|
|
|
|||||||
| Notices |
 |
|
|
Thread Tools | Display Modes |
21-01-2009, 08:02 PM
|
#181 |
|
Founder
 
Join Date: Nov 2005
Location: The Last City Zion!
Posts: 3,539
Thanks: 287
Thanked 345 Times in 298 Posts
Rep Power: 62
  OS:
|
Re: Cannot access Antivirus Sites/Google/Avast etc.
The file C:\windows\winlogon.exe is definitely a malware. It's still there even after deletion means your PC is still infected some how. Since AVG is updated now do a full system scan and see how it's going. Also I recommend installing the trial version of ESET NOD32 Antivirus and doing a scan after disabling AVG.
Once the scan is done post a fresh Hijackthis log for further inspection.
__________________
Want to ask a question? Try This! A guide on how to post a question, reply to a post etc. 
Last edited by Strider; 22-01-2009 at 10:36 AM.. |
|
|
|
21-01-2009, 10:11 PM
|
#182 | |||
|
Junior Member (25+)
Join Date: Jan 2009
Posts: 47
Thanks: 3
Thanked 0 Times in 0 Posts
Rep Power: 0
 OS:
|
Re: Cannot access Antivirus Sites/Google/Avast etc.
Thanks Strider and Bakuryu!
I did try this: Quote:
Quote:
Quote:
Code:
ComboFix 09-01-08.04 - Jerks 2009-01-20 19:11:04.1 - NTFSx86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1763 [GMT -7:00]
Running from: c:\documents and settings\Jerks\Desktop\Fix.exe
Command switches used :: c:\documents and settings\Jerks\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
.
- REDUCED FUNCTIONALITY MODE -
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\components
c:\windows\system32\qmopt.dll
.
((((((((((((((((((((((((( Files Created from 2008-12-21 to 2009-01-21 )))))))))))))))))))))))))))))))
.
2009-01-20 18:21 . 2009-01-20 18:21 <DIR> d-------- C:\!KillBox
2009-01-19 19:41 . 2009-01-19 19:41 54,156 --ah----- c:\windows\QTFont.qfn
2009-01-19 19:41 . 2009-01-19 19:41 1,409 --a------ c:\windows\QTFont.for
2009-01-17 21:34 . 2009-01-17 21:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-01-17 21:32 . 2009-01-17 21:32 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-01-17 21:32 . 2009-01-20 18:41 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2009-01-17 21:31 . 2009-01-17 21:42 <DIR> d-------- c:\program files\ThreatFire
2009-01-17 21:31 . 2009-01-17 21:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\PC Tools
2009-01-17 21:31 . 2008-11-17 13:05 51,488 --a------ c:\windows\system32\drivers\TfFsMon.sys
2009-01-17 21:31 . 2008-11-17 13:05 39,200 --a------ c:\windows\system32\drivers\TfSysMon.sys
2009-01-17 21:31 . 2008-11-17 13:05 33,056 --a------ c:\windows\system32\drivers\TfNetMon.sys
2009-01-17 21:31 . 2008-11-17 13:05 12,576 --a------ c:\windows\system32\drivers\TfKbMon.sys
2009-01-17 19:48 . 2009-01-18 08:56 <DIR> d--h----- C:\$AVG8.VAULT$
2009-01-17 18:11 . 2009-01-17 18:12 262,144 --a------ c:\documents and settings\DEFAUL~4.UNK
2009-01-17 17:54 . 2009-01-17 17:54 76,040 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-01-17 17:54 . 2009-01-17 17:54 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-01-17 17:53 . 2009-01-19 23:50 <DIR> d-------- c:\windows\system32\drivers\Avg
2009-01-17 17:53 . 2009-01-17 17:53 <DIR> d-------- c:\program files\AVG
2009-01-17 17:53 . 2009-01-17 21:03 <DIR> d-------- c:\documents and settings\Jerks\Application Data\AVGTOOLBAR
2009-01-17 17:53 . 2009-01-17 18:11 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-01-17 17:53 . 2009-01-17 17:53 97,928 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-01-17 17:50 . 2009-01-17 17:54 8,192 --a------ c:\documents and settings\DEFAUL~3.UNK
2009-01-17 13:57 . 2009-01-17 13:57 <DIR> d-------- c:\documents and settings\Jerks\Application Data\Yahoo
2009-01-15 20:26 . 2009-01-15 20:26 <DIR> d-------- c:\documents and settings\All Users\Application Data\SolidWorks
2009-01-13 23:04 . 2008-04-13 11:45 60,032 --a------ c:\windows\system32\drivers\USBAUDIO.sys
