Solved Computer acting up

Fredx · 2010/10/17

[Resolved] Computer acting up

For the last few days my firefox keep crashing on me consistantly and then I had this pop up.

Killing Hazard(R) for Microsoft Windows XP

I'm sure I have some malware or viruses on my computer. could you please help me remove then?

Thanks

broni · 2010/10/17

Welcome aboard

Please, read this post, then post the requested log(s).

Fredx · 2010/10/17

Woops. My fault

DDS (Ver_10-10-10.03) - NTFSx86
Run by Freddie at 13:30:58.98 on Sun 10/17/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2558.1606 [GMT -4:00]

AV: McAfee Anti-Virus and Anti-Spyware *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\PowerSuite\powersuite.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files\Sony Icon\SonyIcon.exe
C:\WINDOWS\system32\SonyIEx.exe
C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
svchost.exe
C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe
C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe
C:\PROGRA~1\COMMON~1\McAfee\MSC\McUICnt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Freddie\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://yahoo.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
mURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20100927150148.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [cdloader] "c:\documents and settings\freddie\application data\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [PowerSuite] "c:\program files\uniblue\powersuite\launcher.exe" delay 20000 -m
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe "
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: intuit.com\ttlc
Trusted Zone: turbotax.com
DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} - hxxp://support.microsoft.com/mats/DiagWebControl.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\freddie\applic~1\mozilla\firefox\profiles\6v7g730b.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - plugin: c:\documents and settings\freddie\local settings\application data\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbaam7a8h ", true);
c:\program files\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgberp4a5d4ar ", true);

============= SERVICES / DRIVERS ===============

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-4-24 386712]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-4-24 84072]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-11-8 10384]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-11-6 88176]
R2 McMPFSvc;McAfee Personal Firewall Service; "c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-4-24 271480]
R2 McNaiAnn;McAfee VirusScan Announcer; "c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-4-24 271480]
R2 McProxy;McAfee Proxy Service; "c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-4-24 271480]
R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-4-24 171168]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-4-24 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-4-24 141792]
R2 SonyIcon_R;SonyIcon_R;c:\program files\sony icon\SonyIcon.exe [2010-2-6 36864]
R2 SonyIEx;SonyIEx;c:\windows\system32\SonyIEx.exe [2009-11-6 126976]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-4-24 55840]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-4-24 152992]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-4-24 52104]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-4-24 312904]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2010-4-24 88544]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [2010-8-11 157696]
S2 0059841285614155mcinstcleanup;McAfee Application Installer Cleanup (0059841285614155); [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AWINDIS5;AWINDIS5 Protocol Driver;c:\windows\system32\AWINDIS5.SYS [2009-11-6 16194]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2010-4-24 88544]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-4-24 84264]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2003-7-16 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

=============== Created Last 30 ================

2010-10-16 02:50:05 -------- d-----w- c:\program files\SIW
2010-10-15 00:59:16 -------- d-----w- c:\program files\Market Samurai
2010-10-13 21:23:44 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2010-10-13 21:23:44 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-13 21:23:10 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2010-10-11 03:11:08 -------- d-----w- c:\docume~1\freddie\applic~1\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
2010-10-05 18:40:25 -------- d-----w- c:\docume~1\freddie\locals~1\applic~1\Yahoo!
2010-09-23 17:18:48 -------- d-----w- c:\documents and settings\freddie\Shared
2010-09-23 17:18:48 -------- d-----w- c:\documents and settings\freddie\Incomplete
2010-09-23 17:17:22 -------- d-----w- c:\docume~1\freddie\applic~1\MP3Rocket
2010-09-23 17:17:17 -------- d-----w- c:\program files\MP3 Rocket
2010-09-18 16:23:26 974848 -c----w- c:\windows\system32\dllcache\mfc42u.dll

==================== Find3M ====================

2010-09-18 16:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58:06 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 12:52:45 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-08-11 17:59:55 6184960 ----a-w- c:\windows\system32\rts5121icon.dll
2010-08-11 17:59:55 266240 ----a-w- c:\windows\system32\rts5121.dll

============= FINISH: 13:33:36.04 ===============

Fredx · 2010/10/17

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-10-10.03)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 11/6/2009 1:24:43 PM
System Uptime: 10/15/2010 10:27:14 PM (39 hours ago)

Motherboard: Dell Inc. | | 0J3492
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Microprocessor | 2992/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 74 GiB total, 20.415 GiB free.
D: is Removable
E: is Removable
F: is Removable
G: is Removable
H: is CDROM ()
I: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Modem
Device ID: PCI\VEN_8086&DEV_1080&SUBSYS_10001028&REV_04\4&10416D21&0&10F0
Manufacturer:
Name: PCI Modem
PNP Device ID: PCI\VEN_8086&DEV_1080&SUBSYS_10001028&REV_04\4&10416D21&0&10F0
Service:

