Unknown Problem

R

Rikly

New Member
Howdy fellaz at Computer Forum, I'm Rikly and I'm new to this forum, it's a pleasure to meet you all. Well I have been having troubles with my computer and after no one else online could help me, my friend requested me to this site and, well, here I am, so I was hoping one of you guys could help me out xD. Here's the problem, I have been recently having an extreme ammount of pop-ups invade my pc, it's not just pop-ups that are frustrating and annoying, it's also the fact that my computer isn't picking up all the keys that I type in, for example, (helo how ar you today) it is an extremely frustrating problem, because the only way I can type normally is through notepad, which is how I'm typing properly now, I'm writing my text in notepad and copying and pasting it to the forum. I have tried pretty much every spyware and malware program out there and none of them have successfully helped me, I have never had a problem like this ever before and I really need your help to fix these problems, so if anyone out there can give me a hand on what I can possibly do, please, let me know, thanks so much for your time.

~Rikly
 
R

Rikly

New Member
that malware byte's program picked up nothing, but I dunno about the HiJackThis one, here's the log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:13:55 AM, on 19/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe
C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.8472\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe -chkautorun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.8472\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BUILD HIDE] "C:\ProgramData\Rule list list.3xtqu1"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acunetix WVS Scheduler v6 (AcuWVSSchedulerv6) - Acunetix Ltd. - C:\Program Files\Acunetix\Web Vulnerability Scanner 6\WVSScheduler.exe
O23 - Service: ASDR - Unknown owner - C:\Windows\System32\ASDR.exe
O23 - Service: ATK Fast User Switch Service (ATKFUSService) - ASUSTeK COMPUTER INC. - C:\Windows\system32\ATKFUSService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

--
End of file - 7445 bytes
 
Last edited:
R

Rikly

New Member
guys, I think it's more serious than jusy a malware problem, is it just a coiencedence that about 9 malware/spyware removal programs have picked up nothing...?
 
Respital

Respital

Active Member
Hello:

Download and Run ComboFix
If you already have Combofix, please delete this copy and download it again as it's being updated regularly.
Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
If that happened we want to know, and also what process you had to end.

In your next reply i will need:
  • The ComboFix log
  • A fresh HiJackThis log
  • An update on how your computer is running
 
R

Rikly

New Member
i've done combofix, with about 3 professionals and nothing popped up :S

I can't believe no one can help me on this.
 
Respital

Respital

Active Member
Rikly said:
i've done combofix, with about 3 professionals and nothing popped up :S

I can't believe no one can help me on this.
Click to expand...

Please navigate to C:\ and open ComboFix.txt if it is there, select all of the text (Ctrl+A), copy it (Ctrl+C), and paste (Ctrl+V) it in a reply here.
 
R

Rikly

New Member
aiight, here u go mate.

ComboFix 09-02-15.01 - Rickly 2009-02-17 16:29:42.1 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.1.1033.18.2558.1841 [GMT 9:00]
Running from: c:\users\Rickly\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2009-01-17 to 2009-02-17 )))))))))))))))))))))))))))))))
.

