This is my HiJack log and GMER
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:02:16 AM, on 9/27/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Windows\vVX3000.exe
C:\Windows\PixArt\PAC207\Monitor.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Southwest Airlines\Ding\Ding.exe
C:\Windows\ehome\ehmsas.exe
C:\hp\kbd\kbd.exe
c:\windows\system\hpsysdrv.exe
C:\Windows\system32\wermgr.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.foxnews.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.5.2.11\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [OODefragTray] C:\Windows\system32\oodtray.exe
O4 - HKLM\..\Run: [actray] C:\Windows\system32\actray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Uniblue Registry Booster2] c:\program files\uniblue\registrybooster2\StartRegistryBooster.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [] C:\Program Files\Internet Explorer\iexplore.exe http://www.symantec.com/techsupp/servlet/P...000049.000000d3
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2293147145-523913117-4131182563-500\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Administrator')
O4 - HKUS\S-1-5-21-2293147145-523913117-4131182563-500\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (User 'Administrator')
O4 - HKUS\S-1-5-21-2293147145-523913117-4131182563-500\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User 'Administrator')
O4 - HKUS\S-1-5-21-2293147145-523913117-4131182563-500\..\Run: [Uniblue Registry Booster2] c:\program files\uniblue\registrybooster2\StartRegistryBooster.exe (User 'Administrator')
O4 - HKUS\S-1-5-21-2293147145-523913117-4131182563-500\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'Administrator')
O4 - HKUS\S-1-5-21-2293147145-523913117-4131182563-500\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (User 'Administrator')
O4 - HKUS\S-1-5-21-2293147145-523913117-4131182563-500\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent (User 'Administrator')
O4 - HKUS\S-1-5-21-2293147145-523913117-4131182563-500\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'Administrator')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: DING!.lnk = C:\Program Files\Southwest Airlines\Ding\Ding.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe
O13 - Gopher Prefix:
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Windows\
O23 - Service: Intel® Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildTangent\Apps\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 14424 bytes
GMER 1.0.15.15087 - http://www.gmer.net
Rootkit scan 2009-09-27 08:51:01
Windows 6.0.6001 Service Pack 1
Running: nv9tpsxs.exe; Driver: C:\Users\HP_ADM~1\AppData\Local\Temp\pwrdrpob.sys
---- System - GMER 1.0.15 ----
SSDT 87198508 ZwAlertResumeThread
SSDT 871BBD58 ZwAlertThread
SSDT 8750EF78 ZwAllocateVirtualMemory
SSDT 87140588 ZwAlpcConnectPort
SSDT 870FCEE8 ZwAssignProcessToJobObject
SSDT 87477C50 ZwCreateMutant
SSDT 87491E78 ZwCreateSymbolicLinkObject
SSDT 87522C18 ZwCreateThread
SSDT 87133838 ZwDebugActiveProcess
SSDT 875469D0 ZwDuplicateObject
SSDT 8750EDA8 ZwFreeVirtualMemory
SSDT 871A69F8 ZwImpersonateAnonymousToken
SSDT 871A02D8 ZwImpersonateThread
SSDT 871404B8 ZwLoadDriver
SSDT 8750EC48 ZwMapViewOfSection
SSDT 871970D8 ZwOpenEvent
SSDT 87546C68 ZwOpenProcess
SSDT 87218AA0 ZwOpenProcessToken
SSDT 87143A60 ZwOpenSection
SSDT 87546B20 ZwOpenThread
SSDT 8751BE80 ZwProtectVirtualMemory
SSDT 872187E0 ZwResumeThread
SSDT 8720C628 ZwSetContextThread
SSDT 8750E9B0 ZwSetInformationProcess
SSDT 871345C8 ZwSetSystemInformation
SSDT 8715E6A0 ZwSuspendProcess
SSDT 871AB080 ZwSuspendThread
SSDT 87230F48 ZwTerminateProcess
SSDT 871C59C0 ZwTerminateThread
SSDT 87141900 ZwUnmapViewOfSection
SSDT 87546470 ZwWriteVirtualMemory
SSDT 8751B660 ZwCreateThreadEx
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!KeSetTimerEx + 350 820FD914 8 Bytes [08, 85, 19, 87, 58, BD, 1B, ...]
