|
Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs |
|
Topic Tools |
#16
|
|||
|
|||
====== BHO's ======
BHO: (NO NAME) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll BHO: (NO NAME) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~2\COMCAS~1.DLL BHO: (NO NAME) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll BHO: (NO NAME) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll BHO: (NO NAME) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: (NO NAME) - {D5233FCD-D258-4903-89B8-FB1568E7413D} - mscoree.dll ====== HKLM\~\Run Keys ====== HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SoundMan] = SOUNDMAN.EXE [ISUSScheduler] = "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start [ISUSPM Startup] = "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup [TkBellExe] = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [VTTimer] = VTTimer.exe [NeroFilterCheck] = C:\WINDOWS2\system32\NeroCheck.exe [tgcmd] = C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf [iTunesHelper] = "C:\Program Files\iTunes\iTunesHelper.exe" [QuickTime Task] = "C:\Program Files\QuickTime\qttask.exe" -atboottime [SunJavaUpdateSched] = "C:\Program Files\Java\jre6\bin\jusched.exe" [avast!] = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe ====== HKCU\~\Run Keys ====== [RegistryMechanic] = C:\Program Files\Registry Mechanic\RegMech.exe /H [ctfmon.exe] = C:\WINDOWS2\system32\ctfmon.exe ====== DNS Info (List may be empty) ====== HKEY_LOCAL_MACHINE\CCS\~\{15D05C1D-955B-49A3-A7C4-89E81F623D6F}\ NameServer= HKEY_LOCAL_MACHINE\CCS\~\{51E44CCE-5254-46A0-A128-FF3A5F5054F1}\ NameServer= HKEY_LOCAL_MACHINE\CCS\~\{92197218-436E-4397-9D76-155CB9A7EC96}\ NameServer= HKEY_LOCAL_MACHINE\CCS\~\{935AA2C6-93E6-478F-9F0A-5A83D3F15EA6}\ NameServer= HKEY_LOCAL_MACHINE\CCS\~\{D0D8A17C-48D5-4240-8325-91E9A598090E}\ NameServer= HKEY_LOCAL_MACHINE\CS001\~\{15D05C1D-955B-49A3-A7C4-89E81F623D6F}\ NameServer= HKEY_LOCAL_MACHINE\CS001\~\{51E44CCE-5254-46A0-A128-FF3A5F5054F1}\ NameServer= HKEY_LOCAL_MACHINE\CS001\~\{92197218-436E-4397-9D76-155CB9A7EC96}\ NameServer= HKEY_LOCAL_MACHINE\CS001\~\{935AA2C6-93E6-478F-9F0A-5A83D3F15EA6}\ NameServer= HKEY_LOCAL_MACHINE\CS001\~\{D0D8A17C-48D5-4240-8325-91E9A598090E}\ NameServer= ====== Folders and Files from "%\" and "%\Windows" Created Last 60 Days ====== 9/10/2009 6:38:49 AM 0 C:\Adobe 9/10/2009 6:38:49 AM 0 C:\Adobe\Photoshop Album 9/10/2009 6:38:49 AM 0 C:\Adobe\Photoshop Album\3.0 9/10/2009 6:38:49 AM 0 C:\Adobe\Photoshop Album\Catalogs 10/1/2009 7:23:56 PM 8146174 C:\cmdcons 10/1/2009 7:24:03 PM 860672 C:\cmdcons\SYSTEM32 10/7/2009 11:04:24 PM 0 C:\Downloads 10/8/2009 12:48:46 AM 531802867 C:\MSOCache 10/8/2009 12:48:46 AM 531802867 C:\MSOCache\All Users 10/8/2009 4:38:32 AM 201804780 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9 10/8/2009 4:38:33 AM 2010844 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES 10/8/2009 4:38:33 AM 1887642 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES 10/8/2009 4:38:33 AM 804080 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON 10/8/2009 4:38:33 AM 804080 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED 10/8/2009 4:38:33 AM 804080 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW 10/8/2009 4:38:33 AM 109120 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\1033 10/8/2009 4:38:33 AM 1083562 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE 10/8/2009 4:38:33 AM 1083562 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11 10/8/2009 4:38:33 AM 295479 