Jump to content

El Tel

Advanced Member
  • Content Count

    322
  • Joined

  • Last visited

Everything posted by El Tel

  1. Hi Tom K Well spotted I need to get stronger glasses. I note this will disconnect me from their PC Umm... I think I will wait until I can get to my Sisters in the morning, I fancy one of her "Mega Full English Fry Ups". Regards El Tel
  2. Hi Tom K Name: ÍøÖ·´óÈ« Publisher: Not Available Type: Browser Extension Version: Not available File date: Date last accessed: ‎04 ‎May ‎2011, ‏‎09:22 Class ID: {C18CB140-0BBB-11D4-8FE8-0088CC102438} Use count: 1660 Block count: 47 File: Not available Folder: Not available The sign in question there is only a "Continue" button, nothing that Say's remember me to tick. Some more information that I managed to get out of him, was that when he was out the room his daughter, with permission did use his PC to check her mail, there was two sign in details to which his daughters was deleted leaving his details as in the image. I did remind him that there is a "Guest" account for this purpose, but that somehow got forgot. Regards El Tel
  3. Hi Tom K Widows Up-Dated OK, when checking the History of all Up-Dates, most of the errors were old, a few from last year. None have been hidden and I couldn't see a way to try to re-install them. Perhaps they got sorted out with the ones that were successful. Now for Explorer 9 Up-Date I've left that with him for when hes get back home. My Sisters Laptop has Windows 7 thats I have just Up-Dated to, just waiting for there verdict on the way it works. I personally HATE it from what I've seen and used by Remote Access. I'm glad that new version is not available to me on XP. There is still two problems and I will start a New Topic if they can't be sorted here. Below are Screen Shots This one is the highlighted in Blue While this one is to do with Auto Signing into My MSN UK... (This one is also on one of my own PC's, but it comes and goes from time to time without out any interference from me and with no settings altered.) Both my Sisters Laptop, my Brother-In-Laws PC used to sign in with no problem. Not sure if these are related to any Up-Dates or something that has been added by mistake. Regards El Tel
  4. Dunn'a be shy...

    Why not leave a comment good or bad...

    I can stand constructive criticism.

  5. Hi Tom K As it is my Brother-In-Laws PC and I was connected up remotely, I have left him to see how it is preforming. I will do / try the Windows Up-Date errors 1st thing in the morning. Many Thanks for all your help so far you are a man. Regards El Tel
  6. Hi Tom K Followed your instruction properly this time... Java up-dated ok cleaned out Temporary Cache, Application & Applets, and the Trace Log. I did make it to check on a weekly rather than Monthly. . DDS (Ver_11-03-05.01) - NTFS_AMD64 Run by El Tel at 19:34:58.36 on 03/05/2011 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_25 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.2815.1637 [GMT 1:00] . AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD- ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D- 96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG10\avgchsva.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\nvvsvc.exe C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe C:\Windows\system32\lxeacoms.exe C:\Program Files (x86)\NTR global\NTRconnect\NTRconnect.exe C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe C:\Program Files (x86)\AVG\AVG10\avgnsa.exe C:\Program Files (x86)\AVG\AVG10\avgemca.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\SysWOW64\rundll32.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe C:\Windows\vsnpstd3.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\QuickTime\qttask.exe C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe C:\Program Files (x86)\AVG\AVG10\avgtray.exe C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe C:\PROGRA~2\AVG\AVG10\avgrsa.exe C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe C:\Windows\system32\msiexec.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\El Tel\Downloads\Virus Tools\CDRS Script\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx? b=ACPW&l=0809&m=imedia_s3210&r=173602101606p03d5v135y4923924n mDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx? b=ACPW&l=0809&m=imedia_s3210&r=173602101606p03d5v135y4923924n mStart Page = hxxp://homepage.packardbell.com/rdr.aspx? b=ACPW&l=0809&m=imedia_s3210&r=173602101606p03d5v135y4923924n mWinlogon: Userinit=userinit.exe, BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - C:\Program Files \Lexmark Toolbar\toolband.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C: \Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - C:\Program Files \Lexmark Printable Web\bho.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C: \Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - C:\Program Files\Lexmark Toolbar\toolband.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader \Reader_sl.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime mRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe mRun: [sSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update \jusched.exe" mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM IE: Check &Spelling - C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component \GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM IE: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://C:\Program Files\ieSpell \iespell.dll/SPELLCHECK.HTM IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://C:\Program Files\ieSpell \iespell.dll/SPELLOPTION.HTM IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB- E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C- F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B- 96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL LSP: %SYSTEMROOT%\system32\nvLsp.dll DPF: {0FADB9AA-6955-4319-B538-BB1461E11A28} - hxxps://www.ntrconnect.com/main/mod/setup/beta/ntrplugin1242v_2.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos- beta/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll TB-X64: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe mRun-x64: [lxeamon.exe] "C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe" mRun-x64: [EzPrint] "C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe" mRun-x64: [snpstd3] C:\Windows\vsnpstd3.exe . ================= FIREFOX =================== . FF - ProfilePath - . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-12-22 55024] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-12-8 308304] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers \avgmfx64.sys [2010-9-7 41040] R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-11-12 382032] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6 -29 128752] R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe \Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-8 169312] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection \Agent\Bin\AVGIDSAgent.exe [2011-1-6 6128720] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400] R2 Greg_Service;GRegService;C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [2009-8-28 1150496] R2 lxea_device;lxea_device;C:\Windows\system32\lxeacoms.exe -service --> C:\Windows \system32\lxeacoms.exe -service [?] R2 ntrconnect;ntrconnect;C:\Program Files (x86)\NTR global\NTRconnect\NTRconnect.exe [2010-2-11 403184] R2 OberonGameConsoleService;Oberon Media Game Console service;C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe [2009-10-28 44312] R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-2-1 583640] R2 Updater Service;Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater \UpdaterService.exe [2009-10-28 240160] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8- 19 157264] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-19 35920] R3 NTRvdd;NTRvdd;C:\Windows\System32\drivers\NTRvdd.sys [2010-12-12 28216] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers \nvhda64v.sys [2009-10-28 83488] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C: \Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C: \Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;C:\Windows\System32\spool \drivers\x64\3\lxeaserv.exe [2010-10-26 45736] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-2-13 48488] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352] S3 nosGetPlusHelper;getPlus® Helper 3004;C:\Windows\System32\svchost.exe -k nosGetPlusHelper [2009-7-14 27136] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat \WatAdminSvc.exe [2010-8-28 1255736] . =============== Created Last 30 ================ . 2011-05-03 06:47:38 -------- d-----w- C:\Users\ELTEL~1\AppData\Local \{390F89BD-851B-4FE9-96A6-D0C736EE2C70} 2011-05-02 16:51:20 -------- d-----w- C:\Program Files (x86)\ESET 2011-05-02 16:29:41 -------- d-----w- C:\Users\ELTEL~1\AppData\Local\{6D02BC31- 911A-4792-9DE9-1CAE7903973B} 2011-05-01 18:01:33 -------- d-----w- C:\Users\ELTEL~1\AppData\Local\{79674D28- 82CB-40BA-AF9F-245C3C3380DF} 2011-04-30 06:19:55 -------- d-----w- C:\Users\ELTEL~1\AppData\Local \{01A06640-624F-41BD-A844-FA8B5ADC1561} 2011-04-28 16:58:57 -------- d-----w- C:\Users\ELTEL~1\AppData\Roaming \SUPERAntiSpyware.com 2011-04-28 16:58:57 -------- d-----w- C:\PROGRA~3\SUPERAntiSpyware.com 2011-04-28 16:58:47 -------- d-----w- C:\PROGRA~3\!SASCORE 2011-04-28 16:58:45 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2011-04-28 13:07:25 388096 ----a-r- C:\Users\ELTEL~1\AppData\Roaming \Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-04-28 10:23:22 -------- d-----w- C:\Users\ELTEL~1\AppData\Roaming \Malwarebytes 2011-04-28 10:23:17 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys 2011-04-28 10:23:16 -------- d-----w- C:\PROGRA~3\Malwarebytes 2011-04-28 10:23:13 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-04-28 10:23:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-04-28 09:38:13 -------- d-----w- C:\Users\ELTEL~1\AppData\Local \{1D3A2E4C-179E-4169-A2EA-6F77D38D8E6A} 2011-04-27 13:39:18 -------- d-----w- C:\Users\ELTEL~1\AppData\Local\{53C3A166- C5F7-4053-9D42-B6EE70ABEECC} 2011-04-27 12:53:44 2870272 ----a-w- C:\Windows\explorer.exe 2011-04-27 12:53:42 2614784 ----a-w- C:\Windows\SysWow64\explorer.exe 2011-04-27 12:51:30 662528 ----a-w- C:\Windows\System32\XpsPrint.dll 2011-04-27 12:51:30 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2011-04-27 12:50:09 2566144 ----a-w- C:\Windows\System32\esent.dll 2011-04-27 12:50:09 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2011-04-27 12:50:08 410496 ----a-w- C:\Windows\System32\drivers \iaStorV.sys 2011-04-27 12:50:08 27008 ----a-w- C:\Windows\System32\drivers \amdxata.sys 2011-04-27 12:50:08 187264 ----a-w- C:\Windows\System32\drivers \storport.sys 2011-04-27 12:50:08 1686016 ----a-w- C:\Windows\SysWow64\esent.dll 2011-04-27 12:50:08 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys 2011-04-27 12:50:08 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys 2011-04-27 12:50:08 107904 ----a-w- C:\Windows\System32\drivers \amdsata.sys 2011-04-27 12:50:07 96768 ----a-w- C:\Windows\System32\fsutil.exe 2011-04-27 12:50:07 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe 2011-04-27 12:48:25 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe 2011-04-27 12:48:25 31232 ----a-w- C:\Windows\System32\prevhost.exe 2011-04-27 12:32:16 -------- d-----w- C:\Users\ELTEL~1\AppData\Local\{92C0150D- F102-47D8-84E4-7CE651F01DB1} 2011-04-26 21:12:14 -------- d-----w- C:\Program Files (x86)\Trend Micro 2011-04-26 21:07:38 -------- d-----w- C:\Users\ELTEL~1\AppData\Local \{58E61256-2807-4F73-84F9-F52220B7FD4D} 2011-04-26 20:41:01 -------- d-----w- C:\Users\ELTEL~1\AppData\Local\Google 2011-04-14 10:40:02 32592 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins \np_gp.dll 2011-04-14 10:27:46 -------- d-----w- C:\Users\ELTEL~1\AppData\Local\{0FF0A447- 8A59-4320-A5BF-14D41D3675BD} 2011-04-14 05:52:57 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-04-14 02:39:02 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox \plugins\nppdf32.dll 2011-04-14 02:39:02 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll 2011-04-13 10:54:35 -------- d-----w- C:\Users\ELTEL~1\AppData\Local\{6AE3DC88- D390-4262-A384-7FB20B8BDF7C} . ==================== Find3M ==================== . 