.text ntkrnlpa.exe!KeSetTimerEx + 364 820FD928 4 Bytes [78, EF, 50, 87]
.text ntkrnlpa.exe!KeSetTimerEx + 370 820FD934 4 Bytes [88, 05, 14, 87]
.text ntkrnlpa.exe!KeSetTimerEx + 3C4 820FD988 4 Bytes CALL 0E96E95B
.text ntkrnlpa.exe!KeSetTimerEx + 428 820FD9EC 4 Bytes [50, 7C, 47, 87]
.text ...
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Internet Explorer\iexplore.exe[3840] ntdll.dll!RtlVerifyVersionInfo + 3E6 7792792E 10 Bytes JMP 04EA003A
.text C:\Program Files\Internet Explorer\iexplore.exe[3840] USER32.dll!SetWindowsHookExW 761C7B69 5 Bytes JMP 6DC39521 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3840] USER32.dll!CallNextHookEx 761C8C33 5 Bytes JMP 6DC2CB69 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3840] USER32.dll!DialogBoxIndirectParamW 761CBD25 5 Bytes JMP 6DD33C10 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3840] USER32.dll!CreateWindowExW 761D3D67 5 Bytes JMP 6DC3D3AC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3840] USER32.dll!DialogBoxParamW 761E1FD5 5 Bytes JMP 6DB651FD C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3840] USER32.dll!UnhookWindowsHookEx 761F08BE 5 Bytes JMP 6DBA43F6 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3840] USER32.dll!DialogBoxParamA 762080B2 5 Bytes JMP 6DD33BAD C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3840] USER32.dll!DialogBoxIndirectParamA 762083DD 5 Bytes JMP 6DD33C73 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3840] USER32.dll!MessageBoxIndirectA 7621D471 5 Bytes JMP 6DD33B42 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3840] USER32.dll!MessageBoxIndirectW 7621D56B 5 Bytes JMP 6DD33AD7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3840] USER32.dll!MessageBoxExA 7621D5D1 5 Bytes JMP 6DD33A75 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3840] USER32.dll!MessageBoxExW 7621D5F5 5 Bytes JMP 6DD33A13 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3840] ole32.dll!OleLoadFromStream 77069726 5 Bytes JMP 6DD33F78 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3840] ole32.dll!CoRevokeInitializeSpy + 109 7708611B 7 Bytes JMP 04EA01A9
.text C:\Program Files\Internet Explorer\iexplore.exe[3840] ole32.dll!CoCreateInstance 7709E188 5 Bytes JMP 6DC3D408 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3840] ole32.dll!CoCreateInstance + 3E 7709E1C6 7 Bytes JMP 04EA00F3
.text C:\Program Files\Internet Explorer\iexplore.exe[5952] USER32.dll!DialogBoxIndirectParamW 761CBD25 5 Bytes JMP 6DD33C10 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5952] USER32.dll!CreateWindowExW 761D3D67 5 Bytes JMP 6DC3D3AC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5952] USER32.dll!DialogBoxParamW 761E1FD5 5 Bytes JMP 6DB651FD C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5952] USER32.dll!DialogBoxParamA 762080B2 5 Bytes JMP 6DD33BAD C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5952] USER32.dll!DialogBoxIndirectParamA 762083DD 5 Bytes JMP 6DD33C73 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5952] USER32.dll!MessageBoxIndirectA 7621D471 5 Bytes JMP 6DD33B42 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5952] USER32.dll!MessageBoxIndirectW 7621D56B 5 Bytes JMP 6DD33AD7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5952] USER32.dll!MessageBoxExA 7621D5D1 5 Bytes JMP 6DD33A75 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[5952] USER32.dll!MessageBoxExW 7621D5F5 5 Bytes JMP 6DD33A13 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[2372] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [746D7BA4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2e
c9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2372] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [747198C5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2e
c9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2372] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [746DD3C8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2e
c9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2372] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [746CF527] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2e
c9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2372] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [746D7599] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2e
c9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2372] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [746CE43D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2e
c9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2372] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [7470B33D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2e
c9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2372] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [746DD68A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2e
c9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2372] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [746D012E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2e
c9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2372] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [746D0095] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2e
c9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2372] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [746C71F3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2e
c9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2372] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7475D802] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2e
c9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2372] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [746F75E1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2e
c9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2372] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [746CDAE1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2e
c9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2372] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [746C668F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2e
c9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2372] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [746C66BA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2e
c9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2372] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [746D1E45] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2e
c9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2372] @ C:\Windows\system32\ole32.dll [msvcrt.dll!free] [6AC6F563] C:\Windows\AppPatch\AcSpecfc.DLL (Windows Compatibility DLL/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\tdx \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- Registry - GMER 1.0.15 ----
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Media Center\Service\Scheduler@Heartbeat 0xB2 0xCF 0x0B 0x42 ...
