Unsolved
This post is more than 5 years old
4 Posts
0
2514
email steals | PC spyed
frustrated, desperate...any thing that helps / any suggestions would be much appreciated... God bless, thanks alot.
Hijack This Log here:-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:19:48, on 18/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
c:\Program Files\Matrox Graphics Inc\PowerDesk\Services\Matrox.PowerDesk.Services.exe
c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.Pdesk.ServicesHost.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\SnoopFreeSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\System32\Drivers\WTSRV.EXE
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\mqsvc.exe
C:\WINDOWS\System32\mqtgsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\SSC Service Utility\ssc_serv.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\SnoopFreeUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Comodo\SecureEmail\ComodoSE.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\COMODO\SecureEmail\configure.exe
C:\Program Files\COMODO\SecureEmail\configure.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R3 - URLSearchHook: Yahoo! μ?o?Io - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: (no name) - {735056D8-21F3-D036-B56B-800C9E54A6F5} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [WTClient] WTClient.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Policies\Explorer\Run: [none] C:\Program Files\Video ActiveX Object\pmsngr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O8 - Extra context menu item: =>Ingl廥 - http:\\wordreference.com\es\en\j\iespen109.htm
O8 - Extra context menu item: Foxy 下載 - res://C:\Program Files\Foxy\Foxy.exe/download.htm
O8 - Extra context menu item: Foxy 搜尋 - res://C:\Program Files\Foxy\Foxy.exe/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/229?5f7d0ade47f34074a071811fec2e2f5
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/230?5f7d0ade47f34074a071811fec2e2f5
O8 - Extra context menu item: 匯出至 Microsoft Excel(&X) - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: 雅虎搜索 - res://C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar0.dll/203
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {6354ABE6-05F1-49ed-B850-E423120EC338} - http://cn.widget.yahoo.com/index.htm?source=Cns (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP ’??z???i‥u - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\cemlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cemlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cemlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cemlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cemlsp.dll
O16 - DPF: i.Game MJImpressYHK - http://202.43.223.148/client/MJc/com/igame/MJImpressYHK.cab
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} (MALPlaybackCtrl Class) - http://musicstore.connect.com/XSL/mb_us/html/activexplayer/SMALStreaming.cab
O16 - DPF: {3AC7F64E-6154-47B0-82B5-764ED4077F77} (DataStorage Class) - http://txn02.hkjc.com/BetSlip/object/eWinCtl.cab
O16 - DPF: {3F0EECCE-E138-11D1-8712-0060083D83F5} (LPViewer Class) - http://www.dpm.org.cn/download/LPControl.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/activex/EPUWALControl_v1-0-3-18.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/07b200ef1e47f8852b18/netzip/RdxIE601.cab
O16 - DPF: {5E943D9C-F8DC-4258-8E3F-A61BB3405A33} (ZingBatchAXDwnl Class) - http://www.imagestation.com/common/classes/batchdwnl.cab?version=4,3,2,20802
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1126711337296
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab
O16 - DPF: {8A4943CC-1950-44F9-9045-D3D428FD3948} (SecureX Class) - http://txn02.hkjc.com/BetSlip/object/eWinCtl.cab
O16 - DPF: {8DE6AB9C-8C62-486B-8C06-5C9AD6FD06F1} (DataStore Class) - http://txn01.hkjc.com/BetSlip/object/eWinCtl.cab
O16 - DPF: {A93FB56D-2F76-4DD7-8E38-9B1EB38C88A5} (SecureSession Class) - http://warranty.samsungmcs.com.hk:8080/plugIn/SecuiSECIE.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BCA3ECCC-9231-4E94-A612-A692630AC6D7}: NameServer = 218.102.60.110 218.102.32.208
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\WINDOWS\wc98pp.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll
O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll
O20 - AppInit_DLLs: C:\PPENSB\win32\PPINKDLL.DLL oepl.dll
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: GoToMyPC - Citrix Online - C:\Program Files\Citrix\GoToMyPC\g2svc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\winvnc4.exe (file missing)
--
End of file - 14426 bytes
bamajim
10.4K Posts
0
May 19th, 2009 18:00
1. Go HERE and download File Lister.
Copy and paste the contents of that log in your reply.
Iris Leung
4 Posts
0
May 19th, 2009 20:00
Hi Bamajim,
Thanks much for your reply. Your help is much appreciated. C:\Files.txt as follow:-
Kindest regards,
Iris
+++++++++++++++++++++++++++++++++
+ File Lister Version 1.1.0 +
+ +
+ By bamajim / SpywareHammer.com +
+++++++++++++++++++++++++++++++++
Report ran on --->>> 20/05/2009 10:13:42
====== Running Processes ======
====== BHO's ======
