy to help [img]/forums/images/graemlins/smile.gif[/img]
__________________
IF I HAVE SAVED YOU MONEY, PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST MALWARE.

Those are my principles. If you don't like them I have others
Reply With Quote
Reply

Bookmarks

« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Webuser.co.uk

Web User Alerts

Web User Network

Site Policies

Magazine Subscription

Contacts


Search

Search

© Copyright IPC Media Limited 2009, All rights reserved





All times are GMT. The time now is 16:32.

Contact Us - Web User - Archive - Privacy Statement - Terms of Service - Top

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
© Copyright IPC Media Limited 2010, All rights reserved