2009-02-16 21:33 . 2009-02-16 21:33 <DIR> dr------- c:\users\Rickly\Searches
2009-02-16 20:00 . 2009-02-16 20:00 <DIR> d-------- c:\users\All Users\SUPERAntiSpyware.com
2009-02-16 20:00 . 2009-02-16 20:00 <DIR> d-------- c:\programdata\SUPERAntiSpyware.com
2009-02-16 19:59 . 2009-02-16 19:59 <DIR> d-------- c:\users\Rickly\AppData\Roaming\SUPERAntiSpyware.com
2009-02-16 19:59 . 2009-02-16 19:59 <DIR> d-------- c:\program files\SUPERAntiSpyware
2009-02-16 19:58 . 2009-02-16 19:58 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-02-15 08:42 . 2008-12-05 13:32 428,544 --a------ c:\windows\System32\EncDec.dll
2009-02-15 08:42 . 2008-12-05 13:32 293,376 --a------ c:\windows\System32\psisdecd.dll
2009-02-15 08:42 . 2008-12-05 13:31 217,088 --a------ c:\windows\System32\psisrndr.ax
2009-02-15 08:42 . 2008-12-05 13:31 177,664 --a------ c:\windows\System32\mpg2splt.ax
2009-02-15 08:42 . 2008-12-05 13:31 80,896 --a------ c:\windows\System32\MSNP.ax
2009-02-11 21:23 . 2009-02-11 21:22 737,280 --a------ c:\windows\iun6002.exe
2009-02-11 21:22 . 2009-02-11 21:23 <DIR> d-------- c:\program files\BlueVoda Website Builder
2009-02-11 20:27 . 2009-02-11 20:29 <DIR> d-------- c:\program files\SpyZooka
2009-02-11 20:17 . 2009-02-11 20:17 <DIR> d-------- c:\program files\Acunetix
2009-02-11 20:16 . 2009-02-11 20:17 810 --a------ c:\windows\WVS_InstDBLogFile.csv
2009-02-11 20:16 . 2009-02-11 20:16 16 --a------ c:\windows\System32\ptlx55.dat.{5728B11F-B697-47AA-9C1B-8ECB545B5193}
2009-02-11 14:38 . 2009-01-15 12:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2009-02-11 14:38 . 2009-01-15 15:11 827,392 --a------ c:\windows\System32\wininet.dll
2009-02-07 10:29 . 2009-02-07 10:29 <DIR> d-------- c:\users\Rickly\AppData\Roaming\Malwarebytes
2009-02-07 10:29 . 2009-02-07 10:29 <DIR> d-------- c:\users\All Users\Malwarebytes
2009-02-07 10:29 . 2009-02-07 10:29 <DIR> d-------- c:\programdata\Malwarebytes
2009-02-07 10:29 . 2009-02-07 10:29 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-07 10:29 . 2009-01-14 16:11 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-02-07 10:29 . 2009-01-14 16:11 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-02-03 17:15 . 2009-02-03 17:15 <DIR> d-------- c:\users\Rickly\AppData\Roaming\PC Suite
2009-02-03 17:15 . 2009-02-03 17:15 <DIR> d-------- c:\users\Rickly\AppData\Roaming\Nokia
2009-02-03 17:15 . 2009-02-03 17:15 <DIR> d-------- c:\users\All Users\PC Suite
2009-02-03 17:15 . 2009-02-03 17:15 <DIR> d-------- c:\programdata\PC Suite
2009-02-03 17:15 . 2009-02-03 17:15 <DIR> d-------- c:\program files\Common Files\PCSuite
2009-02-03 17:15 . 2009-02-03 17:15 <DIR> d-------- c:\program files\Common Files\Nokia
2009-02-03 17:14 . 2009-02-03 17:14 <DIR> d-------- c:\program files\DIFX
2009-02-03 17:14 . 2008-08-26 09:26 18,816 --a------ c:\windows\System32\drivers\pccsmcfd.sys
2009-02-03 17:13 . 2009-02-03 17:14 <DIR> d----c--- c:\windows\System32\DRVSTORE
2009-02-03 17:12 . 2009-02-03 17:12 <DIR> d-------- c:\program files\PC Connectivity Solution
2009-02-03 17:11 . 2009-02-03 17:11 <DIR> d-------- c:\users\All Users\Installations
2009-02-03 17:11 . 2009-02-03 17:11 <DIR> d-------- c:\programdata\Installations
2009-02-03 17:06 . 2009-02-03 17:15 <DIR> d-------- c:\program files\Nokia
2009-02-03 17:06 . 2008-09-15 07:56 91,136 --a------ c:\windows\System32\nmwcdcls.dll
2009-02-02 03:29 . 2009-02-02 03:29 <DIR> d-------- c:\users\All Users\Messenger Plus!
2009-02-02 03:29 . 2009-02-02 03:29 <DIR> d-------- c:\programdata\Messenger Plus!
2009-02-01 20:50 . 2009-02-01 20:50 <DIR> d-------- c:\users\All Users\Joy coal mpeg heck
2009-02-01 20:50 . 2009-02-01 20:50 <DIR> d-------- c:\programdata\Joy coal mpeg heck
2009-02-01 20:49 . 2009-02-01 20:50 <DIR> d-------- c:\users\All Users\Thunktime
2009-02-01 20:49 . 2009-02-01 20:50 <DIR> d-------- c:\programdata\Thunktime
2009-02-01 20:49 . 2009-02-01 20:49 <DIR> d-------- c:\program files\Messenger Plus! Live
2009-02-01 20:49 . 2009-02-01 20:49 <DIR> d-------- c:\program files\Circle Dvelopement
2009-02-01 11:23 . 2009-02-16 21:21 <DIR> d-------- c:\users\Rickly\AppData\Roaming\LimeWire
2009-02-01 11:16 . 2009-02-01 11:16 <DIR> d-------- c:\program files\Java
2009-02-01 11:16 . 2009-02-01 11:16 410,984 --a------ c:\windows\System32\deploytk.dll
2009-02-01 11:14 . 2009-02-01 11:17 <DIR> d-------- c:\program files\LimeWire
2009-01-31 23:48 . 2009-01-31 23:48 <DIR> d-------- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-01-31 23:26 . 2009-02-01 00:08 <DIR> dr------- c:\users\Rickly\Contacts
2009-01-31 23:20 . 2009-01-31 23:23 <DIR> d-------- c:\program files\Windows Live Safety Center
2009-01-31 21:03 . 2009-01-31 21:05 <DIR> dr------- c:\users\Rikly\Searches
2009-01-31 21:03 . 2009-01-31 21:05 <DIR> dr------- c:\users\Rikly\Saved Games
2009-01-31 21:03 . 2009-01-31 21:05 <DIR> dr------- c:\users\Rikly\Pictures
2009-01-31 21:03 . 2009-01-31 21:05 <DIR> dr------- c:\users\Rikly\Music
2009-01-31 21:02 . 2009-01-31 21:04 <DIR> dr------- c:\users\Rikly\Documents
2009-01-31 21:02 . 2009-01-31 21:05 <DIR> dr------- c:\users\Rikly\Contacts
2009-01-31 21:02 . 2009-01-31 21:05 <DIR> d-------- c:\users\Rikly
2009-01-31 21:01 . 2009-01-31 21:01 <DIR> d-------- c:\users\Rickly\Rikly
2009-01-31 20:55 . 2009-01-31 20:55 <DIR> d-------- c:\program files\A.F.5 Rename your files 1.1
2009-01-31 18:46 . 2009-02-17 16:17 <DIR> d-------- c:\users\Rickly\Tracing
2009-01-31 18:44 . 2009-01-31 18:44 <DIR> d-------- c:\program files\Windows Live SkyDrive
2009-01-31 18:44 . 2009-01-31 18:44 <DIR> d-------- c:\program files\Microsoft
2009-01-31 18:43 . 2009-01-31 18:44 <DIR> d-------- c:\program files\Windows Live
2009-01-31 18:41 . 2009-01-16 18:34 499,712 --a------ c:\windows\System32\msvcp71.dll
2009-01-31 18:39 . 2009-01-31 18:40 <DIR> d-------- c:\windows\System32\Adobe
2009-01-31 18:38 . 2009-01-31 18:38 <DIR> d-------- c:\program files\Common Files\Windows Live
2009-01-31 18:35 . 2009-01-31 18:35 <DIR> d-------- c:\users\All Users\Google
2009-01-31 18:35 . 2009-01-31 18:35 <DIR> d-------- c:\program files\Google
2009-01-31 08:30 . 2009-01-31 08:30 <DIR> dr------- c:\windows\System32\config\systemprofile\Videos
2009-01-31 08:30 . 2009-01-31 08:30 <DIR> dr------- c:\windows\System32\config\systemprofile\Searches
2009-01-31 08:30 . 2009-01-31 08:30 <DIR> dr------- c:\windows\System32\config\systemprofile\Saved Games
2009-01-31 08:30 . 2009-01-31 08:30 <DIR> dr------- c:\windows\System32\config\systemprofile\Pictures
2009-01-31 08:30 . 2009-01-31 08:30 <DIR> dr------- c:\windows\System32\config\systemprofile\Music
2009-01-31 08:30 . 2009-01-31 08:30 <DIR> dr------- c:\windows\System32\config\systemprofile\Links
2009-01-31 08:30 . 2009-01-31 08:30 <DIR> dr------- c:\windows\System32\config\systemprofile\Downloads
2009-01-31 08:30 . 2009-01-31 08:30 <DIR> dr------- c:\windows\System32\config\systemprofile\Documents
2009-01-30 20:17 . 2009-01-30 20:17 <DIR> d-------- C:\PerfLogs
2009-01-30 20:03 . 2009-01-30 20:03 603,904 --a------ c:\windows\System32\TUProgSt.exe
2009-01-30 20:03 . 2008-12-11 13:31 27,904 --a------ c:\windows\System32\uxtuneup.dll
2009-01-30 20:03 . 2008-12-11 13:31 17,152 --a------ c:\windows\System32\authuitu.dll
