1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

All installs hang up pc

Discussion in 'Virus & Other Malware Removal' started by mltj74, Nov 27, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. mltj74

    mltj74 Thread Starter

    Joined:
    Nov 27, 2011
    Messages:
    9
    Hey guys i really need help, i cant figure this out for nothing. Recently i got back from a trip to find someone had got a virus on my pc. After days of not being able to do nothing seems everything was disabled, i removed 96 infections and now have control. In the meantime i lost almost all my antivirus and spyware tools all i have left is malwarebytes. Everything scans clean but now i cant install anything. my computer will hang when install is half way through and forces me to manually power down. even system restore will restart start restoring and hang.
     
  2. mltj74

    mltj74 Thread Starter

    Joined:
    Nov 27, 2011
    Messages:
    9
    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows XP Professional, Service Pack 3, 32 bit
    Processor: Intel(R) Pentium(R) D CPU 3.20GHz, x86 Family 15 Model 4 Stepping 4
    Processor Count: 2
    RAM: 3326 Mb
    Graphics Card: NVIDIA GeForce 7800 GTX, 256 Mb
    Hard Drives: C: Total - 900000 MB, Free - 286047 MB; D: Total - 53858 MB, Free - 13218 MB;
    Motherboard: Dell Inc., 0YC523

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 6:30:26 PM, on 11/27/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    D:\WINDOWS\system32\spoolsv.exe
    D:\WINDOWS\Explorer.EXE
    D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    D:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    D:\WINDOWS\eHome\ehSched.exe
    D:\Program Files\Java\jre6\bin\jqs.exe
    D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    D:\WINDOWS\system32\nvsvc32.exe
    D:\Program Files\War-ftpd\war-ftpd.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    D:\WINDOWS\system32\wscntfy.exe
    D:\WINDOWS\system32\dllhost.exe
    D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    D:\Program Files\Mozilla Firefox\plugin-container.exe
    D:\WINDOWS\system32\msiexec.exe
    D:\WINDOWS\system32\svchost.exe
    D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - D:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - D:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - D:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - D:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - D:\WINDOWS\system32\STacSV.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - D:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
    O23 - Service: WARSVR - Jgaa's Internet (www.jgaa.com) - D:\Program Files\War-ftpd\war-ftpd.exe
     
  3. dipak69

    dipak69

    Joined:
    Nov 28, 2011
    Messages:
    1
    Hi MLTJ74,
    I would suggest you to Download COMBOFIX (a Dos based stand alone Antivirus Tool -Size 4MB) and Run Scan. It will most probably fix . Uninstall or Disable Malware bite before running Combofix. you may download it from www.dipak.tk then gop to Download....best of luck

    Rgds,
    dipak
     
  4. jamwaky

    jamwaky

    Joined:
    Apr 19, 2011
    Messages:
    351
    Dipak, you are unauthorised to remove viruses and malware.

    mltj74, I suggest you report this thread and ask for it to be moved to the virus & other malware removal part of the forum, you will get a better response there.
     
  5. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    80,930
    First Name:
    Frank
    Let's get a better idea of what's currently installed in that computer.

    Start HiJackThis, but don't run a scan.

    Click on the "Open The Misc Tools Section" button.

    Click on the "Open Uninstall Manager" button.

    Click on the "Save List" button.

    Save the "uninstall_list.txt" file somewhere.

    It'll then open in Notepad.

    Return here to your thread, then copy-and-paste the entire file here.

    --------------------------------------------------------

    Click "Report" and then request to have your thread moved to the "Virus & Other Malware Removal" section.

    Also read here because there is certain information and logs that are required before a gold/blue shield member can assist you.

