I think that you should be just fine if only for movies, music and the like, but don't connect to the internet.
When you get the new ComboFix log, be sure to post that ok?
Posted 02 March 2014 - 07:37 PM
I think that you should be just fine if only for movies, music and the like, but don't connect to the internet.
When you get the new ComboFix log, be sure to post that ok?
Register to Remove
Posted 02 March 2014 - 07:48 PM
jeff
Ran Combofix with NO problemo!!! Please find attached the combofix.txt file!
Dar
Posted 02 March 2014 - 07:50 PM
Well done!
AdwCleaner
Double click on AdwCleaner.exe to run the tool again.
------------
Posted 02 March 2014 - 08:09 PM
Jeff
What a day!! I've run adcleaner.... here is the text:
# AdwCleaner v3.020 - Report created 02/03/2014 at 21:01:59
# Updated 27/02/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Road Queen - GATEWAY
# Running from : C:\Documents and Settings\Road Queen\Desktop\MARCH 2014 PROBLEM\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
-\\ Mozilla Firefox v12.0 (en-US)
[ File : C:\Documents and Settings\Road Queen\Application Data\Mozilla\Firefox\Profiles\4e89e6pn.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [37669 octets] - [02/03/2014 15:42:42]
AdwCleaner[R1].txt - [958 octets] - [02/03/2014 21:00:16]
AdwCleaner[S0].txt - [38402 octets] - [02/03/2014 16:58:05]
AdwCleaner[S1].txt - [880 octets] - [02/03/2014 21:01:59]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [939 octets] ##########
dar
Posted 03 March 2014 - 04:46 PM
Good job!
ComboFix
ClearJavaCache::
DDS::
IE: &Add animation to IncrediMail Style Box - c:\program files\IncrediMail\bin\resources\WebMenuImg.htm
IE: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx
Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1590:UDP"=-
"1591:UDP"=-
"3389:TCP"=-
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
----------
Post the new ComboFix log and let me know how your system is running now.
Posted 03 March 2014 - 06:23 PM
Jeff
I just got home from dinner and work. I accidently left the kaspersky pure disk in the drive, and when I booted up the old gateway, guess what it read??? I'm installing it now. It may not do much good after april 8th, but it will protect it up until then!
so, why is it working now? Was there something stopping it before? what have you found on this old gateway??
dar
Posted 03 March 2014 - 07:16 PM
Here we go Jeff!
It did not ask to reboot, but I"m going to reboot anyway. I took the chance to install kaspersky on here since I had so much trouble getting this pc to read this particular disk. I know Im not supposed to install anything but this was a once in a blue moon thing here...
Let me know what ya found!
dar
ComboFix 14-03-03.02 - Road Queen 03/03/2014 19:41:34.8.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1919.933 [GMT -5:00]
Running from: c:\documents and settings\Road Queen\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Road Queen\Desktop\CFScript.txt
AV: Kaspersky PURE 3.0 *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky PURE 3.0 *Disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Road Queen\Application Data\inst.exe
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((((( Files Created from 2014-02-04 to 2014-03-04 )))))))))))))))))))))))))))))))
.
.