2009-01-13 23:04 . 2008-04-13 11:45 60,032 --a--c--- c:\windows\system32\dllcache\usbaudio.sys
2009-01-12 22:56 . 2009-01-17 08:42 <DIR> d-------- c:\documents and settings\Jerks\Application Data\skypePM
2009-01-12 20:56 . 2009-01-17 13:25 <DIR> d-------- c:\documents and settings\Jerks\Application Data\Skype
2009-01-12 20:55 . 2009-01-12 20:55 <DIR> d-------- c:\program files\Skype
2009-01-12 20:55 . 2009-01-12 20:55 <DIR> d-------- c:\program files\Common Files\Skype
2009-01-12 20:54 . 2009-01-12 20:55 <DIR> d-------- c:\documents and settings\All Users\Application Data\Skype
2009-01-12 01:47 . 2009-01-12 01:47 <DIR> d-------- c:\windows\system32\scripting
2009-01-12 01:47 . 2009-01-12 01:47 <DIR> d-------- c:\windows\system32\en
2009-01-12 01:47 . 2009-01-12 01:47 <DIR> d-------- c:\windows\l2schemas
2009-01-10 03:33 . 2008-04-13 17:12 774,144 -----c--- c:\windows\system32\dllcache\setup_wm.exe
2009-01-10 03:32 . 2008-09-09 18:14 1,307,648 --------- c:\windows\system32\msxml6.dll
2009-01-10 03:31 . 2008-04-13 17:09 290,816 -----c--- c:\windows\system32\dllcache\l3codeca.acm
2009-01-10 03:31 . 2008-04-13 09:36 144,384 --------- c:\windows\system32\drivers\hdaudbus.sys
2009-01-10 03:31 . 2008-04-13 17:11 61,440 --------- c:\windows\system32\kmsvc.dll
2009-01-10 03:31 . 2008-04-13 17:11 37,376 --------- c:\windows\system32\l2gpstore.dll
2009-01-10 03:31 . 2006-12-28 12:01 19,569 --a------ c:\windows\006028_.tmp
2009-01-10 03:31 . 2008-04-13 17:12 10,752 --------- c:\windows\system32\smtpapi.dll
2009-01-10 03:31 . 2008-04-13 17:12 9,728 --------- c:\windows\system32\rwnh.dll
2009-01-10 03:31 . 2008-04-13 17:09 6,144 --------- c:\windows\system32\kbdpash.dll
2009-01-10 03:31 . 2008-04-13 17:09 6,144 --------- c:\windows\system32\kbdnepr.dll
2009-01-10 03:31 . 2008-04-13 17:09 6,144 --------- c:\windows\system32\kbdiultn.dll
2009-01-10 03:31 . 2008-04-13 17:09 6,144 --------- c:\windows\system32\kbdbhc.dll
2009-01-10 03:31 . 2003-03-31 05:00 5,971 -----c--- c:\windows\system32\dllcache\events.js
2009-01-10 03:31 . 2007-06-20 22:52 974 --------- c:\windows\system32\pid.inf
2009-01-09 18:41 . 2008-06-13 04:05 272,128 -----c--- c:\windows\system32\dllcache\bthport.sys
2009-01-09 18:40 . 2008-08-14 03:04 138,496 -----c--- c:\windows\system32\dllcache\afd.sys
2009-01-09 18:36 . 2008-12-11 03:57 333,952 -----c--- c:\windows\system32\dllcache\srv.sys
2009-01-09 18:23 . 2008-08-14 03:11 2,189,184 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2009-01-09 18:23 . 2008-08-14 03:09 2,145,280 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-01-09 18:23 . 2008-09-15 05:12 1,846,400 -----c--- c:\windows\system32\dllcache\win32k.sys
2009-01-09 18:22 . 2008-08-14 02:33 2,066,048 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-01-09 18:22 . 2008-08-14 02:33 2,023,936 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2009-01-09 18:21 . 2008-10-24 04:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2009-01-09 18:21 . 2008-05-08 07:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys
2009-01-09 18:20 . 2008-05-01 07:33 331,776 -----c--- c:\windows\system32\dllcache\msadce.dll
2009-01-09 18:19 . 2008-04-11 12:04 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll
2009-01-09 18:12 . 2008-10-15 09:34 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-18 04:34 --------- d-----w c:\program files\Lavasoft
2009-01-17 21:19 --------- d-----w c:\documents and settings\Jerks\Application Data\DassaultSystemes
2009-01-17 21:19 --------- d-----w c:\documents and settings\Jerks\Application Data\Blackberry Desktop
2009-01-17 21:18 --------- d-----w c:\documents and settings\Jerks\Application Data\Apple Computer
2009-01-17 21:18 --------- d-----w c:\documents and settings\Jerks\Application Data\Alias