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11\1033 10/8/2009 4:38:33 AM 89136 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\SETUP 10/8/2009 4:38:33 AM 34066 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\WINDOWS 10/8/2009 4:38:33 AM 34066 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\WINDOWS\INF 10/8/2009 12:49:19 AM 1632850 C:\MSOCache\All Users\{90120000-0010-0409-0000-0000000FF1CE}-C 10/8/2009 12:49:02 AM 15669675 C:\MSOCache\All Users\{90120000-0016-0409-0000-0000000FF1CE}-C 10/8/2009 12:49:14 AM 15068409 C:\MSOCache\All Users\{90120000-0018-0409-0000-0000000FF1CE}-C 10/8/2009 12:49:36 AM 17027228 C:\MSOCache\All Users\{90120000-001B-0409-0000-0000000FF1CE}-C 10/8/2009 12:49:20 AM 52395081 C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C 10/8/2009 12:49:20 AM 22914224 C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.en 10/8/2009 12:49:32 AM 16972298 C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.es 10/8/2009 12:49:30 AM 11999590 C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.fr 10/8/2009 12:49:05 AM 32655135 C:\MSOCache\All Users\{90120000-00A1-0409-0000-0000000FF1CE}-C 10/8/2009 12:48:46 AM 32869192 C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C 10/8/2009 12:48:59 AM 108872 C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\1033 10/8/2009 12:49:40 AM 162680517 C:\MSOCache\All Users\{91120000-002F-0000-0000-0000000FF1CE}-C 10/3/2009 4:42:26 PM 85 C:\RECYCLER 10/3/2009 4:42:26 PM 85 C:\RECYCLER\S-1-5-21-299502267-1275210071-839522115-1009 10/1/2009 7:24:09 PM 306 2080 C:\Boot.bak 10/1/2009 7:24:04 PM 260272 2080 C:\cmldr 10/25/2009 4:13:34 AM 132300 2080 C:\ComboFix.txt 10/25/2009 4:58:36 AM 2111 2080 C:\Files.txt 9/8/2009 9:11:38 AM 1154482176 38 C:\pagefile.sys 9/30/2009 10:20:49 PM 232 2082 C:\sqmdata02.sqm 9/30/2009 10:20:49 PM 244 2082 C:\sqmnoopt02.sqm |
#17
|
|||
|
|||
====== Files under "\Administrator\Startup" Last 60 Days======
====== Files under "\All Users\Startup" Last 60 Days====== ====== Files and Folders under "\Program Files" Last 60 Days====== 9/25/2009 3:03:41 AM 657408 C:\Program Files\Alex Feinman 10/24/2009 10:37:55 PM 5545 C:\Program Files\Browser Hijack Recover 10/8/2009 12:53:43 AM 8152064 C:\Program Files\Microsoft.NET 10/14/2009 5:11:15 AM 869270 C:\Program Files\MSECACHE 10/10/2009 8:39:56 PM 12973823 C:\Program Files\TeamViewer 9/30/2009 8:01:23 PM 434226 C:\Program Files\Trend Micro 10/14/2009 5:11:39 AM 142742 C:\Program Files\Windows Installer Clean Up ====== Files under "\System32\Drivers" Last 60 Days====== ====== Files Deleted under "%Temp%" ====== 3 Files deleted ====== Files and Folders under "All Users\Application Data" Last 60 Days====== ====== Values under HKLM\Software\microsoft\shared tools\msconfig\startupreg ====== HKLM\Software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup HKLM\Software\microsoft\shared tools\msconfig\startupreg\QuickTime Task HKLM\Software\microsoft\shared tools\msconfig\startupreg\RaidTool ====== Services ( Services that are Whitelisted are not shown) ====== aswFsBlk (aswFsBlk)- C:\WINDOWS2\system32\DRIVERS\aswFsBlk.sys - Auto/Running aswSP (avast! Self Protection)- C:\WINDOWS2\system32\drivers\aswSP.sys - System/Running ctljystk (Creative SBLive! Gameport)- C:\WINDOWS2\system32\DRIVERS\ctljystk.sys - Manual/Running ezplay (VSO Software ezplay)- C:\WINDOWS2\system32\Drivers\ezplay.sys - Manual/Stopped FET5X86V (VIA Rhine-Family Fast-Ethernet Adapter Driver Service)- C:\WINDOWS2\system32\DRIVERS\fetnd5bv.sys - Manual/Running FETNDIS (VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver)- C:\WINDOWS2\system32\DRIVERS\fetnd5.sys - Manual/Stopped FileDisk (FileDisk)- C:\WINDOWS2\system32\drivers\FileDisk.sys - System/Running FreshIO (FreshIO)- \??