BHO: (NO NAME) - -
====== HKLM\~\Run Keys ======
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
[IMJPMIG8.1] = "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
[PHIME2002ASync] = C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
[PtiuPbmd] = Rundll32.exe ptipbm.dll,SetWriteBack
[PRONoMgr.exe] = C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
[MsmqIntCert] = regsvr32 /s mqrt.dll
[Logitech Utility] = Logi_MwX.Exe
[Ptipbmf] = rundll32.exe ptipbmf.dll,SetWriteCacheMode
[SoundMAXPnP] = C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
[SoundMAX] = "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
[ISUSPM Startup] = "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
[ISUSScheduler] = "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
[EPSON Stylus Photo R210 Series] = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE /P30 "EPSON Stylus Photo R210 Series" /O6 "USB002" /M "Stylus Photo R210"
[Windows Defender] = "C:\Program Files\Windows Defender\MSASCui.exe" -hide
[Matrox PowerDesk SE] = "c:\Program Files\Matrox Graphics Inc\PowerDesk SE\Matrox.PowerDesk SE.exe"
[PCSuiteTrayApplication] = C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
[SSC Service Utility] = C:\Program Files\SSC Service Utility\ssc_serv.exe /s
[COMODO SafeSurf] = "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
[COMODO Firewall Pro] = "C:\Program Files\COMODO\Firewall\cfp.exe" -h
[avast!] = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
[LVCOMS] = C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
[COMODO Internet Security] = "C:\Program Files\COMODO\Firewall\cfp.exe" -h
[Ad-Watch] = C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
[WTClient] = WTClient.exe
[HP Software Update] = C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
[QuickTime Task] = "C:\Program Files\QuickTime\QTTask.exe" -atboottime
[iTunesHelper] = "C:\Program Files\iTunes\iTunesHelper.exe"
[SnoopFreeUI] = SnoopFreeUI.exe
[GrooveMonitor] = "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
[BOC-427] = C:\PROGRA~1\Comodo\CBOClean\BOC427.exe
[ComodoAntiSpam] = "C:\Program Files\Comodo\AntiSpam\CAS32.exe" -q
====== HKCU\~\Run Keys ======
[CTFMON.EXE] = C:\WINDOWS\system32\ctfmon.exe
[H/PC Connection Agent] = "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
[ISUSPM] = "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
[WMPNSCFG] = C:\Program Files\Windows Media Player\WMPNSCFG.exe
[SpybotSD TeaTimer] = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
====== DNS Info (List may be empty) ======
HKEY_LOCAL_MACHINE\CCS\~\{00D448DF-5668-4891-86A1-DBBAE9B57205}\ NameServer=
HKEY_LOCAL_MACHINE\CCS\~\{0E291EC1-AB55-4C4C-8C08-E4802E045BB0}\ NameServer=
HKEY_LOCAL_MACHINE\CCS\~\{21596FA4-A84E-432F-8890-D38AA2609CBE}\ NameServer=
HKEY_LOCAL_MACHINE\CCS\~\{35DB9867-2539-4009-B0B1-36C96D6BBEA0}\ NameServer=
HKEY_LOCAL_MACHINE\CCS\~\{4E915E09-F128-4212-B79D-00AF941C26BE}\ NameServer=
HKEY_LOCAL_MACHINE\CCS\~\{694BCBD9-7712-409A-BC69-E0990878F3C2}\ NameServer=
HKEY_LOCAL_MACHINE\CCS\~\{BCA3ECCC-9231-4E94-A612-A692630AC6D7}\ NameServer= 218.102.60.110 218.102.32.208
HKEY_LOCAL_MACHINE\CCS\~\{DE2EBE1C-5C51-4547-832C-ACA5AD87BC15}\ NameServer=
HKEY_LOCAL_MACHINE\CS001\~\{00D448DF-5668-4891-86A1-DBBAE9B57205}\ NameServer=
HKEY_LOCAL_MACHINE\CS001\~\{0E291EC1-AB55-4C4C-8C08-E4802E045BB0}\ NameServer=
HKEY_LOCAL_MACHINE\CS001\~\{21596FA4-A84E-432F-8890-D38AA2609CBE}\ NameServer=
HKEY_LOCAL_MACHINE\CS001\~\{35DB9867-2539-4009-B0B1-36C96D6BBEA0}\ NameServer=
HKEY_LOCAL_MACHINE\CS001\~\{4E915E09-F128-4212-B79D-00AF941C26BE}\ NameServer=
HKEY_LOCAL_MACHINE\CS001\~\{694BCBD9-7712-409A-BC69-E0990878F3C2}\ NameServer=
HKEY_LOCAL_MACHINE\CS001\~\{BCA3ECCC-9231-4E94-A612-A692630AC6D7}\ NameServer= 218.102.60.110 218.102.32.208
HKEY_LOCAL_MACHINE\CS001\~\{DE2EBE1C-5C51-4547-832C-ACA5AD87BC15}\ NameServer=
HKEY_LOCAL_MACHINE\CS003\~\{0E291EC1-AB55-4C4C-8C08-E4802E045BB0}\ NameServer=
HKEY_LOCAL_MACHINE\CS003\~\{21596FA4-A84E-432F-8890-D38AA2609CBE}\ NameServer=
HKEY_LOCAL_MACHINE\CS003\~\{35DB9867-2539-4009-B0B1-36C96D6BBEA0}\ NameServer=
HKEY_LOCAL_MACHINE\CS003\~\{4E915E09-F128-4212-B79D-00AF941C26BE}\ NameServer=
HKEY_LOCAL_MACHINE\CS003\~\{694BCBD9-7712-409A-BC69-E0990878F3C2}\ NameServer=
HKEY_LOCAL_MACHINE\CS003\~\{BCA3ECCC-9231-4E94-A612-A692630AC6D7}\ NameServer= 205.252.144.126 218.102.32.208
HKEY_LOCAL_MACHINE\CS003\~\{DE2EBE1C-5C51-4547-832C-ACA5AD87BC15}\ NameServer=
====== Folders and Files from "%\" and "%\Windows" Created Last 60 Days ======
25/04/2009 08:16:02 0 C:\logs
11/05/2009 04:10:26 11040 C:\My Web Sites
19/05/2009 07:20:02 0 C:\My Web Sites\hts-cache
20/05/2009 10:13:42 455 32 C:\Files.txt
05/04/2009 04:08:33 948153 C:\WINDOWS\$NtUninstallKB915800-v4$
05/04/2009 04:08:33 628153 C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst
16/04/2009 01:04:08 2326741 C:\WINDOWS\$NtUninstallKB923561$
16/04/2009 01:04:08 629887 C:\WINDOWS\$NtUninstallKB923561$\spuninst
05/04/2009 04:10:05 3980174 C:\WINDOWS\$NtUninstallKB940157$
05/04/2009 04:10:05 955278 C:\WINDOWS\$NtUninstallKB940157$\spuninst
