EN

The BullGuard products and services are part of NortonLifeLock Inc., a global leader in consumer Cyber Safety with a portofolio of brands including Norton, Avira and more. Learn more at NortonLifeLock.com

FORUMS

SEARCH FORUM

Unable to install antivirus

Posted 7/13/2010 1:07 PM
#87591
User avatar

phantom24 Member

Date Joined Nov 2016
Total Posts: 6
i have problem with my laptop. my antivirus is not working n i cant install any new antivirus or re-install it. it keep saying that it cant find d file . n i saw some thread that say there is a virus that blocking my latop from installing antivirus. can i know wat is that virus n how can i remove it?? i seriously need help!! please!!
Posted 7/14/2010 4:32 AM
#87600
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
Hello and welcome :smile:








Please follow this guide:

Before-posting-a-log


Follow the instructions and copy the logs here, in this Topic.

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


Posted 7/14/2010 11:16 AM
#87607
User avatar

phantom24 Member

Date Joined Nov 2016
Total Posts: 6
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:09:35, on 2010/7/14
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\system32\conime.exe
C:\Program Files\CloudEx Onlinebackup\YoubakMSN\YoubakMSN.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\FlashGet Network\FlashGet 3\mxhelper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R3 - URLSearchHook: Yahoo! 工具列 - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: IE2EMBHO Class - {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} - C:\Users\Khai Ling\AppData\Local\easyMule\modules\IE2EM.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9E7F0F05-23CF-4575-9049-7DDB9D39AA8E} - C:\PROGRA~1\FX678T~1\FX678T~1.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Khai Ling\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Yahoo! 工具列 - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [YoubakMSN] C:\Program Files\CloudEx Onlinebackup\YoubakMSN\YoubakMSN.exe
O4 - HKLM\..\Run: [OA012Mon] C:\Windows\OA012Mon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\easyMule\eMule.exe -AutoStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [FlashGet 3] "C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" -minimize
O4 - HKCU\..\Run: [FlashGetBHO] "C:\Program Files\FlashGet Network\FlashGet 3\mxhelper.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: PPS.lnk = C:\Program Files\PPStream\PPStream.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: 使用快车3下载 - C:\Users\Khai Ling\AppData\Roaming\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Khai Ling\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: 使用电驴下载 - C:\Program Files\easyMule\IE2EM.htm
O8 - Extra context menu item: 使用迅雷下载 - C:\Users\Public\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - C:\Users\Public\Thunder Network\Thunder\Program\getallurl.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O15 - Trusted Zone: https://software.kuaiche.com
O15 - ESC Trusted Zone: [url=https://*.update.microsoft.com]https://*.update.microsoft.com[/url]
O17 - HKLM\System\CCS\Services\Tcpip\..\{3012122F-5F3A-4186-9899-B6D64A600C7E}: NameServer = 203.82.64.145 203.82.64.129
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a1ffb3e6\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate1ca1b4ce0fedbd2) (gupdate1ca1b4ce0fedbd2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Network Monitor of Microsoft Windows (Network) - 讯雷 - C:\windows\MsNetwork.exe
O23 - Service: O2FLASH - O2Micro International - C:\Windows\system32\DRIVERS\o2flash.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - c:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a1ffb3e6\STacSV.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 10072 bytes
Posted 7/14/2010 3:27 PM
#87613
User avatar

phantom24 Member

Date Joined Nov 2016
Total Posts: 6
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4312

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

2010/7/14 21:14:57
mbam-log-2010-07-14 (21-14-57).txt

Scan type: Full scan (C:\|D:\|R:\|)
Objects scanned: 248883
Time elapsed: 1 hour(s), 55 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 2
Registry Keys Infected: 72
Registry Values Infected: 8
Registry Data Items Infected: 1
Folders Infected: 6
Files Infected: 27

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\Windows\System32\aksuser.dll (Trojan.GamesThief) -> No action taken.
C:\Windows\System32\ksuser.dll (Trojan.Patched) -> No action taken.