    -------------------------------------------------------
     
  6. mltj74

    mltj74 Thread Starter

    Joined:
    Nov 27, 2011
    Messages:
    9
    Thanks i reported the thread to be moved to Virus & Other Malware Removal section but for now i will post all the required info for that section to be ready. please ignore :)

    my uninstall list just incase

    Acronis True Image Home
    Ad-Aware
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.1.1)
    Adobe Shockwave Player 11.6
    Age of Empires III
    Android SDK Tools
    Apple Application Support
    Apple Software Update
    CCleaner
    Cheat Engine 6.1
    Conexant D850 PCI V.92 Modem
    DAEMON Tools Pro
    Day of Defeat
    Dell Resource CD
    DriverAgent by eSupport.com
    EVEREST Home Edition v2.20
    Free RAR Extract Frog
    Graboid Video 1.5
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Player 10 (KB903157)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB961118)
    HWiNFO32 Version 3.86
    Intel(R) PRO Network Connections Drivers
    Java(TM) 6 Update 26
    Left 4 Dead
    Left 4 Dead 2
    LimeWire 5.1.2
    Malwarebytes' Anti-Malware version 1.51.2.1300
    Microsoft .NET Framework 1.0 Hotfix (KB2572066)
    Microsoft .NET Framework 1.0 Hotfix (KB953295)
    Microsoft .NET Framework 1.0 Hotfix (KB979904)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2572067)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 3.5 SP1
    Microsoft Age of Empires II
    Microsoft Age of Empires II: The Conquerors Expansion
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    Mozilla ActiveX Control v1.7.12
    Mozilla Firefox 8.0 (x86 en-US)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    neroxml
    No-IP DUC
    NVIDIA Graphics Driver 280.26
    NVIDIA nView 135.94
    NVIDIA nView Desktop Manager
    NVIDIA Update 1.4.28
    PeerGuardian 2.0
    QuickTime
    Realtek High Definition Audio Driver
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2559049)
    Security Update for Windows Internet Explorer 8 (KB2586448)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2510581)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2544521)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2559049)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB963027)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982665)
    Steam
    swMSM
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB2447568)
    Update for Windows Media Player 10 (KB913800)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2616676-v2)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Update Rollup 2 for Windows XP Media Center Edition 2005
    VC 9.0 Runtime
    VideoLAN VLC media player 0.8.6d
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    VobSub v2.23 (Remove Only)
    Ward180
    Windows Internet Explorer 8
    Windows Media Format Runtime
    Windows Media Player Hotfix [See KB832353 for more information]
    Windows XP Media Center Edition 2005 KB2502898
    Windows XP Media Center Edition 2005 KB973768
    Windows XP Service Pack 3
    WinRAR 4.01 (32-bit)
    Xilisoft DivX to DVD Converter
    Xilisoft DVD to DivX Converter
    XviD MPEG4 Video Codec (remove only)
    ZoneAlarm Antivirus
    ZoneAlarm Firewall
    ZoneAlarm Internet Security Suite
    ZoneAlarm Security
    ZoneAlarm Toolbar

    new hijackthis log

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 9:57:24 AM, on 11/28/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    D:\WINDOWS\Explorer.EXE
    D:\WINDOWS\system32\spoolsv.exe
    D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    D:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    D:\WINDOWS\eHome\ehSched.exe
    D:\Program Files\Java\jre6\bin\jqs.exe
    D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    D:\WINDOWS\system32\nvsvc32.exe
    D:\Program Files\War-ftpd\war-ftpd.exe
    D:\WINDOWS\system32\wscntfy.exe
    D:\WINDOWS\system32\dllhost.exe
    D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    D:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\WINDOWS\system32\wuauclt.exe
    D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    D:\WINDOWS\system32\NOTEPAD.EXE
    D:\Program Files\Mozilla Firefox\plugin-container.exe
    D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    D:\WINDOWS\system32\notepad.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - D:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - D:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - D:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - D:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - D:\WINDOWS\system32\STacSV.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - D:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
    O23 - Service: WARSVR - Jgaa's Internet (www.jgaa.com) - D:\Program Files\War-ftpd\war-ftpd.exe