2011-04-14 04:07:59 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2011-03-11 06:19:26 1395712 ----a-w- C:\Windows\System32\mfc42.dll 2011-03-11 06:19:26 1359872 ----a-w- C:\Windows\System32\mfc42u.dll 2011-03-11 05:40:24 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll 2011-03-11 05:40:24 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll 2011-03-08 06:14:30 976896 ----a-w- C:\Windows\System32\inetcomm.dll 2011-03-08 05:38:13 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll 2011-03-04 06:17:25 135168 ----a-w- C:\Windows\apppatch \AppPatch64\AcXtrnal.dll 2011-03-04 06:17:24 347648 ----a-w- C:\Windows\apppatch \AppPatch64\AcLayers.dll 2011-03-03 06:17:10 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll 2011-03-03 06:14:38 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe 2011-03-03 05:27:30 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe 2011-03-03 03:58:32 3133440 ----a-w- C:\Windows\System32\win32k.sys 2011-02-24 06:30:00 476160 ----a-w- C:\Windows \System32\XpsGdiConverter.dll 2011-02-24 06:29:15 1197056 ----a-w- C:\Windows\System32\wininet.dll 2011-02-24 06:24:57 57856 ----a-w- C:\Windows\System32\licmgr10.dll 2011-02-24 05:32:52 288256 ----a-w- C:\Windows \SysWow64\XpsGdiConverter.dll 2011-02-24 05:30:16 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll 2011-02-24 05:05:13 482816 ----a-w- C:\Windows\System32\html.iec 2011-02-24 04:24:04 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2011-02-24 04:23:48 386048 ----a-w- C:\Windows\SysWow64\html.iec 2011-02-24 03:50:26 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-02-23 05:16:28 461312 ----a-w- C:\Windows\System32\drivers\srv.sys 2011-02-23 05:16:01 401920 ----a-w- C:\Windows\System32\drivers\srv2.sys 2011-02-23 05:15:50 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys 2011-02-23 05:15:27 157696 ----a-w- C:\Windows\System32\drivers \mrxsmb.sys 2011-02-23 05:15:14 286720 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2011-02-23 05:15:13 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2011-02-23 05:15:06 90624 ----a-w- C:\Windows\System32\drivers \bowser.sys 2011-02-19 06:37:44 1135104 ----a-w- C:\Windows\System32\FntCache.dll 2011-02-19 06:37:10 1540608 ----a-w- C:\Windows\System32\DWrite.dll 2011-02-19 06:36:49 902656 ----a-w- C:\Windows\System32\d2d1.dll 2011-02-19 06:36:13 46080 ----a-w- C:\Windows\System32\atmlib.dll 2011-02-19 05:32:48 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll 2011-02-19 05:32:35 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2011-02-19 05:32:08 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2011-02-19 04:13:39 367104 ----a-w- C:\Windows\System32\atmfd.dll 2011-02-19 03:37:02 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll 2011-02-18 06:37:05 612352 ----a-w- C:\Windows\System32\vbscript.dll 2011-02-18 05:36:26 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll 2011-02-12 06:14:41 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe 2011-02-05 12:41:43 556928 ----a-w- C:\Windows\System32\winresume.efi 2011-02-05 12:41:35 640896 ----a-w- C:\Windows\System32\winload.efi 2011-02-05 12:41:24 20352 ----a-w- C:\Windows\System32\kdusb.dll 2011-02-05 12:41:24 19328 ----a-w- C:\Windows\System32\kd1394.dll 2011-02-05 12:41:23 17792 ----a-w- C:\Windows\System32\kdcom.dll 2011-02-05 12:39:21 603976 ----a-w- C:\Windows\System32\winload.exe 2011-02-05 12:39:21 518160 ----a-w- C:\Windows\System32\winresume.exe . ============= FINISH: 19:35:34.40 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_11-03-05.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 07/02/2010 13:25:37 System Uptime: 03/05/2011 19:21:49 (0 hours ago) . Motherboard: Packard Bell | | WMCP78M Processor: AMD Athlon™ II X3 425 Processor | Socket AM2 | 2700/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 143 GiB total, 103.107 GiB free. D: is FIXED (NTFS) - 143 GiB total, 142.686 GiB free. E: is CDROM () F: is Removable G: is Removable H: is Removable I: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP81: 27/04/2011 13:34:06 - Restore Operation RP82: 27/04/2011 13:41:37 - Windows Update RP83: 27/04/2011 14:24:33 - Adobe AVG Up Dated All Looking Well So Far RP84: 27/04/2011 14:55:16 - All Looks OK Auto Up Dates ON AVG Up Dated RP85: 27/04/2011 14:56:02 - Windows Update RP86: 27/04/2011 15:37:20 - All Up Date Sorted All Looking Well RP87: 28/04/2011 14:07:05 - Installed HiJackThis RP88: 02/05/2011 20:24:24 - Re-Boot OK after a Clean Start RP89: 03/05/2011 19:28:32 - Installed Java™ 6 Update 25 . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 2007 Microsoft Office Suite Service Pack 2 (SP2) ABBYY FineReader 6.0 Sprint Acrobat.com Adobe AIR Adobe Download Manager Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Photoshop Elements 7.0 Adobe Reader 9.4.4 MUI Adobe Shockwave Player 11.5 Advertising Center Alice Greenfingers Amazonia Aspell English Dictionary-0.50-2 Block Porn(remove only) Chicken Invaders 2 CM4 Compatibility Pack for the 2007 Office system D3DX10 Dairy Dash Dream Day First Home EAX Unified eBay Worldwide Expenses for Ministry Farm Frenzy 2 First Class Flurry GNU Aspell 0.50-3 Granny In Paradise greenstreet Draw 3.0 greenstreet Publisher 3.13 greenstreet Utilities Heroes of Hellas HiJackThis Identity Card ieSpell ImagXpress Java Auto Updater Java™ 6 Update 25 Junk Mail filter update Lexmark Printable Web Lexmark Toolbar Lexmark Tools for Office Malwarebytes' Anti-Malware Merriam Websters Spell Jam Metaboli Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office Live Add-in 1.3 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Works Mozilla Firefox (3.6.10) MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 9 Essentials Nero ControlCenter Nero DiscSpeed Nero DiscSpeed Help Nero DriveSpeed Nero DriveSpeed Help Nero Express Help Nero InfoTool Nero InfoTool Help Nero Installer Nero Online Upgrade Nero StartSmart Nero StartSmart Help Nero StartSmart OEM NeroExpress neroxml Notepad++ NTRConnect NVIDIA ForceWare Network Access Manager Packard Bell GameZone Console Packard Bell InfoCentre Packard Bell Recovery Management Packard Bell Registration Packard Bell ScreenSaver Packard Bell Software Suite SE Packard Bell Updater Play Disney's Tigger's Honey Hunt Puppy Luv A New Breed QuickTime Realtek High Definition Audio Driver Registry Mechanic 10.0 Search for the Secret Keys Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB2466156) Security Update for 2007 Microsoft Office System (KB2509488) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft Office Excel 2007 (KB2464583) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB2464594) Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Update for 2007 Microsoft Office System (KB2284654) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Visual C++ 8.0 Runtime Setup Package (x64) Visual Studio 2008 x64 Redistributables Welcome Center Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinPatrol . ==== Event Viewer Messages From Past Week ======== . 29/04/2011 21:54:11, Error: Microsoft-Windows-WMPNSS-Service [14365] - Proximity detection failed due to unknown error '0x80004004'. The best proximity time detected was -1 milliseconds. 