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{9e7f0f05-23cf-4575-9049-7ddb9d39aa8e} (Adware.IEShow) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9e7f0f05-23cf-4575-9049-7ddb9d39aa8e} (Adware.IEShow) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9e7f0f05-23cf-4575-9049-7ddb9d39aa8e} (Adware.IEShow) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{77fef28e-eb96-44ff-b511-3185dea48697} (Trojan.Cinmus) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b580cf65-e151-49c3-b73f-70b13fca8e86} (Trojan.Cinmus) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9e7f0f05-23cf-4575-9049-7ddb9d39aa8e} (Adware.IEShow) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e5d5d4a1-17f0-41d7-b1c6-0979f91e6f46} (Adware.BDSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a7f05ee4-0426-454f-8013-c41e3596e9e9} (Trojan.Cinmus) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Baidu (Trojan.Cinmus) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360hotfix.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rp.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rpt.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360safe.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360safebox.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360sd.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360se.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360softmgrsvc.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360speedld.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ast.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvastUI.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnt.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avguard.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avmailc.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avshadow.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwebgrd.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccenter.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSvcHst.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavstart.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kissvc.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kmailmon.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kpfw32.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kpfwsvc.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\krnl360svc.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kswebshield.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvmonxp.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvmonxp.kxp (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvsrvxp.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kwatch.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcagent.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcmscsvc.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcnasvc.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcods.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcproxy.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcsacore.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcshield.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcsysmon.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcvsshld.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpfsrv.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpmon.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpsvc.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpsvc1.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpsvc2.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msksrver.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ravmond.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ravtask.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rsagent.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rsnetsvr.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstray.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeboxtray.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scanfrm.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sched.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sfctlcom.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spiderml.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spidernt.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spiderui.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tmbmsrv.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tmproxy.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ufseagnt.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zhudongfangyu.exe (Security.Hijack) -> No action taken.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{b580cf65-e151-49c3-b73f-70b13fca8e86} (Trojan.Cinmus) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Worm.AutoRun) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdAgent.exe\debugger (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe\debugger (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe\debugger (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\livesrv.exe\debugger (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\seccenter.exe\debugger (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsserv.exe\debugger (Security.Hijack) -> No action taken.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (explorer.exe,C:\RECYCLER\S-1-5-21-4787969466-8541327473-097638665-2217\winsystem.exe) Good: (Explorer.exe) -> No action taken.

Folders Infected:
C:\Users\Khai Ling\AppData\Roaming\Baidu (Trojan.Cinmus) -> No action taken.
C:\Users\Khai Ling\AppData\Roaming\Baidu\Toolbar (Trojan.Cinmus) -> No action taken.
C:\Users\Khai Ling\AppData\Roaming\Baidu\Toolbar\Custom Buttons (Trojan.Cinmus) -> No action taken.
C:\Users\Khai Ling\AppData\Roaming\JjlDownLoader (Rogue.Installer) -> No action taken.
C:\Program Files\BaiDu (Adware.Baidu) -> No action taken.
C:\Program Files\BaiDu\Toolbar (Adware.Baidu) -> No action taken.