    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
    Run by michael thomas at 9:58:01 on 2011-11-28
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3326.2138 [GMT -6:00]
    .
    AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
    .
    ============== Running Processes ===============
    .
    D:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    D:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    D:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    D:\WINDOWS\Explorer.EXE
    D:\WINDOWS\system32\spoolsv.exe
    D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    D:\WINDOWS\system32\ctfmon.exe
    svchost.exe
    D:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    D:\WINDOWS\eHome\ehSched.exe
    D:\Program Files\Java\jre6\bin\jqs.exe
    D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    D:\WINDOWS\system32\nvsvc32.exe
    svchost.exe
    D:\Program Files\War-ftpd\war-ftpd.exe
    D:\WINDOWS\system32\wscntfy.exe
    D:\WINDOWS\system32\dllhost.exe
    D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    D:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\WINDOWS\system32\wuauclt.exe
    D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    D:\WINDOWS\system32\NOTEPAD.EXE
    D:\Program Files\Mozilla Firefox\plugin-container.exe
    D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    D:\WINDOWS\system32\notepad.exe
    D:\WINDOWS\system32\NOTEPAD.EXE
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://google.com/
    uInternet Connection Wizard,ShellNext = iexplore
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - d:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - d:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - d:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - d:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
    uRun: [ctfmon.exe] d:\windows\system32\ctfmon.exe
    mRun: [Malwarebytes' Anti-Malware] "d:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
    mRun: [NvCplDaemon] RUNDLL32.EXE d:\windows\system32\NvCpl.dll,NvStartup
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe
    LSP: mswsock.dll
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    TCP: DhcpNameServer = 68.87.68.166 68.87.74.166
    TCP: Interfaces\{351D8586-B683-4286-A58F-8150BB33E242} : DhcpNameServer = 68.87.68.166 68.87.74.166
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - d:\documents and settings\michael thomas\application data\mozilla\firefox\profiles\ortifquk.default\
    FF - plugin: d:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
    FF - plugin: d:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll
    FF - plugin: d:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 KL1;kl1;d:\windows\system32\drivers\kl1.sys [2010-10-14 132184]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;d:\windows\system32\drivers\dtsoftbus01.sys [2011-10-9 233024]
    R1 HWiNFO32;HWiNFO32/64 Kernel Driver;d:\program files\hwinfo32\HWiNFO32.SYS [2011-9-27 21112]
    R1 kl2;kl2;d:\windows\system32\drivers\kl2.sys [2010-10-14 11352]
    R2 ISWKL;ZoneAlarm Toolbar ISWKL;d:\program files\checkpoint\zaforcefield\ISWKL.sys [2011-7-25 27016]
    R2 IswSvc;ZoneAlarm Toolbar IswSvc;d:\program files\checkpoint\zaforcefield\ISWSVC.exe [2011-7-25 493184]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;d:\program files\lavasoft\ad-aware\AAWService.exe [2011-11-3 2152152]
    R2 MBAMService;MBAMService;d:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-27 366152]
    R2 McrdSvc;Media Center Extender Service;d:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;d:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-9-28 2255464]