2009-01-17 21:18 --------- d-----w c:\documents and settings\Jerks\Application Data\AdobeUM
2009-01-17 00:07 --------- d-----w c:\documents and settings\Jerks\Application Data\SolidWorks
2009-01-16 03:42 --------- d-----w c:\program files\Google
2009-01-16 03:25 --------- d-----w c:\program files\Common Files\SolidWorks Shared
2009-01-16 03:24 --------- d-----w c:\program files\SolidWorks
2009-01-16 03:23 --------- d-----w c:\program files\DWGeditor
2009-01-16 03:21 --------- d-----w c:\program files\SolidWorks Installation Manager
2009-01-16 03:20 --------- d-----w c:\program files\Common Files\eDrawings2007
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-07-30 02:35 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLbz.DAT
2008-03-05 01:20 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLec.DAT
2003-06-03 15:49 448,256 ----a-w c:\windows\inf\EL2K_N64.sys
2003-06-03 15:48 147,328 ----a-w c:\windows\inf\EL2K_XP.sys
2003-06-03 15:47 147,328 ----a-w c:\windows\inf\EL2K_2K.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-06 68856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"updateMgr"="c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" [2006-03-30 313472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2003-05-29 790528]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-30 344064]
"HPDJ Taskbar Utility"="c:\windows\System32\spool\drivers\w32x86\3\hpztsb11.exe" [2004-04-06 172032]
"HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-06 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2005-01-12 241664]
"HPHmon06"="c:\windows\system32\hphmon06.exe" [2004-06-06 659456]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_07\bin\jusched.exe" [2006-05-03 36975]
"PinnacleDriverCheck"="c:\windows\System32\PSDrvCheck.exe" [2004-03-10 406016]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" [2006-01-12 483328]
"Adobe Version Cue CS2"="c:\program files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" [2005-04-04 856064]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-10-25 282624]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-01-17 1261336]
"ThreatFire"="c:\program files\ThreatFire\TFTray.exe" [2008-11-17 263456]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2007-01-26 25214]
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2007-01-08 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
backup=c:\windows\pss\HP Image Zone Fast Start.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MA111 Configuration Utility.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\MA111 Configuration Utility.lnk
backup=c:\windows\pss\MA111 Configuration Utility.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Office Startup.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Office Startup.lnk
backup=c:\windows\pss\Office Startup.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Search Engine Commando Schedule Viewer.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Search Engine Commando Schedule Viewer.lnk
backup=c:\windows\pss\Search Engine Commando Schedule Viewer.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Jerks^Start Menu^Programs^Startup^VirtuaGirl2.lnk]
path=c:\documents and settings\Jerks\Start Menu\Programs\Startup\VirtuaGirl2.lnk
backup=c:\windows\pss\VirtuaGirl2.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Version Cue CS2]
--a------ 2005-04-04 18:58 856064 c:\program files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2005-02-16 22:11 49152 c:\program files\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2006-10-30 09:36 256576 c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-04-13 17:12 1695232 c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2006-10-25 18:58 282624 c:\program files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealPlayer]