Files Infected:
C:\Program Files\QvodSetupPlus3.exe (Trojan.Dropper) -> No action taken.
C:\Users\Khai Ling\AppData\Local\VirtualStore\Windows\system\Ktpgu.LOG (Extension.Mismatch) -> No action taken.
C:\Users\Khai Ling\AppData\Local\VirtualStore\Windows\system\TybuX.LOG (Extension.Mismatch) -> No action taken.
C:\Users\Khai Ling\AppData\Local\VirtualStore\Windows\system\vSxpO.LOG (Extension.Mismatch) -> No action taken.
C:\Users\Khai Ling\AppData\Local\VirtualStore\Windows\system\wxkOU.LOG (Extension.Mismatch) -> No action taken.
C:\Windows\System32\FastUserSwitchingCompatibility.dll (Trojan.Dropper) -> No action taken.
C:\Windows\System32\drivers\07BD45D6.sys (Rootkit.Agent) -> No action taken.
C:\Windows\System32\drivers\0C624D58.sys (Rootkit.Agent) -> No action taken.
C:\Windows\System32\drivers\18383F2A.sys (Rootkit.Agent) -> No action taken.
C:\Windows\System32\drivers\261C79B6.sys (Rootkit.Agent) -> No action taken.
C:\Windows\System32\drivers\32224F07.sys (Rootkit.Agent) -> No action taken.
C:\Windows\System32\drivers\325E485C.sys (Rootkit.Agent) -> No action taken.
C:\Windows\System32\drivers\43A749BD.sys (Rootkit.Agent) -> No action taken.
C:\Windows\System32\drivers\47423754.sys (Rootkit.Agent) -> No action taken.
C:\Windows\System32\drivers\508959E6.sys (Rootkit.Agent) -> No action taken.
C:\Windows\System32\drivers\65EE16D6.sys (Rootkit.Agent) -> No action taken.
C:\Windows\System32\drivers\6CE31F63.sys (Rootkit.Agent) -> No action taken.
C:\Windows\System32\drivers\75345E4C.sys (Rootkit.Agent) -> No action taken.
C:\Windows\System32\drivers\7D867824.sys (Rootkit.Agent) -> No action taken.
C:\Windows\Temp\ep8blg.exe (Spyware.Onlinegames) -> No action taken.
C:\Windows\Temp\Gyp3X9.exe (Spyware.Onlinegames) -> No action taken.
C:\Windows\Temp\Mjblhu.dll (Spyware.OnLineGames) -> No action taken.
C:\Windows\Temp\Mjblhu.exe (Spyware.Onlinegames) -> No action taken.
C:\Windows\Temp\qsombZ.dll (Spyware.OnLineGames) -> No action taken.
C:\Windows\Temp\yrI6SG.exe (Spyware.Onlinegames) -> No action taken.
C:\Windows\System32\aksuser.dll (Trojan.GamesThief) -> No action taken.
C:\Windows\System32\ksuser.dll (Trojan.Patched) -> No action taken.
Posted 7/14/2010 3:29 PM
#87614
User avatar

phantom24 Member

Date Joined Nov 2016
Total Posts: 6
DDS (Ver_10-03-17.01) - NTFSx86
Run by Khai Ling at 18:57:02.31 on 2010/07/14 三
Internet Explorer: 8.0.6001.18928
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a1ffb3e6\STacSV.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a1ffb3e6\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Windows\system32\DRIVERS\o2flash.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\TEMP\3b0b791b.exe
C:\Windows\TEMP\22e62427.exe
C:\Windows\TEMP\4cc54739.exe
C:\Windows\TEMP\76a46a4b.exe
C:\Windows\System32\svchost.exe -k netsvcs
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\system32\conime.exe
C:\Program Files\CloudEx Onlinebackup\YoubakMSN\YoubakMSN.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\FlashGet Network\FlashGet 3\mxhelper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
D:\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uDefault_Page_URL = hxxp://www.dell.com
mDefault_Page_URL = hxxp://www.dell.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! 工具列: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
uWinlogon: Shell=explorer.exe,c:\recycler\s-1-5-21-4787969466-8541327473-097638665-2217\winsystem.exe
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: IE2EMBHO Class: {0a0ddbd3-6641-40b9-873f-bbdd26d6c14e} - c:\users\khai ling\appdata\local\easymule\modules\IE2EM.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: : {9e7f0f05-23cf-4575-9049-7ddb9d39aa8e} - c:\progra~1\fx678t~1\FX678T~1.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg.dll
BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - c:\users\khai ling\appdata\roaming\flashgetbho\FlashGetBHO3.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Yahoo! 工具列: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: {B580CF65-E151-49C3-B73F-70B13FCA8E86} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [eMuleAutoStart] c:\program files\easymule\eMule.exe -AutoStart
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [FlashGet 3] "c:\program files\flashget network\flashget 3\FlashGet3.exe" -minimize
uRun: [FlashGetBHO] "c:\program files\flashget network\flashget 3\mxhelper.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [YoubakMSN] c:\program files\cloudex onlinebackup\youbakmsn\YoubakMSN.exe
mRun: [OA012Mon] c:\windows\OA012Mon.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\khaili~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe
StartupFolder: c:\users\khaili~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\users\khaili~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\pps.lnk - c:\program files\ppstream\PPStream.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: ê1ó??ì3μ3???? - c:\users\khai ling\appdata\roaming\flashgetbho\GetUrl.htm
IE: ê1ó??ì3μ3????è?2?á′?ó - c:\users\khai ling\appdata\roaming\flashgetbho\GetAllUrl.htm
IE: 使用快车3下载 - c:\users\khai ling\appdata\roaming\flashgetbho\GetUrl.htm
IE: 使用快车3下载全部链接 - c:\users\khai ling\appdata\roaming\flashgetbho\GetAllUrl.htm
IE: 使用电驴下载 - c:\program files\easymule\IE2EM.htm
IE: 使用迅雷下载 - c:\users\public\thunder network\thunder\program\geturl.htm
IE: 使用迅雷下载全部链接 - c:\users\public\thunder network\thunder\program\getallurl.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: kuaiche.com\software
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
TCP: {3012122F-5F3A-4186-9899-B6D64A600C7E} = 203.82.64.145 203.82.64.129
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
IFEO: kxedefend.exe - ntsd -d
IFEO: 360hotfix.exe - ntsd -d
IFEO: 360rp.exe - ntsd -d
IFEO: 360rpt.exe - ntsd -d
IFEO: 360safe.exe - ntsd -d

Note: multiple IFEO entries found. Please refer to Attach.txt

============= SERVICES / DRIVERS ===============

R0 EMSC;COMPAL Embedded System Control;c:\windows\system32\drivers\EMSC.sys [2009-6-9 17192]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_a1ffb3e6\AEstSrv.exe [2009-6-9 81920]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-12-19 155648]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [2009-6-9 143840]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-6-9 112640]
R3 O2MDGRDR;O2MDGRDR;c:\windows\system32\drivers\o2mdg.sys [2009-5-23 58016]
R3 O2SDGRDR;O2SDGRDR;c:\windows\system32\drivers\o2sdg.sys [2009-5-8 41504]
R3 OA012Ufd;Creative Camera OA012 Upper Filter Driver;c:\windows\system32\drivers\OA012Ufd.sys [2009-3-6 133632]
R3 OA012Vid;Creative Camera OA012 Function Driver;c:\windows\system32\drivers\OA012Vid.sys [2009-7-7 272256]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1ca1b4ce0fedbd2;Google Update Service (gupdate1ca1b4ce0fedbd2);c:\program files\google\update\GoogleUpdate.exe [2009-8-12 133104]
S2 Network;Network Monitor of Microsoft Windows;c:\windows\MsNetwork.exe [2010-1-21 466944]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2009-8-6 29736]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
S3 qcusbser;Mobile Connector USB Device for Legacy Serial Communication;c:\windows\system32\drivers\cmusbser.sys [2009-8-27 97408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

=============== Created Last 30 ================

2010-07-14 10:29:22 0 d-----w- c:\programdata\Yahoo! Companion
2010-07-14 10:29:19 0 d-----w- c:\program files\Yahoo!
2010-07-14 10:29:13 0 d-----w- c:\program files\CCleaner
2010-07-14 07:22:18 15360 ----a-w- c:\windows\system32\syswsock32.dll
2010-07-14 07:21:39 20628 ----a-w- c:\windows\system32\asktao.mod.dll
2010-07-14 07:21:03 27284 ----a-w- c:\windows\system32\my.exe.dll
2010-07-14 07:20:11 4608 ----a-w- c:\windows\system32\aksuser.dll
2010-07-12 20:57:04 53785488 ----a-w- c:\users\khai ling\setup_av_free.exe
2010-07-12 19:48:30 0 d-----w- c:\programdata\Alwil Software
2010-07-12 18:14:17 152968 ----a-w- c:\program files\QvodSetupPlus3.exe
2010-07-06 14:39:32 166 ----a-w- c:\users\khai ling\酷小牛小说网-海量小说下载.url
2010-07-06 14:39:18 67743 ----a-w- c:\users\khai ling\tianmideyingsu.rar
2010-06-25 03:09:03 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-25 03:09:03 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-25 03:09:03 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-25 03:09:03 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-25 03:09:03 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-24 08:57:31 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-06-24 08:57:31 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