    R2 VBoxDrv;VBox Support Driver;d:\program files\youwave_android\vb\VBoxDrv.sys [2011-7-15 135680]
    R2 WARSVR;WARSVR;d:\program files\war-ftpd\war-ftpd.exe [2011-10-27 548864]
    R3 Angel;Angel MPEG Device;d:\windows\system32\drivers\Angel.sys [2009-5-13 376320]
    R3 MBAMProtector;MBAMProtector;d:\windows\system32\drivers\mbam.sys [2011-9-27 22216]
    R3 MBAMSwissArmy;MBAMSwissArmy;d:\windows\system32\drivers\mbamswissarmy.sys [2011-11-27 41272]
    S0 Lbd;Lbd;d:\windows\system32\drivers\Lbd.sys [2011-9-27 64512]
    S2 vsmon;TrueVector Internet Monitor;d:\program files\checkpoint\zonealarm\vsmon.exe -service --> d:\program files\checkpoint\zonealarm\vsmon.exe -service [?]
    S3 EagleXNt;EagleXNt;\??\d:\windows\system32\drivers\eaglexnt.sys --> d:\windows\system32\drivers\EagleXNt.sys [?]
    S3 EverestDriver;Lavalys EVEREST Kernel Driver;d:\program files\lavalys\everest home edition\kerneld.wnt [2005-8-18 7168]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;d:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-11-3 15232]
    .
    =============== Created Last 30 ================
    .
    2074-05-07 23:38:48 203576 ------w- d:\program files\microsoft games\age of empires iii\autopatcher2.exe
    2011-11-28 05:33:59 41272 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
    2011-11-28 00:38:07 -------- d-----w- d:\windows\pss
    2011-11-28 00:20:45 388096 ----a-r- d:\documents and settings\michael thomas\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2011-11-28 00:20:45 -------- d-----w- d:\program files\Trend Micro
    2011-11-27 09:05:57 -------- d-----w- d:\program files\CCleaner
    2011-11-27 08:15:03 317440 -c----w- d:\windows\system32\dllcache\mp4sdecd.dll
    2011-11-26 06:30:35 254976 ----a-w- d:\windows\system32\SET18.tmp
    2011-11-21 03:39:44 -------- d-sh--w- d:\documents and settings\michael thomas\local settings\application data\f1f8d423
    2011-11-02 01:24:19 -------- d-----w- d:\program files\Cheat Engine 6.1
    2011-10-30 16:48:53 414368 ----a-w- d:\windows\system32\FlashPlayerCPLApp.cpl
    2011-10-30 04:51:07 -------- d-----w- d:\documents and settings\michael thomas\.Virtualbox
    2011-10-30 04:50:37 -------- d-----w- d:\program files\YouWave_Android
    .
    ==================== Find3M ====================
    .
    2011-11-03 18:06:56 64512 ----a-w- d:\windows\system32\drivers\Lbd.sys
    2011-10-24 19:29:02 94208 ----a-w- d:\windows\system32\QuickTimeVR.qtx
    2011-10-24 19:29:02 69632 ----a-w- d:\windows\system32\QuickTime.qts
    2011-10-10 14:22:41 692736 ----a-w- d:\windows\system32\inetcomm.dll
    2011-10-09 21:48:11 233024 ----a-w- d:\windows\system32\drivers\dtsoftbus01.sys
    2011-09-29 02:08:03 280276 ----a-w- d:\windows\system32\nvdrsdb1.bin
    2011-09-29 02:08:03 1 ----a-w- d:\windows\system32\nvdrssel.bin
    2011-09-29 02:07:50 280276 ----a-w- d:\windows\system32\nvdrsdb0.bin
    2011-09-28 07:06:50 599040 ----a-w- d:\windows\system32\crypt32.dll
    2011-09-28 02:28:15 101720 ----a-w- d:\windows\system32\drivers\SBREDrv.sys
    2011-09-28 02:28:12 16432 ----a-w- d:\windows\system32\lsdelete.exe
    2011-09-26 16:41:20 611328 ----a-w- d:\windows\system32\uiautomationcore.dll
    2011-09-26 16:41:20 220160 ----a-w- d:\windows\system32\oleacc.dll
    2011-09-26 16:41:14 20480 ----a-w- d:\windows\system32\oleaccrc.dll
    2011-09-06 13:20:51 1858944 ----a-w- d:\windows\system32\win32k.sys
    2011-09-01 00:12:00 1698408 ----a-w- d:\windows\RtlExUpd.dll
    2011-08-31 22:00:50 22216 ----a-w- d:\windows\system32\drivers\mbam.sys