2009-01-30 20:02 . 2009-01-30 20:02 <DIR> d-------- c:\users\Rickly\AppData\Roaming\TuneUp Software
2009-01-30 20:02 . 2009-01-30 20:02 <DIR> d-------- c:\users\All Users\TuneUp Software
2009-01-30 20:02 . 2009-01-30 20:02 <DIR> d-------- c:\programdata\TuneUp Software
2009-01-30 20:02 . 2009-01-30 20:02 <DIR> d-------- c:\program files\TuneUp Utilities 2009
2009-01-30 20:02 . 2009-01-30 20:02 360,192 --a------ c:\windows\System32\TuneUpDefragService.exe
2009-01-30 20:01 . 2009-01-30 20:01 <DIR> d--hs---- c:\users\All Users\{55A29068-F2CE-456C-9148-C869879E2357}
2009-01-30 20:01 . 2009-01-30 20:01 <DIR> d--hs---- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2009-01-30 19:14 . 2009-01-30 19:14 <DIR> d-------- c:\program files\MSXML 4.0
2009-01-30 17:42 . 2008-01-19 16:33 2,623,488 --a------ c:\windows\System32\SLsvc.exe
2009-01-30 17:42 . 2008-01-19 16:36 1,541,120 --a------ c:\windows\System32\onex.dll
2009-01-30 17:40 . 2008-01-19 16:38 4,595,712 --a------ c:\windows\System32\AuthFWSnapin.dll
2009-01-30 17:39 . 2008-01-19 16:33 8,139,264 --a------ c:\windows\System32\ssBranded.scr
2009-01-30 17:38 . 2008-01-19 15:06 8,147,456 --a------ c:\windows\System32\wmploc.DLL
2009-01-30 17:37 . 2008-01-19 16:36 704,512 --a------ c:\windows\System32\SmiEngine.dll
2009-01-30 17:37 . 2008-01-19 16:36 357,888 --a------ c:\windows\System32\wbemcomn.dll
2009-01-30 17:37 . 2008-01-19 16:34 305,152 --a------ c:\windows\System32\msdelta.dll
2009-01-30 17:37 . 2008-01-19 16:34 258,560 --a------ c:\windows\System32\dpx.dll
2009-01-30 17:37 . 2008-01-19 16:34 246,784 --a------ c:\windows\System32\drvstore.dll
2009-01-30 17:37 . 2008-01-19 16:36 218,624 --a------ c:\windows\System32\wdscore.dll
2009-01-30 17:37 . 2008-01-19 16:36 139,264 --a------ c:\windows\System32\SmiInstaller.dll
2009-01-30 17:37 . 2008-01-19 16:33 130,560 --a------ c:\windows\System32\PkgMgr.exe
2009-01-30 17:37 . 2008-01-19 16:36 129,536 --a------ c:\windows\System32\sqmapi.dll
2009-01-30 17:37 . 2008-01-19 16:35 35,328 --a------ c:\windows\System32\mspatcha.dll
2009-01-30 03:03 . 2009-01-30 03:03 269,312 --a------ c:\windows\System32\es.dll
2009-01-30 03:02 . 2009-01-30 03:02 988,216 --a------ c:\windows\System32\winload.exe
2009-01-30 03:02 . 2009-01-30 03:02 927,288 --a------ c:\windows\System32\winresume.exe
2009-01-30 03:02 . 2009-01-30 03:02 615,992 --a------ c:\windows\System32\ci.dll
2009-01-30 03:02 . 2009-01-30 03:02 378,368 --a------ c:\windows\System32\srcore.dll
2009-01-30 03:02 . 2009-01-30 03:02 318,464 --a------ c:\windows\System32\rstrui.exe
2009-01-30 03:02 . 2009-01-30 03:02 46,592 --a------ c:\windows\System32\setbcdlocale.dll
2009-01-30 03:02 . 2009-01-30 03:02 40,960 --a------ c:\windows\System32\srclient.dll
2009-01-30 03:02 . 2009-01-30 03:02 19,000 --a------ c:\windows\System32\kd1394.dll
2009-01-30 03:02 . 2009-01-30 03:02 14,848 --a------ c:\windows\System32\srdelayed.exe
2009-01-30 03:02 . 2009-01-30 03:02 6,656 --a------ c:\windows\System32\kbd106n.dll
2009-01-29 22:34 . 2009-02-01 14:51 <DIR> d-------- c:\users\Rickly\AppData\Roaming\Winamp
2009-01-29 22:34 . 2009-01-29 22:34 <DIR> d-------- c:\program files\Winamp
2009-01-29 22:34 . 2007-03-08 08:51 129,784 --------- c:\windows\System32\pxafs.dll
2009-01-29 22:33 . 2006-10-26 19:56 32,592 --a------ c:\windows\System32\msonpmon.dll
2009-01-29 22:28 . 2009-01-29 21:58 <DIR> d-------- c:\users\Rickly\AppData\Roaming\uTorrent
2009-01-29 22:28 . 2009-01-29 22:28 <DIR> d-------- c:\program files\uTorrent
2009-01-29 22:21 . 2009-01-29 22:21 <DIR> d-------- c:\users\All Users\NVIDIA

