Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rundll Error


  • This topic is locked This topic is locked
2 replies to this topic

#1 Samalis

Samalis

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:49 AM

Posted 10 June 2008 - 01:17 AM

Hi, when I log in I get about 3 errors that look like this: "Error loading C:\Users\BERNAD~1\AppData\Local\Temp\hgGaASKI.dll" the other 2 with different names.dll. I really would like to know what to do and how to resolve this issue! Thanks in advance for your help and for taking your time to read this! ~Sam

Deckard's System Scanner v20071014.68
Run by Bernadette on 2008-06-10 01:50:51
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
20: 2008-06-09 07:32:55 UTC - RP201 - Scheduled Checkpoint
19: 2008-06-07 07:21:56 UTC - RP200 - Scheduled Checkpoint
18: 2008-06-06 05:33:32 UTC - RP199 - Windows Update
17: 2008-06-05 05:31:55 UTC - RP198 - Windows Update
16: 2008-06-04 07:45:58 UTC - RP197 - Scheduled Checkpoint


-- First Restore Point --
1: 2008-05-20 07:10:31 UTC - RP182 - Scheduled Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Bernadette.exe) ------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:54:54 AM, on 6/10/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\dlcxcoms.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\Xfire\xfire.exe
C:\Users\Bernadette\Desktop\dss.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe
C:\Users\Bernadette\Desktop\dss.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Bernadette.exe
C:\Windows\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {487C9905-26A8-42C8-8033-C58AD3D2AEC3} - C:\Windows\system32\nnnmlIax.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\BERNAD~1\AppData\Local\Temp\hgGaASkI.dll,#1
O4 - HKCU\..\Run: [2835b506] rundll32.exe "C:\Users\BERNAD~1\AppData\Local\Temp\ooniybqh.dll",b
O4 - HKCU\..\Run: [BM2b06869a] Rundll32.exe "C:\Users\BERNAD~1\AppData\Local\Temp\unyuauru.dll",s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O13 - Gopher Prefix:
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Ice%20Cream%20Mania/Images/stg_drm.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Baby%20Luv/Images/armhelper.ocx
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: dlcx_device - - C:\Windows\system32\dlcxcoms.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9342 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

All drivers whitelisted.


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S3 stllssvr - "c:\program files\common files\surething shared\stllssvr.exe" <Not Verified; MicroVision Development, Inc.; SureThing CD Labeler>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Files created between 2008-05-10 and 2008-06-10 -----------------------------

2008-06-10 01:54:36 0 d-------- C:\Program Files\Trend Micro
2008-06-10 01:30:57 0 d-------- C:\VundoFix Backups
2008-06-01 13:03:26 136192 --a------ C:\Windows\system32\Rududu.dll <Not Verified; nico; Rududu video codec>
2008-05-29 19:52:15 96966 --a------ C:\Windows\system32\drivers\klin.dat
2008-05-29 19:52:15 88774 --a------ C:\Windows\system32\drivers\klick.dat
2008-05-29 19:51:15 40710688 --ahs---- C:\Windows\system32\drivers\fidbox.dat
2008-05-29 19:51:14 0 d-------- C:\Users\All Users\Kaspersky Lab
2008-05-29 19:51:14 0 d-------- C:\Program Files\Kaspersky Lab
2008-05-29 19:49:47 0 d-------- C:\kav
2008-05-21 22:07:01 0 d-------- C:\Users\All Users\NVIDIA
2008-05-17 19:36:09 10477568 --a------ C:\Windows\system32\3D Titanic Screensaver.scr
2008-05-15 17:13:44 0 d-------- C:\Users\Bernadette\WoW-BurningCrusade-enUS-Slim-Installer
2008-05-15 17:07:05 0 d-------- C:\Logs
2008-05-15 16:27:41 0 d-------- C:\Program Files\World of Warcraft
2008-05-15 16:27:41 0 d-------- C:\Program Files\Common Files\Blizzard Entertainment