--a------ 2006-10-24 10:03 214560 c:\program files\Real\RealPlayer\realplay.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioAudioCentral]
--a------ 2003-06-23 20:12 319488 c:\program files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
--a------ 2003-06-24 23:18 868352 c:\program files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioEngineUtility]
--a------ 2003-05-01 17:44 65536 c:\program files\Common Files\Roxio Shared\System\EngUtil.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WZCBDLService"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"%windir%\\system32\\drivers\\svchost.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2009-01-17 51488]
R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2009-01-17 39200]
R0 viaraid;viaraid;c:\windows\system32\drivers\viaraid.sys [2003-09-12 70272]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-01-17 97928]
S3 PRISM_USB;D-Link Air DWL-122 Wireless USB Adapter Driver;c:\windows\system32\drivers\PRISMUSB.sys [2004-01-11 636502]
S3 Rpbbcvec2-a;Rpbbcvec2-a;c:\windows\system32\drivers\mspclock.sys [2007-01-08 5376]
S3 scsiscan;SCSI Scanner Driver;c:\windows\system32\drivers\scsiscan.sys [2004-03-19 11520]
S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2009-01-17 33056]
S4 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-01-17 875288]
S4 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-17 231704]
S4 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-01-17 76040]
S4 sprtlisten;SupportSoft Listener Service;c:\program files\Common Files\supportsoft\bin\sprtlisten.exe [2008-01-08 1213728]
S4 ThreatFire;ThreatFire;c:\program files\ThreatFire\TFService.exe service --> c:\program files\ThreatFire\TFService.exe service [?]
--- Other Services/Drivers In Memory ---
*Deregistered* - TDSSserv.sys
.
Contents of the 'Scheduled Tasks' folder
2008-04-27 c:\windows\Tasks\QuickConnectSupportTask.job
- c:\program files\Qwest\QuickConnect\QuickConnect.exe [2008-01-31 23:26]
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-InCD - c:\program files\Ahead\InCD\InCD.exe
HKLM-Run-realteke - c:\documents and settings\Jerks\Application Data\Google\cijwg16225165.exe
HKU-Default-Run-ALUAlert - c:\program files\Symantec\LiveUpdate\ALUNotify.exe
MSConfigStartUp-D-Link Air USB Utility - c:\program files\D-Link\Air USB Utility\AirCFG.exe
MSConfigStartUp-MsnMsgr - c:\program files\MSN Messenger\MsnMsgr.Exe
MSConfigStartUp-Nolo - c:\documents and settings\Jerks\Application Data\oeee.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &AOL Toolbar search - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTML
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Jerks\Application Data\Mozilla\Firefox\Profiles\ewrtdpne.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - plugin: c:\program files\Java\jre1.5.0_07\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_07\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_07\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_07\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_07\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_07\bin\NPJPI150_07.dll
FF - plugin: c:\program files\Java\jre1.5.0_07\bin\NPOJI610.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-20 19:12:03
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files:
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TDSSserv.sys]
"imagepath"="\systemroot\system32\drivers\TDSSpaxt.sys"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,e8,2b,58,1d,47,\
d7,c6,ad,2e,e8,e1,00,eb,16,2b,de,8f,85,61,aa,42,4c,2a,45,e2,63,26,f1,3f,c8,\
ff,68,d4,4f,f2,8f,ec,f6,95,18,c8,28,51,af,b0,29,a3,98,14,41,a3,fb,d2,a9,c1,\
ae,bc,52,f0,c7
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,69,3e,e9,d5,f6,\
c2,6c,33,46,47,15,b0,92,4b,c7,ef,3d,44,ce,4f,e6,4d,46,58,6a,9c,d6,61,af,45,\