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-11 10:59 --------- d-----w c:\program files\Windows Mail
2009-01-30 11:33 174 --sha-w c:\program files\desktop.ini
2009-01-30 11:23 --------- d-----w c:\program files\Windows Sidebar
2009-01-30 11:23 --------- d-----w c:\program files\Windows Photo Gallery
2009-01-30 11:23 --------- d-----w c:\program files\Windows Journal
2009-01-30 11:23 --------- d-----w c:\program files\Windows Defender
2009-01-30 11:23 --------- d-----w c:\program files\Windows Collaboration
2009-01-30 11:23 --------- d-----w c:\program files\Windows Calendar
2009-01-30 11:08 82,432 ----a-w c:\windows\System32\axaltocm.dll
2009-01-30 11:08 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2009-01-29 13:14 --------- d-----w c:\program files\MSBuild
2009-01-28 16:39 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2009-01-28 16:39 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2009-01-28 16:39 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2009-01-28 16:39 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
2009-01-28 16:39 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2009-01-28 16:39 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2009-01-28 16:18 801,280 ----a-w c:\windows\System32\NaturalLanguage6.dll
2008-12-02 13:37 49,480 ----a-w c:\windows\System32\sirenacm.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BUILD HIDE"="c:\programdata\Rule list list.3xtqu1" [X]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-23 202024]
"swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.908.8472\GoogleToolbarNotifier.exe" [2009-01-31 165304]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-12-02 3882312]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-28 1506544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-07-06 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-06 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-06 81920]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-01 136600]
"S3Trayp"="S3trayp.exe" [2008-01-14 c:\windows\System32\s3trayp.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 13:41 294912 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.asv2"= asusasv2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BUILD HIDE]
c:\programdata\Rule list list.5207d9 [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mpeg heck log link]
c:\programdata\Info Build That.3k4z8b6 [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
--a------ 2007-07-23 11:48 380928 c:\program files\ASUS\GamerOSD\GamerOSD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
--a------ 2008-12-03 12:47 1205760 c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2008-08-04 08:02 36352 c:\program files\Winamp\winampa.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{5E780FD3-7A7D-4F28-95C2-57A5A154E156}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{569ACB06-7622-483C-AF6C-252EF7ACC59A}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{000F812F-03E1-49E0-91BD-0C42AF410427}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{6430025A-8801-4E9B-BCDD-EE28CA21A256}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{8354E705-87C0-41F8-9B18-1B74627DE493}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{C6DBFB4E-DC2E-42E3-BE1D-4D4E31B4945E}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{FD480F52-6AC5-4598-9E77-3D4A39FAC258}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{A4BCBE95-8200-48AE-B069-E8CB36BFF352}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{3AFD67A8-2908-42FB-9FF9-E12FE7E361EA}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{009FF379-5C4D-440E-940A-DE28A433D3EA}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{065876F7-FEA3-40B1-8720-3AEADDE1C7E3}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer

R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\System32\drivers\xfilt.sys [2009-01-29 21144]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2008-05-28 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008-05-28 55024]
R2 AcuWVSSchedulerv6;Acunetix WVS Scheduler v6;c:\program files\Acunetix\Web Vulnerability Scanner 6\WVSScheduler.exe [2008-12-09 994952]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-01-30 603904]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-05-28 7408]
S3 S3GIGP;S3GIGP;c:\windows\System32\drivers\VTGKModeDX32.sys [2008-04-29 833024]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2009-02-17 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 21:36]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-17 16:54:50
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-02-17 16:56:29
ComboFix-quarantined-files.txt 2009-02-17 07:56:26

Pre-Run: 36,684,992,512 bytes free
Post-Run: 36,893,065,216 bytes free

242 --- E O F --- 2009-02-17 03:14:50
 
ceewi1

ceewi1

VIP Member
You appear to have a LOP infection, which is likely responsible for the popups, if not the keyboard problem.

Disable resident protections (Antivirus...); please re-enable them after the scan

Download Lop S&D < here

Double-click Lop S&D.exe
Choose the language, then choose Option 3 (Fix - Hosts)
Wait till the end of the scan
Post the log which is created: (C:\lopR.txt)

With regards to the typing problem, I would be more likely to suspect a problem with the keyboard. Can you try another keyboard to confirm or refute?
 
R

Rikly

New Member
here it is:


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Ultimate ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
BIOS : Phoenix - Award BIOS v6.00PG
USER : Rickly ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:74 Go (Free:34 Go)
D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [3] ( Tue 24/02/2009|20:29 )

[ UAC => 1 ]


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ FIX

Deleted! - C:\ProgramData\Joy coal mpeg heck\data audio.dat
Deleted! - C:\ProgramData\Joy coal mpeg heck\data audio.exe
Deleted! - C:\Users\Rickly\AppData\Roaming\MICROS~1\Windows\Cookies\[email protected][1].txt
Deleted! - C:\ProgramData\Rule list list.69tdy
Deleted! - C:\ProgramData\Rule list list.3xtqu1
Deleted! - C:\ProgramData\Rule list list.5207d9
Deleted! - C:\ProgramData\Rule list list.s1g0ol
Deleted! - C:\ProgramData\Info Build That.3k4z8b6
Deleted! - C:\ProgramData\Joy coal mpeg heck

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing folders in Local

[29/01/2009|10:14] C:\Users\Rickly\AppData\Local\<DIR> Ahead
[26/01/2009|05:43] C:\Users\Rickly\AppData\Local\<JUNCTION> Application Data
[02/02/2009|10:02] C:\Users\Rickly\AppData\Local\8,620 d3d9caps.dat
[20/02/2009|06:45] C:\Users\Rickly\AppData\Local\12,800 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[30/01/2009|03:13] C:\Users\Rickly\AppData\Local\99,864 GDIPFONTCACHEV1.DAT
[31/01/2009|06:35] C:\Users\Rickly\AppData\Local\<DIR> Google
[26/01/2009|05:43] C:\Users\Rickly\AppData\Local\<JUNCTION> History
[22/02/2009|10:16] C:\Users\Rickly\AppData\Local\2,384,832 IconCache.db
[24/02/2009|08:27] C:\Users\Rickly\AppData\Local\<DIR> Microsoft
[29/01/2009|09:42] C:\Users\Rickly\AppData\Local\<DIR> Microsoft Help
[24/02/2009|08:29] C:\Users\Rickly\AppData\Local\<DIR> Temp
[26/01/2009|05:43] C:\Users\Rickly\AppData\Local\<JUNCTION> Temporary Internet Files
[01/02/2009|08:49] C:\Users\Rickly\AppData\Local\<DIR> VirtualStore

--------------------\\ Scheduled Tasks located in C:\Windows\Tasks

[24/02/2009 08:00 PM][--a------] C:\Windows\tasks\1-Click Maintenance.job
[22/02/2009 10:16 PM][--ah-----] C:\Windows\tasks\SA.DAT
[22/02/2009 10:17 AM][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing Folders in C:\ProgramData