2014-03-04 00:29 . 2011-06-02 19:39 39736 ----a-w- c:\windows\system32\drivers\CSVirtualDiskDrv.sys
2014-03-04 00:29 . 2011-06-02 19:39 88632 ----a-w- c:\windows\system32\drivers\CSCrySec.sys
2014-03-04 00:27 . 2014-03-04 00:27 -------- d-----w- c:\program files\Common Files\InfoWatch
2014-03-04 00:27 . 2014-03-04 00:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2014-03-04 00:27 . 2014-03-04 00:27 -------- d-----w- c:\program files\Kaspersky Lab
2014-03-04 00:27 . 2014-03-04 00:31 -------- d-----w- c:\windows\LastGood
2014-03-04 00:26 . 2013-11-12 03:18 74336 ----a-w- c:\windows\system32\drivers\klflt.sys
2014-03-04 00:20 . 2014-03-04 00:20 -------- d-----w- c:\documents and settings\All Users\Kaspersky Lab Setup Files
2014-03-02 23:54 . 2014-03-02 23:54 -------- d-----w- c:\documents and settings\Road Queen\Application Data\Temp
2014-03-02 23:54 . 2014-03-02 23:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Kodak
2014-03-02 22:59 . 2014-03-03 01:40 -------- d-----w- c:\documents and settings\2014 USER
2014-03-02 20:53 . 2014-03-02 22:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-03-02 20:53 . 2014-03-02 21:55 107224 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-03-02 20:52 . 2014-03-02 20:52 52312 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-03-02 20:42 . 2014-03-03 02:02 -------- d-----w- C:\AdwCleaner
2014-03-02 18:30 . 2014-03-02 18:30 -------- d-----w- c:\documents and settings\Road Queen\Application Data\Malwarebytes
2014-03-02 18:30 . 2014-03-02 18:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-03-02 18:30 . 2013-04-04 19:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-03-02 04:28 . 2014-03-02 04:28 1072544 ----a-w- c:\windows\system32\nvdrsdb0.bin
2014-03-02 04:28 . 2014-03-02 04:28 1 ----a-w- c:\windows\system32\nvdrssel.bin
2014-03-02 04:28 . 2014-03-02 04:28 1072544 ----a-w- c:\windows\system32\nvdrsdb1.bin
2014-03-02 04:28 . 2014-03-02 04:28 -------- d-----w- c:\program files\NVIDIA Corporation
2014-03-02 01:57 . 2014-03-02 01:57 -------- d-----w- c:\documents and settings\MY MUSIC
2014-03-02 01:43 . 2014-03-02 01:43 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2014-03-02 00:34 . 2014-03-02 00:41 -------- d-----w- c:\windows\system32\MRT
2014-03-01 23:28 . 2014-03-01 23:28 8281168 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE
2014-03-01 23:19 . 2014-03-01 23:19 17268616 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2014-03-01 22:59 . 2014-03-01 22:59 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files
2014-03-01 22:52 . 2014-03-01 23:19 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-01 22:52 . 2014-03-01 23:19 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-01 22:28 . 2014-03-01 22:28 -------- d-----w- C:\c1d2b7e59498d2acfa6e
2014-03-01 22:04 . 2014-03-01 22:04 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-03-01 22:03 . 2014-03-01 22:03 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2014-03-01 22:03 . 2014-03-01 22:03 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2014-03-01 22:03 . 2014-03-01 22:03 588728 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll
2014-03-01 22:03 . 2014-03-01 22:03 43960 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll
2014-03-01 22:03 . 2014-03-01 22:03 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe
2014-03-01 22:03 . 2014-03-01 22:03 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe
2014-03-01 22:03 . 2014-03-01 22:03 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2014-03-01 22:03 . 2014-03-01 22:03 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2014-03-01 22:03 . 2014-03-01 22:03 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2014-03-01 21:46 . 2014-03-01 21:46 -------- d-----w- c:\documents and settings\Road Queen\Local Settings\Application Data\Microsoft Help
2014-03-01 21:05 . 2014-03-01 21:05 -------- d-----w- c:\documents and settings\Road Queen\Local Settings\Application Data\PCHealth
2014-03-01 20:23 . 2013-07-03 02:12 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys
2014-03-01 20:23 . 2013-07-03 01:59 14976 -c----w- c:\windows\system32\dllcache\usbscan.sys
2014-03-01 20:22 . 2013-07-17 00:58 123008 -c----w- c:\windows\system32\dllcache\usbvideo.sys
2014-03-01 20:22 . 2013-07-17 00:58 46848 -c----w- c:\windows\system32\dllcache\irbus.sys
2014-03-01 20:22 . 2013-08-09 00:55 144128 -c----w- c:\windows\system32\dllcache\usbport.sys
2014-03-01 20:22 . 2013-08-09 00:55 32384 -c----w- c:\windows\system32\dllcache\usbccgp.sys
2014-03-01 20:22 . 2013-08-09 00:55 5376 -c----w- c:\windows\system32\dllcache\usbd.sys
2014-03-01 20:22 . 2009-03-18 11:02 30336 -c----w- c:\windows\system32\dllcache\usbehci.sys
2014-03-01 20:20 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
2014-03-01 20:20 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys
2014-03-01 20:15 . 2014-02-05 23:26 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2014-03-01 19:58 . 2006-03-29 14:05 32768 ------w- c:\windows\system32\IJRMF.exe
2014-03-01 19:40 . 2012-06-02 20:19 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-01 22:54 . 2010-02-04 01:29 47360 ----a-w- c:\documents and settings\Road Queen\Application Data\pcouffin.sys
2014-03-01 20:22 . 2014-03-01 20:22 118784 ----a-w- c:\windows\web\Wallpaper\hyy_11_05_calendar2.exe
2014-02-05 23:26 . 2006-06-17 09:23 920064 ----a-w- c:\windows\system32\wininet.dll
2014-02-05 23:26 . 2006-06-17 09:23 43520 ----a-w- c:\windows\system32\licmgr10.dll
2014-02-05 23:26 . 2006-06-17 09:23 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2014-02-05 23:26 . 2006-06-17 09:23 18944 ----a-w- c:\windows\system32\corpol.dll
2014-02-05 22:24 . 2006-06-17 09:23 385024 ----a-w- c:\windows\system32\html.iec
2014-01-23 01:37 . 2014-01-23 01:37 107256 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2014-01-04 03:13 . 2006-06-17 09:23 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-12-05 11:26 . 2006-06-17 09:23 1172992 ----a-w- c:\windows\system32\msxml3.dll
2014-03-01 22:03 . 2011-04-22 18:40 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2012-12-20 23:20 459784 ----a-w- c:\program files\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress"="NA" [X]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-04 68856]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-11-10 5244216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VX3000"="c:\windows\vVX3000.exe" [2006-10-13 707376]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-02-28 185896]
"RTHDCPL"="RTHDCPL.EXE" [2006-03-14 16010752]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]
"QuickTime Task"="c:\program files\QUICKTIME\QTTASK.EXE" [2008-01-05 282624]
"MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2005-08-12 1121792]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-06 64512]
"CHotkey"="zHotkey.exe" [2004-12-09 550912]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-02 77312]
"Verizon_McciTrayApp"="c:\program files\Verizon\McciTrayApp.exe" [2010-03-17 1565696]
"PivotSoftware"="c:\program files\Portrait Displays\Pivot Software\wpctrl.exe" [2007-02-09 694008]
"DT GWY"="c:\program files\Common Files\Portrait Displays\Shared\DT_startup.exe" [2008-06-25 81920]
"Conime"="c:\windows\system32\conime.exe" [2008-04-14 27648]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe" [2013-11-12 356128]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Event Reminder.lnk - c:\program files\PrintMaster 16\pmremind.exe [2004-1-20 339968]
Microsoft Find Fast.lnk - c:\program files\Microsoft Office\Office\FINDFAST.EXE [1997-8-1 111376]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Yahoo!\\UPnP\\yupnpsrv.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Yahoo!\\Yahoo! Music Jukebox\\YahooMusicEngine.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
.
R0 CSCrySec;InfoWatch Encrypt Sector Library driver;c:\windows\system32\drivers\CSCrySec.sys [3/3/2014 7:29 PM 88632]
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [1/22/2014 8:37 PM 107256]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;c:\windows\system32\drivers\CSVirtualDiskDrv.sys [3/3/2014 7:29 PM 39736]
R1 kltdi;kltdi;c:\windows\system32\drivers\kltdi.sys [11/11/2013 10:18 PM 44000]
R1 kneps;kneps;c:\windows\system32\drivers\kneps.sys [11/11/2013 10:18 PM 145040]
R1 RapportCerberus_59849;RapportCerberus_59849;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys [3/1/2014 4:08 PM 340432]
R1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [1/22/2014 8:37 PM 155704]
R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [1/22/2014 8:37 PM 228888]
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [3/2/2014 1:30 PM 418376]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [3/2/2014 1:30 PM 701512]
R2 PdiService;Portrait Displays SDK Service;c:\program files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [3/27/2009 9:27 PM 90112]
R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [1/22/2014 8:37 PM 1444120]
R3 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [6/11/2012 4:22 PM 240208]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [6/27/2012 2:09 PM 35672]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [3/2/2014 1:30 PM 22856]
S2 BBSvc;BingBar Service;c:\program files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [6/11/2012 4:22 PM 193616]
S2 CSObjectsSrv;CryptoStorage control service;c:\program files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [9/25/2013 3:42 PM 818888]
S2 gupdate1c985a11a9ca53b;Google Update Service (gupdate1c985a11a9ca53b);c:\program files\Google\Update\GoogleUpdate.exe [2/2/2009 8:45 PM 133104]
S3 EraserUtilDrv10741;EraserUtilDrv10741;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10741.sys --> c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10741.sys [?]