28/04/2011 16:23:48, Error: Microsoft-Windows-DistributedCOM [10016] - The application- specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user dixon-PC\El Tel SID (S-1-5-21- 909527836-1280678326-320050609-1003) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 28/04/2011 16:23:48, Error: Microsoft-Windows-DistributedCOM [10016] - The application- specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user dixon-PC\El Tel SID (S-1-5-21- 909527836-1280678326-320050609-1003) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 27/04/2011 11:12:07, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Update for Windows 7 for x64-based Systems (KB982018). 27/04/2011 11:02:51, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Update for Windows 7 for x64-based Systems (KB2522422). 27/04/2011 11:02:51, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Update for Windows 7 for x64-based Systems (KB2515325). 27/04/2011 11:02:51, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Update for Windows 7 for x64-based Systems (KB2492386). 03/05/2011 19:22:27, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxeaCATSCustConnectService service to connect. 03/05/2011 19:22:27, Error: Service Control Manager [7000] - The lxeaCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File =========================== I note there are some Windows Up-Date errors that I need to sort out. Regards El Tel Edit Typos
  7. Hi Tom K As you can tell I manged to unravel my yesterday mistakes, below is the Log File requested C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\ea90b40-315c8fb5 multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\61e17f8b-5c0a8b81 multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\3cc664c-60d50c6f Java/TrojanDownloader.OpenStream.NBS trojan C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\671a8acc-63cfd8af multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\1623eb0d-1cf3073d a variant of Java/TrojanDownloader.OpenStream.NBV trojan C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\3c15550e-4066262b multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\4491a0ce-79f64a18 multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\7a43fc8f-3752894f a variant of Java/TrojanDownloader.OpenStream.NBM trojan C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\37841f52-1163668e multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3b1f9752-3410170f multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\40fa5453-753e1d37 a variant of Java/TrojanDownloader.OpenConnection.MU trojan C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\4e2d6d53-3e2612e2 a variant of Java/TrojanDownloader.OpenStream.NBM trojan C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\57b9b494-37d1f0e7 multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\4e16e85c-3c2088cd multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\1b5bc45d-19d89a17 multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\642c9e1f-6f02baf4 Java/TrojanDownloader.OpenConnection.CU trojan C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\3c061da0-44f425fb multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\596f0d21-14d53503 multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\631320a1-12591044 multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\585069a2-59f14339 multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\680ae462-72c51d32 multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\5dc585a4-194beadd multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\bd5f8a4-12a62926 a variant of Java/TrojanDownloader.OpenStream.NBV trojan C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\357b8ba7-45b38a5f multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\1dd8e368-7f076aaf multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\657c8c28-3c14f5e1 multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\3cb543ea-5f14d4a8 a variant of Java/TrojanDownloader.OpenStream.NBF trojan C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\7292abea-2f05101a multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\7d92c22a-657ef110 multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\54529aec-2361eeaa a variant of Java/TrojanDownloader.OpenStream.NBF trojan C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4fb8e06e-694476d9 multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\571a22b0-1c674204 a variant of Java/TrojanDownloader.OpenStream.NBF trojan C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\5e8fad71-17d52d2b multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\221732c5-1dabbb26 multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\5cabd233-741c0c89 a variant of Java/TrojanDownloader.OpenStream.NBV trojan C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\e5acb8-25629974 a variant of Java/TrojanDownloader.OpenStream.NBF trojan C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\268abc7b-1b154dd4 multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\6008ac86-689337c4 multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\36fd777c-4bee78f0 a variant of Java/TrojanDownloader.OpenStream.NBF trojan C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\4fffbfbc-5761e783 Java/TrojanDownloader.OpenStream.NAX trojan C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\7225587d-3141a043 multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\6da3faff-251fee91 multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\1693fbc7-191dc8f0 multiple threats C:\Users\Bryn Limited\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\74bbd789-72be9d97 multiple threats Regards El Tel
  8. Hi Tom K Now please don't shout at me as there is not much of a log file. I omitted the Un-Check "Remove Treats Found" stopped at approx 43% then un-installed, restarted then un checked the box I should have done on the first attempt. [email protected] as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK Now all 53 offending NQF files files have gone into a Quarantine Folder. If necessary I did see an un-quarantine button and I won't mind if I have to do it again. I have Re-Booted and all seems well and created two more "Restore Points" Regards El Tel
