There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
Virus & Other Malware Removal
Go to first new post Extremely unresponsive, massive hang-ups ...
Go to first new post Incredibar Removal - Support Pls!
Go to first new post need help regarding malware/spyware
Go to first new post Somethings Amiss....
Go to first new post "svchost application error 0x6fe217 ...
Go to first new post Family Cyber Removal
Go to first new post Cannot access any google sites - youtube ...
Go to first new post We Got System Checked :-(
Go to first new post Black desktop, missing all shortcuts, fi ...
Go to first new post Trojan: Win32/Alureon.FK - hijack this l ...
Go to first new post System Check problem
Go to first new post slow computer, downloads over a few mb f ...
Go to first new post Overall Sluggish Performance, Video Hicc ...
Go to first new post Extremely slow computer
Go to first new post RegClean Pro
Tag Cloud
access acer asus bios bsod computer crash dns drive driver drivers error ethernet excel freeze games gaming graphics hard drive hardware hdmi internet java laptop malware memory monitor motherboard network printer problem ram random registry router slow software sound trojan usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless
Search
Search for:
Tech Support Guy Forums > Security & Malware Removal > Virus & Other Malware Removal >
Desperate Help (In Progress)

Page 2 of 4 1 2 34
Reply  
Thread Tools
Gx14's Avatar
Member with 32 posts.
  
Join Date: Nov 2009
Experience: Beginner
06-Nov-2009, 11:11 PM #16
Things are running OK
Was there a clear problem in the logs?
I'm not really sure what to make of it
Register for free to hide this ad!
sjpritch25's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 9,113 posts.
  
Join Date: Sep 2005
Location: Florida
Experience: Advanced
07-Nov-2009, 11:42 AM #17
Combofix did remove what looked to be a leftover infection.

Go to Start ---> Run ---> Type ComboFix /u and press Enter.
Gx14's Avatar
Member with 32 posts.
  
Join Date: Nov 2009
Experience: Beginner
07-Nov-2009, 10:38 PM #18
Um at the moment it's not working
I got a pop up saying that it the file cannot be found....
sjpritch25's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 9,113 posts.
  
Join Date: Sep 2005
Location: Florida
Experience: Advanced
07-Nov-2009, 10:49 PM #19
That's because you didn't follow my instructions completely. ComboFix wasn't saved to your desktop

copy and paste this into the run command "c:\users\Michael\Downloads\ComboFix.exe" /u

You must include the quotes.
Gx14's Avatar
Member with 32 posts.
  
Join Date: Nov 2009
Experience: Beginner
08-Nov-2009, 06:27 PM #20
Well Combofix renamed "Fixit" is on my desktop but for some reason when I try to enter the command it isn't running.
I also tried to run the command you gave me and it says that it isn't found.
I followed your directions to the letter
sjpritch25's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 9,113 posts.
  
Join Date: Sep 2005
Location: Florida
Experience: Advanced
08-Nov-2009, 09:31 PM #21
did you rename Combofix to fixit.exe?

If so then paste this command in the run command "%userprofile%\desktop\Fixit.exe" /u and press enter.

You must include the quotes
Gx14's Avatar
Member with 32 posts.
  
Join Date: Nov 2009
Experience: Beginner
09-Nov-2009, 07:52 PM #22
Ok I think that worked
It said that combofix was uninstalled.
I ran MBAM to see if there was any problems left
Here's the log
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
sjpritch25's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 9,113 posts.
  
Join Date: Sep 2005
Location: Florida
Experience: Advanced
09-Nov-2009, 08:18 PM #23
if you didn't already, please remove everything malwarebytes found.

How is everything running?
Gx14's Avatar
Member with 32 posts.
  
Join Date: Nov 2009
Experience: Beginner
09-Nov-2009, 09:09 PM #24
Things are running fairly smoothly
Not as fast as before I got the virus takeover
I'll see after MBAM removes some things
Thanks your help is really appreciated
Is my computer not as badly as infected as I thought it was?
Gx14's Avatar
Member with 32 posts.
  
Join Date: Nov 2009
Experience: Beginner
23-Nov-2009, 04:56 PM #25
Hey Sjpritch25
A similar problem is reoccurring with my computer
This time Firefox won't even open
I think something might have slipped by
Some of my privileges are being denied
Can you help me out again?
sjpritch25's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 9,113 posts.
  
Join Date: Sep 2005
Location: Florida
Experience: Advanced
23-Nov-2009, 11:33 PM #26
what do you mean by privileges being denied?
Gx14's Avatar
Member with 32 posts.
  
Join Date: Nov 2009
Experience: Beginner
24-Nov-2009, 11:18 PM #27
I can't access some files
Also the Blue screen for Vista is popping up again saying that there was a fatal error and that it had to restart in order to prevent damage to the computer.
Sorry, I'm kind of new to this
sjpritch25's Avatar
Computer Specs
Moderator & Malware Removal Specialist with 9,113 posts.
  
Join Date: Sep 2005
Location: Florida
Experience: Advanced
25-Nov-2009, 12:17 AM #28
i need the specific files you can't access?

We need to see some additional information about what is happening in your machine.
Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool.
  • When done, DDS will open two (2) logs
    1. DDS.txt
    2. Attach.txt
  • Save both reports to your desktop.
  • The instructions here ask you to attach the Attach.txt.

  • Instead of attaching, please copy/past both logs into your next reply.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE
__________________
Microsoft Valuable Professional Consumer--Security 2007-2010
Please make a donation to keep the site running. All proceeds go directly to the site!!! Donate Here
Gx14's Avatar
Member with 32 posts.
  
Join Date: Nov 2009
Experience: Beginner
28-Nov-2009, 04:33 PM #29
At times I cannot access MBAM, iTunes, and Firefox
That problem has seemingly gone away
But now Firefox crashes every 10 minutes
Here are the two logs
Thank you
Gx14's Avatar
Member with 32 posts.
  
Join Date: Nov 2009
Experience: Beginner
28-Nov-2009, 04:33 PM #30
DDS (Ver_09-11-24.02) - NTFSx86
Run by Michael at 15:27:31.33 on Sat 11/28/2009
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3316.1748 [GMT -5:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\ooVoo\ooVoo.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Nexon\MapleStory\npkcmsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\regedit.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\wermgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Michael\Desktop\dds.scr
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://search.bearshare.com/
mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3080923
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride = <local>
BHO: {B45A4B16-23F2-41AD-F4E4-00AAC39C0004} - No File
TB: ooVoo Toolbar: {a1fb2f9a-d35e-11dd-8935-e46a56d89593} - c:\program files\oovootb\oovoodx.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: MediaBar: {0974ba1e-64ec-11de-b2a5-e43756d89593} - c:\program files\bearsharetb\BearShareDx.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
uRun: [oovoo.exe] c:\program files\oovoo\oovoo.exe /minimized
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
uRun: [asg984jgkfmgasi8ug98jgkfgfb] c:\users\michael\appdata\local\temp\cmd.exe
uRun: [hiebwxpq] c:\users\michael\appdata\local\bymgfs\idllsysguard.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [Dell DataSafe Online] "c:\program files\dell datasafe online\DataSafeOnline.exe" /m
mRun: [Dell Webcam Central] "c:\program files\dell webcam\dell webcam central\WebcamDell.exe" /mode2
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
dRun: [jsh87r3huiehf89esiudgd] c:\windows\temp\zer14pcmjg.exe
StartupFolder: c:\users\michael\appdata\roaming\micros~1\windows\startm~1\programs\startup \delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe
StartupFolder: c:\users\michael\appdata\roaming\micros~1\windows\startm~1\programs\startup \limewi~1.lnk - c:\program files\limewire\LimeWire.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
uPolicies-explorer: NoFolderOptions = 1 (0x1)
uPolicies-system: DisableRegistryTools = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorUser = 2 (0x2)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
dPolicies-explorer: NoFolderOptions = 1 (0x1)
dPolicies-system: DisableRegistryTools = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - c:\program files\winferno\pc confidential\PCConfidential.exe
IE: {925DAB62-F9AC-4221-806A-057BFB1014AA} - c:\program files\winferno\pc confidential\PCConfidential.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: cyworld.com
Trusted Zone: nate.com
DPF: {60F33B36-3E89-48EF-BE77-ACC23A366C2A} - hxxps://wstatic.plaync.co.kr/common/js/UniUpdTool/NCLoader.7.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CB5C683C-416A-4701-B018-0F1B21D64D6B} - hxxp://cyimg7.cyworld.com/cymusic/package/skcinst.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\windows\system32\rdolib.dll
IFEO: image file execution options - svchost.exe
Hosts: 74.125.45.100 safebrowsing-cache.google.com
Hosts: 74.125.45.100 www.securesoftwarebill.com
Hosts: 74.125.45.100 secure-plus-payments.com
Hosts: 74.125.45.100 www.getantivirusplusnow.com
Hosts: 74.125.45.100 www.secure-plus-payments.com