-- Find3M Report ---------------------------------------------------------------

2008-06-10 01:07:17 12 --a------ C:\Windows\bthservsdp.dat
2008-06-09 21:40:33 0 d-------- C:\Program Files\Xfire
2008-06-09 18:05:50 0 d-------- C:\Users\Bernadette\AppData\Roaming\Xfire
2008-06-08 12:42:48 0 d-------- C:\Program Files\Spyware Doctor
2008-06-06 20:57:16 0 d-------- C:\Users\Bernadette\AppData\Roaming\uTorrent
2008-05-21 22:03:47 0 d-------- C:\Program Files\Common Files\InstallShield
2008-05-18 18:39:36 0 d-------- C:\Program Files\Google
2008-05-18 16:17:19 34961 --a------ C:\Users\Bernadette\AppData\Roaming\Cosmos Prefs
2008-05-17 19:36:09 0 d-------- C:\Program Files\Astro Gemini Software
2008-05-16 03:08:15 0 d-------- C:\Program Files\Windows Mail
2008-05-15 16:40:29 0 d-------- C:\Program Files\Common Files
2008-05-04 17:58:49 1160 --a------ C:\Windows\mozver.dat
2008-05-01 18:02:12 0 d-------- C:\Users\Bernadette\AppData\Roaming\teamspeak2
2008-05-01 18:02:08 0 d-------- C:\Program Files\Teamspeak2_RC2
2008-04-12 14:28:53 0 d-------- C:\Users\Bernadette\AppData\Roaming\Real
2008-04-12 14:27:50 0 d-------- C:\Program Files\Common Files\xing shared
2008-04-12 14:27:48 0 d-------- C:\Program Files\Common Files\Real
2008-04-12 14:27:43 0 d-------- C:\Program Files\Real
2008-04-12 14:23:18 0 d-------- C:\Users\Bernadette\AppData\Roaming\WinRAR
2008-04-10 17:03:55 0 d-------- C:\Users\Bernadette\AppData\Roaming\Media Player Classic
2008-04-10 16:01:44 0 d-------- C:\Program Files\Combined Community Codec Pack
2008-04-01 23:49:20 0 --a------ C:\Windows\nsreg.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{487C9905-26A8-42C8-8033-C58AD3D2AEC3}]
C:\Windows\system32\nnnmlIax.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [12/20/2007 05:32 PM]
"ECenter"="C:\Dell\E-Center\EULALauncher.exe" [05/25/2007 02:03 AM]
"RtHDVCpl"="RtHDVCpl.exe" [09/24/2007 05:41 AM C:\Windows\RtHDVCpl.exe]
"Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe" []
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [10/03/2006 01:37 PM]
"@"="" []
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [12/20/2007 10:11 AM]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [11/15/2007 11:24 AM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [04/12/2008 02:27 PM]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [12/26/2007 06:34 PM]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [12/26/2007 06:34 PM]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [12/26/2007 06:34 PM]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [04/10/2008 03:14 PM]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [02/08/2008 06:36 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll,ShowWelcomeCenter" []
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [03/24/2008 08:03 PM]
"@"="" []
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [12/20/2007 10:11 AM]
"MSServer"="C:\Users\BERNAD~1\AppData\Local\Temp\hgGaASkI.dll,#1" []
"2835b506"="C:\Users\BERNAD~1\AppData\Local\Temp\ooniybqh.dll,b" []
"BM2b06869a"="C:\Users\BERNAD~1\AppData\Local\Temp\unyuauru.dll,s" []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [12/20/2007 10:03:19 AM]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2/5/2008 8:03:21 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{487C9905-26A8-42C8-8033-C58AD3D2AEC3}"= C:\Windows\system32\nnnmlIax.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
bthsvcs BthServ
WindowsMobile wcescomm rapimgr
LocalServiceRestricted WcesComm RapiMgr


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a451124e-af01-11dc-bcf1-806e6f6e6963}]
AutoRun\command- E:\AutoRun.exe


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- End of Deckard's System Scanner: finished at 2008-06-10 01:56:44 ------------


Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: English

CPU 0: AMD Athlon™ 64 X2 Dual Core Processor 4000+
Percentage of Memory in Use: 42%
Physical Memory (total/avail): 2045.88 MiB / 1166.32 MiB
Pagefile Memory (total/avail): 4310.33 MiB / 3141.73 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1927.98 MiB

C: is Fixed (NTFS) - 222.78 GiB total, 138.59 GiB free.
D: is Fixed (NTFS) - 10 GiB total, 5.89 GiB free.
E: is CDROM (CDFS)

\\.\PHYSICALDRIVE0 - ST325031 0AS SCSI Disk Device - 232.83 GiB - 3 partitions
\PARTITION0 - Unknown - 47.03 MiB
\PARTITION1 - Installable File System - 10 GiB - D:
\PARTITION2 (bootable) - Installable File System - 222.78 GiB - C:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

AV: Kaspersky Anti-Virus v7.0.1.325 (Kaspersky Lab)
AS: Spyware Doctor v5.5.1.322 (PC Tools)
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) Disabled
AS: Kaspersky Anti-Virus v7.0.1.325 (Kaspersky Lab)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Bernadette\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=BERNADETTE-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Bernadette
LOCALAPPDATA=C:\Users\Bernadette\AppData\Local
LOGONSERVER=\\BERNADETTE-PC
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 107 Stepping 1, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=6b01
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\BERNAD~1\AppData\Local\Temp
TMP=C:\Users\BERNAD~1\AppData\Local\Temp
USERDOMAIN=Bernadette-PC
USERNAME=Bernadette
USERPROFILE=C:\Users\Bernadette
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