\C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys - Manual/Stopped hotcore2 (hotcore2)- C:\WINDOWS2\system32\drivers\hotcore2.sys - Boot/Running hotcore3 (hotcore3)- C:\WINDOWS2\system32\drivers\hotcore3.sys - Boot/Running hpt3xx (hpt3xx)- - Disabled/Stopped irda (IrDA Protocol)- C:\WINDOWS2\system32\DRIVERS\irda.sys - Auto/Running irsir (Microsoft Serial Infrared Driver)- C:\WINDOWS2\system32\DRIVERS\irsir.sys - Manual/Running JL2005 (JL2005A Toy Camera)- C:\WINDOWS2\system32\Drivers\toywdm.sys - Manual/Stopped mbmiodrvr (mbmiodrvr)- \??\C:\WINDOWS2\system32\mbmiodrvr.sys - System/Running MCSTRM (MCSTRM)- - Auto/Stopped NdisIP (Microsoft TV/Video Connection)- C:\WINDOWS2\system32\DRIVERS\NdisIP.sys - Manual/Stopped pcouffin (VSO Software pcouffin)- C:\WINDOWS2\system32\Drivers\pcouffin.sys - Manual/Stopped pctplsg (pctplsg)- \??\C:\WINDOWS2\system32\drivers\pctplsg.sys - Manual/Stopped pmxscan (Visioneer USB Kernel)- C:\WINDOWS2\system32\DRIVERS\usbscan.sys - Manual/Stopped Rasirda (WAN Miniport (IrDA))- C:\WINDOWS2\system32\DRIVERS\rasirda.sys - Manual/Running SABProcEnum (SABProcEnum)- \??\C:\Program Files\Internet Explorer\SABProcEnum.sys - Manual/Stopped SASDIFSV (SASDIFSV)- \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS - System/Running SASENUM (SASENUM)- \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS - Manual/Stopped SASKUTIL (SASKUTIL)- \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys - System/Running SLIP (BDA Slip De-Framer)- C:\WINDOWS2\system32\DRIVERS\SLIP.sys - Manual/Stopped SRS_SSCFilter (SRS Labs Audio Sandbox (WDM))- C:\WINDOWS2\system32\drivers\srs_sscfilter_i386.sy s - Manual/Stopped StillCam (Still Serial Digital Camera Driver)- C:\WINDOWS2\system32\DRIVERS\serscan.sys - Manual/Running TfFsMon (TfFsMon)- C:\WINDOWS2\system32\drivers\TfFsMon.sys - Boot/Stopped TfNetMon (TfNetMon)- \??\C:\WINDOWS2\system32\drivers\TfNetMon.sys - Manual/Stopped TfSysMon (TfSysMon)- C:\WINDOWS2\system32\drivers\TfSysMon.sys - Boot/Stopped uagp35 (Microsoft AGPv3.5 Filter)- C:\WINDOWS2\system32\DRIVERS\uagp35.sys - Boot/Running uts_bus (UTStarcom USB Composite Device driver (WDM))- C:\WINDOWS2\system32\DRIVERS\uts_bus.sys - Manual/Stopped uts_mdfl (UTStarcom USB Modem Filter)- C:\WINDOWS2\system32\DRIVERS\uts_mdfl.sys - Manual/Stopped uts_mdm (UTStarcom USB Modem Drivers)- C:\WINDOWS2\system32\DRIVERS\uts_mdm.sys - Manual/Stopped uts_serd (UTStarcom USB Diagnostic Serial Port (WDM))- C:\WINDOWS2\system32\DRIVERS\uts_serd.sys - Manual/Stopped viagfx (viagfx)- C:\WINDOWS2\system32\DRIVERS\vtmini.sys - Manual/Running viamraid (viamraid)- C:\WINDOWS2\system32\DRIVERS\viamraid.sys - Boot/Running ViBus (ViBus)- C:\WINDOWS2\system32\DRIVERS\ViBus.sys - Boot/Running videX32 (videX32)- C:\WINDOWS2\system32\DRIVERS\videX32.sys - Boot/Running ViPrt (VIA SATA IDE Device Driver)- C:\WINDOWS2\system32\DRIVERS\ViPrt.sys - Boot/Running WpdUsb (WpdUsb)- C:\WINDOWS2\system32\DRIVERS\wpdusb.sys - Manual/Stopped ====== Uninstall List ====== 7-Zip 4.57 AC3 Decoder AC3File (remove only) Active GIF Creator 2.22 Adobe Audition 3.0 Adobe Flash Player 10 ActiveX Adobe Photoshop Elements Adobe Shockwave Player 11.5 Adobe SVG Viewer 3.0 Adobe Photoshop CS3 Adobe Soundbooth CS3 Codecs Adobe ExtendScript Toolkit 2 Adobe Color Common Settings