1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Having trouble removing Inbox.com

Discussion in 'Virus & Other Malware Removal' started by Brusik, Dec 3, 2010.

Thread Status:
Not open for further replies.
Advertisement
  1. Brusik

    Brusik Thread Starter

    Joined:
    Dec 3, 2010
    Messages:
    9
    I have read posts on how to remove Inbox and have had no luck at it.
    I have tried the Manage search engines, reinstalling and uninstalling, deleting, msconfig (not there), rebooting (of course), restore , ad or remove programs(not there either), pasting Google in the homepage, I have used the windows search and have not found it either, searched Firefox Tools/options (found nothing) this was not necessarily in that order but I think that is about it. Rarely does Google do the main searches anymore...Inbox has control.
    I am to the point of reformatting and re-installing windows.
    Anyone have any other ideas ?
     
  2. Saga Lout

    Saga Lout

    Joined:
    Sep 15, 2004
    Messages:
    3,791
    When you said "pasting Google into homepage" do you mean you tried to change the homepage from Inbox to Google in Control Panel>Internet Options>General tab? If not, try that first and post back for malware advice if that fails
     
  3. Brusik

    Brusik Thread Starter

    Joined:
    Dec 3, 2010
    Messages:
    9
    I'll be... that was one I didn't try !.
    Will see how long that works.
    Thanks,
    Brusik
     
  4. Brusik

    Brusik Thread Starter

    Joined:
    Dec 3, 2010
    Messages:
    9
    Well I tried that and rebooted, nothing.....
    Still coming up with Inbox.
    Any other ideas ?
    Brusik
     
  5. Ent

    Ent Josiah Trusted Advisor

    Joined:
    Apr 11, 2009
    Messages:
    5,408
    I don't understand your problem. Has inbox.com become your home page and you want it to be google? Or is it the inbox toolbar that you want rid of. How is it interfering?

    If possible could you please post screenshots of the problem.
     
  6. Brusik

    Brusik Thread Starter

    Joined:
    Dec 3, 2010
    Messages:
    9
    I like to type in a name, say adn and it used to go right to adn.com but since Inbox toolbar came into my life it can't find anything but it's own site and I have to type more than I like.
    I have been trying to get rid of it and cannot find it and it is till there.
    I have tried to change the homepage in internet options and options on Firefox but it is still there(read my first post).
     
  7. itsjusme

    itsjusme

    Joined:
    Aug 18, 2006
    Messages:
    836
    Have you tried= Firefox>Tools>Options>General>Restore to default?
     
  8. Brusik

    Brusik Thread Starter

    Joined:
    Dec 3, 2010
    Messages:
    9
    Yeah, tried that too.
     
  9. itsjusme

    itsjusme

    Joined:
    Aug 18, 2006
    Messages:
    836
    Ok, since it`s not showing up in add remove or program files, sounds like part of it has been removed and part of it hasnt. Try REVO UNINSTALLER and see if it picks it up. It has never let me down yet.
     
  10. Brusik

    Brusik Thread Starter

    Joined:
    Dec 3, 2010
    Messages:
    9
    I just tried going to Internet options (under Control Panel) , General, Search, change search defaults and removed it from there and no luck with that either (yes I rebooted).
    I am going to try your suggestion this evening.
    Thanks for the help,
    Brusik
     
  11. Brusik

    Brusik Thread Starter

    Joined:
    Dec 3, 2010
    Messages:
    9
    Okay...downloaded Revo Uninstaller, went a lot faster than I thought..
    Ran it...and lo and behold....nothing ! it is not there.
    I had it search and still nothing...
    I checked Firefox and Control Panel Internet Options and nada....zip...
    I am absolutely stumped.
    Brusik
     
  12. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    101,656
    Please go here to download HijackThis.
    • To the right of the green arrow under HijackThis downloads click on the Executable button and download the HijackThis.exe file to your desktop.
    • Double-click the HijackThis.exe file on your desktop to launch the program. If you get a security warning asking if you want to run this software because the publisher couldn't be verified click on Run to allow it.
    • Click on the Scan button. The scan will not take long and when it's finished the resulting log will open automatically in Notepad.
    • Click on the Save log button and save the log file to your desktop. Copy and paste the contents of the log in your post.
    Please do not fix anything with HijackThis unless you are instructed to do so. Most of what appears in the log will be harmless and/or necessary.