[30/01/2009|08:01] C:\ProgramData\<DIR> {55A29068-F2CE-456C-9148-C869879E2357}
[02/11/2006|10:00] C:\ProgramData\<JUNCTION> Application Data
[24/02/2009|08:26] C:\ProgramData\<DIR> avg8
[02/11/2006|10:00] C:\ProgramData\<JUNCTION> Desktop
[02/11/2006|10:00] C:\ProgramData\<JUNCTION> Documents
[02/11/2006|10:00] C:\ProgramData\<JUNCTION> Favorites
[31/01/2009|06:35] C:\ProgramData\<DIR> Google
[03/02/2009|05:11] C:\ProgramData\<DIR> Installations
[07/02/2009|10:29] C:\ProgramData\<DIR> Malwarebytes
[02/02/2009|03:29] C:\ProgramData\<DIR> Messenger Plus!
[18/02/2009|09:30] C:\ProgramData\<DIR> Microsoft
[11/02/2009|08:00] C:\ProgramData\<DIR> Microsoft Help
[29/01/2009|10:08] C:\ProgramData\<DIR> Nero
[31/01/2009|06:37] C:\ProgramData\418 ntuser.pol
[29/01/2009|10:21] C:\ProgramData\<DIR> NVIDIA
[03/02/2009|05:15] C:\ProgramData\<DIR> PC Suite
[02/11/2006|10:00] C:\ProgramData\<JUNCTION> Start Menu
[16/02/2009|08:00] C:\ProgramData\<DIR> SUPERAntiSpyware.com
[02/11/2006|10:00] C:\ProgramData\<JUNCTION> Templates
[01/02/2009|08:50] C:\ProgramData\<DIR> Thunktime
[30/01/2009|08:02] C:\ProgramData\<DIR> TuneUp Software