==== System Restore Points ===================

RP223: 5/13/2010 3:00:17 AM - Software Distribution Service 3.0
RP224: 5/18/2010 2:15:53 AM - System Checkpoint
RP225: 5/26/2010 3:00:17 AM - Software Distribution Service 3.0
RP226: 5/27/2010 9:41:02 PM - Installed Windows Media Player 10
RP227: 5/27/2010 9:41:50 PM - Software Distribution Service 3.0
RP228: 5/28/2010 3:00:17 AM - Software Distribution Service 3.0
RP229: 5/29/2010 3:00:15 AM - Software Distribution Service 3.0
RP230: 6/3/2010 5:02:17 PM - System Checkpoint
RP231: 6/6/2010 11:10:57 AM - System Checkpoint
RP232: 6/9/2010 3:00:17 AM - Software Distribution Service 3.0
RP233: 6/11/2010 12:12:36 PM - System Checkpoint
RP234: 6/12/2010 12:13:38 PM - System Checkpoint
RP235: 6/16/2010 9:07:22 PM - Removed Java(TM) 6 Update 15
RP236: 6/16/2010 9:08:02 PM - Installed Java(TM) 6 Update 20
RP237: 6/18/2010 2:20:23 AM - System Checkpoint
RP238: 6/18/2010 11:44:49 AM - Configured Amazon Unbox Video
RP239: 6/22/2010 2:00:22 AM - System Checkpoint
RP240: 6/24/2010 3:00:17 AM - Software Distribution Service 3.0
RP241: 6/27/2010 1:22:10 AM - System Checkpoint
RP242: 7/1/2010 12:56:06 AM - System Checkpoint
RP243: 7/6/2010 3:15:24 AM - System Checkpoint
RP244: 7/9/2010 12:04:08 PM - Installed TurboTax 2008 wrapper
RP245: 7/9/2010 12:04:37 PM - Installed TurboTax 2008 WinPerReleaseEngine
RP246: 7/9/2010 12:06:43 PM - Installed TurboTax 2008 WinPerFedFormset
RP247: 7/9/2010 12:07:34 PM - Installed TurboTax 2008 WinPerTaxSupport
RP248: 7/9/2010 12:07:52 PM - Installed TurboTax 2008 WinPerProgramHelp
RP249: 7/9/2010 12:08:20 PM - Installed TurboTax 2008 WinPerUserEducation
RP250: 7/9/2010 12:08:32 PM - Removed iSEEK AnswerWorks English Runtime
RP251: 7/9/2010 12:20:45 PM - Removed TurboTax 2008 WinPerUserEducation
RP252: 7/9/2010 12:20:56 PM - Removed TurboTax 2008 WinPerProgramHelp
RP253: 7/9/2010 12:21:33 PM - Removed TurboTax 2008 WinPerTaxSupport
RP254: 7/9/2010 12:21:59 PM - Removed TurboTax 2008 WinPerFedFormset
RP255: 7/9/2010 12:22:30 PM - Removed TurboTax 2008 WinPerReleaseEngine
RP256: 7/9/2010 12:23:58 PM - Removed TurboTax 2008 wrapper
RP257: 7/9/2010 12:32:47 PM - Installed TurboTax 2008 wrapper
RP258: 7/9/2010 12:32:57 PM - Installed TurboTax 2008 WinPerReleaseEngine
RP259: 7/9/2010 12:34:43 PM - Installed TurboTax 2008 WinPerFedFormset
RP260: 7/9/2010 12:35:30 PM - Installed TurboTax 2008 WinPerTaxSupport
RP261: 7/9/2010 12:35:51 PM - Installed TurboTax 2008 WinPerProgramHelp
RP262: 7/9/2010 12:36:23 PM - Installed TurboTax 2008 WinPerUserEducation
RP263: 7/9/2010 12:36:34 PM - Installed AnswerWorks 5.0 English Runtime
RP264: 7/14/2010 3:00:17 AM - Software Distribution Service 3.0
RP265: 7/19/2010 3:43:22 AM - System Checkpoint
RP266: 7/22/2010 5:28:52 AM - System Checkpoint
RP267: 7/26/2010 5:33:20 AM - System Checkpoint
RP268: 7/27/2010 8:35:14 PM - System Checkpoint
RP269: 7/28/2010 8:54:35 PM - System Checkpoint
RP270: 7/29/2010 9:32:19 PM - System Checkpoint
RP271: 8/3/2010 3:00:17 AM - Software Distribution Service 3.0
RP272: 8/5/2010 2:19:01 PM - Software Distribution Service 3.0
RP273: 8/6/2010 12:39:00 AM - Software Distribution Service 3.0
RP274: 8/8/2010 5:08:10 PM - System Checkpoint
RP275: 8/9/2010 1:23:25 PM - Installed Windows Media Player 11
RP276: 8/9/2010 1:26:56 PM - Installed Windows XP MSCompPackV1.
RP277: 8/9/2010 11:31:03 PM - Installed Java(TM) 6 Update 21
RP278: 8/10/2010 11:26:14 PM - Software Distribution Service 3.0
RP279: 8/11/2010 1:32:43 PM - DriverScanner - 8/11/2010 1:32:36 PM
RP280: 8/11/2010 1:34:42 PM - DriverScanner - 8/11/2010 1:34:36 PM
RP281: 8/11/2010 1:35:39 PM - DriverScanner - 8/11/2010 1:35:33 PM
RP282: 8/11/2010 1:59:47 PM - DriverScanner - 8/11/2010 1:59:38 PM
RP283: 8/11/2010 2:00:54 PM - DriverScanner - 8/11/2010 2:00:46 PM
RP284: 8/11/2010 2:10:43 PM - DriverScanner - 8/11/2010 2:10:36 PM
RP285: 8/11/2010 2:25:13 PM - DriverScanner - 8/11/2010 2:25:07 PM
RP286: 9/16/2010 12:05:18 AM - Software Distribution Service 3.0
RP287: 9/28/2010 11:54:37 PM - Software Distribution Service 3.0
RP288: 9/29/2010 11:30:42 AM - DriverScanner - 9/29/2010 11:30:36 AM
RP289: 10/7/2010 3:00:17 AM - Software Distribution Service 3.0
RP290: 10/7/2010 4:41:44 PM - Software Distribution Service 3.0
RP291: 10/13/2010 1:53:57 PM - DriverScanner - 10/13/2010 1:53:50 PM
RP292: 10/13/2010 1:54:55 PM - DriverScanner - 10/13/2010 1:54:49 PM
RP293: 10/14/2010 3:00:19 AM - Software Distribution Service 3.0

