1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Infected with AV Security 2012-

Discussion in 'Virus & Other Malware Removal' started by ybor10000, Nov 26, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. ybor10000

    ybor10000 Thread Starter

    Joined:
    Sep 10, 2005
    Messages:
    45
    Hello all,

    I originally sent this on 11/24 without the required logs. This post includes the logs. I apologize for the inconvenience.

    I recently tried to remove the AV Security 2012 malware/virus by installing AVG in safe mode. Although I eventually was able to run AVG I still have problems with my system. AVG found 44 issues and fixed 21. I cannot access the internet, install MBAM, access my program files and sometimes the system freezes at the login screen. I have pasted the TSG report below. Any help would be greatly appreciated.

    ech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows XP Professional, Service Pack 3, 32 bit
    Processor: Intel(R) Core(TM)2 CPU T5600 @ 1.83GHz, x86 Family 6 Model 15 Stepping 6
    Processor Count: 2
    RAM: 2038 Mb
    Graphics Card: Mobile Intel(R) 945GM Express Chipset Family, 224 Mb
    Hard Drives: C: Total - 69366 MB, Free - 25806 MB;
    Motherboard: Dell Inc.,
    Antivirus: None

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 12:44:10 PM, on 11/26/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lexmark 2600 Series\lxdnmon.exe
    C:\Program Files\Lexmark 2600 Series\ezprint.exe
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
    C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
    C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE
    C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\AVG Secure Search\vprot.exe
    C:\Program Files\Common Files\SupportSoft\bin\bcont.exe
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\PROGRA~1\REBATE~1\REBATE~1.EXE
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\program files\oovoo\oovoo.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\lxdncoms.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\AVG\AVG2012\avgnsx.exe
    C:\Program Files\AVG\AVG2012\avgrsx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\Program Files\AVG\AVG2012\avgui.exe
    C:\WINDOWS\System32\ping.exe
    C:\Documents and Settings\LISA\Desktop\HijackThis.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx?tbid=80110&lng=en
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://toolbar.inbox.com/help/sa_customize.aspx?tbid=80110
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx?tbid=80110&lng=en
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_customize.aspx?tbid=80110
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0061229
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
    R3 - URLSearchHook: (no name) - {FF365CDC-88FE-4ffa-A3F3-357855231DFA} - C:\Program Files\puredefmusic\toolbar\1.bin\p3SrcAs.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll
    O2 - BHO: (no name) - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\PROGRA~1\SITERA~1\SiteRank.dll
    O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll
    O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
    O2 - BHO: YSPManager - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
    O2 - BHO: AOL Toolbar Loader - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
    O2 - BHO: (no name) - {CCB69577-088B-4004-9ED8-FF5BCC83A039} - C:\PROGRA~1\REBATE~1\RebateI.dll
    O2 - BHO: QuoteNeto - {d08090da-2fc9-458e-84d0-929cfeaa2513} - C:\Program Files\QuoteNeto\prxtbQuo0.dll
    O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll
    O2 - BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Toolbar BHO - {E30A55B1-F1B7-43a4-B3F6-EC90CDC4FE60} - C:\Program Files\puredefmusic\toolbar\1.bin\p3bar.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: Yontoo Layer (Drop Down Deals)s - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime (Drop Down Deals)\YontooIEClient.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll
    O2 - BHO: Search Assistant BHO - {FF365CDB-88FE-4ffa-A3F3-357855231DFA} - C:\Program Files\puredefmusic\toolbar\1.bin\p3SrcAs.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
    O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll
    O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
    O3 - Toolbar: PureDef Music Toolbar - {E30A55B9-F1B7-43a4-B3F6-EC90CDC4FE60} - C:\Program Files\puredefmusic\toolbar\1.bin\p3bar.dll
    O3 - Toolbar: QuoteNeto Toolbar - {d08090da-2fc9-458e-84d0-929cfeaa2513} - C:\Program Files\QuoteNeto\prxtbQuo0.dll
    O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll
    O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll
    O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll
    O4 - HKLM\..\Run: [lxdnmon.exe] "C:\Program Files\Lexmark 2600 Series\lxdnmon.exe"
    O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2600 Series\ezprint.exe"
    O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
    O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [PureDef Music Plugin] rundll32 C:\PROGRA~1\PUREDE~1\toolbar\1.bin\p3Plugin.dll,UPF
    O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Bing Bar] "C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe"
    O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [DLCQCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCQtime.dll,[email protected]
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
    O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYATgBKADMAMgAtAEcAMwBMAEEAQQAtAEEANAA4ADkAUgAtADkAVQBKAEsARgAtAEUASwBLADMAWAA"&"inst=NwA3AC0AMwA5ADEAMAAwADEAMQAyADUALQBUAEIAOQArADIALQBGAEwAKwA5AC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AC0ARgA5AE0AMQAwAEIAKwAyAC0AWABPADkAKwAxAC0ARgA5AE0AMgArADEA"&"prod=90"&"ver=9.0.894
    O4 - HKCU\..\Run: [Desktop Software] "C:\Program Files\Common Files\SupportSoft\bin\bcont.exe" /ini "C:\Program Files\ComcastUI\Desktop Software\uinstaller.ini" /fromrun /starthidden
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\LISA\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
    O4 - HKCU\..\Run: [RebateInformer] C:\PROGRA~1\REBATE~1\REBATE~1.EXE /STARTUP
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [ooVoo.exe] C:\program files\oovoo\oovoo.exe /minimized
    O4 - HKUS\S-1-5-19\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe /runonstartup" (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe /runonstartup" (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe /runonstartup" (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe /runonstartup" (User 'Default user')
    O4 - Startup: Socialbox.lnk = ?
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O8 - Extra context menu item: Crawler Search - tbr:iemenu
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
    O18 - Protocol: rebinfo - {AF808758-C780-404C-A4EE-4526323FD9B6} - C:\PROGRA~1\REBATE~1\RebateI.dll
    O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
    O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: DailyBibleGuide Service (DailyBibleGuideService) - DailyBibleGuide - C:\PROGRA~1\DAILYB~2\bar\1.bin\2vbarsvc.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: lxdn_device - - C:\WINDOWS\system32\lxdncoms.exe
    O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
    O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 17113 bytes



