Pop ups just keep coming...

Do you have Firefox set as your default browser?

Click Start/Default Programs/ Set Program Access and Defaults/Microsoft Windows then choose Internet Explorer as your Web Browser.
 
Good Morning,

I have just gone over your logs, lets bypass the AV scan for now and do this.

Please Download No Lop to your desktop

  • First close any other programs you have running as this will require a reboot
  • Double click NoLop.exe to run it
  • Now click the button labeled "Search and Destroy"
    <<your computer will now be scanned for infected files>>
  • When scanning is finished you will be prompted to reboot only if infected, Click OK
  • Now click the "REBOOT" Button.
  • A Message should pop-up from NoLop. If not, double click the program again and it will finish Please Post the contents of C:\NoLop.log after completing the next steps.
--If you receive an error, "mscomctl.ocx or one of its dependencies are not correctly registered," please download mscomctl.ocx to your system32 folder then rerun the program.



Drag Combofix to the trash and grab a fresh copy, don't run it yet

Download Combofix from any of the links below, and save it to your desktop. <-- Important
Link 1
Link 2
Link 3



Open Notepad Go to Start> All Programs> Assessories> Notepad ( this will only work with Notepad )and copy all the text inside the Codebox by highlighting it all and pressing CTRL C on your keyboard, then paste it into Notepad, make sure there is no space before and above File::


Code: 
Folder::
C:\Documents and Settings\All Users\Application Data\part dead amok eggs

Save this as CFScript to your desktop.

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

CFScriptB-4.gif



This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThis log.



Open Hijackthis
  • Go to Misc Tools> Open Uninstall Manager.
  • Click on Save List.
  • The list will open in Notepad.
  • Copy and Paste the List into this thread
 
Hi,

Heres the logs:
NoLop! Log by Skate_Punk_21

Fix running from: C:\Documents and Settings\Compaq_Administrator\Desktop
[05/10/2008]
[13:21:34]

---Infection Files Found/Removed---
C:\WINDOWS\tasks\A86B7DA8938CF410.job

Beginning Removal...
Rebooting...
Removing Lop's Leftover Files/Folders...
Editing Registry...
**Fix Complete!**