05/04/2009 04:15:39 619193 C:\WINDOWS\$NtUninstallKB943729$
05/04/2009 04:15:39 619193 C:\WINDOWS\$NtUninstallKB943729$\spuninst
16/04/2009 01:12:31 2435023 C:\WINDOWS\$NtUninstallKB952004$
16/04/2009 01:12:31 631247 C:\WINDOWS\$NtUninstallKB952004$\spuninst
16/04/2009 01:13:47 17233471 C:\WINDOWS\$NtUninstallKB956572$
16/04/2009 01:13:47 637503 C:\WINDOWS\$NtUninstallKB956572$\spuninst
16/04/2009 01:20:36 1675257 C:\WINDOWS\$NtUninstallKB959426$
16/04/2009 01:20:36 629241 C:\WINDOWS\$NtUninstallKB959426$\spuninst
16/04/2009 01:05:24 982616 C:\WINDOWS\$NtUninstallKB960803$
16/04/2009 01:05:24 628312 C:\WINDOWS\$NtUninstallKB960803$\spuninst
07/04/2009 16:23:21 1716471 C:\WINDOWS\$NtUninstallKB961118$
07/04/2009 16:23:21 627631 C:\WINDOWS\$NtUninstallKB961118$\spuninst
16/04/2009 01:20:14 1916764 C:\WINDOWS\$NtUninstallKB961373$
16/04/2009 01:20:14 628572 C:\WINDOWS\$NtUninstallKB961373$\spuninst
20/04/2009 07:10:50 45129712 C:\WINDOWS\ie8
20/04/2009 07:10:50 1177185 C:\WINDOWS\ie8\spuninst
20/04/2009 07:18:17 630063 C:\WINDOWS\ie8updates
20/04/2009 07:18:17 630063 C:\WINDOWS\ie8updates\KB968220-IE8
20/04/2009 07:18:17 628015 C:\WINDOWS\ie8updates\KB968220-IE8\spuninst
22/03/2009 02:32:14 2519174 C:\WINDOWS\speech
18/05/2009 09:57:15 0 32 C:\WINDOWS\0.log
19/05/2009 08:23:21 15976 32 C:\WINDOWS\BOC427.INI
19/05/2009 08:23:31 212728 32 C:\WINDOWS\CMDLIC.DLL
18/05/2009 09:55:38 596 32 C:\WINDOWS\EventSystem.log
25/04/2009 17:57:47 168823 32 C:\WINDOWS\hpoins27.dat
25/04/2009 17:57:46 932 0 C:\WINDOWS\hpomdl27.dat
16/05/2009 10:48:33 0 32 C:\WINDOWS\nsreg.dat
15/05/2009 20:51:20 60 32 C:\WINDOWS\setupact.log
15/05/2009 21:07:16 108277 32 C:\WINDOWS\setupapi.log
21/03/2009 04:15:07 1045769 32 C:\WINDOWS\setupapi.log.0.old
15/05/2009 20:51:20 0 32 C:\WINDOWS\setuperr.log
13/05/2009 15:17:50 45056 32 C:\WINDOWS\SnoopFreeDll.dll
13/05/2009 15:17:50 221184 32 C:\WINDOWS\SnoopFreeUI.exe
19/05/2009 08:23:32 205560 32 C:\WINDOWS\UNBOC.EXE
22/03/2009 02:32:30 0 C:\WINDOWS\system32\Wtablet
18/05/2009 09:28:46 655016 32 C:\WINDOWS\system32\CEmLSP.dll
21/03/2009 16:07:20 66594 32 C:\WINDOWS\system32\c_720.nls
21/03/2009 16:07:13 66594 32 C:\WINDOWS\system32\c_862.nls
25/04/2009 18:22:50 581632 33 C:\WINDOWS\system32\hpotscl6.dll
25/04/2009 18:22:51 303104 33 C:\WINDOWS\system32\hpovst15.dll
25/04/2009 18:22:50 729088 33 C:\WINDOWS\system32\hpowiax7.dll
25/04/2009 18:22:51 372736 33 C:\WINDOWS\system32\hppldcoi.dll
25/04/2009 18:25:16 271704 33 C:\WINDOWS\system32\hpzids01.dll
25/04/2009 18:25:12 117760 32 C:\WINDOWS\system32\hpzll5mu.dll
18/05/2009 09:28:45 237224 32 C:\WINDOWS\system32\oepl.dll
21/03/2009 04:18:20 1380680 32 C:\WINDOWS\system32\PenTablet.znc
25/03/2009 22:27:44 4444 32 C:\WINDOWS\system32\pid.PNF
13/05/2009 15:17:49 90112 32 C:\WINDOWS\system32\SnoopFreeSvc.exe
19/05/2009 08:23:43 22528 32 C:\WINDOWS\system32\wsock32.dlb
15/04/2009 16:45:32 2560 0 C:\WINDOWS\system32\xpsp4res.dll
====== Files under "\Administrator\Startup" Last 60 Days======
====== Files under "\All Users\Startup" Last 60 Days======
25/04/2009 18:43:14 1819 32 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
====== Files and Folders under "\Program Files" Last 60 Days======
25/04/2009 08:15:20 5729833 C:\Program Files\Chikka Messenger
15/05/2009 07:25:39 213 C:\Program Files\EfficientPasswordManager
01/05/2009 23:10:36 8538101 C:\Program Files\Foxy
15/05/2009 07:26:51 7294080 C:\Program Files\gWebs MailCloak
25/04/2009 18:32:09 0 C:\Program Files\Hewlett-Packard
25/04/2009 18:16:22 174838527 C:\Program Files\HP
27/04/2009 16:36:59 1485871 C:\Program Files\iPod
27/04/2009 16:36:46 92785452 C:\Program Files\iTunes
13/05/2009 17:16:42 4498483 C:\Program Files\KeePass Password Safe
13/05/2009 15:38:59 2961806 C:\Program Files\KeyScrambler
22/04/2009 00:51:18 12430563 C:\Program Files\LevelOne
25/04/2009 08:02:32 0 C:\Program Files\Mail Forward
16/05/2009 09:45:26 5202545 C:\Program Files\McAfee
05/04/2009 04:55:10 12511539 C:\Program Files\Microsoft Silverlight
27/04/2009 04:30:21 976826 C:\Program Files\MOOV.now.com.hk
16/05/2009 10:47:15 25903794 C:\Program Files\Mozilla Thunderbird
20/04/2009 07:49:41 30831119 C:\Program Files\Skype
22/03/2009 02:30:11 443434 C:\Program Files\Tablet
21/03/2009 09:33:27 123637 C:\Program Files\Tablet(2)
16/05/2009 10:22:47 410731 C:\Program Files\Trend Micro
11/05/2009 03:51:47 10722958 C:\Program Files\WinHTTrack
21/03/2009 07:15:16 7368632 C:\Program Files\Your Uninstaller 2006
====== Files under "\System32\Drivers" Last 60 Days======
25/04/2009 18:26:18 49920 33 C:\WINDOWS\system32\drivers\HPZid412.sys
25/04/2009 18:26:20 16496 33 C:\WINDOWS\system32\drivers\HPZipr12.sys
25/04/2009 18:24:23 21568 33 C:\WINDOWS\system32\drivers\HPZius12.sys
13/05/2009 15:39:00 114024 32 C:\WINDOWS\system32\drivers\keyscrambler.sys
13/05/2009 15:17:50 9472 32 C:\WINDOWS\system32\drivers\SnopFree.sys
====== Files Deleted under "%Temp%" ======
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\83.tmp
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\Adobelm_Cleanup.0001
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\cisinfo.ini