    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
    Run by LISA at 12:46:21 on 2011-11-26
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1080 [GMT -5:00]
    .
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lexmark 2600 Series\lxdnmon.exe
    C:\Program Files\Lexmark 2600 Series\ezprint.exe
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
    C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
    C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE
    C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\AVG Secure Search\vprot.exe
    C:\Program Files\Common Files\SupportSoft\bin\bcont.exe
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\PROGRA~1\REBATE~1\REBATE~1.EXE
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\program files\oovoo\oovoo.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\lxdncoms.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
    svchost.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\AVG\AVG2012\avgnsx.exe
    C:\Program Files\AVG\AVG2012\avgrsx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\Program Files\AVG\AVG2012\avgui.exe
    C:\WINDOWS\System32\ping.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.yahoo.com/
    uDefault_Page_URL = hxxp://www.msn.com
    uWindow Title = Internet Explorer, optimized for Bing and MSN
    uSearch Bar = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
    mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = *.local
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mSearchAssistant = hxxp://toolbar.inbox.com/search/ie.aspx?tbid=80110&lng=en
    mCustomizeSearch = hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80110
    uURLSearchHooks: Inbox Toolbar: {d3d233d5-9f6d-436c-b6c7-e63f77503b30} - c:\progra~1\inboxt~1\Inbox.dll
    uURLSearchHooks: N/A: {ff365cdc-88fe-4ffa-a3f3-357855231dfa} - c:\program files\puredefmusic\toolbar\1.bin\p3SrcAs.dll
    mURLSearchHooks: N/A: {ff365cdc-88fe-4ffa-a3f3-357855231dfa} - c:\program files\puredefmusic\toolbar\1.bin\p3SrcAs.dll
    uWinlogon: Shell=explorer.exe,c:\documents and settings\lisa\application data\10070\DA063.exe
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: MediaBar: {0974ba1e-64ec-11de-b2a5-e43756d89593} - c:\progra~1\bearsh~1\mediabar\toolbar\BearshareMediabarDx.dll
    BHO: : {11bf46c6-b3de-48bd-bf70-3ad85cab80b5} - c:\progra~1\sitera~1\SiteRank.dll
    BHO: PriceGongBHO Class: {1631550f-191d-4826-b069-d9439253d926} - c:\program files\pricegong\2.1.0\PriceGongIE.dll
    BHO: : {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~1\crawler\toolbar\ctbr.dll
    BHO: Yahooo Search Protection: {25bc7718-0bfa-40ea-b381-4b2d9732d686} - c:\program files\yahoo!\search protection\ysp.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
    BHO: AOL Toolbar Loader: {3ef64538-8b54-4573-b48f-4d34b0238ab2} - c:\program files\aol toolbar\aoltb.dll
    BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
    BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
    BHO: UrlHelper Class: {74322bf9-df26-493f-b0da-6d2fc5e6429e} - c:\progra~1\bearsh~1\mediabar\datamngr\IEBHO.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\8.0.0.40\AVG Secure Search_toolbar.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
    BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
    BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
    BHO: : {ccb69577-088b-4004-9ed8-ff5bcc83a039} - c:\progra~1\rebate~1\RebateI.dll
    BHO: QuoteNeto Toolbar: {d08090da-2fc9-458e-84d0-929cfeaa2513} - c:\program files\quoteneto\prxtbQuo0.dll
    BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll
    BHO: Inbox Toolbar: {d3d233d5-9f6d-436c-b6c7-e63f77503b30} - c:\progra~1\inboxt~1\Inbox.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: Toolbar BHO: {e30a55b1-f1b7-43a4-b3f6-ec90cdc4fe60} - c:\program files\puredefmusic\toolbar\1.bin\p3bar.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: Yontoo Layers (Drop Down Deals): {fd72061e-9fde-484d-a58a-0bab4151cad8} - c:\program files\yontoo layers runtime (drop down deals)\YontooIEClient.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn3\YTSingleInstance.dll
    BHO: Search Assistant BHO: {ff365cdb-88fe-4ffa-a3f3-357855231dfa} - c:\program files\puredefmusic\toolbar\1.bin\p3SrcAs.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
    TB: &Inbox Toolbar: {d7e97865-918f-41e4-9cd0-25ab1c574ce8} - c:\progra~1\inboxt~1\Inbox.dll
    TB: &Crawler Toolbar: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - c:\progra~1\crawler\toolbar\ctbr.dll
    TB: PureDef Music Toolbar: {e30a55b9-f1b7-43a4-b3f6-ec90cdc4fe60} - c:\program files\puredefmusic\toolbar\1.bin\p3bar.dll
    TB: QuoteNeto Toolbar: {d08090da-2fc9-458e-84d0-929cfeaa2513} - c:\program files\quoteneto\prxtbQuo0.dll
    TB: MediaBar: {0974ba1e-64ec-11de-b2a5-e43756d89593} - c:\progra~1\bearsh~1\mediabar\toolbar\BearshareMediabarDx.dll
    TB: @c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - c:\program files\aol toolbar\aoltb.dll
    TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\8.0.0.40\AVG Secure Search_toolbar.dll
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
    uRun: [Desktop Software] "c:\program files\common files\supportsoft\bin\bcont.exe" /ini "c:\program files\comcastui\desktop software\uinstaller.ini" /fromrun /starthidden
    uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
    uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [cdloader] "c:\documents and settings\lisa\application data\mjusbsp\cdloader2.exe" MAGICJACK
    uRun: [RebateInformer] c:\progra~1\rebate~1\REBATE~1.EXE /STARTUP
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    uRun: [ooVoo.exe] c:\program files\oovoo\oovoo.exe /minimized
    mRun: [lxdnmon.exe] "c:\program files\lexmark 2600 series\lxdnmon.exe"
    mRun: [EzPrint] "c:\program files\lexmark 2600 series\ezprint.exe"
    mRun: [ddoctorv2] "c:\program files\comcast\desktop doctor\bin\sprtcmd.exe" /P ddoctorv2
    mRun: [Boingo Wi-Fi] "c:\program files\boingo\boingo wi-fi\Boingo.lnk"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
    mRun: [PureDef Music Plugin] rundll32 c:\progra~1\purede~1\toolbar\1.bin\p3Plugin.dll,UPF
    mRun: [DATAMNGR] c:\progra~1\bearsh~1\mediabar\datamngr\DATAMN~1.EXE
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [Bing Bar] "c:\program files\msn toolbar\platform\5.0.1449.0\mswinext.exe"
    mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [DLCQCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCQtime.dll,[email protected]
    mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
    mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
    mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYATgBKADMAMgAtAEcAMwBMAEEAQQAtAEEANAA4ADkAUgAtADkAVQBKAEsARgAtAEUASwBLADMAWAA"&"inst=NwA3AC0AMwA5ADEAMAAwADEAMQAyADUALQBUAEIAOQArADIALQBGAEwAKwA5AC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AC0ARgA5AE0AMQAwAEIAKwAyAC0AWABPADkAKwAxAC0ARgA5AE0AMgArADEA"&"prod=90"&"ver=9.0.894
    dRun: [Exetender] "c:\program files\free ride games\GPlayer.exe /runonstartup"
    dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
    StartupFolder: c:\docume~1\lisa\startm~1\programs\startup\SOCIAL~1.LNK -
    mPolicies-system: DisableTaskMgr = 1 (0x1)
    dPolicies-explorer: NoDesktop = 1 (0x1)
    dPolicies-system: DisableTaskMgr = 1 (0x1)
    IE: &Search
    IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Crawler Search - tbr:iemenu
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htm
    IE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htm
    IE: Yahoo! &SMS - file:///c:\program files\yahoo!\Common/ycsms.htm
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
    LSP: mswsock.dll
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
    DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
    DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    TCP: DhcpNameServer = 192.168.1.1 68.238.112.12
    TCP: Interfaces\{0ECFA6EE-BB84-4E93-8AE2-9F478B625529} : DhcpNameServer = 192.168.1.1 68.238.112.12
    Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - c:\progra~1\inboxt~1\Inbox.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
    Handler: rebinfo - {AF808758-C780-404C-A4EE-4526323FD9B6} - c:\progra~1\rebate~1\RebateI.dll
    Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\crawler\toolbar\ctbr.dll
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\8.0.1\ViProtocol.dll
    Notify: igfxcui - igfxdev.dll
    AppInit_DLLs: c:\progra~1\bearsh~1\mediabar\datamngr\datamngr.dll c:\progra~1\bearsh~1\mediabar\datamngr\IEBHO.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    LSA: Authentication Packages = msv1_0 nwprovau
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\lisa\application data\mozilla\firefox\profiles\2gba2vnv.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2857573&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.search.selectedEngine - Inbox Search
    FF - prefs.js: browser.startup.homepage - hxxp://search.bearshare.com/
    FF - prefs.js: keyword.URL - hxxp://results.myway.com/dft_redir.jhtml?id=YD&ptb=A134B227-C071-4D81-8F64-A3E23F1EF662&psa=&ind=2010091520&ptnrS=YD&si=&st=kwd&n=&searchfor=
    FF - component: c:\documents and settings\lisa\application data\mozilla\firefox\profiles\2gba2vnv.default\extensions\{b80f591e-fe9a-46cf-a13e-180377240586}\components\RadioWMPCoreGecko19.dll
    FF - component: c:\documents and settings\lisa\application data\mozilla\firefox\profiles\2gba2vnv.default\extensions\[email protected]\components\RadioWMPCoreGecko19.dll
    FF - component: c:\documents and settings\lisa\application data\mozilla\firefox\profiles\2gba2vnv.default\extensions\[email protected]\components\AlotXpcom.dll
    FF - component: c:\progra~1\rebate~1\firefox\components\FFRebateI.dll
    FF - component: c:\progra~1\rebate~1\firefox\components\ffrisupport.dll
    FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
    FF - component: c:\program files\crawler\toolbar\firefox\components\xcomm.dll
    FF - component: c:\program files\crawler\toolbar\firefox\components\xshared.dll
    FF - component: c:\program files\crawler\toolbar\firefox\components\xsupport.dll
    FF - component: c:\program files\pricegong\2.1.0\ff\components\PriceGongFF.dll
    FF - component: c:\program files\siteranker\firefox\components\siterank.dll
    FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll
    FF - plugin: c:\program files\dailybibleguide\bar\1.bin\NP2vStub.dll
    FF - plugin: c:\program files\free ride games\npExentCtl.dll
    FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJPI150_06.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\NPp3Stub.dll
    FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(extentions.y2layers.installId, f7191cbe-344e-485a-89de-8a4637e965c1
    FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,Buzzdock,BuzzdockTease,DropDownDeals,
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
    R2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe -service --> c:\windows\system32\lxdncoms.exe -service [?]
    R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
    R2 vToolbarUpdater;vToolbarUpdater;c:\program files\common files\avg secure search\vtoolbarupdater\8.0.1\ToolbarUpdater.exe [2011-11-13 246624]
    R2 X4HSX32Ex;X4HSX32Ex;c:\program files\free ride games\X4HSX32Ex.sys [2007-7-12 29856]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134608]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]
    S1 aswSP;avast! Self Protection; [x]
    S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswfsblk.sys --> c:\windows\system32\drivers\aswFsBlk.sys [?]
    S2 DailyBibleGuideService;DailyBibleGuide Service;c:\progra~1\dailyb~2\bar\1.bin\2vbarsvc.exe [2011-2-1 28766]
    S4 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2007-10-11 254040]
    S4 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2007-10-11 352920]
    .
    =============== Created Last 30 ================
    .
    2011-11-24 21:04:32 -------- d-----w- C:\hijackthis
    2011-11-24 19:20:30 476904 ----a-w- c:\program files\mozilla firefox\plugins\REN40.tmp
    2011-11-24 19:20:30 472808 ----a-w- c:\windows\system32\REN3E.tmp
    2011-11-24 18:30:33 -------- d-----w- c:\documents and settings\lisa\application data\SUPERAntiSpyware.com
    2011-11-13 20:36:51 -------- d--h--w- C:\$AVG
    2011-11-13 20:16:51 -------- d-----w- c:\documents and settings\lisa\application data\ZK7fRL9hTqUeIrP
    2011-11-13 20:16:51 -------- d-----w- c:\documents and settings\lisa\application data\tYXwkUVrlB
    2011-11-13 20:16:33 -------- d-----w- c:\documents and settings\lisa\application data\zibD3pnG5Q6W8R9
    2011-11-13 20:16:32 -------- d-----w- c:\documents and settings\lisa\application data\vF4pmH5sQ7
    2011-11-13 19:59:11 -------- d-----w- c:\documents and settings\lisa\application data\dGQJ6dWK8R9TwUe
    2011-11-13 19:59:09 -------- d-----w- c:\documents and settings\lisa\application data\CrlOBtxP0c1b3n
    2011-11-13 19:58:49 -------- d-----w- c:\documents and settings\lisa\application data\hKR9hXkUeOtP
    2011-11-13 19:58:48 -------- d-----w- c:\documents and settings\lisa\application data\Q6sJfELTqYeIrO
    2011-11-13 19:41:41 -------- d-----w- c:\documents and settings\lisa\application data\AVG2012
    2011-11-13 19:34:54 -------- d-----w- c:\documents and settings\lisa\application data\AVG Secure Search
    2011-11-13 19:34:43 -------- d-----w- c:\program files\common files\AVG Secure Search
    2011-11-13 19:34:43 -------- d-----w- c:\program files\AVG Secure Search
    2011-11-13 19:32:52 -------- d-----w- c:\windows\system32\drivers\AVG
    2011-11-13 19:32:52 -------- d-----w- c:\documents and settings\all users\application data\AVG2012
    2011-11-13 19:27:44 -------- d-----w- c:\documents and settings\all users\application data\MFAData
    2011-11-13 19:19:39 -------- d-----w- c:\documents and settings\lisa\application data\N7fEL9gTZjC
    2011-11-13 19:19:39 -------- d-----w- c:\documents and settings\lisa\application data\jIBtzP0yc1
    2011-11-13 19:18:26 -------- d-----w- c:\documents and settings\lisa\application data\ZjUCelIBt
    2011-11-13 19:18:26 -------- d-----w- c:\documents and settings\lisa\application data\yD2onF4am5W7E8T
    2011-11-13 18:40:05 -------- d-----w- c:\documents and settings\lisa\application data\10070
    2011-11-13 18:39:39 -------- d-----w- c:\documents and settings\lisa\application data\IS2ib3pnGaJdKfZ
    2011-11-13 18:39:39 -------- d-----w- c:\documents and settings\lisa\application data\HfEL9gTZqYe
    2011-11-13 18:39:35 -------- d-----w- c:\documents and settings\lisa\application data\DNc1v2n4m5W7E8
    2011-11-13 18:39:34 -------- d-----w- c:\documents and settings\lisa\application data\UNx1v2b4mQE8RYU
    2011-11-11 14:31:40 -------- d-----w- c:\documents and settings\lisa\application data\ZmH5sWJ7dLgZhCk
    2011-11-11 14:31:40 -------- d-----w- c:\documents and settings\lisa\application data\afRZ9hTXwUeItPy
    2011-11-11 14:31:33 -------- d-----w- c:\documents and settings\lisa\application data\ieItPyAiDoFaHsJ
    2011-11-11 14:31:33 -------- d-----w- c:\documents and settings\lisa\application data\fgZjCkVzNx0v2
    2011-11-11 11:57:14 -------- d-----w- c:\program files\70A70
    2011-11-11 11:57:01 98816 ----a-w- c:\program files\internet explorer\59.tmp
    2011-11-11 11:56:52 -------- d-----w- c:\program files\LP
    2011-11-11 11:56:40 -------- d-----w- c:\windows\system32\S5sQJ7dELgZhCkV
    2011-11-11 11:56:40 -------- d-----w- C:\hIBrzPNyx1v2b4m
    2011-11-11 11:56:31 -------- d-----w- c:\windows\system32\TzONyxA0uSoF
    2011-11-11 11:56:27 -------- d-----w- C:\YVelOBtzPySiDoG
    2011-11-11 11:07:57 499788 ----a-w- c:\windows\system32\PerfStringBackup.TMP
    2011-11-11 10:55:58 296120 ----a-w- c:\windows\system32\shimg.dll
    2011-11-11 10:17:16 -------- d--h--w- c:\documents and settings\lisa\application data\CXwkUVrlOtPuSiD
    2011-11-11 10:17:15 -------- d--h--w- c:\documents and settings\lisa\application data\mbF4pmG5sJdKgZh
    2011-11-08 22:27:22 -------- d--h--w- c:\documents and settings\lisa\application data\OWK7fRL9hXjClBz
    2011-11-08 22:27:22 -------- d--h--w- c:\documents and settings\lisa\application data\GpmH5sWJ7E
    2011-11-08 12:49:26 -------- d--h--w- c:\documents and settings\lisa\application data\wdEK8gRZ9YwUeOt
    2011-11-08 12:49:26 -------- d--h--w- c:\documents and settings\lisa\application data\OsWK7fRL9T
    2011-11-08 03:49:51 -------- d--h--w- c:\documents and settings\lisa\application data\BVelOBtzPySiDoG
    2011-11-08 03:49:50 -------- d--h--w- c:\documents and settings\lisa\application data\tvS2ibF3pGaJdKf
    2011-11-08 01:12:35 -------- d--h--w- c:\documents and settings\lisa\application data\BK7fEL9gTqYeIrO
    2011-11-08 01:12:34 -------- d--h--w- c:\documents and settings\lisa\application data\nQJ6dEKfZhXjVlB
    2011-11-07 14:20:50 -------- d--h--w- c:\documents and settings\lisa\application data\xrlOBtxP0c1b3n
    2011-11-07 14:20:50 -------- d--h--w- c:\documents and settings\lisa\application data\uobF4pmG5Q7E
    2011-11-07 05:43:57 -------- d--h--w- c:\documents and settings\lisa\application data\wZ9hYXwjUeOtPyS
    2011-11-07 05:43:57 -------- d--h--w- c:\documents and settings\lisa\application data\etxA0uvS2b3m5Q6
    2011-11-07 05:13:20 -------- d--h--w- c:\documents and settings\lisa\application data\gBBBtzzP0yc1iD
    2011-11-07 05:13:20 -------- d--h--w- c:\documents and settings\lisa\application data\FdEEK88fRZhYXjV
    2011-11-07 05:13:12 -------- d--h--w- c:\documents and settings\lisa\application data\PJJ7fEEL8gTqjCk
    2011-11-07 05:13:10 -------- d--h--w- c:\documents and settings\lisa\application data\cccS11ibD3on4aH
    .
    ==================== Find3M ====================
    .
    2011-10-10 14:22:41 692736 ---ha-w- c:\windows\system32\inetcomm.dll
    2011-10-07 11:23:48 230608 ----a-w- c:\windows\system32\drivers\avgldx86.sys
    2011-10-04 11:21:42 16720 ----a-w- c:\windows\system32\drivers\AVGIDSShim.sys
    2011-10-03 07:37:52 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2011-09-28 07:06:50 599040 ---ha-w- c:\windows\system32\crypt32.dll
    2011-09-26 15:41:20 611328 ---h--w- c:\windows\system32\uiautomationcore.dll
    2011-09-26 15:41:20 220160 ---ha-w- c:\windows\system32\oleacc.dll
    2011-09-26 15:41:14 20480 ---ha-w- c:\windows\system32\oleaccrc.dll
    2011-09-13 11:30:10 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
    2011-09-06 13:20:51 1858944 ---ha-w- c:\windows\system32\win32k.sys
    .
    ============= FINISH: 12:57:25.20 ===============