==== Installed Programs ======================

Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.4
AiO_Scan
AiOSoftware
AnswerWorks 4.0 Runtime - English
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
Bonjour
Broadcom Gigabit Integrated Controller
BufferChm
CDDRV_Installer
Copy
CreativeProjects
CreativeProjectsTemplates
CueTour
Dell ResourceCD
Destinations
Director
DocProc
DocumentViewer
erLT
Fax
GdiplusUpgrade
GoToAssist 8.0.0.514
GoToMeeting 4.5.0.457
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Diagnostic Assistant
HP Image Zone 4.2
HP PSC & OfficeJet 4.2
HP Software Update
HP Unload DLL Patch
HPSystemDiagnostics
InstantShare
iTunes
Java Auto Updater
Java(TM) 6 Update 21
KhalInstallWrapper
Logitech SetPoint
Market Samurai
McAfee AntiVirus Plus
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Professional
Microsoft Office Live Meeting 2007
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.6.10)
MP3 Rocket
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
overland
PhotoGallery
PowerDVD 5.1
PrintScreen
QFolder
QuickProjects
QuickTime
RangeMax(tm) NEXT Wireless Adapter WN311B
Readme
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 8 (KB917734)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SIW version 2010.07.14
SkinsHP1
Sony Icon
Sony Storage Tool for Windows XP Ver 1.03
SoundMAX
TrayApp
TreeDiagram
TurboTax 2008
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wrapper
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wrapper
TurboTax Deluxe 2007
Uniblue DriverScanner
Uniblue PowerSuite
Uniblue RegistryBooster
Uniblue SpeedUpMyPC
Uniblue System Tweaker
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
Yahoo! BrowserPlus 2.9.8

==== Event Viewer Messages From Past Week ========

10/13/2010 5:28:05 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.5 with the system having network hardware address 00:25:4B:0E:B1:96. Network operations on this system may be disrupted as a result.
10/13/2010 1:46:15 PM, error: Dhcp [1002] - The IP address lease 192.168.1.4 for the Network Card with network address 0024B28BD206 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
10/11/2010 7:42:35 PM, error: Print [6161] - The document SparkNotes: Julius Caesar: ... owned by Freddie failed to print on printer hp psc 1310 series. Data type: NT EMF 1.008. Size of the spool file in bytes: 0. Number of bytes printed: 0. Total number of pages in the document: 0. Number of pages printed: 0. Client machine: \\FREDDIE-Y95LV3U. Win32 error code returned by the print processor: 259 (0x103).
10/10/2010 6:48:44 AM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer JOAN-LT that believes that it is the master browser for the domain on transport NetBT_Tcpip_{28FB3AF4-7495-49F9-A. The master browser is stopping or an election is being forced.