==================== Find3M ====================

2010-07-14 10:42:20 20628 ----a-w- c:\windows\system32\ksuser.dll
2010-07-14 07:21:39 20628 ----a-w- c:\windows\system32\TEMDF27.tmp
2010-07-12 18:15:40 13664256 ----a-w- c:\program files\QvodSetupPlus.exe.!qd
2010-05-26 17:06:41 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47:41 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-26 09:14:54 86016 ----a-w- c:\windows\inf\infstor.dat
2010-05-26 09:14:54 51200 ----a-w- c:\windows\inf\infpub.dat
2010-05-26 09:14:54 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-05-21 06:14:28 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-04 05:59:21 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55:42 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 05:55:42 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 04:31:05 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-05-01 14:13:48 2037248 ----a-w- c:\windows\system32\win32k.sys
2010-04-23 14:13:55 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-18 19:02:41 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-01-21 02:43:21 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-09 11:09:41 76 --sha-r- c:\windows\CT4CET.bin
2010-03-24 21:09:57 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\cookies\index.dat
2010-03-24 21:09:57 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\history\history.ie5\index.dat
2010-03-24 21:09:57 32768 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\temporary internet files\content.ie5\index.dat
2010-04-12 11:08:05 245760 --sha-w- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
2009-11-17 08:49:52 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat

============= FINISH: 18:57:52.07 ===============
Posted 7/14/2010 3:30 PM
#87615
User avatar

phantom24 Member

Date Joined Nov 2016
Total Posts: 6
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-03-17.01)


Motherboard: Dell Inc. | | 0186NX
Processor: Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz | U2E1 | 800/266mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 59 GiB total, 17.146 GiB free.
D: is FIXED (NTFS) - 230 GiB total, 44.962 GiB free.
R: is FIXED (NTFS) - 10 GiB total, 4.612 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0029
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #2
PNP Device ID: ROOT\*ISATAP\0029
Service: tunnel

==== System Restore Points ===================

RP346: 2010/7/9 2:01:50 - Windows Update
RP347: 2010/7/13 2:25:08 - Windows Update
RP348: 2010/7/13 3:48:12 - avast! Free Antivirus Setup
RP349: 2010/7/13 3:58:30 - Windows Update
RP350: 2010/7/13 4:17:28 - avast! Free Antivirus Setup
RP352: 2010/7/13 13:06:06 - avast! Free Antivirus Setup