  9. Hi. Before I posted my question in User To User with "User Accounts & Hyjackthis" usage. I had to do a System Restore from an Administrator Account to get Internet access back on the affected Limited User Account. This was all preformed by Remote Access. Since then I have ran CCleaner, Malwarebytes, SuperAntiSpyWare My mini log so I don't lose track 19 files in the virus MalwareBytes vault from yesterday. Ran MalwareBytes Full Scan 08:05 30/04/2011 Nothing found SupperAntiSpayWare found File threats detected : 255 Yesterday Now going 2 run SuperAntiSpyWare full Scan FREE 47 Tracking cookies of which 3 were mine to do with signing in2 MSN etc Deleted 43 Saved 3 of mine Re-Boot required. 09:14 30/04/2011 Re-Boot was very quick. Running SupperAntiSpyWare again to check my 3 Cookies out... Not sure if I saved them or what Apart from that SupperAntiSpyWare all clean 10:28 30/04/2011 Ran DDS have 2 log file to post on PCPitStop 10:36 30/04/2011 Posted below . DDS (Ver_11-03-05.01) - NTFS_AMD64 Run by El Tel at 10:30:27.80 on 30/04/2011 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.2815.1453 [GMT 1:00] . AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG10\avgchsva.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\nvvsvc.exe C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe C:\Windows\system32\lxeacoms.exe C:\Program Files (x86)\NTR global\NTRconnect\NTRconnect.exe C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe C:\Program Files (x86)\AVG\AVG10\avgnsa.exe C:\Program Files (x86)\AVG\AVG10\avgemca.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\SysWOW64\rundll32.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe C:\Windows\vsnpstd3.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\QuickTime\qttask.exe C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe C:\Program Files (x86)\AVG\AVG10\avgtray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Windows\system32\conhost.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\taskmgr.exe C:\Windows\system32\DllHost.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\PROGRA~2\AVG\AVG10\avgrsa.exe C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\El Tel\Downloads\Virus Tools\CDRS Script\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0809&m=imedia_s3210&r=173602101606p03d5v135y4923924n mDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0809&m=imedia_s3210&r=173602101606p03d5v135y4923924n mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0809&m=imedia_s3210&r=173602101606p03d5v135y4923924n mWinlogon: Userinit=userinit.exe, BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - C:\Program Files\Lexmark Toolbar\toolband.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX \AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper \SEPsearchhelperie.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared \Windows Live\WindowsLiveLogin.dll BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - C:\Program Files\Lexmark Printable Web\bho.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - C:\Program Files\Lexmark Toolbar\toolband.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime mRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [sSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM IE: Check &Spelling - C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component \GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM IE: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live \Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C: \PROGRA~2\MICROS~1\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C: \PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL LSP: %SYSTEMROOT%\system32\nvLsp.dll DPF: {0FADB9AA-6955-4319-B538-BB1461E11A28} - hxxps://www.ntrconnect.com/main/mod/setup/beta/ntrplugin1242v_2.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery \AlbumDownloadProtocolHandler.dll BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared \Windows Live\WindowsLiveLogin.dll TB-X64: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe mRun-x64: [lxeamon.exe] "C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe" mRun-x64: [EzPrint] "C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe" mRun-x64: [snpstd3] C:\Windows\vsnpstd3.exe . ================= FIREFOX =================== . FF - ProfilePath - . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-12-22 55024] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-12-8 308304] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040] R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-11-12 382032] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752] R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-8 169312] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-1-6 6128720] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400] R2 Greg_Service;GRegService;C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [2009-8-28 1150496] R2 lxea_device;lxea_device;C:\Windows\system32\lxeacoms.exe -service --> C:\Windows\system32\lxeacoms.exe -service [?] R2 ntrconnect;ntrconnect;C:\Program Files (x86)\NTR global\NTRconnect\NTRconnect.exe [2010-2-11 403184] R2 OberonGameConsoleService;Oberon Media Game Console service;C:\Program Files (x86)\Packard Bell GameZone\GameConsole \OberonGameConsoleService.exe [2009-10-28 44312] R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor \StartManSvc.exe [2011-2-1 583640] R2 Updater Service;Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2009-10-28 240160] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-19 157264] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-19 35920] R3 NTRvdd;NTRvdd;C:\Windows\System32\drivers\NTRvdd.sys [2010-12-12 28216] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2009-10-28 83488] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework \v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;C:\Windows\System32\spool\drivers\x64\3\lxeaserv.exe [2010-10-26 45736] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-2-13 48488] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352] S3 nosGetPlusHelper;getPlus® Helper 3004;C:\Windows\System32\svchost.exe -k nosGetPlusHelper [2009-7-14 27136] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-28 1255736] . =============== Created Last 30 ================ . 