==== End Of File ===========================

broni · 2010/10/17

STEP 1. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/mbam.php to your desktop.
(Malwarebytes is free to use as a manual scanner. Payment is only required if you wish to have it run and update automatically which is not necessary for our purposes)

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Quick Scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

STEP 2. Download GMER: http://www.gmer.net/files.php, by clicking on Download EXE button.
Alternative downloads:
- http://majorgeeks.com/GMER_d5198.html
- http://www.softpedia.com/get/Interne...ers/GMER.shtml
Double click on downloaded .exe file, select Rootkit tab and click the Scan button.
Do NOT use the computer while GMER is running!
When scan is completed, click Save button, and save the results as gmer.log
Warning ! Please, do not select the "Show all" checkbox during the scan.
Post the log to your next reply.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

STEP 3. Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

Fredx · 2010/10/17

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4862

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10/17/2010 2:50:27 PM
mbam-log-2010-10-17 (14-50-27).txt

Scan type: Quick scan
Objects scanned: 137888
Time elapsed: 10 minute(s), 30 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Fredx · 2010/10/17

Step 1 didn't detect anything. I copied and pasted what was in the notepad. For some reason it didn't post.

doing step 2 right now.

broni · 2010/10/17

Ok

Fredx · 2010/10/17

Weird.... Now it's showing up.

Step 2 seems to freeze up my computer every time. Any suggestions?

broni · 2010/10/17

Now it's showing up
Click to expand...

When you're under 10 posts any of your posts, which includes any link will wait for mod (me) approval.

GMER...
Did you?

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.
Click to expand...

Fredx · 2010/10/18

I tried to get GMER to scan again today. It scanned for 4 hrs and then went to the Blue screen.

Problems detected windows has to shut down to prevent damages
PFN_LIST_CORRUPT

I'm going to try and scan it running from safe mode.

broni · 2010/10/18

Ok ..

Fredx · 2010/10/18

I'm still not able to scan GMER in safe mode. It went to the blue screen and had the same message as I posted before

broni · 2010/10/18

That's fine.
Proceed with MBRCheck, please.