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\dw.log
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\etilqs_Hd7urraCTKBLXhwvFFuA
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\hpqddusr.log
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\hpzEN5mu.chm
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\hpzEN5mu.hlp
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\IMT17.xml
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\IMT18.xml
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\IMT19.xml
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\install.000
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\MAR4.tmp
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\MAR5.tmp
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\MAR6.tmp
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\MAR7.tmp
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\WCESCOMM.LOG
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\WCESLog.log
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\~DF404E.tmp
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\~DF767B.tmp
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\~DF8803.tmp
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\~DF9311.tmp
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\~DF9411.tmp
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\~DF9450.tmp
C:\DOCUME~1\IRISLE~1\LOCALS~1\Temp\~DFD95B.tmp
25 Files deleted
====== Files and Folders under "All Users\Application Data" Last 60 Days======
19/05/2009 08:23:25 1450257 C:\Documents and Settings\All Users\Application Data\BOC427
25/04/2009 18:25:48 23309 C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
25/04/2009 18:25:48 23309 C:\Documents and Settings\All Users\Application Data\Hewlett-Packard\HP Print Settings
25/04/2009 18:33:42 576408 C:\Documents and Settings\All Users\Application Data\HP
25/04/2009 18:42:49 228005 C:\Documents and Settings\All Users\Application Data\HP\Digital Imaging
25/04/2009 18:42:49 205733 C:\Documents and Settings\All Users\Application Data\HP\Digital Imaging\Data
25/04/2009 18:42:49 199968 C:\Documents and Settings\All Users\Application Data\HP\Digital Imaging\Data\Destination
25/04/2009 18:47:46 22272 C:\Documents and Settings\All Users\Application Data\HP\Digital Imaging\hp deskjet F2200 series
25/04/2009 18:47:46 22272 C:\Documents and Settings\All Users\Application Data\HP\Digital Imaging\hp deskjet F2200 series\1240656466
25/04/2009 18:47:46 22272 C:\Documents and Settings\All Users\Application Data\HP\Digital Imaging\hp deskjet F2200 series\1240656466\Data
25/04/2009 18:33:42 348403 C:\Documents and Settings\All Users\Application Data\HP\ProductAssistant
25/04/2009 18:33:42 29124 C:\Documents and Settings\All Users\Application Data\HP\ProductAssistant\data
25/04/2009 18:33:42 319279 C:\Documents and Settings\All Users\Application Data\HP\ProductAssistant\sdb
25/04/2009 18:33:42 9025 C:\Documents and Settings\All Users\Application Data\HP Product Assistant
16/05/2009 09:42:54 483591 C:\Documents and Settings\All Users\Application Data\McAfee
16/05/2009 09:45:25 469255 C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS
16/05/2009 09:45:25 367215 C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\McInst
18/05/2009 08:19:49 0 C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\MSAD
18/05/2009 10:26:22 0 C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\MSAD\firefox
18/05/2009 08:19:49 0 C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\MSAD\iexplore
16/05/2009 09:46:11 102040 C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\SiteAdvisor
16/05/2009 09:46:11 0 C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\SiteAdvisor\mcinst
16/05/2009 09:53:05 101030 C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\SiteAdvisor\McSACore
16/05/2009 09:53:42 1010 C:\Documents and Settings\All Users\Application Data\McAfee\MCLOGS\SiteAdvisor\saInst
16/05/2009 09:53:06 14336 C:\Documents and Settings\All Users\Application Data\McAfee\SiteAdvisor
27/04/2009 04:30:45 1177112 C:\Documents and Settings\All Users\Application Data\MOOV.now.com.hk
27/04/2009 04:30:46 1177112 C:\Documents and Settings\All Users\Application Data\MOOV.now.com.hk\MOOV Fasta
27/04/2009 04:30:46 1074331 C:\Documents and Settings\All Users\Application Data\MOOV.now.com.hk\MOOV Fasta\album_images
27/04/2009 04:30:46 49966 C:\Documents and Settings\All Users\Application Data\MOOV.now.com.hk\MOOV Fasta\alert_images
22/03/2009 02:25:50 57274 C:\Documents and Settings\All Users\Application Data\PPENSB
22/03/2009 02:25:50 40930 C:\Documents and Settings\All Users\Application Data\PPENSB\User
22/03/2009 02:31:21 19539 C:\Documents and Settings\All Users\Application Data\PPENSB\User\Default
22/03/2009 02:25:50 21391 C:\Documents and Settings\All Users\Application Data\PPENSB\User\USR00000
16/05/2009 09:42:54 36 C:\Documents and Settings\All Users\Application Data\SiteAdvisor
25/04/2009 18:52:01 239 C:\Documents and Settings\All Users\Application Data\WEBREG
27/04/2009 16:36:46 539672 C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
27/04/2009 16:37:34 539672 C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86
27/04/2009 16:37:34 130768 C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86
25/04/2009 17:57:47 741 32 C:\Documents and Settings\All Users\Application Data\hpzinstall.log
13/05/2009 16:41:09 32 32 C:\Documents and Settings\All Users\Application Data\up.dat
====== Values under HKLM\Software\microsoft\shared tools\msconfig\startupreg ======
HKLM\Software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
HKLM\Software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
HKLM\Software\microsoft\shared tools\msconfig\startupreg\LogitechGalleryRepair
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
HKLM\Software\microsoft\shared tools\msconfig\startupreg\LogitechImageStudioTray
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
HKLM\Software\microsoft\shared tools\msconfig\startupreg\LVCOMSX
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
HKLM\Software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
HKLM\Software\microsoft\shared tools\msconfig\startupreg\Pando
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
HKLM\Software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
====== Services ( Services that are Whitelisted are not shown) ======
aslm75 (aslm75)- \??\C:\WINDOWS\system32\drivers\aslm75.sys - Auto/Running
aswFsBlk (aswFsBlk)- C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys - Auto/Running
aswSP (avast! Self Protection)- C:\WINDOWS\system32\drivers\aswSP.sys - System/Running
Cap7134 (VideoMate TV Capture)- C:\WINDOWS\system32\DRIVERS\Cap7134.sys - Manual/Running
cdrbsdrv (cdrbsdrv)- C:\WINDOWS\system32\drivers\cdrbsdrv.sys - System/Running
cdrbsvsd (cdrbsvsd)- - System/Stopped
cmdGuard (COMODO Firewall Pro Sandbox Driver)- C:\WINDOWS\system32\DRIVERS\cmdguard.sys - System/Running
cmdHlp (COMODO Firewall Pro Helper Driver)- C:\WINDOWS\system32\DRIVERS\cmdhlp.sys - System/Running
DSDrv4 (DSDrv4)- \??\C:\PROGRA~1\DScaler\DSDrv4.sys - Manual/Stopped
E100B (Intel(R) PRO Adapter Driver)- C:\WINDOWS\system32\DRIVERS\e100b325.sys - Manual/Stopped
fasttx2k (fasttx2k)- C:\WINDOWS\system32\DRIVERS\fasttx2k.sys - Boot/Running
FlyPCI (FlyPCI)- \??\C:\PROGRA~1\SlyDiman\SLYCON~1\FlyPCI.sys - Manual/Stopped
FsVga (FsVga)- C:\WINDOWS\system32\DRIVERS\fsvga.sys - System/Running
Inspect (COMODO Firewall Pro Firewall Driver)- C:\WINDOWS\system32\DRIVERS\inspect.sys - Boot/Running
itchfltr (iTouch Keyboard Filter)- C:\WINDOWS\system32\DRIVERS\itchfltr.sys - Manual/Running
KeyScrambler (KeyScrambler)- C:\WINDOWS\system32\drivers\keyscrambler.sys - Manual/Running
Lbd (Lbd)- C:\WINDOWS\system32\DRIVERS\Lbd.sys - Boot/Running
lusbaudio (Logitech USB Microphone)- C:\WINDOWS\system32\drivers\lvsound2.sys - System/Running
MCSTRM (MCSTRM)- C:\WINDOWS\system32\drivers\MCSTRM.sys - Auto/Running
MgaFG (MgaFG)- \??\C:\WINDOWS\system32\drivers\MgaFG.sys - Manual/Stopped
MidiSyn (MidiSyn)- C:\WINDOWS\system32\drivers\MidiSyn.sys - Manual/Stopped
MQAC (Message Queuing access control)- \??\C:\WINDOWS\System32\drivers\mqac.sys - Manual/Running
MTXPAR (MTXPAR)- C:\WINDOWS\system32\DRIVERS\MTXPARM.sys - Manual/Running
MTXPARH (MTXPARH)- C:\WINDOWS\system32\DRIVERS\MTXPARHM.sys - Manual/Stopped
Mtxparmx (Mtxparmx)- C:\WINDOWS\system32\DRIVERS\Mtxparmx.sys - System/Running
MtxVxd (MtxVxd)- \??\C:\WINDOWS\system32\drivers\MtxVxd.sys - Manual/Stopped
NdisIP (Microsoft TV/Video Connection)- C:\WINDOWS\system32\DRIVERS\NdisIP.sys - Manual/Stopped
nmwcd (Nokia USB Phone Parent)- C:\WINDOWS\system32\drivers\ccdcmb.sys - Manual/Stopped
nmwcdc (Nokia USB Generic)- C:\WINDOWS\system32\drivers\ccdcmbo.sys - Manual/Stopped
nmwcdnsu (Nokia USB Flashing Phone Parent)- C:\WINDOWS\system32\drivers\nmwcdnsu.sys - Manual/Stopped
nmwcdnsuc (Nokia USB Flashing Generic)- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys - Manual/Stopped
Philipscam2 (Philips 646 Digital Camera; Video)- C:\WINDOWS\system32\DRIVERS\philcam1.sys - Manual/Stopped
PhTVTune (VideoMate TV Tuner)- C:\WINDOWS\system32\DRIVERS\PhTVTune.sys - Manual/Running
PTSimBus (PenTablet Bus Enumerator)- C:\WINDOWS\system32\DRIVERS\PTSimBus.sys - Manual/Running
PTSimHid (PenTablet Simulated HID MiniDriver)- "C:\WINDOWS\System32\Drivers\PTSimHid.sys" - Manual/Stopped
QCEmerald (Logitech QuickCam Web(PID_0850))- C:\WINDOWS\system32\DRIVERS\LVCE.sys - Manual/Running
QV2KUX (Casio Digital Camera)- C:\WINDOWS\system32\DRIVERS\qv2kux.sys - Manual/Stopped
RimUsb (BlackBerry Smartphone)- C:\WINDOWS\system32\Drivers\RimUsb.sys - Manual/Stopped
RimVSerPort (RIM Virtual Serial Port v2)- C:\WINDOWS\system32\DRIVERS\RimSerial.sys - Manual/Stopped
RMCAST (Reliable Multicast Protocol driver)- \??\C:\WINDOWS\System32\drivers\RMCast.sys - Manual/Running
RT73 (LevelOne WNC-0301USB Wireless Adapter Driver)- C:\WINDOWS\system32\DRIVERS\rt73.sys - Manual/Stopped
S3U10Scanner (600 CU Still Image Device Service)- C:\WINDOWS\system32\drivers\usbscan.sys - Manual/Stopped
sbp2port (SBP-2 Transport/Protocol Bus Driver)- C:\WINDOWS\system32\DRIVERS\sbp2port.sys - Boot/Running
