All installs hang up pc

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

mltj74

Thread Starter
Joined
Nov 27, 2011
Messages
9
Hey guys i really need help, i cant figure this out for nothing. Recently i got back from a trip to find someone had got a virus on my pc. After days of not being able to do nothing seems everything was disabled, i removed 96 infections and now have control. In the meantime i lost almost all my antivirus and spyware tools all i have left is malwarebytes. Everything scans clean but now i cant install anything. my computer will hang when install is half way through and forces me to manually power down. even system restore will restart start restoring and hang.
 

mltj74

Thread Starter
Joined
Nov 27, 2011
Messages
9
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Professional, Service Pack 3, 32 bit
Processor: Intel(R) Pentium(R) D CPU 3.20GHz, x86 Family 15 Model 4 Stepping 4
Processor Count: 2
RAM: 3326 Mb
Graphics Card: NVIDIA GeForce 7800 GTX, 256 Mb
Hard Drives: C: Total - 900000 MB, Free - 286047 MB; D: Total - 53858 MB, Free - 13218 MB;
Motherboard: Dell Inc., 0YC523

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:30:26 PM, on 11/27/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
D:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
D:\WINDOWS\eHome\ehSched.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\War-ftpd\war-ftpd.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\system32\dllhost.exe
D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\WINDOWS\system32\msiexec.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - D:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - D:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - D:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - D:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - D:\WINDOWS\system32\STacSV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - D:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: WARSVR - Jgaa's Internet (www.jgaa.com) - D:\Program Files\War-ftpd\war-ftpd.exe
 
Joined
Nov 28, 2011
Messages
1
Hi MLTJ74,
I would suggest you to Download COMBOFIX (a Dos based stand alone Antivirus Tool -Size 4MB) and Run Scan. It will most probably fix . Uninstall or Disable Malware bite before running Combofix. you may download it from www.dipak.tk then gop to Download....best of luck

Rgds,
dipak
 
Joined
Apr 19, 2011
Messages
351
Hi MLTJ74,
I would suggest you to Download COMBOFIX (a Dos based stand alone Antivirus Tool -Size 4MB) and Run Scan. It will most probably fix . Uninstall or Disable Malware bite before running Combofix. you may download it from www.dipak.tk then gop to Download....best of luck

Rgds,
dipak
Dipak, you are unauthorised to remove viruses and malware.

mltj74, I suggest you report this thread and ask for it to be moved to the virus & other malware removal part of the forum, you will get a better response there.http://forums.techguy.org/members/704654-mltj74.html
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
83,330
Let's get a better idea of what's currently installed in that computer.

Start HiJackThis, but don't run a scan.

Click on the "Open The Misc Tools Section" button.

Click on the "Open Uninstall Manager" button.

Click on the "Save List" button.

Save the "uninstall_list.txt" file somewhere.

It'll then open in Notepad.

Return here to your thread, then copy-and-paste the entire file here.

--------------------------------------------------------

Click "Report" and then request to have your thread moved to the "Virus & Other Malware Removal" section.

Also read here because there is certain information and logs that are required before a gold/blue shield member can assist you.

-------------------------------------------------------
 

mltj74

Thread Starter
Joined
Nov 27, 2011
Messages
9
Thanks i reported the thread to be moved to Virus & Other Malware Removal section but for now i will post all the required info for that section to be ready. please ignore :)