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG10.00.00.01WORKSTATION DB9AABBC7DF73DC6FC789E504B6D35EA240E5D36D7A7B582A125D150156EF726CD45482C8926F586
5052F9DC3EFA598A37C8EB62FB244405E6839AA9602B6473C58FF610BC53D854D295B105C6026408
F150D7AE183DF1439D8FC2277E3E6D115AD24D479D0DDFE5006DE701E1ADED43D3BEF2C8BB6293E6
EEF56690B2774011F66CD4D1C5A2B5D52A8635AB1EF0BC7E333200860B462E7AD3E517D357EA43E9
5C3A0DD7E32B3B237692A3839E02D1E13B4EB65DBF607DF09C13DA01D8708DF29DA4662139FD862F
5C4733AB1B5C5B79683844EB246C6E1D6BB5A94DBAA5E8EBA312471D1DB95EC12ADDD56ADDBBC033
8D9BC6F01AE7A4B83788FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BEC
C74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79339DB7CE019D40AA5C9DB7CE019D40
AA5CA6A0AC4980AC7933FA926EEA98E86405A361D072492F18B428C3C84B109977A3ED7F36CE8870
609CF8C3CEA1F2D9A848500FDC777C888A6EA3B0D3DBCF8061504C51AC94FE6B2C8C96099A913175
E717DF8E07E4AC45383F846F68D72BFA62C79A5C5A87F7C6100BFB8314906E85ED322977A8513577
8FFAEFAE1538D8022C106A0C221DAB84A370CAF514B8FE3357617A862D99259253777F45FAB7C473
C931C26BF916008BD51516C585E7671017EE901C94D93DEF9A933F2A4FD78E1
---- EOF - GMER 1.0.15 ----
Full Version: My IE is very slow
Lavasoft Support Forums > Archived Topics > Archives: Resolved/Inactive Topics > Resolved/Inactive HijackThis Logs
Files are attached
Hi again,
Get update 8.1.6 for Adobe Reader here or get Foxit Reader here. Make sure you don't install toolbar if choose Foxit Reader! You may also check free readers introduced here. You should upgrade vulnerable Adobe Acrobat to more recent one if you still use it.
Uninstall your current Adobe shockwave player and get the fresh one here if needed.
Check here to see if your Flash is up-to-date (do it separately with each of your browsers). If not, uninstall vulnerable versions by following instructions here. Fresh version can be obtained here.
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update to the latest version...
Updating Java:
Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.
Double-click ATF Cleaner.exe to open it
Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.
If you use Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
If you use Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
Click Exit on the Main menu to close the program.
Please run an online scan with Kaspersky Online Scanner as instructed in the screenshot here.
Post back its report & a fresh dds.txt log. How's the system running?
Get update 8.1.6 for Adobe Reader here or get Foxit Reader here. Make sure you don't install toolbar if choose Foxit Reader! You may also check free readers introduced here. You should upgrade vulnerable Adobe Acrobat to more recent one if you still use it.
Uninstall your current Adobe shockwave player and get the fresh one here if needed.
Check here to see if your Flash is up-to-date (do it separately with each of your browsers). If not, uninstall vulnerable versions by following instructions here. Fresh version can be obtained here.