2011-04-30 06:19:55 -------- d-----w- C:\Users\ELTEL~1\AppData\Local\{01A06640-624F-41BD-A844-FA8B5ADC1561} 2011-04-28 16:58:57 -------- d-----w- C:\Users\ELTEL~1\AppData\Roaming\SUPERAntiSpyware.com 2011-04-28 16:58:57 -------- d-----w- C:\PROGRA~3\SUPERAntiSpyware.com 2011-04-28 16:58:47 -------- d-----w- C:\PROGRA~3\!SASCORE 2011-04-28 16:58:45 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2011-04-28 13:07:25 388096 ----a-r- C:\Users\ELTEL~1\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4- 12FCBA4883D7}\HiJackThis.exe 2011-04-28 10:23:22 -------- d-----w- C:\Users\ELTEL~1\AppData\Roaming\Malwarebytes 2011-04-28 10:23:17 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys 2011-04-28 10:23:16 -------- d-----w- C:\PROGRA~3\Malwarebytes 2011-04-28 10:23:13 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-04-28 10:23:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-04-28 09:38:13 -------- d-----w- C:\Users\ELTEL~1\AppData\Local\{1D3A2E4C-179E-4169-A2EA-6F77D38D8E6A} 2011-04-27 13:39:18 -------- d-----w- C:\Users\ELTEL~1\AppData\Local\{53C3A166-C5F7-4053-9D42-B6EE70ABEECC} 2011-04-27 12:53:44 2870272 ----a-w- C:\Windows\explorer.exe 2011-04-27 12:53:42 2614784 ----a-w- C:\Windows\SysWow64\explorer.exe 2011-04-27 12:51:30 662528 ----a-w- C:\Windows\System32\XpsPrint.dll 2011-04-27 12:51:30 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2011-04-27 12:50:09 2566144 ----a-w- C:\Windows\System32\esent.dll 2011-04-27 12:50:09 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2011-04-27 12:50:08 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys 2011-04-27 12:50:08 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys 2011-04-27 12:50:08 187264 ----a-w- C:\Windows\System32\drivers\storport.sys 2011-04-27 12:50:08 1686016 ----a-w- C:\Windows\SysWow64\esent.dll 2011-04-27 12:50:08 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys 2011-04-27 12:50:08 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys 2011-04-27 12:50:08 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys 2011-04-27 12:50:07 96768 ----a-w- C:\Windows\System32\fsutil.exe 2011-04-27 12:50:07 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe 2011-04-27 12:48:25 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe 2011-04-27 12:48:25 31232 ----a-w- C:\Windows\System32\prevhost.exe 2011-04-27 12:32:16 -------- d-----w- C:\Users\ELTEL~1\AppData\Local\{92C0150D-F102-47D8-84E4-7CE651F01DB1} 2011-04-26 21:12:14 -------- d-----w- C:\Program Files (x86)\Trend Micro 2011-04-26 21:07:38 -------- d-----w- C:\Users\ELTEL~1\AppData\Local\{58E61256-2807-4F73-84F9-F52220B7FD4D} 2011-04-26 20:41:01 -------- d-----w- C:\Users\ELTEL~1\AppData\Local\Google 2011-04-14 10:40:02 32592 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll 2011-04-14 10:27:46 -------- d-----w- C:\Users\ELTEL~1\AppData\Local\{0FF0A447-8A59-4320-A5BF-14D41D3675BD} 2011-04-14 05:52:57 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-04-14 02:39:02 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll 2011-04-14 02:39:02 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll 2011-04-13 10:54:35 -------- d-----w- C:\Users\ELTEL~1\AppData\Local\{6AE3DC88-D390-4262-A384-7FB20B8BDF7C} . ==================== Find3M ==================== . 2011-03-11 06:19:26 1395712 ----a-w- C:\Windows\System32\mfc42.dll 2011-03-11 06:19:26 1359872 ----a-w- C:\Windows\System32\mfc42u.dll 2011-03-11 05:40:24 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll 2011-03-11 05:40:24 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll 2011-03-08 06:14:30 976896 ----a-w- C:\Windows\System32\inetcomm.dll 2011-03-08 05:38:13 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll 2011-03-04 06:17:25 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2011-03-04 06:17:24 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2011-03-03 06:17:10 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll 2011-03-03 06:14:38 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe 2011-03-03 05:27:30 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe 2011-03-03 03:58:32 3133440 ----a-w- C:\Windows\System32\win32k.sys 2011-02-24 06:30:00 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2011-02-24 06:29:15 1197056 ----a-w- C:\Windows\System32\wininet.dll 2011-02-24 06:24:57 57856 ----a-w- C:\Windows\System32\licmgr10.dll 2011-02-24 05:32:52 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2011-02-24 05:30:16 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll 2011-02-24 05:05:13 482816 ----a-w- C:\Windows\System32\html.iec 2011-02-24 04:24:04 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2011-02-24 04:23:48 386048 ----a-w- C:\Windows\SysWow64\html.iec 2011-02-24 03:50:26 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-02-23 05:16:28 461312 ----a-w- C:\Windows\System32\drivers\srv.sys 2011-02-23 05:16:01 401920 ----a-w- C:\Windows\System32\drivers\srv2.sys 2011-02-23 05:15:50 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys 2011-02-23 05:15:27 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2011-02-23 05:15:14 286720 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2011-02-23 05:15:13 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2011-02-23 05:15:06 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys 2011-02-19 06:37:44 1135104 ----a-w- C:\Windows\System32\FntCache.dll 2011-02-19 06:37:10 1540608 ----a-w- C:\Windows\System32\DWrite.dll 2011-02-19 06:36:49 902656 ----a-w- C:\Windows\System32\d2d1.dll 2011-02-19 06:36:13 46080 ----a-w- C:\Windows\System32\atmlib.dll 2011-02-19 05:32:48 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll 2011-02-19 05:32:35 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2011-02-19 05:32:08 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2011-02-19 04:13:39 367104 ----a-w- C:\Windows\System32\atmfd.dll 2011-02-19 03:37:02 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll 2011-02-18 06:37:05 612352 ----a-w- C:\Windows\System32\vbscript.dll 2011-02-18 05:36:26 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll 2011-02-12 06:14:41 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe 2011-02-05 12:41:43 556928 ----a-w- C:\Windows\System32\winresume.efi 2011-02-05 12:41:35 640896 ----a-w- C:\Windows\System32\winload.efi 2011-02-05 12:41:24 20352 ----a-w- C:\Windows\System32\kdusb.dll 2011-02-05 12:41:24 19328 ----a-w- C:\Windows\System32\kd1394.dll 2011-02-05 12:41:23 17792 ----a-w- C:\Windows\System32\kdcom.dll 2011-02-05 12:39:21 603976 ----a-w- C:\Windows\System32\winload.exe 2011-02-05 12:39:21 518160 ----a-w- C:\Windows\System32\winresume.exe . ============= FINISH: 10:31:03.54 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_11-03-05.