    shutting down for GMER will post result when finished
     

    Attached Files:

  7. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    80,930
    First Name:
    Frank
    I've also requested your thread be moved to the malware removal section.

    ----------------------------------------------------------

    Uninstall Ad-Aware(by Lavasoft) and LimeWire 5.1.2.

    Update Java(TM) 6 Update 26 to Java Runtime Environment 6 Update 29.

    ----------------------------------------------------------
     
  8. mltj74

    mltj74 Thread Starter

    Joined:
    Nov 27, 2011
    Messages:
    9
    Ok limewire and deamontools are gone I tried to remove adaware before but got a error. Think the virus messed something up for uninstall. Ill do a search and see if I can get it off after gmer finishes.
     
  9. mltj74

    mltj74 Thread Starter

    Joined:
    Nov 27, 2011
    Messages:
    9
    GMER results



    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2011-11-28 12:23:01
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 Intel___ rev.1.0.
    Running: z598v0p1.exe; Driver: D:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\kxrdrkob.sys


    ---- Kernel code sections - GMER 1.0.15 ----

    .text D:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB5A133A0, 0x8A1A15, 0xE8000020]
    .PAGE1 D:\WINDOWS\system32\DRIVERS\mrxsmb.sys unknown last section [0x99E42300, 0x100, 0xC0000040]
    ? D:\WINDOWS\system32\DRIVERS\mrxsmb.sys suspicious PE modification
    ? D:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

    ---- User code sections - GMER 1.0.15 ----

    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AD1 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD10D D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25464E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5397 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52C9 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E5334 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E519A D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E51FC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E53FA D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E525E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBA0 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E56FF D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AD1 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD10D D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25464E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5397 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52C9 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E5334 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E519A D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E51FC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E53FA D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E525E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBA0 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E56FF D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1368] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1368] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1368] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5397 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1368] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52C9 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1368] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E5334 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1368] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E519A D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1368] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E51FC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1368] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E53FA D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1368] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E525E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AD1 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD10D D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25464E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5397 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52C9 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E5334 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E519A D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E51FC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E53FA D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E525E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBA0 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E56FF D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AD1 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD10D D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25464E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5397 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52C9 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E5334 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E519A D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E51FC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E53FA D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E525E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBA0 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E56FF D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AD1 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD10D D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25464E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5397 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52C9 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E5334 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E519A D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E51FC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E53FA D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E525E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBA0 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E56FF D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AD1 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD10D D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25464E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5397 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52C9 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E5334 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E519A D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E51FC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E53FA D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E525E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBA0 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E56FF D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AD1 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD10D D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25464E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5397 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52C9 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E5334 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E519A D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E51FC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E53FA D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E525E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBA0 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E56FF D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \FileSystem\Ntfs \Ntfs tdrpm174.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
    AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 tdrpm174.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
    AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
    AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 tdrpm174.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
    AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
    AttachedDevice \FileSystem\Fastfat \Fat tdrpm174.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
    AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

    ---- Modules - GMER 1.0.15 ----

    Module (noname) (*** hidden *** ) A4DCB000-A4DDA000 (61440 bytes)
    Module (noname) (*** hidden *** ) A4C60000-A4C69000 (36864 bytes)

    ---- Threads - GMER 1.0.15 ----

    Thread System [4:732] A4C643E0
    Thread System [4:736] A4C643E0
    Thread System [4:740] 889E0330
    Thread System [4:744] 889E0330

    ---- Files - GMER 1.0.15 ----

    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\3NZKIDUD\optn=64[1] 0 bytes
    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\3NZKIDUD\af_mvc[1].js 168173 bytes
    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\detect[1].act 0 bytes
    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\ros_48[1].htm 0 bytes
    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\b[6].gif 0 bytes
    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\gossipcenter[1].htm 662 bytes
    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\gossipcenter[2].htm 857 bytes
    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\ros3[1].htm 0 bytes
    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\json[4] 0 bytes
    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\ddc[1].htm 11257 bytes
    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\y[1].txt 25807 bytes
    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\5722932[1].jpg 3913 bytes
    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\ako[1] 1125 bytes
    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\ako[2] 821 bytes
    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\AdServerServlet[4].htm 1664 bytes
    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\AdServerServlet[5].htm 1600 bytes
    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\BottomCurveHP[1].gif 262 bytes
    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\iframe!t=1209![8].txt 305 bytes
    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\W9M35SY6\AdServerServlet[1].htm 1533 bytes
    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\W9M35SY6\ros3[1] 605 bytes
    File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\W9M35SY6\ros[1] 1861 bytes
    File D:\WINDOWS\$NtUninstallKB55844$\3593364832 0 bytes
    File D:\WINDOWS\$NtUninstallKB55844$\4059616291 0 bytes
    File D:\WINDOWS\$NtUninstallKB55844$\4059616291\@ 2048 bytes
    File D:\WINDOWS\$NtUninstallKB55844$\4059616291\L 0 bytes
    File D:\WINDOWS\$NtUninstallKB55844$\4059616291\L\zpahiwgf 456320 bytes
    File D:\WINDOWS\$NtUninstallKB55844$\4059616291\loader(2).tlb 2632 bytes
    File D:\WINDOWS\$NtUninstallKB55844$\4059616291\loader(4).tlb 2632 bytes
    File D:\WINDOWS\$NtUninstallKB55844$\4059616291\loader(5).tlb 2632 bytes
    File D:\WINDOWS\$NtUninstallKB55844$\4059616291\loader(6).tlb 2632 bytes
    File D:\WINDOWS\$NtUninstallKB55844$\4059616291\loader.tlb 2632 bytes
    File D:\WINDOWS\$NtUninstallKB55844$\4059616291\U 0 bytes
    File D:\WINDOWS\$NtUninstallKB55844$\4059616291\U\@00000001 45968 bytes
    File D:\WINDOWS\$NtUninstallKB55844$\4059616291\U\@000000c0 3072 bytes
    File D:\WINDOWS\$NtUninstallKB55844$\4059616291\U\@000000cb 3072 bytes
    File D:\WINDOWS\$NtUninstallKB55844$\4059616291\U\@000000cf 1536 bytes
    File D:\WINDOWS\$NtUninstallKB55844$\4059616291\U\@80000000 23040 bytes
    File D:\WINDOWS\$NtUninstallKB55844$\4059616291\U\@800000c0 32768 bytes
    File D:\WINDOWS\$NtUninstallKB55844$\4059616291\U\@800000cb 24064 bytes
    File D:\WINDOWS\$NtUninstallKB55844$\4059616291\U\@800000cf 31744 bytes