SLIP (BDA Slip De-Framer)- C:\WINDOWS\system32\DRIVERS\SLIP.sys - Manual/Stopped
smwdm (smwdm)- C:\WINDOWS\system32\drivers\smwdm.sys - Manual/Running
sonypvs1 (Sony Digital Imaging Video2)- C:\WINDOWS\system32\DRIVERS\sonypvs1.sys - Manual/Stopped
Tablet2k (Serial Tablet Port Driver)- "C:\WINDOWS\System32\Drivers\Tablet2k.sys" - Manual/Stopped
TClass2k (Tablet Class Driver)- "C:\WINDOWS\System32\Drivers\TClass2k.sys" - Manual/Stopped
Tcpip6 (Microsoft IPv6 Protocol Driver)- C:\WINDOWS\system32\DRIVERS\tcpip6.sys - System/Running
tunmp (Microsoft Tun Miniport Adapter Driver)- C:\WINDOWS\system32\DRIVERS\tunmp.sys - Manual/Running
UCTblHid (HID Tablet Port Driver)- "C:\WINDOWS\System32\Drivers\UCTblHid.sys" - Manual/Stopped
UlSata (UlSata)- C:\WINDOWS\system32\DRIVERS\ulsata.sys - Boot/Running
upperdev (upperdev)- C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys - Manual/Stopped
USBAAPL (Apple Mobile USB Driver)- C:\WINDOWS\system32\Drivers\usbaapl.sys - Manual/Stopped
usbser (USB Modem Driver)- C:\WINDOWS\system32\drivers\usbser.sys - Manual/Stopped
UsbserFilt (UsbserFilt)- C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys - Manual/Stopped
usb_rndisx (USB RNDIS Adapter)- C:\WINDOWS\system32\DRIVERS\usb8023x.sys - Manual/Stopped
wacommousefilter (Wacom Mouse Filter Driver)- C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys - Manual/Stopped
wacomvhid (Wacom Virtual Hid Driver)- C:\WINDOWS\system32\DRIVERS\wacomvhid.sys - Manual/Running
WacomVKHid (Virtual Keyboard Driver)- C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys - Manual/Running
wceusbsh (Windows CE USB Serial Host Driver)- C:\WINDOWS\system32\DRIVERS\wceusbsh.sys - Manual/Stopped
Wdf01000 (Wdf01000)- C:\WINDOWS\system32\DRIVERS\Wdf01000.sys - Manual/Stopped
====== Uninstall List ======
Windows Driver Package - Nokia Modem (02/15/2007 3.1)
Windows Driver Package - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)
Ad-Aware
Adobe Acrobat 7.1.0 Professional
Adobe Flash Player 10 Plugin
Adobe PDF IFilter 6.0
Adobe Shockwave Player
Comodo AntiSpam 2.6.0.0
avast! Antivirus
Windows Driver Package - Nokia Modem (02/15/2007 3.1)
Business Contact Manager for Outlook 2007 SP1
BOClean
CCleaner (remove only)
Windows Driver Package - Nokia Modem (05/24/2007 6.84.0.1)
ChangeNames 3.1.3
Chikka Messenger V4
MetaFrame Presentation Server Web Client for Win32
COMODO Firewall Pro
COMODO SafeSurf
DScaler 4.1.15
Easy CD-DA Extractor 7.0
Microsoft Office Enterprise 2007
EPSON Printer Software
Foxy v1.9.9
HijackThis 2.0.2
HP Imaging Device Functions 10.0
HP Smart Web Printing
HP Solution Center 10.0
OCR Software by I.R.I.S. 10.0
Microsoft Internationalized Domain Names Mitigation APIs
Windows Internet Explorer 8
InCD
Tablet
Microsoft Data Access Components KB870669
Windows Media Player 10 Hotfix - KB894476
Microsoft Base Smart Card Cryptographic Service Provider Package
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Hotfix for Windows XP (KB915800-v4)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Internet Explorer 7 (KB928090)
Hotfix for Windows Media Format 11 SDK (KB929399)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for CAPICOM (KB931906)
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows Internet Explorer 7 (KB939653)
Hotfix for Windows Media Player 11 (KB939683)
Windows Search 4.0
Security Update for Windows XP (KB941569)
Security Update for Windows Internet Explorer 7 (KB942615)
Update for Windows XP (KB943729)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows XP (KB946648)
Hotfix for Windows Internet Explorer 7 (KB947864)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Update for Windows XP (KB951072-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Update for Windows XP (KB951978)
Security Update for Windows XP (KB952004)
Security Update for Windows Media Player (KB952069)
Hotfix for Windows XP (KB952287)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Hotfix for Windows XP (KB954550-v5)
Security Update for Windows XP (KB954600)
Hotfix for Windows XP (KB954708)
Security Update for Windows XP (KB955069)
Update for Windows XP (KB955839)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Critical Update for Windows Media Player 11 (KB959772)
Security Update for Windows XP (KB960225)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Hotfix for Windows XP (KB961118)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows XP (KB961373)
Security Update for Windows Internet Explorer 7 (KB963027)
Update for Windows XP (KB967715)
Update for Windows Internet Explorer 8 (KB968220)
KeeForm 2.01
KeeFormFF 2.01
KeePass Password Safe 1.15
KeyScrambler
K-Lite Mega Codec Pack 1.63
LimeWire 5.1.2
LiveUpdate 3.2 (Symantec Corporation)
M4a/Flac/Ogg/Ape/Mpc Tag Support Plugin for Media Player v. 1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Matrox Driver
Messenger Plus! Live & Sponsor (CiD)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 3.5 SP1
Microsoft SQL Server 2005
Translation Services Provided by WorldLingo for Microsoft Word
Mozilla Firefox (3.0.10)
Mozilla Thunderbird (2.0.0.21)
Microsoft Compression Client Pack 1.0 for Windows XP
Mustek 600 CU v2.0a
Nero Suite
Microsoft National Language Support Downlevel APIs
Nokia 電腦端套件
Power Video Converter 1.2.13
Intel(R) PRO Network Adapters and Drivers
Logitech(r) Camera 驅動程式
Recover My Files
Rhapsody
Advanced RealMedia Export Plug-in for Premiere 6.0
Comodo SecureEmail 2.0.0.10
SnoopFree Privacy Shield
Spybot - Search & Destroy 1.3
SpywareBlaster 4.2
SSC Service Utility v4.20
StuffPlug-NG (Messenger Plus! Plugins)
Tablet
Tag&Rename 3.2.5 rc 1
VoxOx
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Notifications (KB905474)
Windows Imaging Component
Windows Live OneCare safety scanner
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinHTTrack Website Copier 3.43-3
Windows Live Essentials
WinRAR archiver
WM Converter 2.0
Windows Media Format 11 runtime
Windows Media Player 11
WordReference English to Italian
WordReference Italian to English
WordReference Spanish to English
Microsoft User-Mode Driver Framework Feature Pack 1.5
XML Paper Specification Shared Components Pack 1.0
Your Uninstaller! 2006 Version 5
CorelDRAW Graphics Suite X3
Adobe Creative Suite 2
Windows Live Call
Logitech iTouch Software
MSXML 6.0 Parser (KB933579)
Windows Live Messenger
Security Update for CAPICOM (KB931906)
Toolbox
HP Update
VideoMate TV driver
Matrox GigaColor Viewer
GPBaseService
FindSounds Palette
RunTime
InkSaver
Picture Package
Windows Live Upload Tool
QuickTime
MSVCRT
Adobe Photoshop CS2
華康字型
Java(TM) 6 Update 11
Microsoft Search Enhancement Pack
Nokia Flashing Cable Driver
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Windows Live Toolbar
Rhapsody Player Engine
J2SE Runtime Environment 5.0 Update 3
Java(TM) SE Runtime Environment 6 Update 1
Java(TM) 6 Update 5
Java(TM) 6 Update 7
EN
WebFldrs XP
McAfee SiteAdvisor
ComproPVR
HPProductAssistant
MSXML 4.0 SP2 (KB927978)
Microsoft AppLocale
Microsoft Windows Journal Viewer
Windows Movie Maker 2.0
FontNav
Microsoft Office 2007 Primary Interop Assemblies
SmartWebPrintingOC
DeviceDiscovery
Microsoft SQL Server Setup Support Files (English)
Nokia Video Manager
Microsoft SQL Server VSS Writer
Microsoft Office Live Add-in 1.3
Logitech MouseWare 9.79.1
AsusUpdate
Logitech ImageStudio
TrayApp
Matrox Parhelia Reef Demo
Matrox PowerDesk-SE
Sony USB Driver
iTunes
CorelDRAW Graphics Suite X3
Windows Genuine Advantage v1.3.0254.0
Norton 360
eSupportQFolder
DocProc
BufferChm
Apple Software Update
Windows Media Player Firefox Plugin
Windows Live Writer
MSXML 4.0 SP2 Parser and SDK
Microsoft Visual C++ 2005 Redistributable
WBQ
F2200_Help
ComproFM
Managed DirectX (0901)
Scan
File Transfer Plus
MSXML 4.0 SP2 (KB954430)
DocProcQFolder
Microsoft Silverlight
Microsoft Sync Framework Runtime Native v1.0 (x86)
UnloadSupport
LightScribe 1.4.39.1
Flash Video Exporter 1.2
Adobe Common File Installer
Choice Guard
Logitech Desktop Messenger
Microsoft Software Update for Web Folders (Chinese (Traditional)) 12
Microsoft Software Update for Web Folders (English) 12
Microsoft Office Access MUI (Chinese (Traditional)) 2007
Microsoft Office Access MUI (English) 2007
Microsoft Office Excel MUI (Chinese (Traditional)) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Publisher MUI (Chinese (Traditional)) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Outlook MUI (Chinese (Traditional)) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Word MUI (Chinese (Traditional)) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office Proof (Chinese (Traditional)) 2007
Microsoft Office Proof (English) 2007
2007 Microsoft Office Suite Service Pack 1 (SP1)
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office IME (Chinese (Traditional)) 2007
Microsoft Office Proofing (Chinese (Traditional)) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Enterprise 2007
Security Update for Microsoft Office Word 2007 (KB956358)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Outlook 2007 Junk Email Filter (kb968503)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Excel 2007 (KB959997)
Security Update for 2007 Microsoft Office System (KB951550)
2007 Microsoft Office Suite Service Pack 1 (SP1)
Update for 2007 Microsoft Office System (KB967642)
Security Update for 2007 Microsoft Office System (KB960003)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Microsoft Office InfoPath MUI (English) 2007
2007 Microsoft Office Suite Service Pack 1 (SP1)
Update for Microsoft Office InfoPath 2007 Help (KB957243)
Microsoft Office Shared MUI (Chinese (Traditional)) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
2007 Microsoft Office Suite Service Pack 1 (SP1)
Update for Microsoft Office OneNote 2007 Help (KB957245)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Office Groove MUI (English) 2007
2007 Microsoft Office Suite Service Pack 1 (SP1)
Microsoft Office Groove Setup Metadata MUI (English) 2007
2007 Microsoft Office Suite Service Pack 1 (SP1)
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office XP Web Components
Microsoft Phishing Filter Add-in for MSN Search Toolbar
Microsoft Office 2003 Web Components
Nokia Download!
