PDA

View Full Version : Seems to be running extra slow



SpankyMcJedi
2007-05-07, 04:42
I've gone through all the normal stuff, removal of old programs, defrag, cleanup, etc, I even went from 1 to 2 gigs of ram, but nothing seems to change. Spybot came back clean, as did my trend micro. Here are the requisite logs. I'm not certain I've contracted something, but it leads me to believe something is amiss when my new machine is running slower than my 5 year old one with half the power.

Etrust
Scan Results: Scan Completed. 76556 files scanned. No viruses found.

File Infection Status Path
- No Infections

Logfile of HijackThis v1.99.1
Scan saved at 6:37:07 PM, on 5/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Money\System\urlmap.exe
C:\WINDOWS\system32\cidaemon.exe
C:\hijackthis\HJT.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://webmail.west.cox.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OE_OEM] "C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1177637802312
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

Mr_JAk3
2007-05-07, 22:42
Hello SpankyMcJedi :)

Nothing fishy in HijackThis log.


Please run a GMER Rootkit scan:

Download GMER's application from here:
http://www.gmer.net/gmer.zip

Unzip it and start the GMER.exe
Click the Rootkit tab and click the Scan button.

Once done, click the Copy button.
This will copy the results to your clipboard.
Paste the results in your next reply.

Warning ! Please, do not select the "Show all" checkbox during the scan.

SpankyMcJedi
2007-05-08, 02:07
Thanks for your response.

Here we go...

GMER 1.0.12.12244 - http://www.gmer.net
Rootkit scan 2007-05-07 16:04:57
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.12 ----

SSDT sptd.sys ZwCreateKey
SSDT sptd.sys ZwEnumerateKey
SSDT sptd.sys ZwEnumerateValueKey
SSDT sptd.sys ZwOpenKey
SSDT sptd.sys ZwQueryKey
SSDT sptd.sys ZwQueryValueKey
SSDT sptd.sys ZwSetValueKey

---- Kernel code sections - GMER 1.0.12 ----

? C:\WINDOWS\system32\drivers\sptd.sys The process cannot access the file because it is being used by another process.
.text USBPORT.SYS!DllUnload B990F68E 5 Bytes JMP 89B0F7C8
? System32\Drivers\ad2jvtjr.SYS The system cannot find the file specified.
? C:\WINDOWS\system32\DRIVERS\update.sys

---- User code sections - GMER 1.0.12 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[2928] USER32.dll!DialogBoxParamW 7E42555F 5 Bytes JMP 009CF205 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[2928] USER32.dll!DialogBoxIndirectParamW 7E432032 5 Bytes JMP 00B5FEBF C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[2928] USER32.dll!MessageBoxIndirectA 7E43A04A 5 Bytes JMP 00B5FE40 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[2928] USER32.dll!DialogBoxParamA 7E43B10C 5 Bytes JMP 00B5FE84 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[2928] USER32.dll!MessageBoxExW 7E4505D8 5 Bytes JMP 00B5FDCC C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[2928] USER32.dll!MessageBoxExA 7E4505FC 5 Bytes JMP 00B5FE06 C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[2928] USER32.dll!DialogBoxIndirectParamA 7E456B50 5 Bytes JMP 00B5FEFA C:\WINDOWS\system32\IEFRAME.dll
.text C:\Program Files\Internet Explorer\iexplore.exe[2928] USER32.dll!MessageBoxIndirectW 7E4662AB 5 Bytes JMP 009F15DA C:\WINDOWS\system32\IEFRAME.dll