S3 hamachi_oem;PlayLinc Adapter;c:\windows\system32\drivers\gan_adapter.sys [9/27/2006 4:12 PM 10664]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\drivers\klkbdflt.sys [11/11/2013 10:18 PM 24160]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [11/11/2013 10:18 PM 24672]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [2/3/2010 8:29 PM 47360]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - AVP
*NewlyCreated* - CSCRYSEC
*NewlyCreated* - CSVIRTUALDISKDRV
*NewlyCreated* - KL1
*NewlyCreated* - KLIF
*NewlyCreated* - KLTDI
*NewlyCreated* - KNEPS
.
Contents of the 'Scheduled Tasks' folder
.
2014-03-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-01 23:19]
.
2014-03-04 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2006-12-25 19:21]
.
2014-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 01:45]
.
2014-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 01:45]
.
2014-03-04 c:\windows\Tasks\User_Feed_Synchronization-{5E05261E-1193-4CB6-BCEE-20C057ECD00C}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 08:31]
.
2014-03-04 c:\windows\Tasks\User_Feed_Synchronization-{C553D9FA-0964-4A1E-AE14-7E6FD5C03094}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 08:31]
.
2014-03-04 c:\windows\Tasks\{A8878FF8-D0B5-4EA3-BFCB-4FEABADB6743}_PIROZZI_Owner.job
- c:\windows\system32\mobsync.exe [2006-06-17 00:12]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1 71.252.0.12
DPF: vzTCPConfig - hxxp://www2.verizon.net/help/fios_settings_POTT20009/include/vzTCPConfig.CAB
FF - ProfilePath - c:\documents and settings\Road Queen\Application Data\Mozilla\Firefox\Profiles\4e89e6pn.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/|http://forums.whatth...t=62384#p630084
FF - ExtSQL: !HIDDEN! 2009-06-23 22:03; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-03-03 20:07
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3909265270-4093740595-4061975602-1009\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\HID\Vid_0461&Pid_4d16\6&235ebf88&0&0000\LogConf]
@DACL=(02 0000)
.
Completion time: 2014-03-03 20:12:42
ComboFix-quarantined-files.txt 2014-03-04 01:12
ComboFix2.txt 2014-03-03 01:45
ComboFix3.txt 2010-04-30 02:34
.
Pre-Run: 191,702,802,432 bytes free
Post-Run: 191,712,321,536 bytes free
.
- - End Of File - - 2F4F7E4775874BE37A5D83DB749BF486
B20939CD98B7710036274839082AE757
Posted 03 March 2014 - 08:20 PM
Hi Dar,
There was quite a bit of garbage on the system that needed cleaning.
and let me know how your system is running now.
Posted 06 March 2014 - 04:35 PM
Hi Dar,
There was quite a bit of garbage on the system that needed cleaning.
and let me know how your system is running now.
Hi Jeff
I haven't been ignoring you, hubby came down with a nasty sinus infection, high fever, aches, pains, chills, doc gave him a Zpack - things are improving!!! YAH!! so, I haven't had the chance to give the old gateway a work out. I was able to read the Kaspersky disk,,,,strange....any idea why??
I may get up there tonight....dont' give up on me!!
and a big thank you for your help again!!!
Dar
Posted 06 March 2014 - 06:10 PM
No worries. Hope he gets to feeling better.
When you get a chance, give the system a run and let me know how it is working.
Register to Remove
Posted 09 March 2014 - 05:24 PM
Per OP PM I will close this topic. Installed new operating system.
Posted 09 March 2014 - 05:25 PM
0 members, 0 guests, 0 anonymous users