my uninstall list just incase

Acronis True Image Home
Ad-Aware
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.1)
Adobe Shockwave Player 11.6
Age of Empires III
Android SDK Tools
Apple Application Support
Apple Software Update
CCleaner
Cheat Engine 6.1
Conexant D850 PCI V.92 Modem
DAEMON Tools Pro
Day of Defeat
Dell Resource CD
DriverAgent by eSupport.com
EVEREST Home Edition v2.20
Free RAR Extract Frog
Graboid Video 1.5
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
HWiNFO32 Version 3.86
Intel(R) PRO Network Connections Drivers
Java(TM) 6 Update 26
Left 4 Dead
Left 4 Dead 2
LimeWire 5.1.2
Malwarebytes' Anti-Malware version 1.51.2.1300
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Age of Empires II
Microsoft Age of Empires II: The Conquerors Expansion
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla ActiveX Control v1.7.12
Mozilla Firefox 8.0 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
neroxml
No-IP DUC
NVIDIA Graphics Driver 280.26
NVIDIA nView 135.94
NVIDIA nView Desktop Manager
NVIDIA Update 1.4.28
PeerGuardian 2.0
QuickTime
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544521)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2559049)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
Steam
swMSM
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
VC 9.0 Runtime
VideoLAN VLC media player 0.8.6d
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VobSub v2.23 (Remove Only)
Ward180
Windows Internet Explorer 8
Windows Media Format Runtime
Windows Media Player Hotfix [See KB832353 for more information]
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinRAR 4.01 (32-bit)
Xilisoft DivX to DVD Converter
Xilisoft DVD to DivX Converter
XviD MPEG4 Video Codec (remove only)
ZoneAlarm Antivirus
ZoneAlarm Firewall
ZoneAlarm Internet Security Suite
ZoneAlarm Security
ZoneAlarm Toolbar

new hijackthis log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:57:24 AM, on 11/28/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
D:\WINDOWS\eHome\ehSched.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\War-ftpd\war-ftpd.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\system32\dllhost.exe
D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\WINDOWS\system32\NOTEPAD.EXE
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
D:\WINDOWS\system32\notepad.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - D:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - D:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - D:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - D:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - D:\WINDOWS\system32\STacSV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - D:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: WARSVR - Jgaa's Internet (www.jgaa.com) - D:\Program Files\War-ftpd\war-ftpd.exe




.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
Run by michael thomas at 9:58:01 on 2011-11-28
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3326.2138 [GMT -6:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
.
============== Running Processes ===============
.
D:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
D:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
D:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
D:\WINDOWS\system32\ctfmon.exe
svchost.exe
D:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
D:\WINDOWS\eHome\ehSched.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
D:\WINDOWS\system32\nvsvc32.exe
svchost.exe
D:\Program Files\War-ftpd\war-ftpd.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\system32\dllhost.exe
D:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\WINDOWS\system32\NOTEPAD.EXE
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
D:\WINDOWS\system32\notepad.exe
D:\WINDOWS\system32\NOTEPAD.EXE
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uInternet Connection Wizard,ShellNext = iexplore
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - d:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - d:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - d:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - d:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
uRun: [ctfmon.exe] d:\windows\system32\ctfmon.exe
mRun: [Malwarebytes' Anti-Malware] "d:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [NvCplDaemon] RUNDLL32.EXE d:\windows\system32\NvCpl.dll,NvStartup
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe
LSP: mswsock.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 68.87.68.166 68.87.74.166
TCP: Interfaces\{351D8586-B683-4286-A58F-8150BB33E242} : DhcpNameServer = 68.87.68.166 68.87.74.166
.
================= FIREFOX ===================
.
FF - ProfilePath - d:\documents and settings\michael thomas\application data\mozilla\firefox\profiles\ortifquk.default\
FF - plugin: d:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: d:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll
FF - plugin: d:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
.
============= SERVICES / DRIVERS ===============
.
R0 KL1;kl1;d:\windows\system32\drivers\kl1.sys [2010-10-14 132184]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;d:\windows\system32\drivers\dtsoftbus01.sys [2011-10-9 233024]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;d:\program files\hwinfo32\HWiNFO32.SYS [2011-9-27 21112]
R1 kl2;kl2;d:\windows\system32\drivers\kl2.sys [2010-10-14 11352]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;d:\program files\checkpoint\zaforcefield\ISWKL.sys [2011-7-25 27016]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;d:\program files\checkpoint\zaforcefield\ISWSVC.exe [2011-7-25 493184]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;d:\program files\lavasoft\ad-aware\AAWService.exe [2011-11-3 2152152]
R2 MBAMService;MBAMService;d:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-27 366152]
R2 McrdSvc;Media Center Extender Service;d:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 nvUpdatusService;NVIDIA Update Service Daemon;d:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-9-28 2255464]
R2 VBoxDrv;VBox Support Driver;d:\program files\youwave_android\vb\VBoxDrv.sys [2011-7-15 135680]
R2 WARSVR;WARSVR;d:\program files\war-ftpd\war-ftpd.exe [2011-10-27 548864]
R3 Angel;Angel MPEG Device;d:\windows\system32\drivers\Angel.sys [2009-5-13 376320]
R3 MBAMProtector;MBAMProtector;d:\windows\system32\drivers\mbam.sys [2011-9-27 22216]
R3 MBAMSwissArmy;MBAMSwissArmy;d:\windows\system32\drivers\mbamswissarmy.sys [2011-11-27 41272]
S0 Lbd;Lbd;d:\windows\system32\drivers\Lbd.sys [2011-9-27 64512]
S2 vsmon;TrueVector Internet Monitor;d:\program files\checkpoint\zonealarm\vsmon.exe -service --> d:\program files\checkpoint\zonealarm\vsmon.exe -service [?]
S3 EagleXNt;EagleXNt;\??\d:\windows\system32\drivers\eaglexnt.sys --> d:\windows\system32\drivers\EagleXNt.sys [?]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;d:\program files\lavalys\everest home edition\kerneld.wnt [2005-8-18 7168]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;d:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-11-3 15232]
.
=============== Created Last 30 ================
.
2074-05-07 23:38:48 203576 ------w- d:\program files\microsoft games\age of empires iii\autopatcher2.exe
2011-11-28 05:33:59 41272 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
2011-11-28 00:38:07 -------- d-----w- d:\windows\pss
2011-11-28 00:20:45 388096 ----a-r- d:\documents and settings\michael thomas\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-11-28 00:20:45 -------- d-----w- d:\program files\Trend Micro
2011-11-27 09:05:57 -------- d-----w- d:\program files\CCleaner
2011-11-27 08:15:03 317440 -c----w- d:\windows\system32\dllcache\mp4sdecd.dll
2011-11-26 06:30:35 254976 ----a-w- d:\windows\system32\SET18.tmp
2011-11-21 03:39:44 -------- d-sh--w- d:\documents and settings\michael thomas\local settings\application data\f1f8d423
2011-11-02 01:24:19 -------- d-----w- d:\program files\Cheat Engine 6.1
2011-10-30 16:48:53 414368 ----a-w- d:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-30 04:51:07 -------- d-----w- d:\documents and settings\michael thomas\.Virtualbox
2011-10-30 04:50:37 -------- d-----w- d:\program files\YouWave_Android
.
==================== Find3M ====================
.
2011-11-03 18:06:56 64512 ----a-w- d:\windows\system32\drivers\Lbd.sys
2011-10-24 19:29:02 94208 ----a-w- d:\windows\system32\QuickTimeVR.qtx
2011-10-24 19:29:02 69632 ----a-w- d:\windows\system32\QuickTime.qts
2011-10-10 14:22:41 692736 ----a-w- d:\windows\system32\inetcomm.dll
2011-10-09 21:48:11 233024 ----a-w- d:\windows\system32\drivers\dtsoftbus01.sys
2011-09-29 02:08:03 280276 ----a-w- d:\windows\system32\nvdrsdb1.bin
2011-09-29 02:08:03 1 ----a-w- d:\windows\system32\nvdrssel.bin
2011-09-29 02:07:50 280276 ----a-w- d:\windows\system32\nvdrsdb0.bin
2011-09-28 07:06:50 599040 ----a-w- d:\windows\system32\crypt32.dll
2011-09-28 02:28:15 101720 ----a-w- d:\windows\system32\drivers\SBREDrv.sys
2011-09-28 02:28:12 16432 ----a-w- d:\windows\system32\lsdelete.exe
2011-09-26 16:41:20 611328 ----a-w- d:\windows\system32\uiautomationcore.dll
2011-09-26 16:41:20 220160 ----a-w- d:\windows\system32\oleacc.dll
2011-09-26 16:41:14 20480 ----a-w- d:\windows\system32\oleaccrc.dll
2011-09-06 13:20:51 1858944 ----a-w- d:\windows\system32\win32k.sys
2011-09-01 00:12:00 1698408 ----a-w- d:\windows\RtlExUpd.dll
2011-08-31 22:00:50 22216 ----a-w- d:\windows\system32\drivers\mbam.sys



shutting down for GMER will post result when finished
 

Attachments

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
83,330
I've also requested your thread be moved to the malware removal section.

----------------------------------------------------------

Uninstall Ad-Aware(by Lavasoft) and LimeWire 5.1.2.

Update Java(TM) 6 Update 26 to Java Runtime Environment 6 Update 29.

----------------------------------------------------------
 

mltj74

Thread Starter
Joined
Nov 27, 2011
Messages
9
Ok limewire and deamontools are gone I tried to remove adaware before but got a error. Think the virus messed something up for uninstall. Ill do a search and see if I can get it off after gmer finishes.
 

mltj74

Thread Starter
Joined
Nov 27, 2011
Messages
9
GMER results



GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-11-28 12:23:01
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 Intel___ rev.1.0.
Running: z598v0p1.exe; Driver: D:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\kxrdrkob.sys


---- Kernel code sections - GMER 1.0.15 ----

.text D:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB5A133A0, 0x8A1A15, 0xE8000020]
.PAGE1 D:\WINDOWS\system32\DRIVERS\mrxsmb.sys unknown last section [0x99E42300, 0x100, 0xC0000040]
? D:\WINDOWS\system32\DRIVERS\mrxsmb.sys suspicious PE modification
? D:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AD1 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD10D D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25464E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5397 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52C9 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E5334 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E519A D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E51FC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E53FA D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E525E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBA0 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[288] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E56FF D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AD1 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD10D D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25464E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5397 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52C9 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E5334 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E519A D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E51FC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E53FA D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E525E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBA0 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[348] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E56FF D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1368] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1368] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1368] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5397 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1368] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52C9 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1368] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E5334 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1368] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E519A D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1368] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E51FC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1368] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E53FA D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1368] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E525E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AD1 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD10D D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25464E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5397 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52C9 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E5334 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E519A D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E51FC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E53FA D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E525E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBA0 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1536] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E56FF D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AD1 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD10D D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25464E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5397 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52C9 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E5334 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E519A D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E51FC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E53FA D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E525E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBA0 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[1636] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E56FF D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AD1 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD10D D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25464E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5397 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52C9 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E5334 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E519A D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E51FC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E53FA D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E525E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBA0 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2244] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E56FF D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AD1 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD10D D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25464E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5397 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52C9 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E5334 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E519A D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E51FC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E53FA D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E525E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBA0 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2332] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E56FF D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AD1 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD10D D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25464E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E5397 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E52C9 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E5334 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E519A D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E51FC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E53FA D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E525E D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBA0 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\Internet Explorer\IEXPLORE.EXE[2712] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E56FF D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs tdrpm174.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 tdrpm174.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 tdrpm174.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat tdrpm174.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Modules - GMER 1.0.15 ----

Module (noname) (*** hidden *** ) A4DCB000-A4DDA000 (61440 bytes)
Module (noname) (*** hidden *** ) A4C60000-A4C69000 (36864 bytes)

---- Threads - GMER 1.0.15 ----

Thread System [4:732] A4C643E0
Thread System [4:736] A4C643E0
Thread System [4:740] 889E0330
Thread System [4:744] 889E0330