---- Devices - GMER 1.0.12 ----

Device \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA 89E411D8
Device \FileSystem\Ntfs \Ntfs IRP_MJ_PNP 89E411D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CREATE 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_CLOSE 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_DEVICE_CONTROL 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_INTERNAL_DEVICE_CONTROL 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_POWER 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_SYSTEM_CONTROL 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-0 IRP_MJ_PNP 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CREATE 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_CLOSE 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_DEVICE_CONTROL 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_INTERNAL_DEVICE_CONTROL 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_POWER 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_SYSTEM_CONTROL 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-1 IRP_MJ_PNP 89B0E1D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CREATE 89DD41D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_CLOSE 89DD41D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_READ 89DD41D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_WRITE 89DD41D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_FLUSH_BUFFERS 89DD41D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_DEVICE_CONTROL 89DD41D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_INTERNAL_DEVICE_CONTROL 89DD41D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SHUTDOWN 89DD41D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_POWER 89DD41D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_SYSTEM_CONTROL 89DD41D8
Device \Driver\dmio \Device\DmControl\DmIoDaemon IRP_MJ_PNP 89DD41D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CREATE 89DD41D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_CLOSE 89DD41D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_READ 89DD41D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_WRITE 89DD41D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_FLUSH_BUFFERS 89DD41D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_DEVICE_CONTROL 89DD41D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_INTERNAL_DEVICE_CONTROL 89DD41D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SHUTDOWN 89DD41D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_POWER 89DD41D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_SYSTEM_CONTROL 89DD41D8
Device \Driver\dmio \Device\DmControl\DmConfig IRP_MJ_PNP 89DD41D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CREATE 89DD41D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_CLOSE 89DD41D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_READ 89DD41D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_WRITE 89DD41D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_FLUSH_BUFFERS 89DD41D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_DEVICE_CONTROL 89DD41D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_INTERNAL_DEVICE_CONTROL 89DD41D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SHUTDOWN 89DD41D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_POWER 89DD41D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_SYSTEM_CONTROL 89DD41D8
Device \Driver\dmio \Device\DmControl\DmPnP IRP_MJ_PNP 89DD41D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CREATE 89DD41D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_CLOSE 89DD41D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_READ 89DD41D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_WRITE 89DD41D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_FLUSH_BUFFERS 89DD41D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_DEVICE_CONTROL 89DD41D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_INTERNAL_DEVICE_CONTROL 89DD41D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SHUTDOWN 89DD41D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_POWER 89DD41D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_SYSTEM_CONTROL 89DD41D8
Device \Driver\dmio \Device\DmControl\DmInfo IRP_MJ_PNP 89DD41D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CREATE 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_CLOSE 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_DEVICE_CONTROL 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_INTERNAL_DEVICE_CONTROL 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_POWER 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_SYSTEM_CONTROL 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-2 IRP_MJ_PNP 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_CREATE 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_CLOSE 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_DEVICE_CONTROL 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_POWER 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_SYSTEM_CONTROL 89B0E1D8
Device \Driver\usbuhci \Device\USBPDO-3 IRP_MJ_PNP 89B0E1D8

SpankyMcJedi
2007-05-08, 02:08
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_CREATE 89AE11D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_CLOSE 89AE11D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_DEVICE_CONTROL 89AE11D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_INTERNAL_DEVICE_CONTROL 89AE11D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_POWER 89AE11D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_SYSTEM_CONTROL 89AE11D8
Device \Driver\usbehci \Device\USBPDO-4 IRP_MJ_PNP 89AE11D8
Device \Driver\00000037 \Device\00000055 IRP_MJ_POWER [B9EDFD74] sptd.sys
Device \Driver\00000037 \Device\00000055 IRP_MJ_SYSTEM_CONTROL [B9EF92A2] sptd.sys
Device \Driver\00000037 \Device\00000055 IRP_MJ_PNP [B9EFA228] sptd.sys
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CREATE 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_READ 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_WRITE 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_FLUSH_BUFFERS 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_DEVICE_CONTROL 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_INTERNAL_DEVICE_CONTROL 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SHUTDOWN 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_CLEANUP 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_POWER 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_SYSTEM_CONTROL 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume1 IRP_MJ_PNP 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CREATE 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_READ 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_WRITE 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_FLUSH_BUFFERS 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_DEVICE_CONTROL 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_INTERNAL_DEVICE_CONTROL 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SHUTDOWN 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_CLEANUP 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_POWER 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_SYSTEM_CONTROL 89E431D8
Device \Driver\Ftdisk \Device\HarddiskVolume2 IRP_MJ_PNP 89E431D8
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE 89A87980
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE 89A87980
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ 89A87980
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE 89A87980
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS 89A87980
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL 89A87980
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL 89A87980
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN 89A87980
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER 89A87980
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL 89A87980
Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP 89A87980
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE 89A87980
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE 89A87980
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ 89A87980
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE 89A87980
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS 89A87980
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL 89A87980
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL 89A87980
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN 89A87980
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER 89A87980
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL 89A87980
Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP 89A87980
Device \Driver\NetBT \Device\NetBT_Tcpip_{EAD521B0-C36F-41C6-B922-10B87DB7B694} IRP_MJ_CREATE 89C3C1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{EAD521B0-C36F-41C6-B922-10B87DB7B694} IRP_MJ_CLOSE 89C3C1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{EAD521B0-C36F-41C6-B922-10B87DB7B694} IRP_MJ_DEVICE_CONTROL 89C3C1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{EAD521B0-C36F-41C6-B922-10B87DB7B694} IRP_MJ_INTERNAL_DEVICE_CONTROL 89C3C1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{EAD521B0-C36F-41C6-B922-10B87DB7B694} IRP_MJ_CLEANUP 89C3C1D8
Device \Driver\NetBT \Device\NetBT_Tcpip_{EAD521B0-C36F-41C6-B922-10B87DB7B694} IRP_MJ_PNP 89C3C1D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CREATE 89E421D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_CLOSE 89E421D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_DEVICE_CONTROL 89E421D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_INTERNAL_DEVICE_CONTROL 89E421D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_POWER 89E421D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_SYSTEM_CONTROL 89E421D8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 IRP_MJ_PNP 89E421D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CREATE 89E421D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_CLOSE 89E421D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_DEVICE_CONTROL 89E421D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_INTERNAL_DEVICE_CONTROL 89E421D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_POWER 89E421D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_SYSTEM_CONTROL 89E421D8
Device \Driver\atapi \Device\Ide\IdePort0 IRP_MJ_PNP 89E421D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CREATE 89E421D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_CLOSE 89E421D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_DEVICE_CONTROL 89E421D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_INTERNAL_DEVICE_CONTROL 89E421D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_POWER 89E421D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_SYSTEM_CONTROL 89E421D8
Device \Driver\atapi \Device\Ide\IdePort1 IRP_MJ_PNP 89E421D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_CREATE 89E421D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_CLOSE 89E421D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_DEVICE_CONTROL 89E421D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_INTERNAL_DEVICE_CONTROL 89E421D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_POWER 89E421D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_SYSTEM_CONTROL 89E421D8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e IRP_MJ_PNP 89E421D8

---- EOF - GMER 1.0.12 ----

Mr_JAk3
2007-05-08, 09:41
Ok nothing bad there....

Please do an online scan with Kaspersky WebScanner (http://www.kaspersky.com/virusscanner)

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
The program will launch and then begin downloading the latest definition files:
Once the files have been downloaded click on NEXT

Now click on Scan Settings
In the scan settings make that the following are selected:
Scan using the following Anti-Virus database:
Extended (if available otherwise Standard)

Scan Options:
Scan Archives
Scan Mail Bases

Click OK
Now under select a target to scan:Select My Computer

This will program will start and scan your system.
The scan will take a while so be patient and let it run.
Once the scan is complete it will display if your system has been infected.
Now click on the Save as Text button:
Save the file to your desktop.
Copy and paste that information in your next post.

SpankyMcJedi
2007-05-09, 07:53
Man that takes a while. Here it is.


-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Tuesday, May 08, 2007 9:52:02 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 9/05/2007
Kaspersky Anti-Virus database records: 296660
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 81265
Number of viruses found: 1
Number of infected objects: 5 / 0
Number of suspicious objects: 0
Duration of the scan process: 02:50:15

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3ad391678a806ec4d691e83aaa393b6f_24adf822-76f7-4481-b30b-ff1b40f8687f Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare Object is locked skipped
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp Object is locked skipped
C:\Documents and Settings\All Users\DRM\drmstore.hds Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Paul\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Paul\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Paul\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_360.wmdb Object is locked skipped
C:\Documents and Settings\Paul\Local Settings\Application Data\Microsoft\Money\10.0\urlmap.db Object is locked skipped
C:\Documents and Settings\Paul\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Paul\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Paul\Local Settings\Application Data\Microsoft\Zune\CurrentDatabase_365.wmdb Object is locked skipped
C:\Documents and Settings\Paul\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Paul\Local Settings\History\History.IE5\MSHist012007050820070509\index.dat Object is locked skipped
C:\Documents and Settings\Paul\Local Settings\Temp\JET4965.tmp Object is locked skipped
C:\Documents and Settings\Paul\Local Settings\Temp\JET5396.tmp Object is locked skipped
C:\Documents and Settings\Paul\Local Settings\Temp\~DFF841.tmp Object is locked skipped
C:\Documents and Settings\Paul\Local Settings\Temp\~DFF84C.tmp Object is locked skipped
C:\Documents and Settings\Paul\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Paul\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Paul\My Documents\My Money.lrd Object is locked skipped
C:\Documents and Settings\Paul\My Documents\My Money.mny Object is locked skipped
C:\Documents and Settings\Paul\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Paul\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Trend Micro\Internet Security 12\Quarantine\21.tmp/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Program Files\Trend Micro\Internet Security 12\Quarantine\21.tmp/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Program Files\Trend Micro\Internet Security 12\Quarantine\21.tmp/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Program Files\Trend Micro\Internet Security 12\Quarantine\21.tmp ZIP: infected - 3 skipped
C:\Program Files\Trend Micro\Internet Security 12\Quarantine\21.tmp CryptFF.b: infected - 3 skipped
C:\System Volume Information\catalog.wci\00000002.ps1 Object is locked skipped
C:\System Volume Information\catalog.wci\00000002.ps2 Object is locked skipped
C:\System Volume Information\catalog.wci\00010002.ci Object is locked skipped
C:\System Volume Information\catalog.wci\cicat.fid Object is locked skipped
C:\System Volume Information\catalog.wci\cicat.hsh Object is locked skipped
C:\System Volume Information\catalog.wci\CiCL0001.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiP10000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiP20000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiPT0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiSL0001.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiSP0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiST0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\CiVP0000.000 Object is locked skipped
C:\System Volume Information\catalog.wci\INDEX.000 Object is locked skipped
C:\System Volume Information\catalog.wci\propstor.bk1 Object is locked skipped
C:\System Volume Information\catalog.wci\propstor.bk2 Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP8\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{358122E6-5145-409C-9EAC-F69D3F2321F8}.crmlog Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_274.dat Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

Mr_JAk3
2007-05-09, 21:49
Hello :)

Nothing bad there either....
Computer appears to be clean...

You said that you had gone trough the normal stuff but please check these instructions -> link (http://www.castlecops.com/postitle175256-0-0-.html), maybe there is something you haven't yet tried :bigthumb:

SpankyMcJedi
2007-05-09, 22:38
Thanks for checking! I appreciate the link.

Mr_JAk3
2007-05-10, 21:26
You're very welcome :)

Now that you seem to be clean, please follow these simple steps in order to keep your computer clean and secure:
Clear your system restore (http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/tips/mcgill1.mspx)
This will clear the system restore folders from possible malware that was left behind during the cleaning process.

Use ATF Cleaner (http://www.atribune.org/ccount/click.php?id=1)
Download and install ATF Cleaner. Clean your temporary files & folders with it regularly.

Use Ad-Aware (http://www.bleepingcomputer.com/forums/?showtutorial=48)
Download and install Ad-Aware. Update it and scan your computer regularly with it.

Use AVG Anti-Spyware (http://www.ewido.net/en/)
Download and install AVG Anti-Spyware. Update it and scan your computer regularly with it.

Use Spybot S&D (http://www.bleepingcomputer.com/forums/?showtutorial=43)
Download and install Spybot S&D. Update it and scan your computer regularly with it.

Install SpywareBlaster (http://www.bleepingcomputer.com/tutorials/tutorial49.html)
SpywareBlaster will prevent spyware from being installed.

Install MVPS Hosts file (http://mvps.org/winhelp2002/hosts.htm)
This prevents your computer from connecting to harmful sites.

Use Firefox browser (http://www.mozilla.org)
Firefox is faster and more secure browser than Internet Explorer.

Keep your systen up-to-date (http://windowsupdate.microsoft.com)
Visit Windows Update regularly. How to enable Automatic Updates? (http://www.bleepingcomputer.com/tutorials/tutorial35.html)

Keep your antivirus (http://forum.malwareremoval.com/viewtopic.php?p=53#53) and firewall (http://forum.malwareremoval.com/viewtopic.php?p=56#56) up-to-date
Scan your computer regularly with you antivirus software.

Read this article by TonyKlein (http://forums.spybot.info/showthread.php?t=279)
So how did I get infected in the first place?

Stand Up and Be Counted ! (http://www.malwarecomplaints.info/index.php)
The site offers people who have been (or are) victims of malware the opportunity to document their story and, in that way, launch a complaint against the malware and the makers of the malware.


Stay clean and be safe ;)

tashi
2007-05-22, 23:33
This topic has been archived.

If you need it re-opened and will be posting the information requested, please send me a private message (pm) and provide a link to the thread. Applies only to the original poster, anyone else with similar problems please start a new topic.