84,18,c6,2c,e8,a5,0a,b9,9b,95,71,3b,04,66,8b,46,0d,96,e5,4f,4f,df,4e,68,14,\
0b,3b,2c,55,f1
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,3a,c9,2f,43,e8,\
d0,44,76,7a,45,05,fd,91,e8,6f,31,8f,85,8a,03,25,5b,5d,a7,ff,7c,85,e0,43,d4,\
0e,fe,36,0c,c5,f1,0a,43,cf,f1,25,da,ec,7e,55,20,c9,26,7d,39,64,f8,c6,f7,7a,\
77,14,e8,dc,52
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,98,79,a5,b4,27,\
d2,89,58,6b,65,49,6a,7e,99,74,f7,90,64,6f,66,21,8d,f4,23,86,8c,21,01,be,91,\
eb,e7,69,d8,41,f9,6a,92,b2,14,86,8c,21,01,be,91,eb,e7,6c,47,b6,87,39,62,a2,\
55,4b,4a,e8,d4
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,a6,83,bb,0e,ba,\
88,62,d7,e9,02,6c,fa,fb,1d,47,57,31,2a,7a,14,c5,c5,1d,56,f5,1d,4d,73,a8,13,\
5c,05,4a,9f,be,e0,8b,35,c9,38,f5,1d,4d,73,a8,13,5c,05,74,b7,d2,16,f3,81,5a,\
11,66,eb,67,32
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:50,93,e5,ab,ec,6a,4e,ab,85,8a,b1,99,26,\
d2,7c,9e,50,93,e5,ab,ec,6a,4e,ab,b1,0a,cb,96,e5,47,5b,41,df,20,58,62,78,6b,\
cf,c8,e6,6a,20,9a,d9,80,cf,0d,df,20,58,62,78,6b,cf,c8,cd,b8,0f,02,c9,68,eb,\
7a,8e,a6,e4,4d
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,ea,e7,06,59,0d,\
b8,2c,4e,97,20,4e,9a,c7,f1,35,ee,a8,67,7d,ad,63,79,f1,b7,fb,a7,78,e6,12,2f,\
9a,ea,c3,7f,06,76,9c,fa,d1,47,31,77,e1,ba,b1,f8,68,02,b8,71,d1,82,d1,ae,48,\
c5,20,4e,ec,9b
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,a4,09,1e,c4,97,\
95,af,dc,aa,52,c6,00,84,3c,26,64,27,33,89,90,5b,ba,52,6c,01,3a,48,fc,e8,04,\
4a,f1,e2,d2,ff,d9,08,9e,47,d0,83,6c,56,8b,a0,85,96,ab,96,76,ce,a9,86,1e,7f,\
4a,78,4d,b3,da
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:b2,46,9a,e2,1b,fe,1b,94,27,c4,e9,e4,8a,\
bb,e5,4b,b2,46,9a,e2,1b,fe,1b,94,f3,10,a7,f5,a4,f5,de,3c,f6,0f,4e,58,98,5b,\
89,c9,cf,dd,0b,84,ca,38,fc,f5,f6,0f,4e,58,98,5b,89,c9,0c,76,1a,97,0a,ae,31,\
fe,a0,aa,be,c4
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,e3,c5,dd,4b,17,\
82,2b,a8,37,a4,aa,c3,a6,15,56,0a,ab,cf,a8,3c,45,67,f9,56,3d,ce,ea,26,2d,45,\
aa,78,f5,8b,68,f0,73,e6,69,fa,b1,cd,45,5a,a8,c4,f8,b9,25,04,d5,da,fc,de,32,\
5f,b5,69,62,83
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:f8,31,0f,a9,5f,a0,ec,fb,bb,2b,20,d6,9a,\
a4,b3,ce,f8,31,0f,a9,5f,a0,ec,fb,37,15,62,bb,22,ce,6b,80,2a,b7,cc,b5,b9,7f,\
41,e7,74,ae,9e,3c,be,29,1f,7d,2a,b7,cc,b5,b9,7f,41,e7,d9,96,83,2a,0a,8b,13,\
39,75,a8,18,f9
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\System32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,eb,5a,5e,6b,b3,\
57,ec,35,05,73,21,dd,54,d8,4a,c5,14,81,f0,f0,f7,a6,34,0c,6c,43,2d,1e,aa,22,\
2f,9c,86,dc,d3,ae,62,54,3f,a5,6c,43,2d,1e,aa,22,2f,9c,c1,78,69,f5,74,66,90,\
93,79,c7,d4,83
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\XP*NULL*]
"DisplayName"="?\13?\13"
"DeviceDesc"="?\13?\13"
"ProviderName"=""
"MFG"="???\\"
"ReinstallString"="c:\\WINDOWS\\System32\\ReinstallBackups\\?\13\\DriverFiles\\.INF"
"DeviceInstanceIds"=multi:"08346.inf\00"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TDSSserv.sys]
@DACL=(02 0000)
"start"=dword:00000001
"type"=dword:00000001
"imagepath"=expand:"\\systemroot\\system32\\drivers\\TDSSpaxt.sys"
"group"="file system"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(316)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-01-20 19:15:13
ComboFix-quarantined-files.txt 2009-01-21 02:15:10
Pre-Run: 6,536,105,984 bytes free
Post-Run: 42,128,269,312 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
367 --- E O F --- 2009-01-14 06:31:13
So I guess I should start over...? THANKS FOR YOUR HELP! Last edited by bakuryu; 21-01-2009 at 10:56 PM.. |
|||
|
|
|
|
21-01-2009, 11:39 PM
|
#183 |
|
ƒ(ψ)=ΘΊΧφ
 
Join Date: May 2006
Location: India
Age: 23
Posts: 6,621
Thanks: 19
Thanked 645 Times in 603 Posts
Rep Power: 87
OS:
 |
Re: Cannot access Antivirus Sites/Google/Avast etc.