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update to the latest version...
Updating Java:
- Download the latest version of Java Runtime Environment (JRE) 6 Update 16.
- Click the
Download
button to the right. - Select Windows on platform combobox and check the box that says:
Accept License Agreement. Click continue. - The page will refresh.
- Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
- Close any programs you may have running - especially your web browser.
- Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
- Check any item with Java Runtime Environment (JRE or J2SE) in the name.
- Click the Remove or Change/Remove button.
- Repeat as many times as necessary to remove each Java versions.
- Reboot your computer once all Java components are removed.
- Then from your desktop double-click on jre-6u16-windows-i586-p.exe to install the newest version. Uncheck Carbonite online backup trial if it's offered there.
Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.
Double-click ATF Cleaner.exe to open it
Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.
If you use Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
If you use Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
Click Exit on the Main menu to close the program.
Please run an online scan with Kaspersky Online Scanner as instructed in the screenshot here.
Post back its report & a fresh dds.txt log. How's the system running?
Running better
I have uploaded the three files
I have uploaded the three files
QUOTE(Blade81 @ Oct 1 2009, 03:47 PM) 
Hi again,
Get update 8.1.6 for Adobe Reader here or get Foxit Reader here. Make sure you don't install toolbar if choose Foxit Reader! You may also check free readers introduced here. You should upgrade vulnerable Adobe Acrobat to more recent one if you still use it.
Uninstall your current Adobe shockwave player and get the fresh one here if needed.
Check here to see if your Flash is up-to-date (do it separately with each of your browsers). If not, uninstall vulnerable versions by following instructions here. Fresh version can be obtained here.
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update to the latest version...
Updating Java:
Double-click ATF Cleaner.exe to open it
Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.
If you use Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
If you use Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
Click Exit on the Main menu to close the program.
Please run an online scan with Kaspersky Online Scanner as instructed in the screenshot here.
Post back its report & a fresh dds.txt log. How's the system running?
Get update 8.1.6 for Adobe Reader here or get Foxit Reader here. Make sure you don't install toolbar if choose Foxit Reader! You may also check free readers introduced here. You should upgrade vulnerable Adobe Acrobat to more recent one if you still use it.
Uninstall your current Adobe shockwave player and get the fresh one here if needed.
Check here to see if your Flash is up-to-date (do it separately with each of your browsers). If not, uninstall vulnerable versions by following instructions here. Fresh version can be obtained here.
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update to the latest version...
Updating Java:
- Download the latest version of Java Runtime Environment (JRE) 6 Update 16.
- Click the
Download
button to the right. - Select Windows on platform combobox and check the box that says:
Accept License Agreement. Click continue. - The page will refresh.
- Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
- Close any programs you may have running - especially your web browser.
- Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
- Check any item with Java Runtime Environment (JRE or J2SE) in the name.
- Click the Remove or Change/Remove button.
- Repeat as many times as necessary to remove each Java versions.
- Reboot your computer once all Java components are removed.
- Then from your desktop double-click on jre-6u16-windows-i586-p.exe to install the newest version. Uncheck Carbonite online backup trial if it's offered there.
Double-click ATF Cleaner.exe to open it
Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.
If you use Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
If you use Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
Click Exit on the Main menu to close the program.
Please run an online scan with Kaspersky Online Scanner as instructed in the screenshot here.
Post back its report & a fresh dds.txt log. How's the system running?
Hi,
You still have to update your vulnerable Adobe Reader to version 8.1.6. Please do so.
Delete these files:
C:\Users\HP_Administrator\AppData\Roaming\SuperNZB\Downloads\Extracted_Files\AutoShutdown.gadget
C:\Users\HP_Administrator\AppData\Roaming\SuperNZB\Downloads\Extracted_Files\dexigner.gadget
After that, you may delete those tools I made you to download earlier.
You still have to update your vulnerable Adobe Reader to version 8.1.6. Please do so.
Delete these files:
C:\Users\HP_Administrator\AppData\Roaming\SuperNZB\Downloads\Extracted_Files\AutoShutdown.gadget
C:\Users\HP_Administrator\AppData\Roaming\SuperNZB\Downloads\Extracted_Files\dexigner.gadget
After that, you may delete those tools I made you to download earlier.
