infected by apnwkyytssd.exe

[ssmarsh]

Sorry it took me so long to reply, but the Kaspersky download/scan took almost four hours! As for how things are going, here's a status report:

1. The PC is still slow, especially when opening programs like IE and Firefox. I know my RAM is low (640) and I was thinking of adding some but I don't know how.
2. During the Kaspersky download, a Carbonite on-line backup setup icon was placed on the desktop.
3. I've been getting the "windoes virtual memory minimum too low" message a lot.
4. I've been reading other threads in the forum and as a general question, I was wondering why the age of windows installations can be an issue.

Here are my logs:

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Thursday, August 12, 2010
Operating system: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Thursday, August 12, 2010 16:44:00
Records in database: 4125849
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\

Scan statistics:
Objects scanned: 78030
Threats found: 2
Infected objects found: 2
Suspicious objects found: 0
Scan duration: 03:36:45


File name / Threat / Threats count
C:\Qoobox\Quarantine\C\Documents and Settings\Steve\Local Settings\Application Data\bfyupraig\apnwkyytssd.exe.vir Infected: Trojan.Win32.FraudPack.bdwb 1
C:\Qoobox\Quarantine\C\Documents and Settings\Steve\Local Settings\Application Data\dhidxiqjs\flosvhstssd.exe.vir Infected: Trojan.Win32.FraudPack.bbqv 1

Selected area has been scanned.



DDS (Ver_10-03-17.01) - NTFSx86
Run by Steve at 21:22:39.23 on Thu 08/12/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.639.430 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\PROGRA~1\PANICW~1\POP-UP~2\PSFree.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\WINDOWS\system32\ctfmon.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\WINDOWS\runservice.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Carbonite\CarbonitePreinstaller.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Steve\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
mSearch Bar =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {fdd3b846-8d59-4ffb-8758-209b6ad74acc} - c:\program files\microsoft money\system\mnyviewer.dll
TB: &Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [PopUpStopperFreeEdition] "c:\progra~1\panicw~1\pop-up~2\PSFree.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [DVDSentry] c:\windows\system32\DSentry.exe
mRun: [DwlClient] c:\program files\common files\dell\eusw\Support.exe
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [DLCJCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCJtime.dll,_RunDLLEntry@16
mRun: [CarboniteSetupLite] "c:\program files\carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=1800
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mPolicies-explorer: <NO NAME> =
IE: &AOL Toolbar search - c:\program files\aol toolbar\toolbar.dll/SEARCH.HTML
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\PartyPoker.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - {301DA1EE-F65C-4188-A417-9E915CC8FBFA} - c:\program files\microsoft money\system\mnyviewer.dll
Trusted Zone: intuit.com\ttlc
Trusted Zone: turbotax.com
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {00000075-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/voxacm.CAB
DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab
DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} - hxxp://download.mcafee.com/molbin/Shared/MGBrwFld.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} - hxxps://email.health.state.ny.us/go/Notes.health.state.ny.us/iNotes.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab27571.cab
DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} - hxxps://support.microsoft.com/OAS/ActiveX/odc.cab
DPF: {33564D57-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/wmv9dmo.cab
DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} - hxxps://email.health.state.ny.us/go/notes.health.state.ny.us/iNotes6W.cab
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www1.snapfish.com/SnapfishActivia.cab
DPF: {41F17733-B041-4099-A042-B518BB6A408C} - hxxp://a1408.g.akamai.net/7/1408/9955/20031218/akamai.info.apple.com/iTunes4/WW/win/019-0123.20031218.zes4d/iTunesSetup.exe
DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - hxxp://aolcc.aol.com/computercheckup/qdiagcc.cab
DPF: {4B48D5DF-9021-45F7-A240-60304302A215} - hxxp://download.microsoft.com/download/b/d/b/bdb4e4ee-63b2-45ff-9d84-33205bf43143/WebCleaner.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.av.aol.com/molbin/shared/mcinsctl/en-us/4,0,0,77/mcinsctl.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1229634899468
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - hxxp://messenger.zone.msn.com/binary/MessengerStatsClient.cab
DPF: {8E28B3A9-FE83-45D1-B657-D5426B81A121} - hxxp://cs7b.instantservice.com/jars/customerxsigned34.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37875.5713078704
DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - hxxp://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://download.av.aol.com/molbin/shared/mcgdmgr/en-us/1,0,0,18/mcgdmgr.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/CLUE%20Classic/Images/armhelper.ocx
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} - hxxp://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
DPF: {D9EA64B2-B966-E177-332C-78B69886526D} - hxxp://download.newaol.com/bkpromo/download/PerformerSetup.cab
DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} - hxxp://officeupdate.microsoft.com/TemplateGallery/downloads/outc.cab
DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - hxxps://email.health.state.ny.us/go/notes.health.state.ny.us/dwa7W.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} - hxxp://tools.ebayimg.com/eps/activex/EPSControl_v1-0-3-0.cab
DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - hxxp://fdl.msn.com/public/chat/msnchat45.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
STS: IE Component Categories cache daemon: {553858a7-4922-4e7e-b1c1-97140c1c16ef} - c:\windows\system32\ieframe.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\steve\applic~1\mozilla\firefox\profiles\73an031c.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\steve\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\quicktime\plugins\npqtplugin8.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-2-2 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-2-2 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-2-27 243024]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-15 308136]
R2 LicCtrlService;LicCtrl Service;c:\windows\Runservice.exe [2003-6-16 2560]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-4 136176]
S3 CoachVid;CoachVid;c:\windows\system32\drivers\CoachVid.sys [2010-3-14 45344]
S3 XIRLINK;IBM PC Camera;c:\windows\system32\drivers\C-itNT.sys [2003-5-23 899884]