Fredx · 2010/10/18

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x000001fc

Kernel Drivers (total 131):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806FF000 \WINDOWS\system32\hal.dll
0xF7987000 \WINDOWS\system32\KDCOM.DLL
0xF7897000 \WINDOWS\system32\BOOTVID.dll
0xF75A8000 ACPI.sys
0xF7989000 \WINDOWS\System32\DRIVERS\WMILIB.SYS
0xF7597000 pci.sys
0xF75F7000 isapnp.sys
0xF7A4F000 pciide.sys
0xF7707000 \WINDOWS\System32\DRIVERS\PCIIDEX.SYS
0xF7607000 MountMgr.sys
0xF74D8000 ftdisk.sys
0xF798B000 dmload.sys
0xF74B2000 dmio.sys
0xF770F000 PartMgr.sys
0xF7617000 VolSnap.sys
0xF749A000 atapi.sys
0xF7627000 disk.sys
0xF7637000 \WINDOWS\System32\DRIVERS\CLASSPNP.SYS
0xF747A000 fltmgr.sys
0xF7468000 sr.sys
0xF740B000 mfehidk.sys
0xF7880000 KSecDD.sys
0xF7B52000 Ntfs.sys
0xF7853000 NDIS.sys
0xF7839000 Mup.sys
0xBA641000 \SystemRoot\System32\DRIVERS\intelppm.sys
0xB9546000 \SystemRoot\System32\DRIVERS\ati2mtag.sys
0xB9532000 \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
0xB94FC000 \SystemRoot\System32\DRIVERS\b57xp32.sys
0xF77C7000 \SystemRoot\System32\DRIVERS\usbuhci.sys
0xB94D8000 \SystemRoot\System32\DRIVERS\USBPORT.SYS
0xF77CF000 \SystemRoot\System32\DRIVERS\usbehci.sys
0xB940F000 \SystemRoot\System32\DRIVERS\wn311b.sys
0xB9379000 \SystemRoot\system32\drivers\smwdm.sys
0xB9355000 \SystemRoot\system32\drivers\portcls.sys
0xBA631000 \SystemRoot\system32\drivers\drmk.sys
0xB9332000 \SystemRoot\system32\drivers\ks.sys
0xF79B1000 \SystemRoot\system32\drivers\aeaudio.sys
0xB931E000 \SystemRoot\System32\DRIVERS\parport.sys
0xBA621000 \SystemRoot\System32\DRIVERS\serial.sys
0xBA7D0000 \SystemRoot\System32\DRIVERS\serenum.sys
0xBA611000 \SystemRoot\System32\DRIVERS\cdrom.sys
0xBA601000 \SystemRoot\System32\DRIVERS\redbook.sys
0xF77D7000 \SystemRoot\SYSTEM32\DRIVERS\GEARAspiWDM.sys
0xBA5F1000 \SystemRoot\System32\DRIVERS\imapi.sys
0xF7AA7000 \SystemRoot\System32\DRIVERS\audstub.sys
0xB930A000 \SystemRoot\system32\DRIVERS\mfendisk.sys
0xBA5E1000 \SystemRoot\System32\DRIVERS\rasl2tp.sys
0xBA7C0000 \SystemRoot\System32\DRIVERS\ndistapi.sys
0xB92F3000 \SystemRoot\System32\DRIVERS\ndiswan.sys
0xF7657000 \SystemRoot\System32\DRIVERS\raspppoe.sys
0xF7667000 \SystemRoot\System32\DRIVERS\raspptp.sys
0xF77E7000 \SystemRoot\System32\DRIVERS\TDI.SYS
0xB92E2000 \SystemRoot\System32\DRIVERS\psched.sys
0xF7677000 \SystemRoot\System32\DRIVERS\msgpc.sys
0xB92BE000 \SystemRoot\system32\drivers\mfeavfk.sys
0xB924B000 \SystemRoot\system32\drivers\mfefirek.sys
0xF77EF000 \SystemRoot\System32\DRIVERS\ptilink.sys
0xF77F7000 \SystemRoot\System32\DRIVERS\raspti.sys
0xB921B000 \SystemRoot\System32\DRIVERS\rdpdr.sys
0xF7687000 \SystemRoot\System32\DRIVERS\termdd.sys
0xF77FF000 \SystemRoot\System32\DRIVERS\kbdclass.sys
0xF7807000 \SystemRoot\System32\DRIVERS\mouclass.sys
0xF79B5000 \SystemRoot\System32\DRIVERS\swenum.sys
0xB9195000 \SystemRoot\System32\DRIVERS\update.sys
0xF7937000 \SystemRoot\System32\DRIVERS\mssmbios.sys
0xF76B7000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF76D7000 \SystemRoot\System32\DRIVERS\usbhub.sys
0xF79B7000 \SystemRoot\System32\DRIVERS\USBD.SYS
0xF79B9000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7A5C000 \SystemRoot\System32\Drivers\Null.SYS
0xF79BB000 \SystemRoot\System32\Drivers\Beep.SYS
0xF773F000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF7747000 \SystemRoot\System32\drivers\vga.sys
0xF79BD000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF79BF000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF774F000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF7757000 \SystemRoot\System32\Drivers\Npfs.SYS
0xBA7D8000 \SystemRoot\System32\DRIVERS\rasacd.sys
0xB0FE5000 \SystemRoot\System32\DRIVERS\ipsec.sys
0xB0F8C000 \SystemRoot\System32\DRIVERS\tcpip.sys
0xB0F79000 \SystemRoot\system32\drivers\mfetdi2k.sys
0xB0F53000 \SystemRoot\System32\DRIVERS\ipnat.sys
0xB0F2B000 \SystemRoot\System32\DRIVERS\netbt.sys
0xB0F09000 \SystemRoot\System32\drivers\afd.sys
0xF76F7000 \SystemRoot\System32\DRIVERS\netbios.sys
0xF7587000 \SystemRoot\System32\DRIVERS\wanarp.sys