Deleted the files and updated the reader to 8.6
When Iran Kaspersky oit would not start the download, said my internet connection was being interupted.
So, I created a new user on the computer logged an and it ran fine on it, that is report you received. I still can run it under this user, with my virus off and ad-aware off.
When Iran Kaspersky oit would not start the download, said my internet connection was being interupted.
So, I created a new user on the computer logged an and it ran fine on it, that is report you received. I still can run it under this user, with my virus off and ad-aware off.
QUOTE(Blade81 @ Oct 3 2009, 11:58 AM)
Hi,
You still have to update your vulnerable Adobe Reader to version 8.1.6. Please do so.
Delete these files:
C:\Users\HP_Administrator\AppData\Roaming\SuperNZB\Downloads\Extracted_Files\AutoShutdown.gadget
C:\Users\HP_Administrator\AppData\Roaming\SuperNZB\Downloads\Extracted_Files\dexigner.gadget
After that, you may delete those tools I made you to download earlier.
You still have to update your vulnerable Adobe Reader to version 8.1.6. Please do so.
Delete these files:
C:\Users\HP_Administrator\AppData\Roaming\SuperNZB\Downloads\Extracted_Files\AutoShutdown.gadget
C:\Users\HP_Administrator\AppData\Roaming\SuperNZB\Downloads\Extracted_Files\dexigner.gadget
After that, you may delete those tools I made you to download earlier.
QUOTE
When Iran Kaspersky oit would not start the download, said my internet connection was being interupted.
Hi,
Yes, that has happened to some users earlier too. Those were all the steps I saw necessary to take
You may now delete that other account you created for Kaspersky runs unless you have some other use for it.
Should I get read of those items Kaspersky found?
It never said anyhing about fixing it, just discovery of them/
It never said anyhing about fixing it, just discovery of them/
QUOTE(Blade81 @ Oct 3 2009, 01:10 PM)
Hi,
Yes, that has happened to some users earlier too. Those were all the steps I saw necessary to take
You may now delete that other account you created for Kaspersky runs unless you have some other use for it.
Yes, that has happened to some users earlier too. Those were all the steps I saw necessary to take
You may now delete that other account you created for Kaspersky runs unless you have some other use for it.
Hi,
You may delete suspicious posts in this box:
C:\Users\HP_Administrator\AppData\Local\Identities\{D190EE07-1887-4595-8F62-6253114299D2}\Microsoft\Outlook Express\alt.binaries.pictures.fashion.youth.dbx
Two other Kaspersky findings you deleted already and those other two can be ignored.
You may delete suspicious posts in this box:
C:\Users\HP_Administrator\AppData\Local\Identities\{D190EE07-1887-4595-8F62-6253114299D2}\Microsoft\Outlook Express\alt.binaries.pictures.fashion.youth.dbx
Two other Kaspersky findings you deleted already and those other two can be ignored.
Thanks, It is donr
Working better
Thanks a bunch
Working better
Thanks a bunch
QUOTE(Blade81 @ Oct 3 2009, 01:38 PM)
Hi,
You may delete suspicious posts in this box:
C:\Users\HP_Administrator\AppData\Local\Identities\{D190EE07-1887-4595-8F62-6253114299D2}\Microsoft\Outlook Express\alt.binaries.pictures.fashion.youth.dbx
Two other Kaspersky findings you deleted already and those other two can be ignored.
You may delete suspicious posts in this box:
C:\Users\HP_Administrator\AppData\Local\Identities\{D190EE07-1887-4595-8F62-6253114299D2}\Microsoft\Outlook Express\alt.binaries.pictures.fashion.youth.dbx
Two other Kaspersky findings you deleted already and those other two can be ignored.
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.
If you're the topic starter, and need this topic reopened, please contact the staff member who was helping you with your issue.
Everyone else please begin a New Topic.
Thank you !
If you're the topic starter, and need this topic reopened, please contact the staff member who was helping you with your issue.
Everyone else please begin a New Topic.
Thank you !
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.