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 07/02/2010 13:25:37 System Uptime: 30/04/2011 09:14:51 (1 hours ago) . Motherboard: Packard Bell | | WMCP78M Processor: AMD Athlon™ II X3 425 Processor | Socket AM2 | 2700/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 143 GiB total, 103.334 GiB free. D: is FIXED (NTFS) - 143 GiB total, 142.686 GiB free. E: is CDROM () F: is Removable G: is Removable H: is Removable I: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP78: 27/04/2011 07:24:34 - Hopefully Remove Back Door Trojan csrss exe RP79: 27/04/2011 07:52:03 - Windows Update RP80: 27/04/2011 13:21:19 - Windows Update RP81: 27/04/2011 13:34:06 - Restore Operation RP82: 27/04/2011 13:41:37 - Windows Update RP83: 27/04/2011 14:24:33 - Adobe AVG Up Dated All Looking Well So Far RP84: 27/04/2011 14:55:16 - All Looks OK Auto Up Dates ON AVG Up Dated RP85: 27/04/2011 14:56:02 - Windows Update RP86: 27/04/2011 15:37:20 - All Up Date Sorted All Looking Well RP87: 28/04/2011 14:07:05 - Installed HiJackThis . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 2007 Microsoft Office Suite Service Pack 2 (SP2) ABBYY FineReader 6.0 Sprint Acrobat.com Adobe AIR Adobe Download Manager Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Photoshop Elements 7.0 Adobe Reader 9.4.4 MUI Adobe Shockwave Player 11.5 Advertising Center Alice Greenfingers Amazonia Aspell English Dictionary-0.50-2 Block Porn(remove only) Chicken Invaders 2 CM4 Compatibility Pack for the 2007 Office system D3DX10 Dairy Dash Dream Day First Home EAX Unified eBay Worldwide Expenses for Ministry Farm Frenzy 2 First Class Flurry GNU Aspell 0.50-3 Granny In Paradise greenstreet Draw 3.0 greenstreet Publisher 3.13 greenstreet Utilities Heroes of Hellas HiJackThis Identity Card ieSpell ImagXpress Java Auto Updater Java™ 6 Update 22 Junk Mail filter update Lexmark Printable Web Lexmark Toolbar Lexmark Tools for Office Malwarebytes' Anti-Malware Merriam Websters Spell Jam Metaboli Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office Live Add-in 1.3 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Works Mozilla Firefox (3.6.10) MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 9 Essentials Nero ControlCenter Nero DiscSpeed Nero DiscSpeed Help Nero DriveSpeed Nero DriveSpeed Help Nero Express Help Nero InfoTool Nero InfoTool Help Nero Installer Nero Online Upgrade Nero StartSmart Nero StartSmart Help Nero StartSmart OEM NeroExpress neroxml Notepad++ NTRConnect NVIDIA ForceWare Network Access Manager Packard Bell GameZone Console Packard Bell InfoCentre Packard Bell Recovery Management Packard Bell Registration Packard Bell ScreenSaver Packard Bell Software Suite SE Packard Bell Updater Play Disney's Tigger's Honey Hunt Puppy Luv A New Breed QuickTime Realtek High Definition Audio Driver Registry Mechanic 10.0 Search for the Secret Keys Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB2466156) Security Update for 2007 Microsoft Office System (KB2509488) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft Office Excel 2007 (KB2464583) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB2464594) Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Update for 2007 Microsoft Office System (KB2284654) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Visual C++ 8.0 Runtime Setup Package (x64) Visual Studio 2008 x64 Redistributables Welcome Center Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinPatrol . ==== Event Viewer Messages From Past Week ======== . 30/04/2011 09:15:27, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxeaCATSCustConnectService service to connect. 30/04/2011 09:15:27, Error: Service Control Manager [7000] - The lxeaCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 29/04/2011 21:54:11, Error: Microsoft-Windows-WMPNSS-Service [14365] - Proximity detection failed due to unknown error '0x80004004'. The best proximity time detected was -1 milliseconds. 28/04/2011 16:23:48, Error: Microsoft-Windows-DistributedCOM [10016] - The application- specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user dixon-PC\El Tel SID (S-1-5-21- 909527836-1280678326-320050609-1003) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 28/04/2011 16:23:48, Error: Microsoft-Windows-DistributedCOM [10016] - The application- specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user dixon-PC\El Tel SID (S-1-5-21- 909527836-1280678326-320050609-1003) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 27/04/2011 11:12:07, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Update for Windows 7 for x64-based Systems (KB982018). 27/04/2011 11:02:51, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Update for Windows 7 for x64-based Systems (KB2522422). 27/04/2011 11:02:51, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Update for Windows 7 for x64-based Systems (KB2515325). 27/04/2011 11:02:51, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800705b4: Update for Windows 7 for x64-based Systems (KB2492386). . ==== End Of File =========================== I noticed some missing / failed Windows Up Dates, I will sort these when advised Regards El Tel
  10. Hi I've never needed ( don't have a Laptop ) it, but my Sister will be pleased to have this. Nice find Regards El Tel
  11. Hi... I had the same problem on this tower PC that was given to me, the one I'm using now. It turned out to be a memory issue. When the PC was disconnected from the mains and the case removed, it was apparent the one of the memory cards wasn't sitting properly. On removing both, then reinserting all was well. This came to my attention from the images below... Before After Regards El Tel
  12. Sorry you find this boring and not full of wisdom Boring or Bored = A condition characterized by wandering attention, impaired efficiency, and low levels of arousal. It is sometimes confused with fatigue, but boredom usually results from too little stimulation, motivation, and interest. It commonly occurs in those who regularly perform monotonous exercise routines. Unlike fatigue, boredom leads to a lack of desire to exercise, rather than an inability to exercise. Boredom is one of the main reasons why people stop exercising and drop out of sport. It can be avoided if the type and location of exercise is varied, if achievable but challenging targets are set, and if exercise is made more fun.
  13. To those who are Board or find things Boring

    A condition characterized by wandering attention, impaired efficiency, and low levels of arousal. It is sometimes confused with fatigue, but boredom usually results from too little stimulation, motivation, and interest. It commonly occurs in those who regularly perform monotonous exercise routines.