==== Image File Execution Options =============

IFEO: kxedefend.exe - ntsd -d
IFEO: 360hotfix.exe - ntsd -d
IFEO: 360rp.exe - ntsd -d
IFEO: 360rpt.exe - ntsd -d
IFEO: 360safe.exe - ntsd -d
IFEO: 360safebox.exe - ntsd -d
IFEO: 360sd.exe - ntsd -d
IFEO: 360se.exe - ntsd -d
IFEO: 360SoftMgrSvc.exe - ntsd -d
IFEO: 360speedld.exe - ntsd -d
IFEO: 360tray.exe - ntsd -d
IFEO: afwServ.exe - ntsd -d
IFEO: ast.exe - ntsd -d
IFEO: AvastUI.exe - ntsd -d
IFEO: avcenter.exe - ntsd -d
IFEO: avfwsvc.exe - ntsd -d
IFEO: avgnt.exe - ntsd -d
IFEO: avguard.exe - ntsd -d
IFEO: avmailc.exe - ntsd -d
IFEO: avp.exe - ntsd -d
IFEO: avshadow.exe - ntsd -d
IFEO: avwebgrd.exe - ntsd -d
IFEO: bdagent.exe - ntsd -d
IFEO: CCenter.exe - ntsd -d
IFEO: ccSvcHst.exe - ntsd -d
IFEO: dwengine.exe - ntsd -d
IFEO: egui.exe - ntsd -d
IFEO: ekrn.exe - ntsd -d
IFEO: FilMsg.exe - ntsd -d
IFEO: kavstart.exe - ntsd -d
IFEO: kissvc.exe - ntsd -d
IFEO: kmailmon.exe - ntsd -d
IFEO: kpfw32.exe - ntsd -d
IFEO: kpfwsvc.exe - ntsd -d
IFEO: kpopserver.exe - ntsd -d
IFEO: krnl360svc.exe - ntsd -d
IFEO: ksmgui.exe - ntsd -d
IFEO: ksmsvc.exe - ntsd -d
IFEO: kswebshield.exe - ntsd -d
IFEO: KVMonXP.exe - ntsd -d
IFEO: KVMonXP.kxp - ntsd -d
IFEO: KVSrvXP.exe - ntsd -d
IFEO: kwatch.exe - ntsd -d
IFEO: kwstray.exe - ntsd -d
IFEO: kxesapp.exe - ntsd -d
IFEO: kxescore.exe - ntsd -d
IFEO: kxeserv.exe - ntsd -d
IFEO: kxetray.e - ntsd -d
IFEO: livesrv.exe - ntsd -d
IFEO: Mcagent.exe - ntsd -d
IFEO: mcmscsvc.exe - ntsd -d
IFEO: McNASvc.exe - ntsd -d
IFEO: Mcods.exe - ntsd -d
IFEO: McProxy.exe - ntsd -d
IFEO: McSACore.exe - ntsd -d
IFEO: Mcshield.exe - ntsd -d
IFEO: mcsysmon.exe - ntsd -d
IFEO: mcvsshld.exe - ntsd -d
IFEO: MpfSrv.exe - ntsd -d
IFEO: MPMon.exe - ntsd -d
IFEO: MPSVC.exe - ntsd -d
IFEO: MPSVC1.exe - ntsd -d
IFEO: MPSVC2.exe - ntsd -d
IFEO: msksrver.exe - ntsd -d
IFEO: qutmserv.exe - ntsd -d
IFEO: RavMonD.exe - ntsd -d
IFEO: RavTask.exe - ntsd -d
IFEO: RsAgent.exe - ntsd -d
IFEO: rsnetsvr.exe - ntsd -d
IFEO: RsTray.exe - ntsd -d
IFEO: safeboxTray.exe - ntsd -d
IFEO: ScanFrm.exe - ntsd -d
IFEO: sched.exe - ntsd -d
IFEO: seccenter.exe - ntsd -d
IFEO: SfCtlCom.exe - ntsd -d
IFEO: spideragent.exe - ntsd -d
IFEO: SpIDerMl.exe - ntsd -d
IFEO: spidernt.exe - ntsd -d
IFEO: spiderui.exe - ntsd -d
IFEO: TMBMSRV.exe - ntsd -d
IFEO: TmProxy.exe - ntsd -d
IFEO: Twister.exe - ntsd -d
IFEO: UfSeAgnt.exe - ntsd -d
IFEO: vsserv.exe - ntsd -d
IFEO: zhudongfangyu.exe - ntsd -d
IFEO: 修复工具.exe - ntsd -d

==== Installed Programs ======================

Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9
Advanced Audio FX Engine
Alarm Clock v1.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Battery Meter
Bonjour
CCleaner
Chinese Simplified Fonts Support For Adobe Reader 9
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Cole2k Media - Codec Pack (Advanced) 7.9.0
Dell DataSafe Online
Dell Dock
Dell Support Center (Support Software)
Dell Touchpad
Dell Webcam Central
Dell Wireless WLAN Card Utility
easyMule
EMSC
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist 8.0.0.514
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HSDPA USB Modem version 4.882
IDT Audio
iFinger
Integrated Webcam Driver (1.04.01.0708)
Intel(R) Graphics Media Accelerator Driver
Intel(R) TV Wizard
Intel? Matrix Storage Manager
IrfanView (remove only)
iTunes
Java(TM) 6 Update 17
Junk Mail filter update
Live! Cam Avatar Creator
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MSVCRT
ó??á i?á
O2Micro Flash Memory Card Windows Driver
óD±?MSN1ü?ò 1.0
ODD Eject
OGA Notifier 2.0.0048.0
PPStream V2.6.86.9050 Final
QuickTime
RealPlayer
Realtek 8136 8168 8169 Ethernet Driver
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
SPlayer
The KMPlayer (remove only)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WIDCOMM Bluetooth Software 6.2.0.6600
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
WinRAR archiver
Wireless Select Switch
Yahoo! 工具列
千千静听 5.5.2