Bernadette


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
3D Merry Christmas Screensaver 1.0 --> "C:\Program Files\Astro Gemini Software\3D Merry Christmas Screensaver\unins000.exe"
3D Titanic Screensaver 1.0 --> "C:\Program Files\Astro Gemini Software\3D Titanic Screensaver\unins000.exe"
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
AOL Install --> MsiExec.exe /I{2357B8BC-88C9-4A72-818C-050CC4EB0778}
Aquatica Azure --> MsiExec.exe /I{89B82A80-5B34-48BB-A171-A999774B1B50}
Astro Gemini Screensaver Manager 2.0 --> "C:\Program Files\Astro Gemini Software\Screensaver Manager 2.0\unins000.exe"
Browser Address Error Redirector --> MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}
Combined Community Codec Pack 2008-01-24 --> "C:\Program Files\Combined Community Codec Pack\unins000.exe"
Conexant D850 PCI V.92 Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.EXE -U -IDel200fz.inf
Dell DataSafe Online --> MsiExec.exe /I{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}
Dell Getting Started Guide --> MsiExec.exe /I{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}
Dell Support Center --> MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
Digital Line Detect --> C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
Diner Dash --> "C:\Program Files\Oberon Media\Diner Dash\Uninstall.exe" "C:\Program Files\Oberon Media\Diner Dash\install.log"
Dolphin Aqua Life 3D Screensaver --> C:\Program Files\Dolphin Aqua Life 3D\Uninstall.exe
Dream Aquarium --> "C:\Program Files\Dream Aquarium\UnInstall.exe"
EarthLink Setup Files --> MsiExec.exe /X{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}
Fairy Christmas Day 3D --> "C:\Program Files\Fairy Christmas Day 3D\unins000.exe"
FINAL FANTASY XI --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{678F6475-D227-432A-94FF-806178A34520}
FINAL FANTASY XI: Chains of Promathia --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{3C0619B4-4A2C-4244-8077-488E420DF907}
FINAL FANTASY XI: Rise of the Zilart --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6FC76C41-8C1D-4B43-85E7-0BAA2002F1BE}
FINAL FANTASY XI: Treasures of Aht Urhgan --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{A606C6FF-12E7-40BE-B777-D8F360FF00CD}
FINAL FANTASY XI: Wings of the Goddess --> C:\Program Files\InstallShield Installation Information\{19451766-07CE-4A79-9A6A-61FC0395C319}\setup.exe -runfromtemp -l0x0409
Forest Life 3D Screensaver 1.2 --> "C:\Program Files\Astro Gemini Software\Forest Life 3D Screensaver\unins000.exe"
Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Photos Screensaver --> MsiExec.exe /X{481E9852-DA0C-403B-ADA4-05D86C8BF9A9}
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Home Sweet Home --> "C:\Program Files\Oberon Media\Home Sweet Home\Uninstall.exe" "C:\Program Files\Oberon Media\Home Sweet Home\install.log"
InterActual Player --> C:\Program Files\InterActual\InterActual Player\inuninst.exe
Internet Service Offers Launcher --> MsiExec.exe /I{CCFF1E13-77A2-4032-8B12-7566982A27DF}
Java™ SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Kaspersky Anti-Virus 7.0 --> MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
Kaspersky Anti-Virus 7.0 --> MsiExec.exe /I{4B9BB601-13E9-4042-A3BC-E7955BF4A98F}
Lighthouse 3D Screensaver 1.2 --> "C:\Program Files\Astro Gemini Software\Lighthouse 3D Screensaver\unins000.exe"
Microsoft Works --> MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Modem Diagnostic Tool --> MsiExec.exe /I{F63A3748-B93D-4360-9AD4-B064481A5C7B}
Moorhuhn Kart 2 --> "C:\Program Files\Moorhuhn Kart 2\Uninstall.exe"
Move Networks Media Player for Internet Explorer --> C:\Users\Bernadette\AppData\Roaming\Move Networks\ie_bin\Uninst.exe
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
Music, Photos & Videos Launcher --> MsiExec.exe /I{D7769185-9A7C-48D4-8874-5388743A1DE2}
NetWaiting --> C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
NVIDIANetworkDiagnostic --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EFAD4066-CAF3-4B27-9669-12EED352C376}
PlayOnline Viewer & Tetra Master --> C:\Program Files\InstallShield Installation Information\{47004155-7376-403E-89E9-4C9F44AAF0D0}\setup.exe -runfromtemp -l0x0409
Product Documentation Launcher --> MsiExec.exe /I{89CEAE14-DD0F-448E-9554-15781EC9DB24}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
Roxio Creator Audio --> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator BDAV Plugin --> MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}
Roxio Creator Copy --> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data --> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator DE --> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Tools --> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD DE --> MsiExec.exe /I{D639085F-4B6E-4105-9F37-A0DBB023E2FB}
Roxio Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Rududu encoder [RUD0] --> rundll.exe setupx.dll,InstallHinfSection DefaultUnInstall 132 C:\Windows\INF\RUDUDU.INF
Sonic Activation Module --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Spyware Doctor 5.5 --> C:\Program Files\Spyware Doctor\unins000.exe /LOG
Sunset Studio --> C:\Program Files\Sunset Studio\uninstall.exe
TeamSpeak 2 RC2 --> "C:\Program Files\Teamspeak2_RC2\unins000.exe"
User's Guides --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe"
Valentine's Day 3D Screensaver 1.0 --> "C:\Program Files\Astro Gemini Software\Valentine's Day 3D Screensaver\unins000.exe"
VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
Windows Mobile Device Center --> MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917}
Windows Mobile Device Center Driver Update --> MsiExec.exe /X{E7044E25-3038-4A76-9064-344AC038043E}
WinRAR archiver --> C:\Program Files\WinRar\uninstall.exe
World of Warcraft --> C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe
Xfire (remove only) --> "C:\Program Files\Xfire\uninst.exe"


-- Application Event Log -------------------------------------------------------

Event Record #/Type4050 / Success
Event Submitted/Written: 06/10/2008 01:08:43 AM
Event ID/Source: 5617 / WinMgmt
Event Description:


Event Record #/Type4049 / Success
Event Submitted/Written: 06/10/2008 01:08:43 AM
Event ID/Source: 5615 / WinMgmt
Event Description:


Event Record #/Type4046 / Success
Event Submitted/Written: 06/10/2008 01:08:29 AM
Event ID/Source: 902 / Software Licensing Service
Event Description:
The Software Licensing service has started.