    ---- EOF - GMER 1.0.15 ----
     
  10. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    80,930
    First Name:
    Frank
    You need to wait for a gold/blue shield malware removal expert to reply because I'm not trained to deal with DDS and GMER logs.

    ---------------------------------------------------------
     
  11. mltj74

    mltj74 Thread Starter

    Joined:
    Nov 27, 2011
    Messages:
    9
    ok got adaware off and tried to update java but got a error error 25099: unzipping core files failed so i redownloaded and killed all firewalls ect. still error 25099: unzipping core files failed i am also short like 3 windows updates but when i try to install it hangs so no go on them also

    flavallee yes thanks for all your help i am just putting as much info as i can now so when they come its all here. plus i am sure anything your saying is not doing harm :)
     
  12. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    80,930
    First Name:
    Frank
    You're welcome, and good luck. :)

    -------------------------------------------------------

    Because your computer was used and infected by others while you were on vacation, it's unknown how much damage has been done.

    You may need to do a hard drive format and clean reinstall of Windows XP SP3 and get a fresh start.

    -------------------------------------------------------
     
  13. mltj74

    mltj74 Thread Starter

    Joined:
    Nov 27, 2011
    Messages:
    9
    debated that i have a image of my pc shortly after i did a reformat. drivers are a pain for this pc dell drivers never work. is there a way to pull current drivers and copy them to flashdrive?
     
  14. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    80,930
    First Name:
    Frank
    I have 4 desktops(Compaq, Dell, eMachines, Gateway).

    The current drivers for each are saved in a CD-R.

    If and when I need to do a clean reinstall in any of them, the drivers are readily available.

    -------------------------------------------------------

    What's currently listed in the Device Manager in these headings?

    Display Adapters

    IDE ATA/ATAPI Controllers

    Network Adapters

    Sound Video And Game Controllers


    -------------------------------------------------------

    What's the model name and model number of that Dell?

    What's the 7-character service tag number on the sticker?

    ------------------------------------------------------
     
  15. mltj74

    mltj74 Thread Starter

    Joined:
    Nov 27, 2011
    Messages:
    9
    I got it on a search how to pull my current driver for audio (one i can never find) this time i will save it and take a image after its fixed :) I will wait afew days to see if anyone chimes in and comes up with a fix cause i really dread having to back everthing up on flash drives and external hdd (if i have enough storage).

    Question if you know anything about acronis i currently have my hdd parted into 2 partitions (idk why i did that) is there a tool i can use to take it back to one (like the when you put a windows cd in u can delete part or split w/e before install). also if i do that will the image i make on a cd take with the partitions being different or not?
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1028712

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice