Brand newborn PC and infected!

Started by Goatie, February 05, 2014, 10:29:18 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1 2
User actions

Goatie

February 05, 2014, 10:29:18 PM
HI! all of you. I am here, red with shame and blue with anger. Trying to figure out this new baby and it cries already with cramps!  I was downloading/installing Firefox and it gave me mywebsearch along with it. We'll laugh later... first, let me post... OK?... :thud:

Results of screen317's Security Check version 0.99.79 
Windows 7 Service Pack 1 x64 (UAC is enabled) 
Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````[/u]
AVG AntiVirus Free Edition 2014   
Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````[/u]
Adobe Reader XI 
Mozilla Firefox 24.0 Firefox out of Date! 
````````Process Check: objlist.exe by Laurent````````[/u] 
AVG avgwdsvc.exe
`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C: =
````````````````````End of Log``````````````````````[/u]

Goatie

#1
February 05, 2014, 10:30:08 PM
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428
Run by Utilisateur at 17:07:35 on 2014-02-05
Microsoft Windows 7 Édition Familiale Premium   6.1.7601.1.1252.2.1036.18.8064.6601 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
C:\Program Files (x86)\RightSurf\updateRightSurf.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_44_ActiveX.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\RightSurf\bin\utilRightSurf.exe
C:\Windows\System32\MsSpellCheckingFacility.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.mysearchdial.com/?f=1&a=dsites0103&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0B0CtB0DyCtCyD0ByDzztAtN0D0Tzu0SyByCyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1370479696&ir=
mStart Page = hxxp://start.mysearchdial.com/?f=1&a=dsites0103&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0B0CtB0DyCtCyD0ByDzztAtN0D0Tzu0SyByCyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1370479696&ir=
mWinlogon: Userinit = userinit.exe
BHO: RightSurf: {88be1aa9-6740-461c-9e3e-f35eb8fa741c} - C:\Program Files (x86)\RightSurf\RightSurfbho.dll
BHO: Programme d'aide de l'Assistant de connexion au compte Microsoft: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
uRun: [Power2GoExpress8] NA
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{B17E34D1-0847-4553-A4EE-80032F2B8888} : DHCPNameServer = 192.168.0.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = hxxp://start.mysearchdial.com/?f=1&a=dsites0103&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0B0CtB0DyCtCyD0ByDzztAtN0D0Tzu0SyByCyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1370479696&ir=
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\rd2nuym9.default\
FF - prefs.js: browser.startup.homepage - hxxp://start.mysearchdial.com/?f=1&a=dsites0103&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0B0CtB0DyCtCyD0ByDzztAtN0D0Tzu0SyByCyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1370479696&ir=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-24 194872]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
R0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3hcs.sys [2013-4-26 20464]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-5 150808]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\drivers\CLVirtualDrive.sys [2014-2-4 92536]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [2014-2-3 927232]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-2-13 731648]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2014-2-3 169432]
R2 OfficeSvc;Service Microsoft Office;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2014-2-4 1907896]
R2 Update RightSurf;Update RightSurf;C:\Program Files (x86)\RightSurf\updateRightSurf.exe [2014-2-5 80160]
R2 Util RightSurf;Util RightSurf;C:\Program Files (x86)\RightSurf\bin\utilRightSurf.exe [2014-2-5 80160]
R3 IntcDAud;Son Intel(R) pour écrans;C:\Windows\System32\drivers\IntcDAud.sys [2013-5-17 442368]
R3 iusb3hub;Pilote de concentrateur Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3hub.sys [2013-4-26 368112]
R3 iusb3xhc;Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0;C:\Windows\System32\drivers\iusb3xhc.sys [2013-4-26 786416]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-2-3 805088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-4 111616]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-2-13 820184]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-2-3 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-2-3 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-2-3 30208]
S3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-2-4 1255736]
.
=============== Created Last 30 ================
.
2014-02-05 20:59:29   --------   d-----w-   C:\Users\Utilisateur\AppData\Local\Mozilla
2014-02-05 19:34:45   --------   d-----w-   C:\Users\Utilisateur\AppData\Roaming\Windows Live Writer
2014-02-05 19:34:45   --------   d-----w-   C:\Users\Utilisateur\AppData\Local\Windows Live Writer
2014-02-05 19:11:43   --------   d-----w-   C:\Users\Utilisateur\AppData\Roaming\AVG2014
2014-02-05 19:11:26   --------   d-----w-   C:\Users\Utilisateur\AppData\Roaming\TuneUp Software
2014-02-05 19:11:24   --------   d--h--w-   C:\$AVG
2014-02-05 19:11:24   --------   d-----w-   C:\ProgramData\AVG2014
2014-02-05 19:11:12   --------   d-----w-   C:\Program Files (x86)\AVG
2014-02-05 19:07:53   --------   d--h--w-   C:\ProgramData\Common Files
2014-02-05 19:07:53   --------   d-----w-   C:\Users\Utilisateur\AppData\Local\MFAData
2014-02-05 19:07:53   --------   d-----w-   C:\Users\Utilisateur\AppData\Local\Avg2014
2014-02-05 19:07:53   --------   d-----w-   C:\ProgramData\MFAData
2014-02-04 15:04:11   --------   d-----w-   C:\Program Files (x86)\Microsoft SkyDrive
2014-02-04 15:04:11   --------   d-----r-   C:\Users\Utilisateur\SkyDrive
2014-02-04 15:04:06   --------   d-----w-   C:\ProgramData\Microsoft SkyDrive
2014-02-04 15:02:57   566480   ----a-w-   C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-02-04 15:02:43   --------   d-----w-   C:\ProgramData\regid.1991-06.com.microsoft
2014-02-04 15:00:57   --------   d-----w-   C:\Program Files\Microsoft Office 15
2014-02-04 14:56:31   --------   d-----w-   C:\Users\Utilisateur\AppData\Local\Power2Go8
2014-02-04 14:55:55   92536   ----a-w-   C:\Windows\System32\drivers\CLVirtualDrive.sys
2014-02-04 14:55:55   --------   d-----w-   C:\Program Files (x86)\Common Files\CyberLink
2014-02-04 14:54:17   --------   d-----w-   C:\ProgramData\install_clap
2014-02-04 14:52:54   71048   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-04 14:52:54   692616   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-04 14:52:23   --------   d-----w-   C:\Users\Utilisateur\AppData\Local\Adobe
2014-02-04 14:50:57   4398360   ----a-w-   C:\Windows\System32\d3dx9_32.dll
2014-02-04 14:50:57   3426072   ----a-w-   C:\Windows\SysWow64\d3dx9_32.dll
2014-02-04 14:50:37   525656   -c--a-w-   C:\Program Files (x86)\Common Files\Windows Live\.cache\76a07c8a1cf21b804\DXSETUP.exe
2014-02-04 14:50:37   1691480   -c--a-w-   C:\Program Files (x86)\Common Files\Windows Live\.cache\76a07c8a1cf21b804\dsetup32.dll
2014-02-04 14:50:36   94040   -c--a-w-   C:\Program Files (x86)\Common Files\Windows Live\.cache\76a07c8a1cf21b804\DSETUP.dll
2014-02-04 14:50:36   89944   -c--a-w-   C:\Program Files (x86)\Common Files\Windows Live\.cache\767a66851cf21b803\DSETUP.dll
2014-02-04 14:50:36   89944   -c--a-w-   C:\Program Files (x86)\Common Files\Windows Live\.cache\7618ce1a1cf21b802\DSETUP.dll
2014-02-04 14:50:36   537432   -c--a-w-   C:\Program Files (x86)\Common Files\Windows Live\.cache\767a66851cf21b803\DXSETUP.exe
2014-02-04 14:50:36   537432   -c--a-w-   C:\Program Files (x86)\Common Files\Windows Live\.cache\7618ce1a1cf21b802\DXSETUP.exe
2014-02-04 14:50:36   1801048   -c--a-w-   C:\Program Files (x86)\Common Files\Windows Live\.cache\767a66851cf21b803\dsetup32.dll
2014-02-04 14:50:36   1801048   -c--a-w-   C:\Program Files (x86)\Common Files\Windows Live\.cache\7618ce1a1cf21b802\dsetup32.dll
2014-02-04 14:50:34   --------   d-----w-   C:\Users\Utilisateur\AppData\Local\Windows Live
2014-02-04 14:50:25   --------   d-----w-   C:\Program Files (x86)\Common Files\Windows Live
2014-02-04 14:30:39   96768   ----a-w-   C:\Windows\System32\fsutil.exe
2014-02-04 08:26:17   --------   d-----w-   C:\Windows\SysWow64\wbem\en-US
2014-02-04 08:26:17   --------   d-----w-   C:\Windows\System32\wbem\en-US
2014-02-04 08:26:16   --------   d-----w-   C:\Windows\SysWow64\Wat
2014-02-04 08:26:16   --------   d-----w-   C:\Windows\System32\Wat
2014-02-03 22:22:37   167424   ----a-w-   C:\Program Files\Windows Media Player\wmplayer.exe
2014-02-03 22:22:37   164864   ----a-w-   C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-02-03 22:22:37   12625920   ----a-w-   C:\Windows\System32\wmploc.DLL
2014-02-03 22:22:37   12625408   ----a-w-   C:\Windows\SysWow64\wmploc.DLL
2014-02-03 22:15:33   --------   d-----w-   C:\Windows\Migration
2014-02-03 21:47:49   2560   ----a-w-   C:\Windows\System32\drivers\fr-FR\wdf01000.sys.mui
2014-02-03 21:21:20   --------   d-----w-   C:\Windows\System32\MRT
2014-02-03 21:19:59   5120   ----a-w-   C:\Windows\SysWow64\wmi.dll
2014-02-03 21:19:59   5120   ----a-w-   C:\Windows\System32\wmi.dll
2014-02-03 21:19:59   23408   ----a-w-   C:\Windows\System32\drivers\fs_rec.sys
2014-02-03 21:17:44   723456   ----a-w-   C:\Windows\System32\EncDec.dll
2014-02-03 21:16:53   10315576   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-02-03 21:15:21   826880   ----a-w-   C:\Windows\SysWow64\rdpcore.dll
2014-02-03 21:15:21   23552   ----a-w-   C:\Windows\System32\drivers\tdtcp.sys
2014-02-03 21:15:21   1031680   ----a-w-   C:\Windows\System32\rdpcore.dll
2014-02-03 21:12:26   2622464   ----a-w-   C:\Windows\System32\wucltux.dll
2014-02-03 21:12:25   99840   ----a-w-   C:\Windows\System32\wudriver.dll
2014-02-03 21:12:25   36864   ----a-w-   C:\Windows\System32\wuapp.exe
2014-02-03 21:12:25   186752   ----a-w-   C:\Windows\System32\wuwebv.dll
2014-02-03 21:10:44   805088   ----a-w-   C:\Windows\System32\drivers\Rt64win7.sys
2014-02-03 21:10:44   74344   ----a-w-   C:\Windows\System32\RtNicProp64.dll
2014-02-03 21:10:44   107552   ----a-w-   C:\Windows\System32\RTNUninst64.dll
2014-02-03 21:10:41   --------   d-----w-   C:\Program Files (x86)\Realtek
2014-02-03 21:10:14   16344   ----a-w-   C:\Windows\System32\drivers\IntelMEFWVer.dll
2014-02-03 21:10:01   --------   d-sh--w-   C:\Windows\Installer
2014-02-03 21:09:58   --------   d-----w-   C:\Program Files (x86)\Common Files\postureAgent
2014-02-03 21:09:22   41984   ----a-w-   C:\Windows\System32\drivers\USB3Ver.dll
2014-02-03 21:09:04   64000   ----a-w-   C:\Windows\System32\OpenCL.DLL
2014-02-03 21:09:04   60416   ----a-w-   C:\Windows\SysWow64\OpenCL.DLL
2014-02-03 21:05:50   --------   d-----w-   C:\Intel
2014-02-03 21:05:13   16896   ----a-w-   C:\Windows\AsTaskSched.dll
2014-02-03 21:05:13   --------   d-----w-   C:\Windows\Intel_Chipset_Win7_8_VER9401016
2014-02-03 21:05:11   296320   ----a-w-   C:\Windows\System32\drivers\volsnap.sys
2014-02-03 13:16:01   --------   d-----w-   C:\Windows\Panther
.
==================== Find3M  ====================
.
2014-01-16 14:59:44   270496   ------w-   C:\Windows\System32\MpSigStub.exe
2013-11-27 01:41:37   343040   ----a-w-   C:\Windows\System32\drivers\usbhub.sys
2013-11-27 01:41:15   99840   ----a-w-   C:\Windows\System32\drivers\usbccgp.sys
2013-11-27 01:41:11   53248   ----a-w-   C:\Windows\System32\drivers\usbehci.sys
2013-11-27 01:41:11   325120   ----a-w-   C:\Windows\System32\drivers\usbport.sys
2013-11-27 01:41:03   7808   ----a-w-   C:\Windows\System32\drivers\usbd.sys
2013-11-26 11:40:00   376768   ----a-w-   C:\Windows\System32\drivers\netio.sys
2013-11-26 10:32:56   3156480   ----a-w-   C:\Windows\System32\win32k.sys
2013-11-26 10:19:07   2724864   ----a-w-   C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23   4096   ----a-w-   C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07   66048   ----a-w-   C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25   48640   ----a-w-   C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02   2724864   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39   139264   ----a-w-   C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09   111616   ----a-w-   C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57   708608   ----a-w-   C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02   5769216   ----a-w-   C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16   553472   ----a-w-   C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12   4243968   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16   1995264   ----a-w-   C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06   1928192   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57   2334208   ----a-w-   C:\Windows\System32\wininet.dll
2013-11-26 06:33:33   1820160   ----a-w-   C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20   417792   ----a-w-   C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34   465920   ----a-w-   C:\Windows\System32\WMPhoto.dll
2013-11-12 02:23:09   2048   ----a-w-   C:\Windows\System32\tzres.dll
2013-11-12 02:07:29   2048   ----a-w-   C:\Windows\SysWow64\tzres.dll
.
============= FINISH: 17:07:44,44 ===============

Goatie

#2
February 05, 2014, 10:32:14 PM
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Édition Familiale Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2014-02-03 16:03:19
System Uptime: 2014-02-05 16:33:45 (1 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. |  | B85M-E
Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz | SOCKET 1150 | 3101/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 223 GiB total, 190,103 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP3: 2014-02-03 16:05:08 - Windows Update
RP4: 2014-02-03 16:10:37 - Installé Realtek Ethernet Controller Driver
RP5: 2014-02-03 16:12:22 - Windows Update
RP6: 2014-02-03 16:21:11 - Windows Update
RP7: 2014-02-04 09:30:41 - Windows Update
RP8: 2014-02-04 09:50:34 - Windows Live Essentials
RP9: 2014-02-04 09:50:45 - DirectX est installé
RP10: 2014-02-04 09:50:59 - DirectX est installé
RP11: 2014-02-04 09:51:07 - DirectX est installé
RP12: 2014-02-04 09:51:22 - WLSetup
RP13: 2014-02-04 09:54:13 - Installé Power2Go
RP14: 2014-02-04 10:08:22 - Windows Update
RP15: 2014-02-05 14:11:09 - Installed AVG 2014
RP16: 2014-02-05 14:11:13 - Installed AVG 2014
.
==== Installed Programs ======================
.
Adobe Flash Player 12 ActiveX
Adobe Reader XI (11.0.06) - Français
AVG 2014
CyberLink Power2Go 8
D3DX10
Galerie de photos
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) SDK for OpenCL - CPU Only Runtime Package
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
Junk Mail filter update
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 (FRA)
Microsoft .NET Framework 4.5.1 (Français)
Microsoft Application Error Reporting
Microsoft Office Famille et Etudiant 2013 - fr-fr
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Movie Maker
Mozilla Firefox 24.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
Photo Common
Photo Gallery
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
RightSurf
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
Windows Live
Windows Live Communications Platform
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== End Of File ===========================

Corrine

#3
February 05, 2014, 11:01:55 PM
Hi, Goatie!  Not to worry, your new baby will be fine shortly.  Just a quick question though.  Did you download Firefox from mozilla.org or somewhere else?

1.  Please download Junkware Removal Tool to your desktop.

  • Disable your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it.  If you are using Windows Vista or Seven, right-mouse click it and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
2.  Please download AdwCleaner by Xplode onto your Desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
    Note:  Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT

  • If you click the Clean button all items listed in the report will be removed.  If you are unsure, just copy/paste the log and I'll take a look at it before you follow the next step.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
How is your new baby now?


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Goatie

#4
February 05, 2014, 11:55:14 PM
sorry, took me a while... was not easy to figure out how to shut down the antivirus... It also tried to have me d/l some crap instead of what I asked for... So many Windows all new to me that I have a hard time figuring what is normal or not.  Now to answer your question... quite honestly I don't know where I really d/l Firefox from... actually I d/l from the first item shown in google... yes I know... I should have known better. I have to caaaaaaalm down.... and use my brain again...  :(

Now, I'll go one thing at a time... baby step....

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Home Premium x64
Ran by Utilisateur on 2014-02-05 at 18:38:22,52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] Util RightSurf
Successfully deleted: [Service] Util RightSurf
Successfully stopped: [Service] Update RightSurf
Successfully deleted: [Service] Update RightSurf



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1230402944-1592690405-2964290798-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88be1aa9-6740-461c-9e3e-f35eb8fa741c}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{88be1aa9-6740-461c-9e3e-f35eb8fa741c}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\RightSurf"



~~~ FireFox

Successfully deleted the following from C:\Users\Utilisateur\AppData\Roaming\mozilla\firefox\profiles\rd2nuym9.default\prefs.js

user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=dsites0103&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0B0CtB0DyCtCyD0ByDzztAtN0D0Tzu0SyByCyBtN1L2XzutBtFtBtFtCyDt



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2014-02-05 at 18:41:38,37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Goatie

#5
February 06, 2014, 12:05:01 AM
I am not taking any chances on my capacity to judge tonight so I submit for approval, then I'll delete what is there... nothing there I need to keep... I never had time to install anything yet... Firefox was the first diaper!!!  :laughing:

# AdwCleaner v3.018 - Rapport créé le 05/02/2014 à 18:58:08
# Mis à jour le 28/01/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Utilisateur - UTILISATEUR-PC
# Exécuté depuis : C:\Users\Utilisateur\Desktop\AdwCleaner.exe
# Option : Scanner

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****


***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Clé Présente : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Clé Présente : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Présente : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.16428

Paramètre Présent : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=dsites0103&cd=2XzuyEtN2Y1L1Qzu0A0CtBtBtD0B0CtB0DyCtCyD0ByDzztAtN0D0Tzu0SyByCyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1370479696&ir=

-\\ Mozilla Firefox v24.0 (en-US)

[ Fichier : C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\rd2nuym9.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1383 octets] - [05/02/2014 18:58:08]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1443 octets] ##########

Corrine

#6
February 06, 2014, 12:37:23 AM
How I've missed your sense of humor, Goatie.  Of course, if I had been thinking, I would have sent you to Xplode's direct site seeing as how it is in French, although that wouldn't have helped with JRT.  However, to make it easier to discern between ads and download links, you may want to consider Adblock PLUS.  There is a version for both Firefox and IE. 

Firefox:  https://adblockplus.org/en/firefox (English) and https://adblockplus.org/fr/firefox (French)
IE:  https://adblockplus.org/en/internet-explorer (English) and https://adblockplus.org/fr/internet-explorer (French)

Yes, you can remove everything AdwCleaner found.

1.  Double-click AdwCleaner.exe to run the tool again.
  • Click the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
    Note:  Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
  • After the scan has finished,
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
2.  After that, you'll want to update Firefox.  The update to version 27.0 was released yesterday and includes critical security updates.  To get the update now, select "Help" from the Firefox menu at the upper left of the browser window, then pick "About Firefox.

3.  Interesting that Adobe Flash Player version doesn't show in Security Check.  If you didn't update Flash Player yesterday, you'll want to do that since Adobe released the update ahead of schedule because of a critical remote code execution vulnerability that is actively being targeted by attackers.  The direct download links (without unwanted add-ons) are as follows:.

    Non-IE (Opera, Firefox, Etc.):  http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_12_plugin.exe
    Windows XP, Vista and 7:  Flash Player For Internet Explorer 7, 8, 9, 10, 11:  http://download.macromedia.com/get/flashplayer/current/licensing/win/install_flash_player_12_active_x.exe

All better now?


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Goatie

#7
February 06, 2014, 01:02:24 AM
# AdwCleaner v3.018 - Rapport créé le 05/02/2014 à 19:54:52
# Mis à jour le 28/01/2014 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Utilisateur - UTILISATEUR-PC
# Exécuté depuis : C:\Users\Utilisateur\Desktop\AdwCleaner.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****


***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}

***** [ Navigateurs ] *****

-\\ Internet Explorer v11.0.9600.16428

Paramètre Restauré : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v24.0 (en-US)

[ Fichier : C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\rd2nuym9.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1539 octets] - [05/02/2014 18:58:08]
AdwCleaner[R1].txt - [1599 octets] - [05/02/2014 19:54:17]
AdwCleaner[S0].txt - [1210 octets] - [05/02/2014 19:54:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1270 octets] ##########

Corrine

#8
February 06, 2014, 01:10:11 AM
Excellent! 

If your new computer is all better now, let's remove the tools we used. 

You can delete SecurityCheck and the Junkware Removal Tool from your desktop.  Then do the following:

Double-click on AdwCleaner.exe to run the tool again.
  • Click on the Uninstall button.
  • Click Yes when asked are you sure you want to uninstall.
  • Both AdwCleaner.exe, its folder and all logs will be removed.
Please refer to the Safe Computing Practices and other recommendations in this updated copy of "So how did I get infected in the first place?" and let us know if you have any questions, particularly with adjusting to the new operating system.  We'll be more than happy to help an old, I mean long time friend.  :rose:


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Goatie

#9
February 06, 2014, 01:27:19 AM
Aaaah! dear Corrine what would this world be without you?...  I feel the new diaper change and the Johnson's baby powder and all... smells good, feels right. Now I can sleep tight and grow some more. I promise I will behave and learn my ABC.
I will update Firefox and see about Flashplayer tomorrow morning first thing, around 5 am... . I want to stay on my nice feeling... for now and go rest my tired out body and brain.
I don't know a thing about the Flashplayer... I brought the PC from the store at noon today... ;-)))
I'll report once all done. For now, all looks fine... no strange Windows opening... no strange offers offering... and permission is given to all volunteers who have been holding back on their laughing at me. I can take it now!  It is bath time anyways  :hammy:     

Corrine

#10
February 06, 2014, 01:48:36 AM
Now, now, Goatie, do you think GR@PH;<'S or Winchester73 would laugh at you?  Ghost might, but we can excuse him.  ;) 

I'm so glad all is well now.  Remember, we're always here and it is a wonderful seeing you again.  :hug:


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

winchester73

#11
February 06, 2014, 02:02:10 AM
Me? I never laugh  :hysterical:
Speak softly, but carry a big Winchester ... Winchester Arms Collectors Association member

GR@PH;<'S

#12
February 06, 2014, 02:53:14 AM
Me laugh no  :moreevil:
Sniger perhaps  :tease:
Giggle maybe  :laughing:

GR@PH;<'S  
press Enter then have a Brandy then if the problem is still there have another Brandy
Q: does it work
A: It does seem to for a few hours at least.

Goatie

#13
February 06, 2014, 12:29:05 PM
Am all done...Firefox updated. Glad you told me where to look on the upper left... I would NEVER have found that menu hidden under a orange button that only says FIREFOX. Why are practical things so hidden now like a MENU?   Or is it me becoming an old grouch?
I did cleaned the tools off the desktop. By the way, Corrine, you have one smilie missing here... the one of the old lady that wants things her way! ;-)))

Now, about Ghost... who has no sense of humor whatsoever... he just scolds, never laughs. I have to keep remembering he is a GHOST or I'd be terrified of him.

Winchester, I see you lay low... do not forget I can be very dangerous if you do this standing up facing me....  :winchesty73:

GR@PH;<'S... laughing and drivin' is not a good thing when you're in a blue car... believe me. That is exactly why I never laugh anymore!  :GRAFX:

Ok... I'll let you all rest all of you young ones that stayed up late last night... while I'm fresh and at my best and efficient and maybe... maybe... more brilliant than I was yesterday...  :azn:

Ghost

#14
February 06, 2014, 09:45:04 PM
I would never laugh at Goatie.







:hysterical:
Print
Go Up Pages1 2
User actions