=============== Created Last 30 ================

2010-08-12 20:30:07 0 d-----w- c:\program files\Carbonite
2010-08-12 20:29:33 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-08-12 20:29:32 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-12 02:35:03 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-12 02:35:02 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-12 02:35:02 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-11 00:15:17 98816 ----a-w- c:\windows\sed.exe
2010-08-11 00:15:17 77312 ----a-w- c:\windows\MBR.exe
2010-08-11 00:15:17 256512 ----a-w- c:\windows\PEV.exe
2010-08-11 00:15:17 161792 ----a-w- c:\windows\SWREG.exe
2010-07-20 16:46:09 0 d-----w- c:\program files\iTunes
2010-07-20 16:46:09 0 d-----w- c:\docume~1\alluse~1\applic~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-07-20 16:37:15 0 d-----w- c:\program files\Bonjour
2010-07-18 13:32:06 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-15 20:28:00 12536 ----a-w- c:\windows\system32\avgrsstx.dll

==================== Find3M ====================

2010-08-12 20:00:36 5209 --sha-w- c:\windows\system32\mmf.sys
2010-07-15 20:28:04 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-15 20:26:26 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-05-18 20:35:16 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 20:35:16 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2010-05-18 20:35:16 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-05-18 20:35:16 107808 ----a-w- c:\windows\system32\dns-sd.exe
2008-05-29 13:59:20 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008052920080530\index.dat

============= FINISH: 21:23:30.54 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 5/23/2003 6:57:51 PM
System Uptime: 8/12/2010 3:59:27 PM (6 hours ago)

Motherboard: Dell Computer Corp. | | 0M0321
Processor: Intel(R) Pentium(R) 4 CPU 2.53GHz | Microprocessor | 2524/533mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 56 GiB total, 25.587 GiB free.
D: is CDROM ()
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP534: 5/15/2010 12:21:51 PM - Software Distribution Service 3.0
RP535: 5/16/2010 1:19:27 PM - System Checkpoint
RP536: 5/18/2010 5:26:47 PM - System Checkpoint
RP537: 5/19/2010 5:31:40 PM - System Checkpoint
RP538: 5/20/2010 6:06:01 PM - System Checkpoint
RP539: 5/21/2010 7:05:17 PM - System Checkpoint
RP540: 5/22/2010 7:28:42 PM - System Checkpoint
RP541: 5/23/2010 7:47:05 PM - System Checkpoint
RP542: 5/24/2010 8:13:13 PM - System Checkpoint
RP543: 5/25/2010 9:15:23 PM - System Checkpoint
RP544: 5/26/2010 10:10:33 PM - System Checkpoint
RP545: 5/27/2010 10:29:06 PM - System Checkpoint
RP546: 5/29/2010 6:21:32 AM - System Checkpoint
RP547: 5/30/2010 7:18:21 AM - System Checkpoint
RP548: 5/31/2010 6:48:38 AM - Software Distribution Service 3.0
RP549: 6/1/2010 3:48:37 PM - System Checkpoint
RP550: 6/2/2010 10:13:18 PM - Avg Update
RP551: 6/4/2010 6:28:47 PM - System Checkpoint
RP552: 6/5/2010 6:41:13 PM - System Checkpoint
RP553: 6/6/2010 7:54:11 PM - System Checkpoint
RP554: 6/7/2010 7:56:31 PM - System Checkpoint
RP555: 6/8/2010 8:04:07 PM - System Checkpoint
RP556: 6/9/2010 5:12:40 PM - Software Distribution Service 3.0
RP557: 6/10/2010 6:07:25 PM - System Checkpoint
RP558: 6/11/2010 6:55:24 PM - System Checkpoint
RP559: 6/12/2010 8:29:40 PM - System Checkpoint
RP560: 6/14/2010 4:46:14 PM - System Checkpoint
RP561: 6/15/2010 5:41:44 PM - System Checkpoint
RP562: 6/15/2010 9:09:52 PM - Removed LeapFrog Connect
RP563: 6/16/2010 9:24:57 PM - System Checkpoint
RP564: 6/17/2010 9:37:03 PM - System Checkpoint
RP565: 6/19/2010 9:00:36 AM - System Checkpoint
RP566: 6/20/2010 9:03:19 AM - System Checkpoint
RP567: 6/21/2010 6:45:40 PM - System Checkpoint
RP568: 6/22/2010 6:54:40 PM - System Checkpoint
RP569: 6/24/2010 10:31:47 AM - System Checkpoint
RP570: 6/25/2010 4:21:11 PM - Avg Update
RP571: 6/25/2010 4:43:33 PM - Software Distribution Service 3.0
RP572: 6/26/2010 5:39:51 PM - System Checkpoint
RP573: 6/27/2010 6:33:48 PM - System Checkpoint
RP574: 6/28/2010 6:44:59 PM - System Checkpoint
RP575: 6/29/2010 7:43:23 PM - System Checkpoint
RP576: 6/30/2010 8:38:08 PM - System Checkpoint
RP577: 7/1/2010 9:04:11 PM - System Checkpoint
RP578: 7/2/2010 9:54:32 PM - System Checkpoint
RP579: 7/3/2010 9:58:38 PM - System Checkpoint
RP580: 7/4/2010 10:51:41 PM - System Checkpoint
RP581: 7/6/2010 9:51:35 AM - System Checkpoint
RP582: 7/7/2010 7:52:32 PM - System Checkpoint
RP583: 7/8/2010 8:49:49 PM - System Checkpoint
RP584: 7/9/2010 6:10:22 AM - Removed Cisco Network Magic
RP585: 7/9/2010 6:12:00 AM - Removed Pure Networks Platform
RP586: 7/10/2010 6:42:00 AM - System Checkpoint
RP587: 7/11/2010 8:42:41 AM - System Checkpoint
RP588: 7/12/2010 3:41:43 PM - System Checkpoint
RP589: 7/13/2010 5:51:26 PM - System Checkpoint
RP590: 7/14/2010 6:45:41 PM - System Checkpoint
RP591: 7/15/2010 4:25:31 PM - Avg Update
RP592: 7/15/2010 4:28:17 PM - Avg Update
RP593: 7/16/2010 8:19:30 PM - System Checkpoint
RP594: 7/17/2010 8:57:12 PM - System Checkpoint
RP595: 7/18/2010 9:32:29 AM - Software Distribution Service 3.0
RP596: 7/19/2010 12:18:45 PM - System Checkpoint
RP597: 7/20/2010 12:20:33 PM - Avg Update
RP598: 7/20/2010 11:01:46 PM - Removed Safari
RP599: 7/22/2010 5:58:26 PM - System Checkpoint
RP600: 7/23/2010 6:46:24 PM - System Checkpoint
RP601: 7/24/2010 7:34:23 PM - System Checkpoint
RP602: 7/25/2010 8:15:14 PM - System Checkpoint
RP603: 7/26/2010 8:55:18 PM - System Checkpoint
RP604: 7/27/2010 9:13:40 PM - System Checkpoint
RP605: 7/29/2010 1:30:31 PM - System Checkpoint
RP606: 7/30/2010 5:16:42 PM - System Checkpoint
RP607: 7/31/2010 6:08:59 PM - System Checkpoint
RP608: 8/1/2010 6:28:19 PM - System Checkpoint
RP609: 8/2/2010 6:42:30 PM - System Checkpoint
RP610: 8/3/2010 6:58:04 PM - System Checkpoint
RP611: 8/4/2010 7:50:57 PM - System Checkpoint
RP612: 8/5/2010 8:37:51 PM - System Checkpoint
RP613: 8/6/2010 9:19:15 PM - System Checkpoint
RP614: 8/9/2010 5:51:15 PM - System Checkpoint
RP615: 8/10/2010 6:45:11 PM - System Checkpoint
RP616: 8/11/2010 7:03:14 PM - System Checkpoint
RP617: 8/11/2010 10:25:31 PM - Removed Java(TM) 6 Update 14
RP618: 8/12/2010 4:28:47 PM - Installed Java(TM) 6 Update 21
RP619: 8/12/2010 4:29:57 PM - Installed Java Runtime Environment

==== Installed Programs ======================

Adobe AIR
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Download Manager 1.2 (Remove Only)
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop Album 2.0 Starter Edition
Adobe Reader 9.3.3
Adobe Shockwave Player
AnswerWorks 4.0 Runtime - English
AOL Coach Version 2.0(Build:20041026.5 en)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG Free 9.0
Bonjour
Canon Camera Access Library
Canon Camera Support Core Library
Canon G.726 WMP-Decoder
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities PhotoStitch
Canon Utilities RemoteCapture DC
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Carbonite Online Backup Setup
Conexant SmartHSFi V92 56K DF PCI Modem
Data Lifeguard Diagnostic for Windows
Dell Digital Jukebox Driver
Dell Photo AIO Printer 964
Dell Picture Studio - Dell Image Expert
Dell Solution Center
Dell Support
Digital Line Detect
Disney Flix 3.0
DVDSentry
ERUNT 1.1j
Google Earth Plug-in
Google Update Helper
GradeQuick
Help and Support Customization
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HyperLoad
Intel(R) PRO Ethernet Adapter and Software
Intel(R) PROSet II
iPod for Windows 2006-03-23
iTunes
Java Auto Updater
Java(TM) 6 Update 21
Macromedia Flash Player
Malwarebytes' Anti-Malware
Microsoft .NET Framework (English)
Microsoft .NET Framework (English) v1.0.3705
Microsoft .NET Framework 1.0 Hotfix (KB928367)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Data Access Components KB870669
Microsoft Interactive Training
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2002
Microsoft Money 2002 System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Media Content
Microsoft Office XP Small Business
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows Media Video 9 VCM
Microsoft XML Parser
Modem Helper
Mozilla Firefox (3.0.5)
MSN Music Assistant
NetWaiting
NVIDIA Display Driver
NVIDIA Windows 2000/XP Display Drivers
Paint Shop Pro 7
Pop-Up Stopper Free Edition
PowerDVD
PrimoPDF
PrimoPDF Redistribution Package
Qualxserve Service Agreement
QuickTime
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Shockwave
Skype™ 4.2
Sound Blaster Live!
Spelling Dictionaries Support For Adobe Reader 9
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wnyiper
TurboTax 2009 wrapper
Unity Web Player
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB969497)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Viewpoint Media Player
WebEx Support Manager for Internet Explorer
WebFldrs XP
WexTech AnswerWorks
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 3
WinPatrol