---Listing AppData sub directories---

C:\Documents and Settings\Administrator\Application Data\Identities
C:\Documents and Settings\Administrator\Application Data\Microsoft
C:\Documents and Settings\Administrator\Application Data\Real
C:\Documents and Settings\All Users\Application Data\09
C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\Adobe Systems
C:\Documents and Settings\All Users\Application Data\Ahead
C:\Documents and Settings\All Users\Application Data\Azureus
C:\Documents and Settings\All Users\Application Data\Cyberlink
C:\Documents and Settings\All Users\Application Data\Google
C:\Documents and Settings\All Users\Application Data\Hewlett-packard
C:\Documents and Settings\All Users\Application Data\Installshield
C:\Documents and Settings\All Users\Application Data\Interaction Studios
C:\Documents and Settings\All Users\Application Data\Kiwee Toolbar
C:\Documents and Settings\All Users\Application Data\Malwarebytes
C:\Documents and Settings\All Users\Application Data\Memeo -- EMPTY Directory
C:\Documents and Settings\All Users\Application Data\Messenger Plus!
C:\Documents and Settings\All Users\Application Data\Mgs
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Music Coach
C:\Documents and Settings\All Users\Application Data\Nero
C:\Documents and Settings\All Users\Application Data\Nview_profiles -- EMPTY Directory
C:\Documents and Settings\All Users\Application Data\Oriador Rota
C:\Documents and Settings\All Users\Application Data\Part Dead Amok Eggs
C:\Documents and Settings\All Users\Application Data\Sbsi
C:\Documents and Settings\All Users\Application Data\Sectaskman
C:\Documents and Settings\All Users\Application Data\Sonic
C:\Documents and Settings\All Users\Application Data\Sony Ericsson
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
C:\Documents and Settings\All Users\Application Data\Symantec
C:\Documents and Settings\All Users\Application Data\Teleca
C:\Documents and Settings\All Users\Application Data\Temp -- EMPTY Directory
C:\Documents and Settings\All Users\Application Data\Trymedia
C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and Settings\All Users\Application Data\Wlinstaller
C:\Documents and Settings\Compaq_administrator\Application Data\.bittornado
C:\Documents and Settings\Compaq_administrator\Application Data\Ace
C:\Documents and Settings\Compaq_administrator\Application Data\Adobe
C:\Documents and Settings\Compaq_administrator\Application Data\Adobeum
C:\Documents and Settings\Compaq_administrator\Application Data\Ahead
C:\Documents and Settings\Compaq_administrator\Application Data\Arcsoft
C:\Documents and Settings\Compaq_administrator\Application Data\Atari -- EMPTY Directory
C:\Documents and Settings\Compaq_administrator\Application Data\Azureus
C:\Documents and Settings\Compaq_administrator\Application Data\Bang
C:\Documents and Settings\Compaq_administrator\Application Data\Bittorrent
C:\Documents and Settings\Compaq_administrator\Application Data\Blackbean
C:\Documents and Settings\Compaq_administrator\Application Data\Cyberlink
C:\Documents and Settings\Compaq_administrator\Application Data\Dvdcss
C:\Documents and Settings\Compaq_administrator\Application Data\Engadven
C:\Documents and Settings\Compaq_administrator\Application Data\Google
C:\Documents and Settings\Compaq_administrator\Application Data\Help -- EMPTY Directory
C:\Documents and Settings\Compaq_administrator\Application Data\Hpq
C:\Documents and Settings\Compaq_administrator\Application Data\Identities
C:\Documents and Settings\Compaq_administrator\Application Data\Imvu
C:\Documents and Settings\Compaq_administrator\Application Data\Lavasoft -- EMPTY Directory
C:\Documents and Settings\Compaq_administrator\Application Data\Leadertech
C:\Documents and Settings\Compaq_administrator\Application Data\Macromedia
C:\Documents and Settings\Compaq_administrator\Application Data\Malwarebytes
C:\Documents and Settings\Compaq_administrator\Application Data\Microgaming
C:\Documents and Settings\Compaq_administrator\Application Data\Microsoft
C:\Documents and Settings\Compaq_administrator\Application Data\Mozilla
C:\Documents and Settings\Compaq_administrator\Application Data\Music Coach
C:\Documents and Settings\Compaq_administrator\Application Data\Pc Tools
C:\Documents and Settings\Compaq_administrator\Application Data\Real
C:\Documents and Settings\Compaq_administrator\Application Data\Securom
C:\Documents and Settings\Compaq_administrator\Application Data\Sonic
C:\Documents and Settings\Compaq_administrator\Application Data\Spintop
C:\Documents and Settings\Compaq_administrator\Application Data\Sports Interactive
C:\Documents and Settings\Compaq_administrator\Application Data\Sun
C:\Documents and Settings\Compaq_administrator\Application Data\Symantec
C:\Documents and Settings\Compaq_administrator\Application Data\Teleca
C:\Documents and Settings\Compaq_administrator\Application Data\Template
C:\Documents and Settings\Compaq_administrator\Application Data\Thq -- EMPTY Directory
C:\Documents and Settings\Compaq_administrator\Application Data\Time Up Mapi
C:\Documents and Settings\Compaq_administrator\Application Data\Utorrent
C:\Documents and Settings\Compaq_administrator\Application Data\Vlc
C:\Documents and Settings\Compaq_administrator\Application Data\Winbatch
C:\Documents and Settings\Default User\Application Data\Identities
C:\Documents and Settings\Default User\Application Data\Microsoft
C:\Documents and Settings\Default User\Application Data\Real
C:\Documents and Settings\Lewis\Application Data\Adobe
C:\Documents and Settings\Lewis\Application Data\Ahead
C:\Documents and Settings\Lewis\Application Data\Arcsoft
C:\Documents and Settings\Lewis\Application Data\Atari
C:\Documents and Settings\Lewis\Application Data\Google
C:\Documents and Settings\Lewis\Application Data\Identities
C:\Documents and Settings\Lewis\Application Data\Installshield
C:\Documents and Settings\Lewis\Application Data\Installshield Installation Information
C:\Documents and Settings\Lewis\Application Data\Kiwee Toolbar
C:\Documents and Settings\Lewis\Application Data\Macromedia
C:\Documents and Settings\Lewis\Application Data\Media Player Classic
C:\Documents and Settings\Lewis\Application Data\Microsoft
C:\Documents and Settings\Lewis\Application Data\Mozilla
C:\Documents and Settings\Lewis\Application Data\Music Coach
C:\Documents and Settings\Lewis\Application Data\Real
C:\Documents and Settings\Lewis\Application Data\Sonic
C:\Documents and Settings\Lewis\Application Data\Sun
C:\Documents and Settings\Lewis\Application Data\Symantec
C:\Documents and Settings\Lewis\Application Data\Teleca
C:\Documents and Settings\Lewis\Application Data\Vlc
C:\Documents and Settings\Lewis\Application Data\Yoclient
C:\Documents and Settings\Lewis\Application Data\Youdagames
C:\Documents and Settings\Localservice\Application Data\Microsoft
C:\Documents and Settings\Networkservice\Application Data\Microsoft
C:\Documents and Settings\Shaz\Application Data\Adobe
C:\Documents and Settings\Shaz\Application Data\Ahead
C:\Documents and Settings\Shaz\Application Data\Google
C:\Documents and Settings\Shaz\Application Data\Hpq
C:\Documents and Settings\Shaz\Application Data\Identities
C:\Documents and Settings\Shaz\Application Data\Macromedia
C:\Documents and Settings\Shaz\Application Data\Microsoft
C:\Documents and Settings\Shaz\Application Data\Music Coach
C:\Documents and Settings\Shaz\Application Data\Real
C:\Documents and Settings\Shaz\Application Data\Sonic
C:\Documents and Settings\Shaz\Application Data\Sun
C:\Documents and Settings\Shaz\Application Data\Symantec
C:\Documents and Settings\Shaz\Application Data\Teleca
C:\Documents and Settings\Shaz\Application Data\Thq
C:\Documents and Settings\Shaz\Application Data\Vlc
C:\Documents and Settings\Shaz\Application Data\Winbatch


ComboFix 08-10-04.07 - Compaq_Administrator 2008-10-05 13:58:00.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.520 [GMT 1:00]
Running from: C:\Documents and Settings\Compaq_Administrator\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Compaq_Administrator\Desktop\CFScript.txt
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\part dead amok eggs
C:\Documents and Settings\All Users\Application Data\part dead amok eggs\mp3 city.exe

.
((((((((((((((((((((((((( Files Created from 2008-09-05 to 2008-10-05 )))))))))))))))))))))))))))))))
.

2008-10-05 13:24 . 2008-10-05 13:27 <DIR> d-------- C:\NoLopBackups
2008-10-04 01:57 . 2008-10-04 01:57 <DIR> d-------- C:\ie-spyad
2008-10-04 01:56 . 2008-10-05 13:29 <DIR> d-------- C:\Program Files\SpywareGuard
2008-10-04 01:49 . 2008-10-04 01:49 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-10-01 17:39 . 2008-10-01 17:39 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-01 17:39 . 2008-10-01 17:39 <DIR> d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Malwarebytes
2008-10-01 17:39 . 2008-10-01 17:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-01 17:39 . 2008-09-10 00:08 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-01 17:39 . 2008-09-10 00:08 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-30 20:05 . 2008-09-30 20:05 <DIR> d-------- C:\Program Files\Trend Micro
2008-09-28 16:23 . 2008-09-28 16:23 0 --a------ C:\WINDOWS\nsreg.dat
2008-09-27 11:54 . 2008-09-27 11:54 230,424 --a------ C:\snp2sxp-001.raw
2008-09-23 18:39 . 2008-09-23 18:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-09-23 18:37 . 2008-09-23 18:37 <DIR> d-------- C:\Program Files\TIME UP MAPI
2008-09-23 18:37 . 2008-09-23 18:37 <DIR> d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\TIME UP MAPI
2008-09-23 18:36 . 2008-09-23 18:36 <DIR> d-------- C:\Program Files\Messenger Plus! Live
2008-09-23 18:36 . 2008-09-23 18:36 <DIR> d-------- C:\Program Files\Circle Developement
2008-09-13 18:31 . 2008-09-27 17:56 <DIR> d-------- C:\Program Files\Full Tilt Poker
2008-09-05 20:17 . 2008-09-05 20:17 272 --a------ C:\WINDOWS\_delis32.ini

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-05 13:02 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-10-05 11:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-10-02 19:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-02 17:21 54,616 ----a-w C:\Documents and Settings\Compaq_Administrator\Application Data\GDIPFONTCACHEV1.DAT
2008-10-02 17:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-09-26 21:27 --------- d-----w C:\Documents and Settings\Compaq_Administrator\Application Data\uTorrent
2008-09-23 17:36 --------- d-----w C:\Program Files\Windows Live
2008-09-23 17:36 --------- d-----w C:\Program Files\MSN Messenger
2008-09-13 17:31 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-06 17:26 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-09-01 21:03 --------- d-----w C:\Documents and Settings\Compaq_Administrator\Application Data\dvdcss
2008-08-22 20:24 --------- d-----w C:\Program Files\PartyGaming
2008-08-20 21:39 --------- d-----w C:\Program Files\Auran
2008-08-20 21:37 --------- d-----w C:\Program Files\EA GAMES
2008-08-20 21:32 --------- d-----w C:\Documents and Settings\Compaq_Administrator\Application Data\Atari
2008-08-20 21:30 --------- d-----w C:\Program Files\Java
2008-08-20 10:09 --------- d-----w C:\Program Files\Microsoft Games
2008-08-19 22:02 61,440 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemutil.dll
2008-08-19 22:02 45,056 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\uninstallUI\eHelpSetup.exe
2008-08-19 22:02 44,032 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Scripts\devcon.exe
2008-08-19 22:02 40,960 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\ScDmi.dll
2008-08-19 22:02 341,048 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\HPBasicDetection3.dll
2008-08-19 22:02 32,768 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\uploadHSC.dll
2008-08-19 22:02 32,768 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\Scom.dll
2008-08-19 22:02 217,088 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
2008-08-19 22:02 163,840 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemcheck.dll
2008-08-19 21:05 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-07-24 07:49 53,456 ----a-w C:\Documents and Settings\Lewis\Application Data\GDIPFONTCACHEV1.DAT
2008-07-18 21:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2008-07-18 21:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 21:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 21:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-07-18 21:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 21:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 21:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2008-07-18 21:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 21:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2008-07-18 21:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 21:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2008-07-18 21:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 21:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2008-07-18 21:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 21:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2008-07-18 21:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 21:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-14 09:55 308,600 ----a-w C:\Documents and Settings\All Users\Application Data\NortonProtectionMemo.exe
2008-07-07 20:26 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:26 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll
2007-10-20 18:11 32 ----a-r C:\Documents and Settings\All Users\hash.dat
2007-04-12 12:12 422 ----a-w C:\Documents and Settings\Compaq_Administrator\Application Data\wklnhst.dat
2006-10-31 00:30 4,200,802 -c--a-w C:\Program Files\sdc202.rar
2006-10-30 23:55 16,332,072 -c--a-w C:\Program Files\Install_Messenger_nous.exe
2006-09-07 18:20 57,976 -c--a-w C:\Program Files\EN_Example.xml
2006-09-04 18:08 567 -c--a-w C:\Program Files\dcppboot.xml
2006-09-04 17:21 258,352 -c--a-w C:\Program Files\unicows.dll
2004-09-03 21:48 18,581 -c--a-w C:\Program Files\License.txt
2006-11-01 11:30 22 -csha-w C:\WINDOWS\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-05 68856]
"Else boob"="C:\DOCUME~1\COMPAQ~1\APPLIC~1\TIMEUP~1\audio roam ace.exe" [2008-09-23 467456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 64512]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-05-09 7311360]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 249856]
"tsnp2std"="C:\WINDOWS\tsnp2std.exe" [2005-11-03 106496]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2007-08-25 714608]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-01-31 51048]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"ftutil2"="ftutil2.dll" [2004-06-07 C:\WINDOWS\system32\ftutil2.dll]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-22 C:\WINDOWS\RTHDCPL.EXE]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-02 C:\WINDOWS\arpwrmsg.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 C:\WINDOWS\system32\bthprops.cpl]

C:\Documents and Settings\Lewis\Start Menu\Programs\Startup\
PinMcLnk.lnk - C:\hp\bin\cloaker.exe [2006-08-22 27136]

C:\Documents and Settings\Shaz\Start Menu\Programs\Startup\
PinMcLnk.lnk - C:\hp\bin\cloaker.exe [2006-08-22 27136]

C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [2003-08-29 360448]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
--a------ 2008-01-31 14:15 51048 C:\Program Files\Common Files\Symantec Shared\CCAPP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-06-10 04:27 144784 C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"LexBceS"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\utorrent\\utorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe"=

R2 LiveUpdate Notice;LiveUpdate Notice;C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-01-31 149864]
S3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-07-30 23888]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2005-09-21 8816128]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9111d574-b7aa-11db-b6cc-0018f3420918}]
\Shell\AutoRun\command - J:\Setup.exe -auto

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bc304a58-24e5-11dd-b911-0018f3420918}]
\Shell\AutoRun\command - K:\wd_windows_tools\setup.exe

*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder

2008-09-30 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Compaq_Administrator.job
- C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-08-27 02:19]
.
- - - - ORPHANS REMOVED - - - -

Notify-WgaLogon - (no file)



**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-05 14:03:43
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


**************************************************************************
.
Completion time: 2008-10-05 14:10:30
ComboFix-quarantined-files.txt 2008-10-05 13:09:27
ComboFix2.txt 2008-10-03 17:45:55

Pre-Run: 67,176,423,424 bytes free
Post-Run: 67,153,338,368 bytes free

181 --- E O F --- 2008-09-11 09:27:37


ComboFix 08-10-04.07 - Compaq_Administrator 2008-10-05 13:58:00.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.520 [GMT 1:00]
Running from: C:\Documents and Settings\Compaq_Administrator\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Compaq_Administrator\Desktop\CFScript.txt
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\part dead amok eggs
C:\Documents and Settings\All Users\Application Data\part dead amok eggs\mp3 city.exe

.
((((((((((((((((((((((((( Files Created from 2008-09-05 to 2008-10-05 )))))))))))))))))))))))))))))))
.

2008-10-05 13:24 . 2008-10-05 13:27 <DIR> d-------- C:\NoLopBackups
2008-10-04 01:57 . 2008-10-04 01:57 <DIR> d-------- C:\ie-spyad
2008-10-04 01:56 . 2008-10-05 13:29 <DIR> d-------- C:\Program Files\SpywareGuard
2008-10-04 01:49 . 2008-10-04 01:49 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-10-01 17:39 . 2008-10-01 17:39 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-01 17:39 . 2008-10-01 17:39 <DIR> d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Malwarebytes
2008-10-01 17:39 . 2008-10-01 17:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-01 17:39 . 2008-09-10 00:08 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-01 17:39 . 2008-09-10 00:08 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-30 20:05 . 2008-09-30 20:05 <DIR> d-------- C:\Program Files\Trend Micro
2008-09-28 16:23 . 2008-09-28 16:23 0 --a------ C:\WINDOWS\nsreg.dat
2008-09-27 11:54 . 2008-09-27 11:54 230,424 --a------ C:\snp2sxp-001.raw
2008-09-23 18:39 . 2008-09-23 18:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-09-23 18:37 . 2008-09-23 18:37 <DIR> d-------- C:\Program Files\TIME UP MAPI
2008-09-23 18:37 . 2008-09-23 18:37 <DIR> d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\TIME UP MAPI
2008-09-23 18:36 . 2008-09-23 18:36 <DIR> d-------- C:\Program Files\Messenger Plus! Live
2008-09-23 18:36 . 2008-09-23 18:36 <DIR> d-------- C:\Program Files\Circle Developement
2008-09-13 18:31 . 2008-09-27 17:56 <DIR> d-------- C:\Program Files\Full Tilt Poker
2008-09-05 20:17 . 2008-09-05 20:17 272 --a------ C:\WINDOWS\_delis32.ini

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-05 13:02 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-10-05 11:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-10-02 19:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-02 17:21 54,616 ----a-w C:\Documents and Settings\Compaq_Administrator\Application Data\GDIPFONTCACHEV1.DAT
2008-10-02 17:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-09-26 21:27 --------- d-----w C:\Documents and Settings\Compaq_Administrator\Application Data\uTorrent
2008-09-23 17:36 --------- d-----w C:\Program Files\Windows Live
2008-09-23 17:36 --------- d-----w C:\Program Files\MSN Messenger
2008-09-13 17:31 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-06 17:26 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-09-01 21:03 --------- d-----w C:\Documents and Settings\Compaq_Administrator\Application Data\dvdcss
2008-08-22 20:24 --------- d-----w C:\Program Files\PartyGaming
2008-08-20 21:39 --------- d-----w C:\Program Files\Auran
2008-08-20 21:37 --------- d-----w C:\Program Files\EA GAMES
2008-08-20 21:32 --------- d-----w C:\Documents and Settings\Compaq_Administrator\Application Data\Atari
2008-08-20 21:30 --------- d-----w C:\Program Files\Java
2008-08-20 10:09 --------- d-----w C:\Program Files\Microsoft Games
2008-08-19 22:02 61,440 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemutil.dll
2008-08-19 22:02 45,056 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\uninstallUI\eHelpSetup.exe
2008-08-19 22:02 44,032 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Scripts\devcon.exe
2008-08-19 22:02 40,960 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\ScDmi.dll
2008-08-19 22:02 341,048 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\HPBasicDetection3.dll
2008-08-19 22:02 32,768 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\uploadHSC.dll
2008-08-19 22:02 32,768 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\Scom.dll
2008-08-19 22:02 217,088 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
2008-08-19 22:02 163,840 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemcheck.dll
2008-08-19 21:05 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-07-24 07:49 53,456 ----a-w C:\Documents and Settings\Lewis\Application Data\GDIPFONTCACHEV1.DAT
2008-07-18 21:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2008-07-18 21:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 21:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 21:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-07-18 21:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 21:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 21:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2008-07-18 21:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 21:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2008-07-18 21:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 21:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2008-07-18 21:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 21:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2008-07-18 21:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 21:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2008-07-18 21:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 21:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-14 09:55 308,600 ----a-w C:\Documents and Settings\All Users\Application Data\NortonProtectionMemo.exe
2008-07-07 20:26 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:26 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll
2007-10-20 18:11 32 ----a-r C:\Documents and Settings\All Users\hash.dat
2007-04-12 12:12 422 ----a-w C:\Documents and Settings\Compaq_Administrator\Application Data\wklnhst.dat
2006-10-31 00:30 4,200,802 -c--a-w C:\Program Files\sdc202.rar
2006-10-30 23:55 16,332,072 -c--a-w C:\Program Files\Install_Messenger_nous.exe
2006-09-07 18:20 57,976 -c--a-w C:\Program Files\EN_Example.xml
2006-09-04 18:08 567 -c--a-w C:\Program Files\dcppboot.xml
2006-09-04 17:21 258,352 -c--a-w C:\Program Files\unicows.dll
2004-09-03 21:48 18,581 -c--a-w C:\Program Files\License.txt
2006-11-01 11:30 22 -csha-w C:\WINDOWS\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-05 68856]
"Else boob"="C:\DOCUME~1\COMPAQ~1\APPLIC~1\TIMEUP~1\audio roam ace.exe" [2008-09-23 467456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 64512]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-05-09 7311360]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 249856]
"tsnp2std"="C:\WINDOWS\tsnp2std.exe" [2005-11-03 106496]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2007-08-25 714608]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-01-31 51048]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"ftutil2"="ftutil2.dll" [2004-06-07 C:\WINDOWS\system32\ftutil2.dll]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-22 C:\WINDOWS\RTHDCPL.EXE]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-02 C:\WINDOWS\arpwrmsg.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 C:\WINDOWS\system32\bthprops.cpl]

C:\Documents and Settings\Lewis\Start Menu\Programs\Startup\
PinMcLnk.lnk - C:\hp\bin\cloaker.exe [2006-08-22 27136]

C:\Documents and Settings\Shaz\Start Menu\Programs\Startup\
PinMcLnk.lnk - C:\hp\bin\cloaker.exe [2006-08-22 27136]

C:\Documents and Settings\Compaq_Administrator\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [2003-08-29 360448]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
--a------ 2008-01-31 14:15 51048 C:\Program Files\Common Files\Symantec Shared\CCAPP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-06-10 04:27 144784 C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"LexBceS"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\utorrent\\utorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe"=

R2 LiveUpdate Notice;LiveUpdate Notice;C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-01-31 149864]
S3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-07-30 23888]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2005-09-21 8816128]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9111d574-b7aa-11db-b6cc-0018f3420918}]
\Shell\AutoRun\command - J:\Setup.exe -auto

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bc304a58-24e5-11dd-b911-0018f3420918}]
\Shell\AutoRun\command - K:\wd_windows_tools\setup.exe

*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder

2008-09-30 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Compaq_Administrator.job
- C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-08-27 02:19]
.
- - - - ORPHANS REMOVED - - - -

Notify-WgaLogon - (no file)



**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-05 14:03:43
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


**************************************************************************
.
Completion time: 2008-10-05 14:10:30
ComboFix-quarantined-files.txt 2008-10-05 13:09:27
ComboFix2.txt 2008-10-03 17:45:55

Pre-Run: 67,176,423,424 bytes free
Post-Run: 67,153,338,368 bytes free

181 --- E O F --- 2008-09-11 09:27:37


3D Groove Playback Engine
3DVIA Player 4.1
ABBYY FineReader 5.0 Sprint
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 7.1.0
Adobe Shockwave Player 11
Adobe Stock Photos 1.0
AppCore
ArcRail 3.0
ArcSoft VideoImpression 2
ccCommon
CCleaner (remove only)
Component Framework
Customer Experience Enhancement
DivX Web Player
Easy Internet Sign-up
Enhanced Multimedia Keyboard Solution
Full Tilt Poker
GemMaster Mystic
Google Earth
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB910393)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HP Boot Optimizer
HP DVD Play 2.1
HP Imaging Device Functions 7.0
HP Photosmart Premier Software 6.5
HP Update
Internet Services
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 9
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
Lexmark 1200 Series
LiveUpdate (Symantec Corporation)
LiveUpdate (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Malwarebytes' Anti-Malware
Messenger Plus! Live & Sponsor (CiD)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Flight Simulator 2004 A Century of Flight
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage
Microsoft Silverlight
Microsoft Train Simulator
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.0.3)
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
Need for Speed Underground 2
Nero 7 Ultra Edition
neroxml
Norton AntiVirus
Norton AntiVirus Help
Norton Confidential Core
Norton Internet Security
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton Protection Center
NVIDIA Drivers
Otto
PartyPoker
PC-Doctor 5 for Windows
PDC World Championship Darts 2008
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
Realtek High Definition Audio Driver
Security Task Manager 1.7
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Ship Simulator 2008
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sony Ericsson PC Suite 1.20.173
SPBBC 32bit
Spybot - Search & Destroy
Spybot - Search & Destroy 1.5.2.20
Spyware Doctor 5.5
SpywareBlaster 4.1
SpywareGuard v2.2
SweetIM For Internet Explorer 3.0b
Teaching-you Electric Guitar Skills
Tiger Woods PGA TOUR 08
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
USB2.0 PC Camera (SN9C201&202)
VideoLAN VLC media player 0.8.6d
WD Diagnostics
Windows Live installer
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Media Center Edition 2005 KB925766
Windows XP Service Pack 3
WinRAR archiver
Youda Camper

Thanks
 
Hello Hatch,

You had a variant of the Lop infection still present and it looks like its gone.

Messenger Plus! Live & Sponsor (CiD) When you installed this program you also installed the bundled software with it that will give you pop up adds, I suggest you uninstall this program, reinstall it but read through the install and do not install any add ons.

How are things running now??
 
Hi Ken,

Everything seems ok - had no pop ups. I have removed the messenger programme.

Thank you for your help.

Hatch
 
That's great :bigthumb: Read through Post # 16 for some clean up and free programs to install to help keep you more secure.

Ken :)
 
You must log in or register to reply here.
Back
Top