    Also, do this please:

    Please download DDS by sUBs to your desktop from one of the following locations:

    http://www.techsupportforum.com/sectools/sUBs/dds
    http://download.bleepingcomputer.com/sUBs/dds.scr
    http://www.forospyware.com/sUBs/dds

    Disable any script blocker you may have as they may interfere and then double-click the DDS.scr to run the tool.

    When DDS has finished scanning, it will open two logs named as follows:

    DDS.txt
    Attach.txt

    Save them both to your desktop. Copy and paste the contents of the DDS.txt and Attach.txt files in your reply please.
     
  13. Brusik

    Brusik Thread Starter

    Joined:
    Dec 3, 2010
    Messages:
    9
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:56:32 PM, on 12/3/2010
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\FLIR Systems\ThermaCAM QuickReport\bin\T3Srv.exe
    C:\WINDOWS\system32\Wacom_Tablet.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
    C:\WINDOWS\system32\Wacom_Tablet.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\WINDOWS\Samsung\LaserSMMgr\ssmmgr.exe
    C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\FLIR Systems\ThermaCAM QuickReport\bin\T3Mon.exe
    C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\PROGRA~1\Nero\data\Xtras\mssysmgr.exe
    C:\Program Files\Registry Mechanic\RegMech.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
    C:\Program Files\SEC\MagicTune3.6_Client_pivot\GammaTray.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\B\My Documents\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
    O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\2.bin\SPYBLOCK.DLL
    O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\2.bin\SPYBLOCK.DLL
    O3 - Toolbar: MP3Bar - {F6BD6330-76F8-44d9-B775-87614E2D8374} - C:\Program Files\Fiesta Download Manager\mp3bar.dll
    O3 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
    O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [Samsung LBP SM] "C:\WINDOWS\Samsung\LaserSMMgr\ssmmgr.exe" /autorun
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [FS Camera Monitor] C:\Program Files\FLIR Systems\ThermaCAM QuickReport\bin\T3Mon.exe
    O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Nero\data\Xtras\mssysmgr.exe
    O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
    O4 - Global Startup: Color Calibration.lnk = ?
    O4 - Global Startup: MagicTune3.6.lnk = ?
    O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &MP3Bar - res://C:\Program Files\Fiesta Download Manager\mp3bar.dll/MENUSEARCH.HTM
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: intu-help-qb2 - {84D77A00-41B5-4B8B-8ADF-86486D72E749} - (no file)
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
    O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: QBCFMonitorService - Intuit - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
    O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O23 - Service: FLIR Systems Camera Monitor (T3Srv) - FLIR Systems - C:\Program Files\FLIR Systems\ThermaCAM QuickReport\bin\T3Srv.exe
    O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 12733 bytes
     
  14. Brusik

    Brusik Thread Starter

    Joined:
    Dec 3, 2010
    Messages:
    9
    DDS (Ver_10-11-27.01) - NTFSx86
    Run by B at 0:05:25.59 on Sat 12/04/2010
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3326.2199 [GMT -9:00]

    AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\FLIR Systems\ThermaCAM QuickReport\bin\T3Srv.exe
    C:\WINDOWS\system32\Wacom_Tablet.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
    C:\WINDOWS\system32\Wacom_Tablet.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\WINDOWS\Samsung\LaserSMMgr\ssmmgr.exe
    C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    svchost.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\FLIR Systems\ThermaCAM QuickReport\bin\T3Mon.exe
    C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\PROGRA~1\Nero\data\Xtras\mssysmgr.exe
    C:\Program Files\Registry Mechanic\RegMech.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
    C:\Program Files\SEC\MagicTune3.6_Client_pivot\GammaTray.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\B\My Documents\Downloads\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = about:blank
    uSearch Bar = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: H - No File
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
    BHO: ZoneAlarm Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - c:\program files\zonealarm\tbZone.dll
    BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: ZoneAlarm Spy Blocker BHO: {f0d4b231-da4b-4daf-81e4-dfee4931a4aa} - c:\program files\zonealarmsb\bar\2.bin\SPYBLOCK.DLL
    TB: ZoneAlarm Spy Blocker: {f0d4b239-da4b-4daf-81e4-dfee4931a4aa} - c:\program files\zonealarmsb\bar\2.bin\SPYBLOCK.DLL
    TB: MP3Bar: {f6bd6330-76f8-44d9-b775-87614e2d8374} - c:\program files\fiesta download manager\mp3bar.dll
    TB: ZoneAlarm Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - c:\program files\zonealarm\tbZone.dll
    TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
    uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
    uRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
    uRun: [PhotoShow Deluxe Media Manager] c:\progra~1\nero\data\xtras\mssysmgr.exe
    uRun: [RegistryMechanic] c:\program files\registry mechanic\RegMech.exe /H
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    uRun: [Advanced SystemCare 3] "c:\program files\iobit\advanced systemcare 3\AWC.exe" /startup
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [Alcmtr] ALCMTR.EXE
    mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
    mRun: [Samsung LBP SM] "c:\windows\samsung\lasersmmgr\ssmmgr.exe" /autorun
    mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
    mRun: [Corel File Shell Monitor] c:\program files\corel\corel paint shop pro photo x2\CorelIOMonitor.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [nwiz] nwiz.exe /install
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe"
    mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
    mRun: [ISW] "c:\program files\checkpoint\zaforcefield\ForceField.exe" /icon="hidden"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [FS Camera Monitor] c:\program files\flir systems\thermacam quickreport\bin\T3Mon.exe
    mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
    mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
    mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
    mRun: [Corel Photo Downloader] "c:\program files\common files\corel\corel photodownloader\Corel Photo Downloader.exe" -startup
    dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
    StartupFolder: c:\docume~1\b\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 2.4\program\quickstart.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\colorc~1.lnk - c:\program files\sec\magictune3.6_client_pivot\GammaTray.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\magict~1.lnk - c:\program files\sec\magictune3.6_client_pivot\MagicTuneTray.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickbooks update agent.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\windows search.lnk - c:\program files\windows desktop search\WindowsSearch.exe
    IE: &MP3Bar - c:\program files\fiesta download manager\mp3bar.dll/MENUSEARCH.HTM
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
    Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
    Notify: avgrsstarter - avgrsstx.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\b\applic~1\mozilla\firefox\profiles\nc8ellui.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.wunderground.com/cgi-bin/findweather/getForecast?query=99670|http://login.live.com/login.srf?wa=...&bsv=1k96igf4806cy&ltmpl=default&ltmplcache=2
    FF - prefs.js: keyword.URL - hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=sf&tbid=80114&language=en&qkw=
    FF - component: c:\documents and settings\b\application data\mozilla\firefox\profiles\nc8ellui.default\extensions\{31c7d459-9cc3-44f2-9dca-fc11795309b4}\components\FFExternalAlert.dll
    FF - component: c:\documents and settings\b\application data\mozilla\firefox\profiles\nc8ellui.default\extensions\{31c7d459-9cc3-44f2-9dca-fc11795309b4}\components\RadioWMPCore.dll
    FF - component: c:\documents and settings\b\application data\mozilla\firefox\profiles\nc8ellui.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\components\FFExternalAlert.dll
    FF - component: c:\documents and settings\b\application data\mozilla\firefox\profiles\nc8ellui.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\components\RadioWMPCore.dll
    FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
    FF - component: c:\program files\checkpoint\zaforcefield\trustchecker\components\TrustCheckerMozillaPlugin.dll
    FF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
    FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\NPZoneSB.dll
    FF - plugin: c:\program files\picasa2\npPicasa2.dll
    FF - plugin: c:\program files\picasa2\npPicasa3.dll
    FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    FF - Extension: All-in-One Sidebar: {097d3191-e6fa-4728-9826-b533d755359d} - c:\docume~1\b\applic~1\mozilla\firefox\profiles\nc8ellui.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
    FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\docume~1\b\applic~1\mozilla\firefox\profiles\nc8ellui.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    FF - Extension: Weather Watcher Live: [email protected] - c:\docume~1\b\applic~1\mozilla\firefox\profiles\nc8ellui.default\extensions\[email protected]
    FF - Extension: IObitCom Toolbar: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - c:\docume~1\b\applic~1\mozilla\firefox\profiles\nc8ellui.default\extensions\{31c7d459-9cc3-44f2-9dca-fc11795309b4}
    FF - Extension: ZoneAlarm Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - c:\docume~1\b\applic~1\mozilla\firefox\profiles\nc8ellui.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}
    FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Extension: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
    FF - Extension: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    FF - Extension: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
    FF - Extension: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
    FF - Extension: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    FF - Extension: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    FF - Extension: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    FF - Extension: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg8\Firefox
    FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
    FF - Extension: Java Quick Starter: [email protected] - c:\program files\java\jre6\lib\deploy\jqs\ff
    FF - Extension: ZoneAlarm Security Engine: {FFB96CC1-7EB3-449D-B827-DB661701C6BB} - c:\program files\checkpoint\zaforcefield\TrustChecker