0xB0EDE000 \SystemRoot\System32\DRIVERS\rdbss.sys
0xB92A6000 \SystemRoot\SYSTEM32\DRIVERS\OMCI.SYS
0xB0E46000 \SystemRoot\System32\DRIVERS\mrxsmb.sys
0xF7557000 \SystemRoot\System32\Drivers\Fips.SYS
0xF775F000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xB0E1C000 \SystemRoot\System32\Drivers\RTS5121.sys
0xB92A2000 \SystemRoot\system32\DRIVERS\usbscan.sys
0xF7767000 \SystemRoot\system32\DRIVERS\usbprint.sys
0xF776F000 \SystemRoot\System32\DRIVERS\HPZius12.sys
0xB929E000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xF7547000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF7537000 \SystemRoot\System32\DRIVERS\HPZid412.sys
0xF7777000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
0xF7527000 \SystemRoot\system32\DRIVERS\WDFLDR.SYS
0xB0A87000 \SystemRoot\system32\DRIVERS\Wdf01000.sys
0xB9213000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xB920F000 \SystemRoot\System32\DRIVERS\mouhid.sys
0xF777F000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
0xB920B000 \SystemRoot\System32\DRIVERS\HPZipr12.sys
0xF7507000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xB0A47000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF79C5000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB108E000 \SystemRoot\System32\drivers\Dxapi.sys
0xF7787000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xB9617000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\ati2dvag.dll
0xBF049000 \SystemRoot\System32\ati2cqag.dll
0xBF083000 \SystemRoot\System32\ati3duag.dll
0xBF257000 \SystemRoot\System32\ativvaxx.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xAF943000 \SystemRoot\System32\DRIVERS\ndisuio.sys
0xAF6C2000 \SystemRoot\system32\drivers\wdmaud.sys
0xAF80F000 \SystemRoot\system32\drivers\sysaudio.sys
0xF79AD000 \SystemRoot\System32\Drivers\ParVdm.SYS
0xF7AB3000 \SystemRoot\System32\Drivers\LBeepKE.sys
0xAF1DC000 \SystemRoot\System32\DRIVERS\srv.sys
0xAECEC000 \SystemRoot\System32\Drivers\HTTP.sys
0xAEB54000 \SystemRoot\system32\drivers\cfwids.sys
0xAE98B000 \SystemRoot\system32\drivers\mfeapfk.sys
0xAEBAC000 \SystemRoot\system32\drivers\mfebopk.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 42):
0 System Idle Process
4 System
1288 C:\WINDOWS\system32\smss.exe
1364 csrss.exe
1388 C:\WINDOWS\system32\winlogon.exe
1432 C:\WINDOWS\system32\services.exe
1444 C:\WINDOWS\system32\lsass.exe
1604 C:\WINDOWS\system32\ati2evxx.exe
1620 C:\WINDOWS\system32\svchost.exe
1696 svchost.exe
1736 C:\WINDOWS\system32\svchost.exe
1800 svchost.exe
444 C:\WINDOWS\system32\spoolsv.exe
816 C:\WINDOWS\explorer.exe
956 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
976 C:\Program Files\McAfee.com\Agent\mcagent.exe
984 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
1108 C:\Program Files\Common Files\Java\Java Update\jusched.exe
1132 C:\WINDOWS\system32\ctfmon.exe
1340 C:\Program Files\Uniblue\PowerSuite\powersuite.exe
716 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
756 C:\Program Files\Bonjour\mDNSResponder.exe
1008 C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
1572 C:\Program Files\Java\jre6\bin\jqs.exe
1652 C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
1844 C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
284 C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
332 C:\Program Files\Sony Icon\SonyIcon.exe
656 C:\WINDOWS\system32\SonyIEx.exe
688 C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
900 C:\WINDOWS\system32\svchost.exe
1044 C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
1124 C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
3048 svchost.exe
3528 C:\WINDOWS\system32\wscntfy.exe
3696 alg.exe
1944 C:\Program Files\Uniblue\SpeedUpMyPC\sump.exe
2272 C:\WINDOWS\system32\wuauclt.exe
244 C:\Program Files\Mozilla Firefox\firefox.exe
3676 C:\Program Files\Mozilla Firefox\plugin-container.exe
3480 C:\Program Files\Uniblue\DriverScanner\driverscanner.exe
1100 C:\Documents and Settings\Freddie\My Documents\Downloads\MBRCheck(2).exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: WDCWD800JD-75HKA1, Rev: 14.03G14