==== Event Viewer Messages From Past Week ========

2010/7/14 18:46:12, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
2010/7/14 18:41:40, Error: Service Control Manager [7023] - The fastuserswitchingcompatibility service terminated with the following error: The specified procedure could not be found.
2010/7/14 18:41:40, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
2010/7/14 18:41:40, Error: Service Control Manager [7000] - The 73DF6AF5 service failed to start due to the following error: The system cannot find the file specified.
2010/7/14 16:54:06, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB905866 (Update) into Resolved(Resolved) state
2010/7/14 16:45:35, Error: Service Control Manager [7001] - The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error: The service has not been started.
2010/7/14 16:41:27, Error: Service Control Manager [7000] - The Avira AntiVir Scheduler service failed to start due to the following error: The system cannot find the file specified.
2010/7/14 16:41:27, Error: Service Control Manager [7000] - The Avira AntiVir Guard service failed to start due to the following error: The system cannot find the file specified.
2010/7/14 15:41:24, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Update service, but this action failed with the following error: An instance of the service is already running.
2010/7/14 15:41:24, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Background Intelligent Transfer Service service, but this action failed with the following error: An instance of the service is already running.
2010/7/14 15:35:12, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Remote Access Connection Manager service, but this action failed with the following error: An instance of the service is already running.
2010/7/14 15:27:09, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
2010/7/14 15:25:06, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Profile Service service, but this action failed with the following error: An instance of the service is already running.
2010/7/14 15:21:55, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
2010/7/14 15:21:55, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2010/7/14 15:19:03, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.3 for the Network Card with network address 00265E1BE264 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
2010/7/14 0:36:35, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 00265E1BE264 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
2010/7/13 13:03:16, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.4 for the Network Card with network address 00265E1BE264 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

==== End Of File ===========================
Posted 7/14/2010 3:33 PM
#87616
User avatar

phantom24 Member

Date Joined Nov 2016
Total Posts: 6
now d laptop is running slow especially when i was online and the audio system is not working, no sound at all. very worry.......:(
Posted 7/14/2010 4:38 PM
#87617
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
I have some suspicions that this could be pretty bad, but let's run a scan to see what we're dealing with.
Download CureIt to the desktop:
[color=#800080>https://www.freedrweb.com/cureit/?lng=en[/url]





Click on CureIt Download - button.

Doubleclick the drweb-cureit.exe file and Allow to run the express scan
This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.

Once the short scan has finished, mark the drives that you want to scan.
Move dot to Complete scan

Click the green arrow at the right, and the scan will start.
Click 'Yes to all' if it asks if you want to cure/move the file.

When the scan has finished, in the menu, click file and choose save report list
Save the report to your desktop. The report will be called DrWeb.csv

Close Dr.Web Cureit.


Please post the Dr.Web report in your next reply.

[/3][/color]

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


Posted 7/26/2010 1:34 PM
#87929
User avatar

rainbowl55 Member

Date Joined Nov 2016
Total Posts: 1
HI, any1 know how to fix the issue? thank U in advance.
Posted 7/26/2010 1:47 PM
#87930
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
Hello rainbowl55










[code]HI, any1 know how to fix the issue? thank U in advance.[/code]
What issue ?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


Post a reply
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Monday, August 8, 2022, 10:16 AM (GMT +2)
There are a total of 61,974 posts in 13,697 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Who's online

This forum has 38,573 registered members. Please welcome our newest member, iAwake.
18 Guest(s), 0 Registered Member(s) are currently online.