@kenzie :::
Enable view of hidden and system files and then delete the following files : c:\windows\system32\AVSredirect.dll c:\windows\system32\lrrxb.dll c:\windows\system32\ssqPfDSi c:\windows\74232.exe G:\autorun.exe g:\directx9\dxsetup.exe G:\setup.exe lz32.dll.vbs (most probably in the C:\windows or c:\windows\system32 directory) Run regedit, go to HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa find the value named Authentication Packages, double click on it to edit, and delete only this line : c:\windows\system32\ssqPfDSi open cmd.exe and type the following lines : Code:
reg delete "HKLM\software\microsoft\shared tools\msconfig\startupreg\74232" /f
reg delete "HKCU\software\microsoft\windows\currentversion\explorer\mountpoints2\G" /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\NetSvcs" /v xzjnu /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost\NetSvcs" /v zbpqof /f
reg delete "HKCU\software\microsoft\windows\currentversion\explorer\mountpoints2\{1fb6abc1-03a6-11dd-a217-00508db4622c}" /f
reg delete "HKLM\System\ControlSet002\Services\xzjnu" /f
reg delete "HKLM\System\ControlSet002\Services\zbpqof" /f
sc delete xzjnu
sc delete zbpqof
netsh firewall set portopening protocol=TCP port=6834 mode=DISABLE
__________________
Please don't click here |
|
|
|
|
22-01-2009, 12:04 AM
|
#184 |
|
ƒ(ψ)=ΘΊΧφ
Join Date: May 2006
Location: India
Age: 23
Posts: 6,621
Thanks: 19
Thanked 645 Times in 603 Posts
Rep Power: 87
OS:
|
Re: Cannot access Antivirus Sites/Google/Avast etc.
@Speedgraphic :::
Your combofix log file also looks clean. open command prompt and type : ipconfig /flushdns then try visiting the anti-virus sites again. |
|
|
|
| Thanked Users: | Speedgraphic (22-01-2009) |
|
22-01-2009, 12:06 AM
|
#185 |
|
Junior Member (25+)
Join Date: Jan 2009
Posts: 47
Thanks: 3
Thanked 0 Times in 0 Posts
Rep Power: 0
OS:
|
Re: Cannot access Antivirus Sites/Google/Avast etc.
Thanks Bakuryu. I'll try that and get back to you.
 |
|
|
|
|
22-01-2009, 12:07 AM
|
#186 |
|
Newbie
Join Date: Jan 2009
Age: 22
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Rep Power: 0
OS:
|
Re: Cannot access Antivirus Sites/Google/Avast etc.
Hi bakuryu, I did what u said me to do but i cannot locate some files which are hidden as i cannot access my hidden files and folder all the time i Go to Tools-Folder Options-View-choose the radio to show hidden files it restores back .......