Size Device Name MBR Status
--------------------------------------------
74 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A

Done!

broni · 2010/10/18

That looks good

Please download ComboFix from [color= "Red"]Here[/color] or [color= "#FF0000"]Here[/color] to your Desktop.

[color= "Blue"]**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**[/color]

Please, never rename Combofix unless instructed.

Close any open browsers.

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results ".

Click on [color= "Red"]this link[/color] to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.

Close any open browsers.

[color= "Red"]WARNING:[/color] Combofix will disconnect your machine from the Internet as soon as it starts

Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.

If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Please post the "C:\ComboFix.txt"

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

Fredx · 2010/10/18

ComboFix 10-10-18.01 - Freddie 10/18/2010 21:37:36.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2558.2056 [GMT -4:00]
Running from: c:\documents and settings\Freddie\My Documents\Downloads\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Freddie\g2mdlhlpx.exe

Infected copy of c:\windows\system32\ole32.dll was found and disinfected
Restored copy from - c:\windows\system32\dllcache\ole32.dll

.
((((((((((((((((((((((((( Files Created from 2010-09-19 to 2010-10-19 )))))))))))))))))))))))))))))))
.

2010-10-18 23:19 . 2010-10-18 23:19 -------- d-----w- c:\documents and settings\Administrator
2010-10-18 16:53 . 2010-10-18 16:55 -------- dc-h--w- c:\windows\ie8
2010-10-17 18:38 . 2010-10-17 18:38 -------- d-----w- c:\documents and settings\Freddie\Application Data\Malwarebytes
2010-10-17 18:38 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-17 18:38 . 2010-10-17 18:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-17 18:38 . 2010-10-17 18:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-10-17 18:38 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-16 02:50 . 2010-10-16 02:50 -------- d-----w- c:\program files\SIW
2010-10-15 00:59 . 2010-10-15 00:59 -------- d-----w- c:\program files\Market Samurai
2010-10-13 21:23 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2010-10-13 21:23 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-13 21:23 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2010-10-11 03:11 . 2010-10-11 03:11 -------- d-----w- c:\documents and settings\Freddie\Application Data\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
2010-10-05 18:40 . 2010-10-05 18:40 -------- d-----w- c:\documents and settings\Freddie\Local Settings\Application Data\Yahoo!
2010-09-23 17:18 . 2010-10-02 23:04 -------- d-----w- c:\documents and settings\Freddie\Incomplete
2010-09-23 17:18 . 2010-10-01 19:54 -------- d-----w- c:\documents and settings\Freddie\Shared
2010-09-23 17:17 . 2010-09-29 22:22 -------- d-----w- c:\documents and settings\Freddie\Application Data\MP3Rocket
2010-09-23 17:17 . 2010-09-23 17:18 -------- d-----w- c:\program files\MP3 Rocket

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-24 18:57 . 2010-05-19 07:18 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cdloader "= "c:\documents and settings\Freddie\Application Data\mjusbsp\cdloader2.exe" [2010-02-26 50520]
"PowerSuite "= "c:\program files\Uniblue\PowerSuite\launcher.exe" [2010-08-30 67448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA "= "c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968]
"Kernel and Hardware Abstraction Layer "= "KHALMNPR.EXE" [2009-06-17 55824]
"mcui_exe "= "c:\program files\McAfee.com\Agent\mcagent.exe" [2010-06-25 1193848]
"HP Component Manager "= "c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"SunJavaUpdateSched "= "c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5} "= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-11-06 19:29 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 17:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=" "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=" "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=" "

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Amazon Unbox.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Amazon Unbox.lnk
backup=c:\windows\pss\Amazon Unbox.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
backup=c:\windows\pss\HP Image Zone Fast Start.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Freddie^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]
path=c:\documents and settings\Freddie\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
backup=c:\windows\pss\Logitech . Product Registration.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AS00_WN311B]
2008-09-17 22:17 3002368 ----a-w- c:\program files\NETGEAR\WN311B\Utility\WN311B.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2004-04-11 16:43 53248 ------w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
2004-05-12 20:18 241664 ----a-w- c:\program files\HP\hpcoretech\hpcmpmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2004-02-12 18:38 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-04-24 21:54 142120 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-18 01:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryBooster]
2010-08-30 12:45 67448 ----a-w- c:\program files\Uniblue\RegistryBooster\Launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall "= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\FrostWire\\FrostWire.exe "=
"c:\\Program Files\\Microsoft Office\\Live Meeting 8\\Console\\PWConsole.exe "=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"c:\\Program Files\\iTunes\\iTunes.exe "=
"c:\\Documents and Settings\\Freddie\\Application Data\\mjusbsp\\magicJack.exe "=
"c:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe "=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP "= 5985:TCP:*isabled:Windows Remote Management

R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [4/24/2010 1:27 PM 84072]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [11/8/2009 3:35 PM 10384]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [11/6/2009 4:52 PM 88176]
R2 McMPFSvc;McAfee Personal Firewall Service; "c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [4/24/2010 1:27 PM 271480]
R2 McNaiAnn;McAfee VirusScan Announcer; "c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [4/24/2010 1:27 PM 271480]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfefire.exe [4/24/2010 1:27 PM 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [4/24/2010 1:27 PM 141792]
R2 SonyIcon_R;SonyIcon_R;c:\program files\Sony Icon\SonyIcon.exe [2/6/2010 2:28 AM 36864]
R2 SonyIEx;SonyIEx;c:\windows\system32\SonyIEx.exe [11/6/2009 2:00 PM 126976]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [4/24/2010 1:27 PM 55840]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [4/24/2010 1:27 PM 312904]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [4/24/2010 1:27 PM 88544]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [8/11/2010 1:59 PM 157696]
S2 0059841285614155mcinstcleanup;McAfee Application Installer Cleanup (0059841285614155); [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384]
S3 AWINDIS5;AWINDIS5 Protocol Driver;c:\windows\system32\AWINDIS5.SYS [11/6/2009 2:28 PM 16194]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [4/24/2010 1:27 PM 88544]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [4/24/2010 1:27 PM 84264]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [7/16/2003 12:41 PM 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504]