--------------------\\ Listing Folders in C:\Program Files

[31/01/2009|08:55] C:\Program Files\<DIR> A.F.5 Rename your files 1.1
[11/02/2009|08:17] C:\Program Files\<DIR> Acunetix
[31/01/2009|08:33] C:\Program Files\<DIR> ASUS
[17/02/2009|08:57] C:\Program Files\<DIR> AVG
[11/02/2009|09:23] C:\Program Files\<DIR> BlueVoda Website Builder
[01/02/2009|08:49] C:\Program Files\<DIR> Circle Dvelopement
[17/02/2009|04:46] C:\Program Files\<DIR> Common Files
[03/02/2009|05:14] C:\Program Files\<DIR> DIFX
[31/01/2009|06:35] C:\Program Files\<DIR> Google
[31/01/2009|08:33] C:\Program Files\<DIR> InstallShield Installation Information
[30/01/2009|08:23] C:\Program Files\<DIR> Internet Explorer
[01/02/2009|11:16] C:\Program Files\<DIR> Java
[01/02/2009|11:17] C:\Program Files\<DIR> LimeWire
[18/02/2009|07:49] C:\Program Files\<DIR> Malwarebytes' Anti-Malware
[01/02/2009|08:49] C:\Program Files\<DIR> Messenger Plus! Live
[18/02/2009|09:32] C:\Program Files\<DIR> Microsoft
[31/01/2009|11:48] C:\Program Files\<DIR> Microsoft CAPICOM 2.1.0.2
[02/11/2006|09:35] C:\Program Files\<DIR> Microsoft Games
[29/01/2009|10:10] C:\Program Files\<DIR> Microsoft Office
[18/02/2009|09:32] C:\Program Files\<DIR> Microsoft Office Outlook Connector
[18/02/2009|09:32] C:\Program Files\<DIR> Microsoft Silverlight
[18/02/2009|09:28] C:\Program Files\<DIR> Microsoft SQL Server Compact Edition
[18/02/2009|09:31] C:\Program Files\<DIR> Microsoft Sync Framework
[29/01/2009|10:07] C:\Program Files\<DIR> Microsoft Visual Studio
[29/01/2009|09:44] C:\Program Files\<DIR> Microsoft Visual Studio 8
[29/01/2009|10:19] C:\Program Files\<DIR> Microsoft Works
[29/01/2009|09:53] C:\Program Files\<DIR> Microsoft.NET
[30/01/2009|08:23] C:\Program Files\<DIR> Movie Maker
[29/01/2009|10:14] C:\Program Files\<DIR> MSBuild
[30/01/2009|07:14] C:\Program Files\<DIR> MSXML 4.0
[29/01/2009|09:55] C:\Program Files\<DIR> My Company Name
[29/01/2009|10:08] C:\Program Files\<DIR> Nero
[03/02/2009|05:15] C:\Program Files\<DIR> Nokia
[03/02/2009|05:12] C:\Program Files\<DIR> PC Connectivity Solution
[02/11/2006|09:35] C:\Program Files\<DIR> Reference Assemblies
[11/02/2009|08:29] C:\Program Files\<DIR> SpyZooka
[16/02/2009|07:59] C:\Program Files\<DIR> SUPERAntiSpyware
[19/02/2009|07:13] C:\Program Files\<DIR> Trend Micro
[30/01/2009|08:02] C:\Program Files\<DIR> TuneUp Utilities 2009
[02/11/2006|10:00] C:\Program Files\<DIR> Uninstall Information
[29/01/2009|10:28] C:\Program Files\<DIR> uTorrent
[29/01/2009|12:30] C:\Program Files\<DIR> VIA
[29/01/2009|10:34] C:\Program Files\<DIR> Winamp
[30/01/2009|08:23] C:\Program Files\<DIR> Windows Calendar
[30/01/2009|08:23] C:\Program Files\<DIR> Windows Collaboration
[30/01/2009|08:23] C:\Program Files\<DIR> Windows Defender
[30/01/2009|08:23] C:\Program Files\<DIR> Windows Journal
[18/02/2009|09:31] C:\Program Files\<DIR> Windows Live
[31/01/2009|11:23] C:\Program Files\<DIR> Windows Live Safety Center
[31/01/2009|06:44] C:\Program Files\<DIR> Windows Live SkyDrive
[11/02/2009|07:59] C:\Program Files\<DIR> Windows Mail
[30/01/2009|08:23] C:\Program Files\<DIR> Windows Media Player
[02/11/2006|09:35] C:\Program Files\<DIR> Windows NT
[30/01/2009|08:23] C:\Program Files\<DIR> Windows Photo Gallery
[30/01/2009|08:23] C:\Program Files\<DIR> Windows Sidebar
[29/01/2009|10:29] C:\Program Files\<DIR> WinRAR

--------------------\\ Listing Folders in C:\Program Files\Common Files

[29/01/2009|10:07] C:\Program Files\Common Files\<DIR> DESIGNER
[29/01/2009|09:52] C:\Program Files\Common Files\<DIR> InstallShield
[18/02/2009|09:26] C:\Program Files\Common Files\<DIR> microsoft shared
[29/01/2009|10:11] C:\Program Files\Common Files\<DIR> Nero
[03/02/2009|05:15] C:\Program Files\Common Files\<DIR> Nokia
[03/02/2009|05:15] C:\Program Files\Common Files\<DIR> PCSuite
[02/11/2006|08:18] C:\Program Files\Common Files\<DIR> Services
[02/11/2006|08:18] C:\Program Files\Common Files\<DIR> SpeechEngines
[18/02/2009|09:32] C:\Program Files\Common Files\<DIR> System
[31/01/2009|06:38] C:\Program Files\Common Files\<DIR> Windows Live
[16/02/2009|07:58] C:\Program Files\Common Files\<DIR> Wise Installation Wizard

--------------------\\ Process

( 52 Processes )

... OK !

--------------------\\ Searching with S_Lop

No Lop folder found !

--------------------\\ Searching for Lop Files - Folders

No Lop folder found !

--------------------\\ Searching within the Registry

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Checking the Hosts file

Hosts file CLEAN


--------------------\\ Searching for hidden files with Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-24 20:45:06
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Searching for other infections
 
R

Rikly

New Member
I'll post a log soon, but in the meantime, the pop-ups have stopped and same with the keyboard troubles, thank you so much ceewi1, you're a true hero. :D
 
Last edited:
You must log in or register to reply here.
Top