Adobe Illustrator CS3 Adobe Soundbooth CS3 AI RoboForm (All Users) AliveGlow Plugin AMPHIOTIK ENHANCER 2.04 Arachnophilia 5.2 Audacity 1.2.6 avast! Antivirus Band-in-a-Box 2007 Demo Desktop Doctor Comcast High-Speed Internet Install Wizard Comcast Toolbar Cool Edit Pro 2.0 Creative DVD Audio Plugin for Audigy Series db audioware mastering plugins 1.05c DriverMax 4 DriverMax 5 DubIt DVD Shrink 3.2 Easy CD Clone Easy Graphic Converter 3.0 EximiousSoft GIF Creator V3.18 Eye Candy 3 Firebird SQL Server - MAGIX Edition Firehand Lightning Flash Slideshow Maker Pro 4.88 Glitter Frame GIF Maker V1.4 GoldWave v5.23 Microsoft Office Home and Student 2007 iDailyDiary 3.41 Microsoft Internationalized Domain Names Mitigation APIs Windows Internet Explorer 7 ACT! ® 2005 VIA Platform Device Manager InterActual Player IsoBuster 1.9.1 iZotope Ozone 3 iZotope Ozone 4 Uninstall JL2005A Toy Camera Windows Genuine Advantage Validation Tool (KB892130) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player 10 (KB911565) Security Update for Windows Media Player 10 (KB917734) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows Media Player 6.4 (KB925398) Hotfix for Windows Media Format 11 SDK (KB929399) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Internet Explorer 7 (KB938127-v2) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB938464-v2) Hotfix for Windows Media Player 11 (KB939683) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Update for Windows XP (KB951072-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Update for Windows XP (KB951978) Security Update for Windows XP (KB952004) Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray Security Update for Windows Media Player (KB952069) Hotfix for Windows XP (KB952287) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953155) Security Update for Windows XP (KB953839) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player (KB954155) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Hotfix for Windows XP (KB954550-v5) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Update for Windows XP (KB955839) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Critical Update for Windows Media Player 11 (KB959772) Security Update for Windows XP (KB960225) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Hotfix for Windows XP (KB961118) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows Internet Explorer 7 (KB963027) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Security Update for Windows XP (KB968537) Security Update for Windows Media Player (KB968816) Security Update for Windows XP (KB969059) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970483) Hotfix for Windows XP (KB970653-v3) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows Media Player (KB973540) Update for Windows XP (KB973815) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) K-Lite Codec Pack 4.7.5 (Basic) KoolMoves 5.6 KPT 6 |
#18
|
|||
|
|||
LADSPA_plugins-win-0.4.15
L&H TTS3000 British English Logo Design Studio Microsoft .NET Framework 1.1 Security Update (KB953297) Macromedia Director MX 2004 MAGIX Screenshare 4.3.6.1987 (US) Malwarebytes' Anti-Malware Maximus Microsoft .NET Framework 1.1 Microsoft .NET Framework 3.5 SP1 MixPad Motherboard Monitor 5 Mozilla Firefox (3.5.3) Microsoft Compression Client Pack 1.0 for Windows XP Mystical 2.0 Nero Suite nLite 1.4.9.1 Microsoft National Language Support Downlevel APIs PAN Fire 3.1 Personal Timeclock version 4.3 Photo-Brush 5.2 Photodex Presenter PhotoFiltre PhotoMix 5.3 Picasa 3 Picture Navigator Professor Answers Professor Teaches Dreamweaver MX 2004 Professor Teaches Flash MX 2004 Professor Teaches FrontPage 2000 Professor Teaches HTML Fundamentals Professor Teaches Photoshop CS Professor Teaches PowerPoint 2000 ProShow Gold RarZilla Free Unrar 2.52 RealPlayer Registry Mechanic 8.0 Responsive Time Logger Advanced RealMedia Export Plug-in for Premiere 6.0 Security Task Manager 1.7e SmartFTP Client 2.0 Setup Files (remove only) Speed Video Converter 3.0.15 Alien Skin Splat! 