  14. Unlike fatigue, boredom leads to a lack of desire to exercise, rather than an inability to exercise.

  15. Hi. So should this... I've added this the "Your Freedom Of Choice" web site. Eureka I've got it... Are you harking NICK CLEGG you are going to love me... Lets have a fair playing field here, as you are crippling us smokers with excessive Tax and yet we stand firmly together, give us back our "Freedom Of Choice" and listen carefully to our modest request for a well ventilated indoor smoking area. Now for the Eureka moment... TAX the Non Smokers just as heavily as you TAX us smokers by giving the non smokers their "Smoke FREE Rooms" ( Just like a "First Class Compartment" on trains use to be ) just TAX them to enter their "Smoke Free Rooms of Choice" the exact same amount you SCREW us smokers for at source when we buy our tobbaco... Level the playing field and make it fair to both parties. Do likewise to Non Smoker to enter their "Smoke Free Environment" of Choice. Now don't pus'ie foot around you could have all this sorted by Christmas, sooner if you got your finger out. Then you'll get the much needed boost to sort out the economy... Thats if they bother to venture out like they say they do now they have got the whole run of our Pubs... The smoking people of the UK are speaking, listen good. As a foot note You can guess where all the non smoker are going to be so they will be no TAX evasion, they will be easy to spot, because they will stick out like a sore thumbs, sitting in our smoking rooms wearing oxygen masks. You can add your comment here "The Dying British Pub" http://picturesinpas...E8C613BD41E!113 Regards El Tel
  16. Hi Bruce First I think your new Avatar is wicked, I've watched Walter many times on uTube he is brilliant along with Akmid Right yesterday I was given a PC with Windows XP Home Addition, the reason it was up for grabs was the Hard Drive was naff. He told me he just swapped the Hard Drive with one that he was given. I told him it wouldn't work, but he made me a lier because he said he got it up and running and we left it that... Now I saved it from the BIN as he went out a brought a new one. His reason he Say's it just keeps going dead as though it was switched off & then Re-Starts. Hence I've got it & yes it does exactly what he says; but I'm sure that can be fixed and I'll start a new topic for that... Back to this Synergy... Woo Hoo.. It is wicked, I'll agree it is fiddly to set up; but well worth the effort... Until this second PC Re-Boots Thanks for the share Regards El Tel Edit Typos
  17. Whats will power got to do with "Freedom Of Chose"
  18. Hi I had to amend my opening post to remove / repair broken links Thanks SL10 & 2 everyone else that has aired their views Regards El Tel
  19. Hi. I have been busy digging, searching and I found all the MP's that voted for & against the "Smoking Ban" from all parties; courtesy of the BBC. Now some politicians and local authorities like to "Name & Shame" British Citizens that fall fowl of our jurisdiction. So I gave them some of their own medicine on the "Your Freedom" web site. Shortly before I made this post "Posted by El_Tel July 21, 2010 at 22:05" suggesting two solution. Then it was brought to my attention that none other than "Glenda Jackson" voted against the ban; and she illegibly smokes in her parliamentary office. Now that kinda rubs salt into this bitter Draconian "Smoking Ban" Regards El Tel
  20. El Tel

    Need a Hard Drive

    Hi. Shish It is a shame you don't live in Nottingham UK, I could have walked to your place
  21. Hi This post was made on my Old PC with the old copy of Ubuntu 6 06 To me it seems to be OK apart from my burning problem & the lack of it Up-Dating. I have E-Mail a friend who lives within a days walk there & back small price to pay Hopefully I will have a copy CD that will work. Thanks for all your so far. You all are a GR8 bunch of people, and your has been very much appreciated. Long Live Pc Pit Stop Regards El Tel Edit PS I just had to check Spelling on this Lap Top PS Edit Forgot to put this image in, that wouldn't seem to work on the Old PC I took the screen shot, but it didn't seem to work from PhotoBucket to here.
  22. Hi If his profile is correct it will only take me three days to walk there and back... Edit This post has been edited by El Tel: Yesterday, 11:06 PM PS One last thing I'm going to try before bed... Re-Install that old Ubuntu thats works, but not up-date it; just close it down after install; just in case the Up-Dated version crash is blocking anything , I know I might be clutching a straws for now. Edit This morning PS Had a Blond moment last night, switched this laptop off and pulled the plug. Forget my old PC was running. So I had to start again with the Install
  23. Hi I'm I was not brave enough to try that then I've just tried the CD in and Re-Booted, but it went straight to Windows. Disc out Re-Booted I pressed F2 which said set up, once there it looked like it was in the BIOS set; I scrolled across to BOOT tab and this is what is there. Boot priority order 1. IDEO: ST9500325AS 2. IDE2: 3. IDE1: TSSTcorp CDDVDW TS-L633C 4. USB FDD: 5. Network Boot: Artheros Boot Agent 6. USB HDD: 7 USB CDROM arrow keys to select / highlight F5/F6 = Change Values F9 Setup Default I didn't make any changes, I exit without change & it Re-Booted from there as normal.., Woo Hoo I'm back
  24. Hi New copy using ImageBurn. I thought shish kebab, I forgot to switch it off and start with a clean machine, I mean the old PC. I turned the laptop off as a matter of course; just in case before I installed ImagesBurn. 1st time New Boot same error code 2nd time Boot from ATAPI CD-ROM : ISOLINUX 3.63 Debian-2008-07-15 copyright © 1994-2008 H. Peter Anvin isolinux: Disk error 80, AX = 4280, drive 9F Boot failed: press a key to retry... Which is what is on the screen right now. ... Does this PC feel lucky & I press any key or do I just throw it out the window, PC remember I live on the 23rd floor So it looks like this second burn copy is also naff, up the duff or just plain no good. Don't no why I'm deep down I'm Looks like I will have to wait for one to come through good old snail mail or find somebody HINT who live in or near to Long Eaton Nottingham UK who could do it for me. That's burn me a copy. Regards El Tel PS PC's R like cars GR8 when they work, but a bag of sh%$ when they don't Out of curiosity I'm thinking on my backside here, probably not a good idea; but if I try these suspect CD's in this Laptop that is not mine, would it wipe out Vista OS? is it worth a try. Please advise me wisely, I can't afford to buy a new Laptop. They both come up with as in the image below... They say run wubi exe
  25. Hi. Thank for the information, I have just been back to the Ubuntu . com site and it is the default 32 bit version I've downloaded. Regards El Tel PS Fingers x'd
×
×
  • Create New...