    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2011-11-26 15:31:29
    Windows 5.1.2600 Service Pack 3
    Running: iut91zxi.exe; Driver: C:\DOCUME~1\LISA\LOCALS~1\Temp\pwtyapog.sys


    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\[email protected] 1
    Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\[email protected]
    Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\[email protected] 1
    Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\[email protected] 1
    Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\[email protected]
    Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\[email protected] 1
    Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\[email protected]
    Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected] 605
    Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected] 270

    ---- Files - GMER 1.0.15 ----

    File C:\Documents and Settings\LISA\Cookies\ZL70R6UL.txt 73 bytes
    File C:\Documents and Settings\LISA\Local Settings\Temporary Internet Files\Content.IE5\UOZ93E0F\text_group[1].php 0 bytes
    File C:\Documents and Settings\LISA\Local Settings\Temporary Internet Files\Content.IE5\UOZ93E0F\visit[1].js 0 bytes
    File C:\Documents and Settings\LISA\Local Settings\Temporary Internet Files\Content.IE5\UOZ93E0F\heading-bg[1].jpg 559 bytes
    File C:\Documents and Settings\LISA\Local Settings\Temporary Internet Files\Content.IE5\VVUPM4E8\search[1].htm 0 bytes
    File C:\Documents and Settings\LISA\Local Settings\Temporary Internet Files\Content.IE5\X8ZJH2BU\c=352%7Crand=780042413%7Cpv=y%7Casync=y%7Crt=ifr[1].txt 536 bytes
    File C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP979\A0393469.exe (size mismatch) 528384/528328 bytes executable
    File C:\WINDOWS\Temp\avg-80d2881a-2981-404c-81bf-63076fcfef36.tmp 0 bytes
    File C:\WINDOWS\Temp\avg-e0eedb62-13bb-417c-b5b4-7a43a4cc613b.tmp 0 bytes
    File C:\WINDOWS\Temp\avg-37e18978-b44c-4f67-8f51-1c0211571569.tmp 0 bytes
    File C:\WINDOWS\Temp\avg-004fdd38-7898-4c3e-a7c3-fc6a7045f23a.tmp 0 bytes
    File C:\WINDOWS\Temp\avg-ae8e9103-3301-4d06-b3e3-2d59531a344c.tmp 0 bytes
    File C:\WINDOWS\Temp\avg-f2622f02-56cf-401d-9051-52783625f804.tmp 0 bytes
    File C:\WINDOWS\Temp\avg-9bfefb04-1dc9-466e-bef8-4a34e57b2059.tmp 0 bytes
    File C:\WINDOWS\$NtUninstallKB30639$\1146631159 0 bytes
    File C:\WINDOWS\$NtUninstallKB30639$\1146631159\@ 2048 bytes
    File C:\WINDOWS\$NtUninstallKB30639$\1146631159\bckfg.tmp 703 bytes
    File C:\WINDOWS\$NtUninstallKB30639$\1146631159\cfg.ini 199 bytes
    File C:\WINDOWS\$NtUninstallKB30639$\1146631159\Desktop.ini 4608 bytes
    File C:\WINDOWS\$NtUninstallKB30639$\1146631159\kwrd.dll 223744 bytes
    File C:\WINDOWS\$NtUninstallKB30639$\1146631159\L 0 bytes
    File C:\WINDOWS\$NtUninstallKB30639$\1146631159\L\pdmzmplg 52480 bytes
    File C:\WINDOWS\$NtUninstallKB30639$\1146631159\lsflt7.ver 5176 bytes
    File C:\WINDOWS\$NtUninstallKB30639$\1146631159\U 0 bytes
    File C:\WINDOWS\$NtUninstallKB30639$\1146631159\U\[email protected] 1536 bytes
    File C:\WINDOWS\$NtUninstallKB30639$\1146631159\U\[email protected] 224768 bytes
    File C:\WINDOWS\$NtUninstallKB30639$\1146631159\U\[email protected] 1024 bytes
    File C:\WINDOWS\$NtUninstallKB30639$\1146631159\U\[email protected] 1024 bytes
    File C:\WINDOWS\$NtUninstallKB30639$\1146631159\U\[email protected] 12800 bytes
    File C:\WINDOWS\$NtUninstallKB30639$\1146631159\U\[email protected] 97792 bytes
    File C:\WINDOWS\$NtUninstallKB30639$\2183545068 0 bytes

    ---- EOF - GMER 1.0.15 ----
     
  2. Larusso

    Larusso

    Joined:
    Aug 9, 2011
    Messages:
    808
    Hy
    my name is Daniel and I will be assisting you with your Malware related problems.

    Before we move on, please read the following points carefully.
    • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
    • Perform everything in the correct order. Sometimes one step requires the previous one.
    • If you have any problems while you are following my instructions, Stop there and tell me the exact nature of your problem.
    • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
    • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
    • If I don't hear from you within 3 days from this initial or any subsequent post, I will have to unsubscribe from this thread and move on to assist someone else.
    • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
    • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.



    Please use an USB drive to transfer the tools to the infected system. We will fix your connection later as we first need to kill the rootkit on your system :)


    Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

    Download TDSSKiller.exe and save it to your desktop
    • Execute TDSSKiller.exe by doubleclicking on it.
    • Press Start Scan
    • If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
    • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

    Please post the contents of that log in your next reply.



    Please post in your next reply
    TDSSKiller.exe
     
  3. ybor10000

    ybor10000 Thread Starter

    Joined:
    Sep 10, 2005
    Messages:
    45
    Hello Daniel,
    Thank you for assisting me with my problem. I downloaded tdsskiller as you instructed but the application will not run. I downloaded again and it would stll not run.
     