1.0 Demo Surround Meter 5.1 demo t@b Media Converter (GUI for sox, mencoder) v0.951-686 TeamViewer 4 Host Department Demobar Torq 1.0.6 (Build006 -- Dec 18 2007) Trellian Button Factory Lernout & Hauspie TruVoice American English TTS Engine UTStarcom USB Modem Software VideoReDo/Plus Version 2.5.6.512 VideoLAN VLC media player 0.8.6f VIA Rhine-Family Fast-Ethernet Adapter Voxengo BMS VST 1.2 VST Bridge 1.1 S3 S3Display S3 S3Gamma2 S3 S3Info2 S3 S3Overlay Wave Arts MultiDynamics Wave Arts Power Suite WavePad Uninstall Web Gallery Wizard PRO 1.5.3225.0 Web CEO 6.5 Website Puller WebSnapshot 2.0 Demo WeBuilder 2006 v7.3 Windows Genuine Advantage Validation Tool (KB892130) Windows Genuine Advantage Notifications (KB905474) Windows Media Format 11 runtime Windows Media Player 11 Windows XP Service Pack 3 WinHTTrack Website Copier 3.43 Windows Media Format 11 runtime Windows Media Player 11 Microsoft User-Mode Driver Framework Feature Pack 1.0 WWAYM - NWEQ V1.21 WYSIWYG Web Builder 3.3 Yahoo! Toolbar Yahoo! Browser Services Yahoo! Internet Mail Yahoo! Messenger Yahoo! SiteBuilder Yahoo! Software Update Yahoo! Install Manager Yahoo! Mail Quick Select Tool (PhotoMail) ZoneAlarm ZyGoVideo 2.0 PDFCreator Adobe Photoshop CS3 Adobe XMP DVA Panels CS3 Apple Software Update Adobe Soundbooth CS3 Codecs Adobe Help Viewer CS3 Macromedia Dreamweaver MX 2004 Digidesign Dynamics III 6.9 Sony Noise Reduction Plug-In 2.0h Adobe Bridge Start Meeting QuickTime OpenOffice.org 2.0 ACT! Sonic Foundry VideoFactory 2.0c ACID Pro 7.0 Ulead PhotoImpact 12 Windows Installer Clean Up ebgcSDK Google Toolbar for Internet Explorer Adobe WinSoft Linguistics Plugin MSXML 6 Service Pack 2 (KB954459) InterVideo WinDVD 5 Adobe ExtendScript Toolkit 2 Google Earth Adobe After Effects 6.0 Platform Google Toolbar for Internet Explorer Java(TM) 6 Update 16 ebgcSDK Adobe Stock Photos CS3 Macromedia Flash 8 Rhapsody Player Engine Ulead Photo Express 5 SE WebFldrs XP MSXML 4.0 SP2 (KB927978) ebgcInfra Apple Mobile Device Support Sony Sound Forge 7.0 Adobe® Photoshop® Album Starter Edition 3.0 Macromedia Fireworks 8 Ulead VideoStudio 8.0 SE DVD Adobe Setup Windows Live Messenger Adobe Color EU Extra Settings XVID Codec Installation ebgcRes Adobe Audition 3.0 Adobe Linguistics CS3 Macromedia Extension Manager neroxml iTunes Paragon Total Defrag 2009 Windows Genuine Advantage v1.3.0254.0 Adobe Setup ebgcRes Screenblast ACID 4.0 Sony Vegas 5.0d Macromedia Flash Player 8 Windows Media Player Firefox Plugin Adobe Fonts All Adobe Color Common Settings Adobe Asset Services CS3 Microsoft Visual C++ 2005 Redistributable Microsoft Works 7.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft DirectX SDK (June 2006) Text-To-Speech-Runtime Camtasia Studio 5 CorelDRAW Graphics SUite X4 - ICA CorelDRAW Graphics Suite X4 - Capture CorelDRAW Graphics Suite X4 - Draw CorelDRAW Graphics Suite X4 - PP CorelDRAW Graphics Suite X4 - Content CorelDRAW Graphics Suite X4 - Filters CorelDRAW Graphics Suite X4 - FontNav CorelDRAW Graphics Suite X4 - Lang EN Digidesign Free Bomb Factory Plug-Ins 7.4 Adobe Setup MSXML 4.0 SP2 (KB954430) Microsoft Visual C Runtime Macromedia Flash 8 Video Encoder Microsoft Money 2004 System Pack Adobe Device Central CS3 Adobe Type Support Adobe Common File Installer Microsoft Software Update for Web Folders (English) 12 Microsoft Office Excel MUI (English) 2007 Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Word MUI (English) 2007 Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Proof (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proof (French) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Proofing (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office OneNote MUI (English) 2007 Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office FrontPage 2003 Adobe Anchor Service CS3 Microsoft Office PowerPoint Viewer 2003 Macromedia Flash Player 8 Plugin Microsoft Office Home and Student 2007 Microsoft Office 2007 Service Pack 2 (SP2) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB969613) Security Update for 2007 Microsoft Office System (KB969559) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office PowerPoint 2007 (KB957789) Security Update for Microsoft Office Excel 2007 (KB969682) Update for 2007 Microsoft Office System (KB967642) Security Update for 2007 Microsoft Office System (KB969679) Security Update for Microsoft Office Word 2007 (KB969604) Security Update for Microsoft Office system 2007 (KB974234) Macromedia FreeHand MXa Windows Live Sign-in Assistant Adobe Color NA Recommended Settings Adobe Bridge CS3 CorelDRAW Graphics Suite X4 - IPM Adobe Photoshop Lightroom 2.5 Adobe Captivate 2 Adobe CMaps Adobe Color - Photoshop Specific Microsoft .NET Framework 3.0 Service Pack 2 Adobe Soundbooth CS3 Windows Live installer PDF Settings Adobe Acrobat 9 Pro Extended - English, Français, Deutsch Adobe Acrobat 9 Pro Extended - English, Français, Deutsch Adobe Reader 8.1.2 Adobe Camera Raw 4.0 Visual Basic for Applications (R) Core - English Adobe Default Language CS3 CorelDRAW Graphics Suite X4 - VBA MSXML 4.0 SP2 (KB936181) Microsoft .NET Framework 2.0 Service Pack 2 SmartFTP Client 2.0 TimePanic Microsoft XML Parser Paragon Partition Manager 8.0 Professional Microsoft .NET Framework 1.1 SUPERAntiSpyware Professional Microsoft .NET Framework 3.5 SP1 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Aud-X Adobe Version Cue CS3 Client Adobe Setup Adobe PDF Library Files Adobe Setup Adobe XMP Panels CS3 Web Chrono Desktop U3Launcher Visual Basic for Applications (R) Core Adobe Color JA Extra Settings ISO Recorder Free Natural text to speech reader Photo Slide Show Application Adobe Update Manager CS3 Adobe Setup Adobe Illustrator CS3 Update Manager Realtek AC'97 Audio ======== Other Info ======== TOTAL PHYSICAL RAM: 770 MB Boot Info [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOW S2 [operating systems] C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS2="Micr osoft Windows XP Professional" /fastdetect /NoExecute=OptIn multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Micro soft Windows XP Professional" /fastdetect OS Type: Microsoft Windows XP Professional Build: 5.1.2600 Service Pack: 3.0 ====== Files with Hidden Attributes====== C:\IO.SYS C:\MSDOS.SYS C:\pagefile.sys C:\NTDETECT.COM |
#19
|
|||
|
|||
hey, when I do a Google search now and click on the links I actually am able go there now. not being redirected but still can't run Malwarebytes or super anti spyware without that error Should I uninstall and re-install?