--- Other Services/Drivers In Memory ---

*Deregistered* - mfeavfk01

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder

2010-10-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://yahoo.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
Trusted Zone: intuit.com\ttlc
Trusted Zone: turbotax.com
FF - ProfilePath - c:\documents and settings\Freddie\Application Data\Mozilla\Firefox\Profiles\6v7g730b.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - plugin: c:\documents and settings\Freddie\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbaam7a8h ", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgberp4a5d4ar ", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled ", false);
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
MSConfigStartUp-uTorrent - c:\program files\uTorrent\uTorrent.exe

.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1388)
c:\program files\Citrix\GoToAssist\514\G2AWinLogon.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll

- - - - - - - > 'explorer.exe'(2504)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\Ati2evxx.exe
c:\program files\Uniblue\PowerSuite\powersuite.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Analog Devices\SoundMAX\spkrmon.exe
c:\program files\Common Files\McAfee\SystemCore\mcshield.exe
c:\windows\system32\wscntfy.exe
c:\program files\Uniblue\SpeedUpMyPC\sump.exe
c:\program files\Uniblue\RegistryBooster\registrybooster.exe
c:\progra~1\McAfee\MSM\McSmtFwk.exe
c:\progra~1\COMMON~1\McAfee\MSC\McUICnt.exe
c:\progra~1\mcafee.com\agent\mcupdate.exe
.
**************************************************************************
.
Completion time: 2010-10-18 21:50:59 - machine was rebooted
ComboFix-quarantined-files.txt 2010-10-19 01:50

Pre-Run: 21,399,576,576 bytes free
Post-Run: 22,335,508,480 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT= "Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug= "do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS= "Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

- - End Of File - - E829046555E10F6EBF0AB7D3FEB7DD43

Fredx · 2010/10/18

Before I ran the last scan I was unable to keep my virus scan turned on. I'd turn it back on then it would turn off on it own. Could this be a virus doing this?

broni · 2010/10/18

Very possible.
Is it still happening after Combofix run?

Please, uninstall Uniblue RegistryBooster.
Registry tools are not recommended and here is why: http://miekiemoes.blogspot.com/2008/02/registry-cleaners-and-system-tweaking_13.html

Fredx · 2010/10/18

Should I uninstall all of the Uniblue software?
I have Uniblue Power Suite that has Registry Booster, Speed up My PC and Driver Scanner as part of the whole program?

Log in or Sign up

Solved Computer acting up

Fredx Inactive Thread Starter

broni Moderator Malware Analyst

Fredx Inactive Thread Starter

Fredx Inactive Thread Starter

broni Moderator Malware Analyst

Fredx Inactive Thread Starter

Fredx Inactive Thread Starter

broni Moderator Malware Analyst

Fredx Inactive Thread Starter

broni Moderator Malware Analyst

Fredx Inactive Thread Starter

broni Moderator Malware Analyst

Fredx Inactive Thread Starter

broni Moderator Malware Analyst

Fredx Inactive Thread Starter

broni Moderator Malware Analyst

Fredx Inactive Thread Starter

Fredx Inactive Thread Starter

broni Moderator Malware Analyst

Fredx Inactive Thread Starter

Share This Page

Log in or Sign up

Solved Computer acting up

Fredx Inactive Thread Starter

broni Moderator Malware Analyst

Fredx Inactive Thread Starter

Fredx Inactive Thread Starter

broni Moderator Malware Analyst

Fredx Inactive Thread Starter

Fredx Inactive Thread Starter

broni Moderator Malware Analyst

Fredx Inactive Thread Starter

broni Moderator Malware Analyst

Fredx Inactive Thread Starter

broni Moderator Malware Analyst

Fredx Inactive Thread Starter

broni Moderator Malware Analyst

Fredx Inactive Thread Starter

broni Moderator Malware Analyst

Fredx Inactive Thread Starter

Fredx Inactive Thread Starter

broni Moderator Malware Analyst

Fredx Inactive Thread Starter

Share This Page

Useful Searches