Note: multiple HOSTS entries found. Please refer to Attach.txt

================= FIREFOX ===================

FF - ProfilePath - c:\users\michael\appdata\roaming\mozilla\firefox\profiles\p6x7ke30.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://m.www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - component: c:\program files\mozilla firefox\extensions\browserhighlighter@ebay.com\components\Shim.dll
FF - component: c:\users\michael\appdata\roaming\mozilla\firefox\profiles\p6x7ke30.default\ extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\program files\google\google updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCMListControl.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npcyworld.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nppeeraod.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\users\michael\appdata\roaming\mozilla\firefox\profiles\p6x7ke30.default\ extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\windows\system32\npcyworld.dll
FF - plugin: c:\windows\system32\nppeeraod.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============

R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-5-2 161048]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-15 34064]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-4-5 24652]
R3 OA002Afx;Provides a software interface to control audio effects of OA002 camera.;c:\windows\system32\drivers\OA002Afx.sys [2007-6-8 148056]
R3 OA002Ufd;Creative Camera OA002 Upper Filter Driver;c:\windows\system32\drivers\OA002Ufd.sys [2008-3-25 142432]
R3 OA002Vid;Creative Camera OA002 Function Driver;c:\windows\system32\drivers\OA002Vid.sys [2008-3-25 265568]
R3 RLDesignVirtualAudioCableWdm;Live! Cam Virtual;c:\windows\system32\drivers\livecamv.sys [2008-9-26 31616]
S2 gupdate1c9ff6ec880a4ff;Google Update Service (gupdate1c9ff6ec880a4ff);c:\program files\google\update\GoogleUpdate.exe [2009-7-7 133104]
S2 MrHealthyService;MrHealthy;c:\program files\norton pc checkup\executables\mrhealthy\mrhealthy.exe -service --> c:\program files\norton pc checkup\executables\mrhealthy\MrHealthy.exe -service [?]
S2 NTAService;Nate Address Search Service;c:\program files\nate\addresssearch\ntasvr.exe /service --> c:\program files\nate\addresssearch\ntasvr.exe [?]

=============== Created Last 30 ================

2009-11-26 03:25:15 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-11-25 08:00:31 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-24 20:38:16 1399296 ----a-w- c:\windows\system32\msxml6.dll
2009-11-24 20:38:15 1257472 ----a-w- c:\windows\system32\msxml3.dll
2009-11-24 20:38:13 714240 ----a-w- c:\windows\system32\timedate.cpl
2009-11-24 01:41:41 0 d-s---w- C:\ComboFix
2009-11-24 01:33:18 77312 ----a-w- c:\windows\MBR.exe
2009-11-24 01:33:15 98816 ----a-w- c:\windows\sed.exe
2009-11-24 01:33:15 260608 ----a-w- c:\windows\PEV.exe
2009-11-24 01:33:15 161792 ----a-w- c:\windows\SWREG.exe
2009-11-23 23:40:40 30 ----a-w- c:\windows\system32\worker.info
2009-11-23 23:40:40 30 ----a-w- c:\windows\system32\thread.xml
2009-11-23 23:40:40 30 ----a-w- c:\windows\system32\config.data
2009-11-23 23:40:40 252 ----a-w- c:\windows\system32\uses32.dat
2009-11-23 23:40:40 100 ----a-w- c:\windows\system32\flags.ini
2009-11-20 23:25:06 55296 ----a-w- C:\xrvho.exe
2009-11-20 23:24:48 93696 ----a-w- C:\tcodbmfq.exe
2009-11-19 11:42:16 0 d-----w- c:\program files\WinPcap
2009-11-19 02:18:53 0 d-sh--w- c:\users\michael\appdata\roaming\System Defender
2009-11-18 22:14:13 1415 ----a-w- C:\System Defender.lnk
2009-11-18 22:14:08 0 d-sh--w- C:\System Defender
2009-11-18 22:13:43 0 d-sh--w- c:\programdata\0567d3a
2009-11-11 22:46:02 2035712 ----a-w- c:\windows\system32\win32k.sys
2009-11-11 22:45:56 351232 ----a-w- c:\windows\system32\WSDApi.dll
2009-11-09 23:50:16 0 d-s---w- C:\Fixit
2009-11-09 17:01:44 38248 ----a-w- c:\windows\system32\ShortCutIcon.dll
2009-11-08 01:32:59 0 d-----w- c:\program files\Nate
2009-11-08 01:32:50 0 d-----w- c:\program files\NATEON
2009-11-08 00:21:16 0 d-----w- c:\windows\system32\cyworld
2009-11-03 21:20:48 0 d-----w- c:\program files\Trend Micro
2009-11-03 01:54:59 65536 --sha-w- c:\users\michael\ntuser.dat{5dd3e94d-f944-11dd-ae0d-00234d47aafd}.TxR.blf
2009-11-03 01:54:59 1048576 --sha-w- c:\users\michael\ntuser.dat{5dd3e94d-f944-11dd-ae0d-00234d47aafd}.TxR.2.regtrans-ms
2009-11-03 01:54:59 1048576 --sha-w- c:\users\michael\ntuser.dat{5dd3e94d-f944-11dd-ae0d-00234d47aafd}.TxR.1.regtrans-ms
2009-11-03 01:54:59 1048576 --sha-w- c:\users\michael\ntuser.dat{5dd3e94d-f944-11dd-ae0d-00234d47aafd}.TxR.0.regtrans-ms
2009-11-03 00:18:24 0 d-----w- c:\users\michael\appdata\roaming\Malwarebytes
2009-11-03 00:18:18 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-03 00:18:16 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-03 00:18:16 0 d-----w- c:\programdata\Malwarebytes
2009-11-03 00:18:16 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-02 18:36:46 0 d-----w- c:\program files\CS
2009-11-02 18:17:52 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-11-01 19:37:30 0 d-----r- c:\program files\Skype
2009-11-01 19:37:27 0 d-----w- c:\programdata\Skype
2009-11-01 02:43:23 0 d-----w- c:\program files\SKT Sync 2.0
2009-11-01 02:43:16 0 d-----w- c:\program files\MelOn Player

==================== Find3M ====================

2009-11-09 17:01:44 509288 ----a-w- c:\windows\system32\skcppl.dll
2009-11-09 17:01:44 460136 ----a-w- c:\windows\system32\skcbgm.dll
2009-09-28 09:44:14 79208 ----a-w- c:\windows\system32\nppeeraod.dll
2009-09-21 18:56:40 312032 ----a-w- c:\windows\system32\RequestEnc_OCX.dll
2009-09-21 18:56:40 279264 ----a-w- c:\windows\system32\MelonDN1.exe
2009-09-21 18:56:38 492256 ----a-w- c:\windows\system32\MelonWebPlayer.dll
2009-09-10 17:30:12 213504 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-10 15:21:53 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-09-10 15:21:07 310784 ----a-w- c:\windows\system32\unregmp2.exe
2009-09-04 12:24:34 61440 ----a-w- c:\windows\system32\msasn1.dll
2009-08-31 13:55:50 293376 ----a-w- c:\windows\system32\psisdecd.dll
2009-08-31 13:55:46 428544 ----a-w- c:\windows\system32\EncDec.dll
2009-08-09 23:21:50 86016 ----a-w- c:\windows\inf\infstor.dat
2009-08-09 23:21:50 51200 ----a-w- c:\windows\inf\infpub.dat
2009-08-09 23:21:50 143360 ----a-w- c:\windows\inf\infstrng.dat
2008-09-23 22:23:21 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-01-21 02:43:21 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2008-09-26 21:36:09 74 --sh--r- c:\windows\CT4CET.bin
2009-02-13 08:49:05 0 --sha-w- c:\windows\system32\config\systemprofile\ntuser.dll
2008-09-23 22:18:29 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

============= FINISH: 15:29:15.66 ===============
Email This Email  Print This Print  Tweet This Send to Facebook Send to MySpace Send to StumbleUpon Digg This | More Services More
Reply
Page 2 of 4 1 2 34

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!

« Previous Thread | Virus & Other Malware Removal | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.
Thread Tools



Facebook Facebook Twitter Twitter TechGuy.tv TechGuy.tv Mobile TSG Mobile
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -4. The time now is 01:35 PM.
Copyright © 1996 - 2011 TechGuy, Inc. All rights reserved.

 Powered by Cermak Technologies, Inc.