|
#20
|
||||
|
||||
Quote:
Yes, please do. However, I would like to check and see if you have any rootkits -> Click here and download the installer for Gmer to your desktop, then click that file to run Gmer. If on it's opening scan Gmer locates items shown in red or indicates "hidden" or "rootkit", stop there, and click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please. We don't want any crashes just from taking an initial look at things. If not, then click on Scan (before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan). When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please. You can break logs into parts and use separate posts here when replying and posting the log files, if needed. |
#21
|
|||
|
|||
below is the gmer opening scan log but it wasn't in red it is listed under the Malware/Rootkit tab in gmer but it just looks like my avast anti virus. I will post the gmer scan log next
GMER 1.0.15.15087 - http://www.gmer.net Rootkit quick scan 2009-10-27 15:44:29 Windows 5.1.2600 Service Pack 3 Running: gmer.exe; Driver: C:\DOCUME~1\GRETA~1.VEL\LOCALS~1\Temp\pxliypog.sys ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) ---- EOF - GMER 1.0.15 ---- |
#22
|
|||
|
|||
here is an error I got while runing gmer
while the gmer scan was running I got this error:
svhost.exe-Application error: the instruction at "0x751aaedc" referenced memory at "0x751aaedc" The required data was not placed into memory because an I/O error status of "0xc000009a" Click on OK to terminate the program click on cancel to debug the program. The gmer scan appeared to stop so this is the log it produced: GMER 1.0.15.15087 - http://www.gmer.net Rootkit scan 2009-10-27 17:46:22 Windows 5.1.2600 Service Pack 3 Running: gmer.exe; Driver: C:\DOCUME~1\GRETA~1.VEL\LOCALS~1\Temp\pxliypog.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xF50C76B8] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xF50C7574] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xF50C7A52] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xF50C714C] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xF50C764E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xF50C708C] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xF50C70F0] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xF50C776E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xF50C772E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xF50C78AE] ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\WINDOWS2\system32\services.exe[636] @ C:\WINDOWS2\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00380002 IAT C:\WINDOWS2\system32\services.exe[636] @ C:\WINDOWS2\system32\services.exe [KERNEL32.dll!CreateProcessW] 00380000 IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\Explorer.EXE [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group) AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group) AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group) AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) |
#23
|
|||
|
|||
---- Registry - GMER 1.0.15 ----
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@ Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs C:\WINDOWS2\system32\acaptuser32.dll Reg HKLM\SOFTWARE\Classes\CLSID\{EF27587A-20B5-B0C9-4E69-D0844D68FE60}\InprocServer32@ C:\WINDOWS2\system32\msvidctl.dll Reg HKLM\SOFTWARE\Classes\CLSID\{EF27587A-20B5-B0C9-4E69-D0844D68FE60}\InprocServer32@ThreadingModel Apartment Reg HKLM\SOFTWARE\Classes\CLSID\{EF27587A-20B5-B0C9-4E69-D0844D68FE60}\TypeLib@ {B0EDF154-910A-11D2-B632-00C04F79498E} ---- Files - GMER 1.0.15 ---- File C:\Program Files\Individual Software\Professor Teaches Photoshop CS\1F\1f20.wav 0 bytes File C:\Program Files\Individual Software\Professor Teaches Photoshop CS\1F\1f39.wav 0 bytes File C:\Program Files\Individual Software\Professor Teaches Photoshop CS\1F\1f58.wav 0 bytes File C:\Program Files\Individual Software\Professor Teaches Photoshop CS\1F\dragblank.png 0 bytes ---- EOF - GMER 1.0.15 ---- |
#24
|
|||
|
|||
ok malwarebytes found these infections but...