Microsoft Office Professional 2007
Windows Live Sign-in Assistant
Microsoft Visio Viewer 2002
Microsoft Application Error Reporting
Microsoft Office Outlook Connector
Microsoft Office Outlook Connector
MOOV Fasta
Adobe MPEG Encoder
PC Connectivity Solution
eDualHead
EPSON Scan Tool
Windows Defender
Status
Segoe UI
Nokia Software Updater
Microsoft .NET Framework 3.0 Service Pack 2
SolutionCenter
Macromedia Extension Manager
Windows Defender Signatures
Intel(R) PROSet
Microsoft Office Small Business Connectivity Components
Nokia PC Suite
MSXML 4.0 SP2 (KB925672)
DeviceManagementQFolder
Adobe Acrobat 7.0 Professional
Adobe Reader 7.0.7
Adobe Reader Chinese Traditional Fonts
Office Animation Runtime
Apple Mobile Device Support
Microsoft Chinese Date & Time
Microsoft ActiveSync 4.0
Adobe Illustrator CS2
Business Contact Manager for Outlook 2007 SP1
Spybot - Search & Destroy
Microsoft Reader
Intel(R) Processor Frequency ID Utility
Windows Presentation Foundation
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft SQL Server Native Client
Windows Rights Management Client with Service Pack 2
MSXML 4.0 SP2 (KB936181)
Microsoft .NET Framework 2.0 Service Pack 2
PrintMe Driver for Windows
Suite Specific
DJ_AIO_03_F2200_Software_Min
VBA
ClearType Tuning Control Panel Applet
Microsoft .NET Framework 1.1
Nokia Connectivity Cable Driver
WebReg
Microsoft .NET Framework 3.5 SP1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
MSN Encarta Right-Click Dictionary
Tablet
HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3
Destination Component
Windows Live Essentials
DJ_AIO_03_F2200_Software
Windows Live Favorites Add-in for MSN Search Toolbar
Microsoft Windows Application Compatibility Database
Ad-Aware
Microsoft Reader Text-to-Speech for English
Corel SVG Viewer
Windows Media Encoder 9 Series
Adobe Help Center 1.0
F2200
ScanToWeb
Windows Rights Management Client Backwards Compatibility SP2
DJ_AIO_03_F2200_ProductContext
Adobe Stock Photos 1.0
SoundMAX
Microsoft SQL Server 2005 Compact Edition [ENU]
32 Bit HP CIO Components Installer
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Update Manager
Copy
Windows Live Communications Platform
Windows Live Photo Gallery
Coloreal Visual
ImageMixer VCD2
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
Windows Live Sync
EPSON Print CD
======== Other Info ========
TOTAL PHYSICAL RAM: 1072 MB
Boot Info
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
OS Type: Microsoft Windows XP Professional
Build: 5.1.2600
Service Pack: 3.0
====== Files with Hidden Attributes======
C:\2votlef3.sys
C:\pagefile.sys
C:\NTDETECT.COM
==End of Report==
bamajim
10.4K Posts
0
May 20th, 2009 08:00
You are most welcome. It will take a couple of runs at this to fix, so please be patient.
1. Your log does show you are running 2 Antivirus programs: Norton360 and Avast!.
Running 2 Antivirus programs is never a good idea.
Since they both do the same job, running 2 can cause conflicts, system slowdowns, and may even allow some malware to slip by.
I recommend that you unistall one of them through Add or Remove Programs.
If you uninstall Norton360, then remove this as well
LiveUpdate 3.2 (Symantec Corporation)
While you are in Add or Remove Programs, uninstall the following programs
Messenger Plus! Live & Sponsor (CiD) <<- THIS LINK
StuffPlug-NG (Messenger Plus! Plugins)
J2SE Runtime Environment 5.0 Update 3 <<- Not Needed
Java(TM) SE Runtime Environment 6 Update 1 <<- Not Needed
Java(TM) 6 Update 5 <<- Not Needed
Java(TM) 6 Update 7 <<- Not Needed
McAfee SiteAdvisor <<- Not Needed
Once done ->> Reboot your PC->> Rerun Hijackthis and post a fresh Hijackthis log
And in your reply tell me which AntiVirus program you decided to keep
Iris Leung
4 Posts
0
May 20th, 2009 21:00
Dear Bamajim,
Yes, thanks, I've got the patience, with your expertist, let's get through it step by step, I'm ready.
1. About the Antivirus: I remember I installed Norton 360 before and Uninstalled it, so I am not seeing it in Add or Remove Programs.
is it files left behind? or is it actually Running on my machine?
ok, for the antivirus thing, I will leave it untouched before your next instruction.
Now, I will uninstall all the programs you listed first. Looking forward to your reply! Thanks pal.
bamajim
10.4K Posts
0
May 22nd, 2009 07:00
Once you've completed the other uninstalls.
1. Go HERE and download and run the Symantec Removal Tool
Pick the right version according to your application
2. Run an online virus scan called Kaspersky from HERE.
[2.] At the next window Select Update. Allow the Database to update.
Note: If prompted to run or update your Java, then follow the prompts to do so. Kaspersky requires Java to run.
[3.] Once the Database has finished, under the Scan icon Select My Computer to start the scan. The scan may take a few minutes to complete.
[4.] Select Scan Report.
[5.] If any threats were found they will appear in the report
[6.] Select "Save error report as" Then in the file name just type in kaspersky Under "save as type" select text .txt
[7.] Save it to your Desktop.
Copy and post the results of the Kaspersky Online scan. If no threats were found then report that as well
Iris Leung
4 Posts
0
May 22nd, 2009 19:00
Hi bamajim,
Thank you again, however,
I have deleted programs as listed in your 2nd last post accordingly, and my system crashed.
now can only get in safe mode with networking. what should I do?
were there anything you stated in your list that i should not remove???
should I do system restore, or do I run the online scan of Kaspersky?? HELP!!!
bamajim
10.4K Posts
0
May 22nd, 2009 19:00
Iris Leung
The deletion of those programs could not have caused a system crash.
If you are able to get into Safe Mode, then try System Restore. Reply with the results