    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.homepage.dontask - true

    ============= SERVICES / DRIVERS ===============

    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-7-25 64288]
    R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2008-12-23 28544]
    R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-6-10 335240]
    R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-6-10 27784]
    R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-6-10 108552]
    R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2010-8-8 532224]
    R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-7-5 908056]
    R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-7-5 297752]
    R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2010-5-26 26352]
    R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2010-5-26 493032]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-9-24 1181328]
    R2 T3Srv;FLIR Systems Camera Monitor;c:\program files\flir systems\thermacam quickreport\bin\T3Srv.exe [2007-6-4 140880]
    R2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [2010-11-2 2749224]
    R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
    R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [2010-11-2 15656]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-2 135664]
    S3 cpuz128;cpuz128;\??\c:\docume~1\b\locals~1\temp\cpuz_x32.sys --> c:\docume~1\b\locals~1\temp\cpuz_x32.sys [?]
    S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

    =============== Created Last 30 ================

    2010-12-04 00:09:49 -------- d-----w- c:\program files\VS Revo Group
    2010-12-03 17:50:26 -------- d-----w- c:\windows\pss
    2010-11-10 21:07:01 -------- d-----w- c:\docume~1\b\locals~1\applic~1\Quicken WillMaker
    2010-11-10 21:06:46 -------- d-----w- c:\docume~1\b\applic~1\Quicken WillMaker
    2010-11-05 08:00:11 -------- d-----w- c:\program files\Perfect Uninstaller

    ==================== Find3M ====================

    2010-12-03 09:49:07 900 --sha-w- c:\windows\system32\KGyGaAvL.sys
    2010-09-18 20:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
    2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
    2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
    2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
    2010-09-15 12:50:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2010-09-15 10:29:49 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-09-10 05:58:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2010-09-10 05:58:06 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2010-09-08 19:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
    2010-09-08 19:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts
    2008-09-18 03:54:30 1780406 ----a-w- c:\program files\Arachnophilia.exe

    ============= FINISH: 0:06:15.09 ===============
     
  15. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    101,656
    Please visit Combofix Guide & Instructions for instructions for installing the recovery console and downloading and running ComboFix.

    The only thing different from the instructions there is that when downloading and saving the ComboFix.exe I would like you to rename it to puppy.exe please.

    Post the log from ComboFix when you've accomplished that along with a new HijackThis log.

    Important notes regarding ComboFix:

    ComboFix may reset a number of Internet Explorer's settings, including making it the default browser. This can easily be changed once we're finished.

    ComboFix also prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you, please let me know. This can be undone manually when we're finished. Read HERE for an article written by dvk01 on why we disable autoruns.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/966275