Event Record #/Type4034 / Warning
Event Submitted/Written: 06/10/2008 01:07:15 AM
Event ID/Source: 1530 / profsvc
Event Description:
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
12 user registry handles leaked from \Registry\User\S-1-5-21-3690869824-3553280361-1182368013-1000:
Process 2472 (\Device\HarddiskVolume3\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3690869824-3553280361-1182368013-1000
Process 2472 (\Device\HarddiskVolume3\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3690869824-3553280361-1182368013-1000
Process 2472 (\Device\HarddiskVolume3\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3690869824-3553280361-1182368013-1000
Process 2472 (\Device\HarddiskVolume3\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3690869824-3553280361-1182368013-1000\Software\Microsoft\SystemCertificates\Root
Process 2472 (\Device\HarddiskVolume3\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3690869824-3553280361-1182368013-1000\Software\Microsoft\SystemCertificates\My
Process 2472 (\Device\HarddiskVolume3\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3690869824-3553280361-1182368013-1000\Software\Microsoft\SystemCertificates\CA
Process 2472 (\Device\HarddiskVolume3\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3690869824-3553280361-1182368013-1000\Software\Microsoft\SystemCertificates\Disallowed
Process 2472 (\Device\HarddiskVolume3\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3690869824-3553280361-1182368013-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 2472 (\Device\HarddiskVolume3\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3690869824-3553280361-1182368013-1000\Software\Microsoft\SystemCertificates\trust
Process 2472 (\Device\HarddiskVolume3\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3690869824-3553280361-1182368013-1000\Software\Policies\Microsoft\SystemCertificates
Process 2472 (\Device\HarddiskVolume3\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3690869824-3553280361-1182368013-1000\Software\Policies\Microsoft\SystemCertificates
Process 2472 (\Device\HarddiskVolume3\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe) has opened key \REGISTRY\USER\S-1-5-21-3690869824-3553280361-1182368013-1000\Software\Policies\Microsoft\SystemCertificates

Event Record #/Type4022 / Success
Event Submitted/Written: 06/10/2008 00:49:34 AM
Event ID/Source: 5617 / WinMgmt
Event Description:




-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type20911 / Error
Event Submitted/Written: 06/10/2008 01:10:03 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Parallel port driver%%1058

Event Record #/Type20865 / Error
Event Submitted/Written: 06/10/2008 01:08:03 AM
Event ID/Source: 6 / ACPI
Event Description:
IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 11, function 0.
Please contact your system vendor for technical assistance.

Event Record #/Type20861 / Error
Event Submitted/Written: 06/10/2008 01:08:03 AM
Event ID/Source: 6 / ACPI
Event Description:
IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 9, function 0.
Please contact your system vendor for technical assistance.

Event Record #/Type20804 / Error
Event Submitted/Written: 06/10/2008 00:50:54 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Parallel port driver%%1058

Event Record #/Type20758 / Error
Event Submitted/Written: 06/10/2008 00:48:54 AM
Event ID/Source: 6 / ACPI
Event Description:
IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 11, function 0.
Please contact your system vendor for technical assistance.



-- End of Deckard's System Scanner: finished at 2008-06-10 01:56:44 ------------

BC AdBot (Login to Remove)

 


m

#2 SifuMike

SifuMike

    malware expert


  • Staff Emeritus
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:06:49 AM

Posted 13 June 2008 - 10:14 PM

Hello Samalis,

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Copy and Paste the entire Malwarebytes' Anti-Malware report in your next reply along with a fresh DSS - main.txt log.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediatly.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 SifuMike

SifuMike

    malware expert


  • Staff Emeritus
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:06:49 AM

Posted 19 June 2008 - 01:54 PM

Due to inactivity, this thread will now be closed. If you need this topic reopened, please contact me or a member of the HJT Team and we will reopen it for you. Include the address of this thread in your request. If you should have a new issue, please start a new topic. This applies only to the original topic starter. Everyone else please begin a New Topic.
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users