---- Files - GMER 1.0.15 ----

File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\3NZKIDUD\optn=64[1] 0 bytes
File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\3NZKIDUD\af_mvc[1].js 168173 bytes
File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\detect[1].act 0 bytes
File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\ros_48[1].htm 0 bytes
File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\b[6].gif 0 bytes
File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\gossipcenter[1].htm 662 bytes
File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\gossipcenter[2].htm 857 bytes
File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\ros3[1].htm 0 bytes
File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\json[4] 0 bytes
File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\ddc[1].htm 11257 bytes
File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\y[1].txt 25807 bytes
File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\5722932[1].jpg 3913 bytes
File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\ako[1] 1125 bytes
File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\ako[2] 821 bytes
File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\AdServerServlet[4].htm 1664 bytes
File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\AdServerServlet[5].htm 1600 bytes
File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\BottomCurveHP[1].gif 262 bytes
File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\9P2U1TC0\iframe!t=1209![8].txt 305 bytes
File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\W9M35SY6\AdServerServlet[1].htm 1533 bytes
File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\W9M35SY6\ros3[1] 605 bytes
File D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\W9M35SY6\ros[1] 1861 bytes
File D:\WINDOWS\$NtUninstallKB55844$\3593364832 0 bytes
File D:\WINDOWS\$NtUninstallKB55844$\4059616291 0 bytes
File D:\WINDOWS\$NtUninstallKB55844$\4059616291\@ 2048 bytes
File D:\WINDOWS\$NtUninstallKB55844$\4059616291\L 0 bytes
File D:\WINDOWS\$NtUninstallKB55844$\4059616291\L\zpahiwgf 456320 bytes
File D:\WINDOWS\$NtUninstallKB55844$\4059616291\loader(2).tlb 2632 bytes
File D:\WINDOWS\$NtUninstallKB55844$\4059616291\loader(4).tlb 2632 bytes
File D:\WINDOWS\$NtUninstallKB55844$\4059616291\loader(5).tlb 2632 bytes
File D:\WINDOWS\$NtUninstallKB55844$\4059616291\loader(6).tlb 2632 bytes
File D:\WINDOWS\$NtUninstallKB55844$\4059616291\loader.tlb 2632 bytes
File D:\WINDOWS\$NtUninstallKB55844$\4059616291\U 0 bytes
File D:\WINDOWS\$NtUninstallKB55844$\4059616291\U\@00000001 45968 bytes
File D:\WINDOWS\$NtUninstallKB55844$\4059616291\U\@000000c0 3072 bytes
File D:\WINDOWS\$NtUninstallKB55844$\4059616291\U\@000000cb 3072 bytes
File D:\WINDOWS\$NtUninstallKB55844$\4059616291\U\@000000cf 1536 bytes
File D:\WINDOWS\$NtUninstallKB55844$\4059616291\U\@80000000 23040 bytes
File D:\WINDOWS\$NtUninstallKB55844$\4059616291\U\@800000c0 32768 bytes
File D:\WINDOWS\$NtUninstallKB55844$\4059616291\U\@800000cb 24064 bytes
File D:\WINDOWS\$NtUninstallKB55844$\4059616291\U\@800000cf 31744 bytes

---- EOF - GMER 1.0.15 ----
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
83,330
You need to wait for a gold/blue shield malware removal expert to reply because I'm not trained to deal with DDS and GMER logs.

---------------------------------------------------------
 

mltj74

Thread Starter
Joined
Nov 27, 2011
Messages
9
ok got adaware off and tried to update java but got a error error 25099: unzipping core files failed so i redownloaded and killed all firewalls ect. still error 25099: unzipping core files failed i am also short like 3 windows updates but when i try to install it hangs so no go on them also

flavallee yes thanks for all your help i am just putting as much info as i can now so when they come its all here. plus i am sure anything your saying is not doing harm :)
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
83,330
You're welcome, and good luck. :)

-------------------------------------------------------

Because your computer was used and infected by others while you were on vacation, it's unknown how much damage has been done.

You may need to do a hard drive format and clean reinstall of Windows XP SP3 and get a fresh start.

-------------------------------------------------------
 

mltj74

Thread Starter
Joined
Nov 27, 2011
Messages
9
debated that i have a image of my pc shortly after i did a reformat. drivers are a pain for this pc dell drivers never work. is there a way to pull current drivers and copy them to flashdrive?
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
83,330
I have 4 desktops(Compaq, Dell, eMachines, Gateway).

The current drivers for each are saved in a CD-R.

If and when I need to do a clean reinstall in any of them, the drivers are readily available.

-------------------------------------------------------

What's currently listed in the Device Manager in these headings?

Display Adapters

IDE ATA/ATAPI Controllers

Network Adapters

Sound Video And Game Controllers


-------------------------------------------------------

What's the model name and model number of that Dell?

What's the 7-character service tag number on the sticker?

------------------------------------------------------
 

mltj74

Thread Starter
Joined
Nov 27, 2011
Messages
9
I got it on a search how to pull my current driver for audio (one i can never find) this time i will save it and take a image after its fixed :) I will wait afew days to see if anyone chimes in and comes up with a fix cause i really dread having to back everthing up on flash drives and external hdd (if i have enough storage).

Question if you know anything about acronis i currently have my hdd parted into 2 partitions (idk why i did that) is there a tool i can use to take it back to one (like the when you put a windows cd in u can delete part or split w/e before install). also if i do that will the image i make on a cd take with the partitions being different or not?
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top