==== Event Viewer Messages From Past Week ========

8/8/2010 11:53:33 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/8/2010 11:52:29 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/8/2010 11:44:37 PM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
8/8/2010 11:44:37 PM, error: Service Control Manager [7034] - The Intuit Update Service service terminated unexpectedly. It has done this 1 time(s).
8/8/2010 11:44:37 PM, error: Service Control Manager [7034] - The Creative Service for CDROM Access service terminated unexpectedly. It has done this 1 time(s).
8/8/2010 11:44:37 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/6/2010 6:49:39 PM, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 0007E9893EEE has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
8/11/2010 2:48:38 PM, error: Service Control Manager [7031] - The AVG Free WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
8/11/2010 2:48:37 PM, error: Service Control Manager [7034] - The WMDM PMSP Service service terminated unexpectedly. It has done this 1 time(s).
8/11/2010 2:48:37 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
8/11/2010 2:48:37 PM, error: Service Control Manager [7034] - The Canon Camera Access Library 8 service terminated unexpectedly. It has done this 1 time(s).
8/11/2010 2:48:36 PM, error: Service Control Manager [7034] - The Windows User Mode Driver Framework service terminated unexpectedly. It has done this 1 time(s).
8/11/2010 2:48:36 PM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s).
8/11/2010 2:48:36 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
8/11/2010 2:48:36 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
8/10/2010 8:18:08 PM, error: Service Control Manager [7034] - The LicCtrl Service service terminated unexpectedly. It has done this 1 time(s).

==== End Of File ===========================

[km2357]

Kaspersky found some files in the Qoobox folder which is where ComboFix keeps its quarantined files. I'll show you how to remove ComboFix in an upcoming post.

You can go ahead and re-enable AVG.

1. The PC is still slow, especially when opening programs like IE and Firefox. I know my RAM is low (640) and I was thinking of adding some but I don't know how.

For the slowness, try following the tips below and see if they help:

http://www.malwareremoval.com/tutori...ningslowly.php

640 MB of RAM is low, you should have at least 1024 MB (1 GB) of RAM on your computer. Since you don't know how to install/add RAM, the best thing to do is either have someone you know (friend or family) do it for you or take your computer to a local computer shop and tell them you want to add more RAM to your computer.

2. During the Kaspersky download, a Carbonite on-line backup setup icon was placed on the desktop.

Ok, you can delete that icon if you don't want the Carbonite online backup.

3. I've been getting the "windoes virtual memory minimum too low" message a lot.

To get rid of this message, do the following:

1. Click Start, right-click My Computer, and then click Properties.

2. In the System Properties dialog box, click the Advanced tab.

3. In the Performance pane, click Settings.

4. In the Performance Options dialog box, click the Advanced tab.

5. In the Virtual memory pane, click Change.

6. Change the Initial size value and the Maximum size value to a higher value, click Set, and then click OK.

7. Click OK to close the Performance Options dialog box, and then click OK to close the System Properties dialog box.

4. I've been reading other threads in the forum and as a general question, I was wondering why the age of windows installations can be an issue.

I'm not sure I understand, can you point me to some of threads that you're reading that you made you think up this question.

How old is your Windows installation? You want to make sure you always have the latest updates for Windows so your computer can be protected.

[ssmarsh]

Ok, you can delete that icon if you don't want the Carbonite online backup.

I can deleted the icon, but there's also a Carbonite subdirectory under Program Files that it won't let me delete.

6. Change the Initial size value and the Maximum size value to a higher value, click Set, and then click OK.

What values should I use? I have no idea what to set here.

I'm not sure I understand, can you point me to some of threads that you're reading that you made you think up this question.

How old is your Windows installation? You want to make sure you always have the latest updates for Windows so your computer can be protected.

Maybe it wasn't threads on this forum, but other stuff I saw while researching. My PC is 7+ years old. I've been updating Windows XP all along, but I've never reinstalled windows. I thought I saw somewhere that Windows can degrade over time...or maybe I'm just seeing things.

Overall how do things look? It still takes forever for IE or Firefox to open up, but once they do things are pretty good.

[km2357]

I can deleted the icon, but there's also a Carbonite subdirectory under Program Files that it won't let me delete.

What does it say when you try to delete the folder?

Go into Add/Remove Programs and if there is a listing for Carbonite Backup, go ahead and uninstall it. Reboot your computer once its uninstalled and then try to delete the C:\Program Files\Carbonite folder.

If that doesn't work or there's no Carbonite program to uninstall, try booting into Safe Mode ( You can go in Safe Mode by restarting your computer, then continually tapping F8 until a menu appears. Use your up arrow key to highlight Safe Mode, then hit enter.) and delete the folder from there.

What values should I use? I have no idea what to set here.

Just set the values higher than what they are now. If you no longer get the message, "windows virtual memory minimum too low", then you've set the value high enough. If you get the message again, then you need to set the Initial size and Maximum size values higher.

Maybe it wasn't threads on this forum, but other stuff I saw while researching. My PC is 7+ years old. I've been updating Windows XP all along, but I've never reinstalled windows. I thought I saw somewhere that Windows can degrade over time...or maybe I'm just seeing things.

I've never heard of the Windows Operating System itself degrading over time and as long as you keep it updated, you'll be good. The hardware in the computer can degrade over time and may eventually need to be replaced, but the Windows XP itself should be fine.

Overall how do things look? It still takes forever for IE or Firefox to open up, but once they do things are pretty good.

Looking at your logs, everything looks good, no signs of malware that I can see.

If you haven't yet try the slowdown tips I suggested earlier to see if they help. And you can also try uninstalling and reinstalling IE and Firefox to see that helps with them taking forever to load/open up.

[ssmarsh]

Go into Add/Remove Programs and if there is a listing for Carbonite Backup, go ahead and uninstall it.

Once I removed the setup link via add/remove, I was able to manually delete the Carbonite subdirectory.

Looking at your logs, everything looks good, no signs of malware that I can see.

That sounds great. Is there anything special I need to do to remove Combofix or any other programs we've used?

[km2357]

Since there appear to be no more malware-related problems, you're good to go.

You can delete the following off of your computer:

DDS.scr
The two DDS Logs
GMER.zip
GMER.exe
The GMER Log


To remove ComboFix, do the following:

Go to Start > Run - type in ComboFix /Uninstall & click OK


Empty your Recycle Bin.


Please take the time to read my All Clean Post.

Please follow these simple steps in order to keep your computer clean and secure:

This is a good time to clear your existing system restore points and establish a new clean restore point

• Go to Start > All Programs > Accessories > System Tools > System Restore
• Select Create a restore point, and Ok it.
• Next, go to Start > Run and type in cleanmgr
• Make sure the C:\ drive is selected and click OK. If your computer's Hard Drive is not located on C:, change it to the correct drive letter then click OK.
• Select the More options tab
• Choose the option to clean up system restore and OK it.
• This will remove all restore points except the new one you just created.

.

Clearing your restore points is not something you should do on a regular basis. Normally, this process only needs to be done after clearing out an infestation of malware.


Make your Internet Explorer more secure This can be done by following these simple instructions:

1. From within Internet Explorer click on the Tools menu and then click on Options.
2. Click once on the Security tab
3. Click once on the Internet icon so it becomes highlighted.
4. Click once on the Custom Level button.
   
   • Change the Download signed ActiveX controls to Prompt
   • Change the Download unsigned ActiveX controls to Disable
   • Change the Initialize and script ActiveX controls not marked as safe to Disable
   • Change the Installation of desktop items to Prompt
   • Change the Launching programs and files in an IFRAME to Prompt
   • Change the Navigate sub frames across different domains to Prompt
5. When all these settings have been made, click on the OK button.
6. If it asks you if you want to save the settings, press the Yes button.
7. Next press the Apply button and then the OK to exit the Internet Properties page.

Set correct settings for files that should be hidden in Windows XP

• Click Start > My Computer > Tools menu (at top of page) > Folder Options > View tab.
• Under "Hidden files and folders" if necessary select Do not show hidden files and folders.
• If unchecked please checkHide protected operating system files (Recommended)
• If necessary check "Display content of system folders"
• If necessary Uncheck Hide file extensions for known file types.
• Click OK

• Use An Antivirus Software and Keep It Updated - It is very important that your computer has an antivirus software running on your machine. This alone can save you a lot of trouble with malware in the future. It is imperative that you update your antivirus software at least once a day. If you do not update your antivirus software, then it will not be able to catch any of the new variants that may come out.
• Visit Microsoft's Update Site Frequently It is important that you visit Microsoft Updates regularly. This will ensure your computer has the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
• Install SpywareBlaster SpywareBlaster will add a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs. An article on anti-malware products with links for this program and others can be found here:
  Computer Safety on line Anti Malware
• Use the hosts file: Every version of windows has a hosts file as part of them. In a very basic sense, they are used to locate web pages. We can customize a hosts file so that it blocks certain web pages. However, it can slow down certain computers. This is why using a hosts file is optional. Download mvps hosts file Make sure you read the instructions on how to install the hosts file. There is a good tutorial HERE If you decide to download the hosts file, the slowdown problems can usually be avoided by following these steps:
  
  1. Click the start button on the task bar at the bottom of your screen
  2. Click run
  3. In the dialog box, type services.msc
  4. hit enter, then locate dns client
  5. Highlight it, then doubleclick it.
  6. On the dropdown box, change the setting from automatic to manual.
  7. Click ok..
• Use an alternative instant messenger program.Trillian and Miranda IM These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)
• Please read Tony Klein's excellent article: How I got Infected in the First Place
• Please read Understanding Spyware, Browser Hijackers, and Dialers
• Please read Simple and easy ways to keep your computer safe and secure on the Internet
• If you are using Internet Explorer, please consider using an alternate browser: Mozilla's Firefox or
  Opera.
  If you decide to use either FireFox or Opera, it is very important that you keep them up to date and check frequently for updates of the browser of your choice.
• Update all these programs regularly Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
• If your computer was infected by a website, a program, IM, MSN, or p2p, check this site because it is Time To Fight Back.

Follow these steps and your potential for being infected again will reduce dramatically.

Here's a good website to read about Malware prevention:

http://users.telenet.be/bluepatchy/m...revention.html

Good luck!

Please reply one last time so that I know you have read my post and this thread can be closed.

[ssmarsh]

I read it. Thanks again for all your help!!!

[km2357]

You're welcome. I'm glad I was able to help you out.

Good luck and safe surfing!

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

Note: If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than three days since your last response and you need the thread re-opened, please send me or your helper a private message (pm). A valid, working link to the closed topic is required.