This is what u asked me to do: fix this entry in HijackThis : O4 - HKCU\..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe Delete the following files and directories: C:\Temp c:\windows\system32\nmdfgds1.dll c:\windows\AhnRpta.exe c:\windows\system32\olhrwef.exe C:\ve.exe c:\windows\system32\nmdfgds0.dll C:\bd3q0qix.exe c:\windows\HideWin.exe c:\windows\system32\kydswg.dll c:\windows\system32\afmain0.dll J:\bd3q0qix.exe Open services.msc find and disable khzuhd service. Open command prompt and type : Code: sc delete khzuhd ======================= i could not delete the following: c:\windows\system32\nmdfgds1.dll c:\windows\system32\olhrwef.exe C:\ve.exe c:\windows\system32\nmdfgds0.dll C:\bd3q0qix.exe c:\windows\system32\kydswg.dll J:\bd3q0qix.exe So i formatted my C: drive and still its infected and does not allow me to access my hidden files: This is my log file from Hijack this: Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:06:39 AM, on 1/22/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\AhnRpta.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 2329 bytes
Last edited by bakuryu; 22-01-2009 at 02:01 AM.. |
|
|
|
|
22-01-2009, 12:20 AM
|
#187 |
|
Newbie
Join Date: Jan 2009
Age: 22
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Rep Power: 0
OS:
|
Re: Cannot access Antivirus Sites/Google/Avast etc.
Bakuryu, Bro finally i am able to update and visit kaspersky ...... but still i cant access the hidden files ...I did a complete scan and kaspersky detected nothing and there is this unusual activity when ever i open a drive it opens in a new window when it is set on open each folder in its own window..... do u want to look at my combofix log! .....pls help me out.....
Last edited by Gunner; 22-01-2009 at 12:59 AM.. |
|
|
|
|
22-01-2009, 02:04 AM
|
#188 |
|
ƒ(ψ)=ΘΊΧφ
Join Date: May 2006
Location: India
Age: 23
Posts: 6,621
Thanks: 19
Thanked 645 Times in 603 Posts
Rep Power: 87
OS:
|
Re: Cannot access Antivirus Sites/Google/Avast etc.
@Gunner :
you need to fix this entry : O4 - HKCU\..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe and delete file : C:\WINDOWS\system32\olhrwef.exe For hidden files, open regedit, go to : HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Advanced\Folder\Hidden\NOHIDDE N find the value named CheckedValue, double click to edit and set the value to 0. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Advanced\Folder\Hidden\SHOWALL find the value named CheckedValue, double click to edit and set the value to 1. Note - In both occasions, value name CheckedValue should be of type REG_DWORD. If they or of any other types like REG_SZ, then delete the value and create a new value named CheckedValue of type REG_DWORD and give the respective data values. And post your combofix log file too. Are you using the latest virus signature database of Kasperky ? Also did you scan the entire hard disk with kaspersky or only C drive ? Last edited by bakuryu; 22-01-2009 at 02:14 AM.. |
|
|
|
|
22-01-2009, 06:43 AM
|
#189 | ||
|
Newbie
Join Date: Jan 2009
Posts: 16
Thanks: 5
Thanked 0 Times in 0 Posts
Rep Power: 0
OS:
|
Quote:
Strider, I also did what you advised in previous message. I downloaded avg update on a different computer to my jump drive, then updated and ran it. It found nothing. So I uninstalled AVG. I tried to install Kaspersky but it insisted AVG was installed which it wasn't. Or, at least, I can't find a sign of it left behind. But I was able to install and run NOD32 which also found nothing. I ran CCleaner just in case that might help something. End result: I still cannot access antivirus sites or microsoft.com. What else might I try? Thanks. Vicki Quote:
Last edited by bakuryu; 22-01-2009 at 01:38 PM.. |
||
|
|
|
|
22-01-2009, 07:32 AM
|
#190 |
|
Junior Member (25+)
Join Date: Jan 2009
Posts: 47
Thanks: 3
Thanked 0 Times in 0 Posts
Rep Power: 0
OS:
|
Re: Cannot access Antivirus Sites/Google/Avast etc.
Bakuryu and Strider! It worked, it seams fine! HA Ha I can't believe this! Thanks SO much!
I think I will try and be an active member of this forum, though I know hardly anything, unless its graphics or 3D software... Thanks again, I will post if anything else goes wrong...  |
|
|
|
|
| Tags |
| antivirus, cleanup, infection, virus, virus removal |
| Thread Tools | |
| Display Modes | |
|
|
< Windows Help - MS Office Help - Hardware Support >
| New To Site? | Need Help? |
Linear Mode