I managed to get malwarebytes to run and it found the infections listed in the log below. I am afraid to have malwarebytes remove my C:\windows2\win32k.sys file that is infected with Trojan.Dropper. if removed will it mess up my pc? I have malwarebytes still open waiting to remove the infections till you say it is ok.
Malwarebytes' Anti-Malware 1.41 Database version: 3045 Windows 5.1.2600 Service Pack 3 10/27/2009 8:23:11 PM mbam-log-2009-10-27 (20-22-48).txt Scan type: Quick Scan Objects scanned: 213263 Time elapsed: 18 minute(s), 41 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 3 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> No action taken. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll (Adware.MyWebSearch) -> No action taken. C:\Program Files\MultiDynamics_5.dll (Spyware.OnlineGames) -> No action taken. C:\WINDOWS2\win32k.sys (Trojan.Dropper) -> No action taken. |
#25
|
|||
|
|||
I went ahead and let malwarebytes remove the infected files. what next? Thank you so much for helping me.
|
#26
|
||||
|
||||
Quote:
|
#27
|
|||
|
|||
I have tried to run combofix several times and got different errors. I downloaded another copy and renamed it and ran it and it got up to step 50 and was rebooting when it said that the system couldn't find a certain file, I didn't have time to write it down and it rebooted. while I was waiitng for the log file I got a BSOD Bad Pool Caller (I think my ram might be going bad. Anyway I can't seem to run combofix without errors. is there something else I can run instead?
|
#28
|
||||
|
||||
Sure ->
Please run: superantispyware onlinescan Follow the instructions on the site. When downloaded, click on – Check for updates – Button. Under Configuration and Preferences, click the Preferences button. Click the Scanning Control tab. Under Scanner Options make sure the following are checked: Close browsers before scanning Scan for tracking cookies Terminate memory threats before quarantining. Ignore System Restore/Volume Information on ME and XP Please leave the others unchecked. On the main screen, under Scan for Harmful Software click Scan your computer. On the left check C:\Fixed Drive. On the right, under Complete Scan, choose Perform Complete Scan. Click Next to start the scan. Please be patient while it scans your computer. After the scan is complete a summary box will appear. Click OK. Make sure everything in the white box has a check next to it, then click Next. It will quarantine what it found and if it asks if you want to reboot, click NO. When the scan have finished -> Click Preferences . Click the Statistics/Logs tab . Under Scanner Logs , double-click SUPERAntiSpyware Scan Log . It will open in your default text editor (such as Notepad/Wordpad). Save the logfile to desktop Click close and close again to exit the program. Reboot, if needed. Post Superantispyware log, along with new hijackthis log and tell how things are running ? Click here: HJTInstall.exe to download HJTinstall.exe Save HJTinstall.exe to your desktop. Double click on the HJTinstall.exe icon on your desktop. By default it will install to C:\Program Files\Trend Micro\Hijack This. Click I accept Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log. Click Save to save the log file and then the log will open in notepad. Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log. DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required. |
Bookmarks |
«
Previous Topic
|
Next Topic
»
|
|
Similar Topics | ||||
Topic | Topic Starter | Forum | Replies | Last Post |
Avira AntiVirus picked up Trojan in Super Anti Spyware major update? | Saber1 | Malware Removal | 1 | August 18th, 2011 08:26 PM |
Hijacked Browser - HijackThis Fix didn't work completely | Racerx369 | Malware Removal | 28 | May 25th, 2008 03:09 AM |
Hijacked Browser - HijackThis Fix didn't work | Racerx369 | Internet / Browsers | 1 | May 13th, 2008 08:26 PM |
SPYWARE Box has hijacked my browser - please review my log | smithmi1363 | Malware Removal | 12 | July 11th, 2006 01:05 AM |
Browser Hijacked/Spyware | mechnut | Windows XP | 2 | December 11th, 2004 12:27 AM |
All times are GMT +1. The time now is 03:04 AM.