  4. Larusso

    Larusso

    Joined:
    Aug 9, 2011
    Messages:
    808
    Hy there,

    Lets try another tool

    Download the tools needed to a flash drive or other removable media, and transfer them to the infected computer.

    ***************************************************

    Download ComboFix from one of these locations:

    Link 1
    Link 2


    **Note: It is important that it is saved directly to your desktop**

    --------------------------------------------------------------------

    With malware infections being as they are today, it's strongly recommended to have the Windows Recovery Console pre-installed on your machine before doing any malware removal.

    The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.


    Go to Microsoft's website => http://support.microsoft.com/kb/310994

    Scroll down to Step 1, and select the download that's appropriate for your Operating System. Download the file & save it as it's originally named.

    Note: If you have SP3, use the SP2 package.


    ---------------------------------------------------------------------

    Transfer all files you just downloaded, to the desktop of the infected computer.

    --------------------------------------------------------------------


    Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

    [​IMG]

    • Drag the setup package onto ComboFix.exe and drop it.
    • Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console.


      [​IMG]

    • At the next prompt, click 'Yes' to run the full ComboFix scan.
    • When the tool is finished, it will produce a report for you.
    Please post the C:\ComboFix.txt in your next reply.



    Please post in your next reply
    Combofix.txt
     
  5. ybor10000

    ybor10000 Thread Starter

    Joined:
    Sep 10, 2005
    Messages:
    45
    Combofix reported that rootkit activity was found and the system needed to be rebooted--I said yes and after reboot a blue screen appeared saying a problems has been detected and windows had to be shutdown.
     
  6. Larusso

    Larusso

    Joined:
    Aug 9, 2011
    Messages:
    808
    Please try to reboot again and let me know.
     
  7. ybor10000

    ybor10000 Thread Starter

    Joined:
    Sep 10, 2005
    Messages:
    45
    REbooted again---same result. Also, will reboot in safe mode or last known good configuration.
     
  8. ybor10000

    ybor10000 Thread Starter

    Joined:
    Sep 10, 2005
    Messages:
    45
    Let me correct my last post. Will NOT reboot in safe mode or last known good configuration.
     
  9. Larusso

    Larusso

    Joined:
    Aug 9, 2011
    Messages:
    808
    Hy there,
    Do you have a WinXP CD handy or are you able to burn a CD ?

    Edit

    The Recovery Console should have been installed by Combofix. While booting, do you see 2 boot options ?
    Windows XP and Windows Recovery Console



    It is really late here, so i have to go to bed now
     
  10. ybor10000

    ybor10000 Thread Starter

    Joined:
    Sep 10, 2005
    Messages:
    45
    Yes. I can get a copy of XP and the recovery console is an option at startup.
     
  11. Larusso

    Larusso

    Joined:
    Aug 9, 2011
    Messages:
    808
    Thats good.

    But first I want to try, if you can boot in Safemode with Command prompt.

    Reboot your System in Safe Mode.
    • Restart the computer. The computer begins processing a set of instructions known as BIOS.
    • After hearing your computer beep once during startup, but before the Windows icon appears, press F8 (dependent on your system this may be F5 or another key)
    • Instead of Windows loading as normal, a menu should appear
    • Use the arrow key to highlight Safe Mode with command prompt and press Enter.



    Let me know if this works :)
     
  12. ybor10000

    ybor10000 Thread Starter

    Joined:
    Sep 10, 2005
    Messages:
    45
    Followed your instructions. System freezes at login window. Tried other available options with same result. I have access to an Win xp professional cd currently registered to another system. Can we use it to reinstall the o/s on this machine? There is nothing we need on this system.
     
  13. Larusso

    Larusso

    Joined:
    Aug 9, 2011
    Messages:
    808
    You told me a very important thing.

    Your system is infected with a nasty Rootkit, called ZeroAccess. As Combofix is the only tool, which can take care of this infection on a XP system, we may end up in a reformat and reinstall.
    So in fact, that you do not have any important files on this system, it will be the best way to reinstall it.

    Is this a DELL Laptop and you do not get a XP CD for this ?
     
  14. ybor10000

    ybor10000 Thread Starter

    Joined:
    Sep 10, 2005
    Messages:
    45
    Yes. It's a Dell laptop. I do not have the original XP CD as the laptop was given to me used. I do have another XP cd that is currently registered to me on another system.
     
  15. Larusso

    Larusso

    Joined:
    Aug 9, 2011
    Messages:
    808
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1028538

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice