Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Adware.Vundo Variant


  • This topic is locked This topic is locked
3 replies to this topic

#1 rewn

rewn

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:04 AM

Posted 12 December 2008 - 06:11 PM

Hi,

I've had computer woes the last week. After a differing amount of time using Firefox, i would lose ability to browse the web, through Firefox, IE and Chrome. I am still able to ping and use P2P applications and MSN.

I googled and started to run some anti malware applications, namely :

SUPERAntiSpyware Professional
Malwarebytes' Anti-Malware
CCCleaner
ComboFix

SUPERAntiSpyware Professional runs and gives me results :

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/11/2008 at 11:44 PM

Application Version : 4.23.1006

Core Rules Database Version : 3671
Trace Rules Database Version: 1650

Scan type : Complete Scan
Total Scan Time : 00:44:02

Memory items scanned : 750
Memory threats detected : 0
Registry items scanned : 6343
Registry threats detected : 5
File items scanned : 33246
File threats detected : 1

Adware.Vundo Variant
HKLM\Software\Classes\CLSID\{BF0CA4FC-6378-4062-B546-3CDE8A28B1E0}
HKCR\CLSID\{BF0CA4FC-6378-4062-B546-3CDE8A28B1E0}
HKCR\CLSID\{BF0CA4FC-6378-4062-B546-3CDE8A28B1E0}\InprocServer32
HKCR\CLSID\{BF0CA4FC-6378-4062-B546-3CDE8A28B1E0}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\YAYSJIJA.DLL
HKCR\CLSID\{BF0CA4FC-6378-4062-B546-3CDE8A28B1E0}

I reboot and scan again and it is still all there.

I can't even find C:\WINDOWS\SYSTEM32\YAYSJIJA.DLL in the file system !!

At my wits end, so here i am.

Here are the logs from the result of running RSIT


Logfile of random's system information tool 1.04 (written by random/random)
Run by z at 2008-12-13 10:02:42
Microsoft® Windows Vista™ Ultimate Service Pack 1
System drive C: has 193 GB (69%) free of 279 GB
Total RAM: 3069 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:03:02 AM, on 13/12/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
C:\Program Files\Tall Emu\Online Armor\oacat.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Tall Emu\Online Armor\oahlp.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Users\z\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\z\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\z\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Java\jre6\bin\jp2launcher.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\z\Desktop\RSIT.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\z.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab
O16 - DPF: {7DFDB8FD-B498-4958-B930-38021B94351D} (imlUCID Class) - http://imlive.com/chatsource/ImlCID.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D96EF22E-3D04-409A-A717-AA5F6D574A11}: NameServer = 210.15.254.240,210.15.254.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{F4AA0B22-4AC2-434D-BF56-2BC65D86173D}: NameServer = 210.15.254.240,210.15.254.241
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oacat.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 9014 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-12 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-12 34816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NDSTray.exe"=NDSTray.exe []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-11 90112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-11-29 1029416]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-18 431456]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-11-01 54608]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-06-16 448080]
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2008-01-26 716800]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-27 81000]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-12 136600]
"@OnlineArmor GUI"=C:\Program Files\Tall Emu\Online Armor\oaui.exe [2008-10-07 6223048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-03 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2007-07-20 233888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"=C:\PROGRA~1\TALLEM~1\ONLINE~1\oaevent.dll [2008-10-07 886984]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"EnableShellExecuteHooks"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2008-12-13 10:02:47 ----D---- C:\Program Files\trend micro
2008-12-13 10:02:42 ----D---- C:\rsit
2008-12-13 01:28:43 ----D---- C:\ProgramData\OnlineArmor
2008-12-13 01:28:35 ----D---- C:\Users\z\AppData\Roaming\OnlineArmor
2008-12-12 22:44:13 ----D---- C:\VundoFix Backups
2008-12-12 22:44:13 ----A---- C:\VundoFix.txt
2008-12-12 21:32:48 ----D---- C:\Program Files\Tall Emu
2008-12-12 21:29:26 ----A---- C:\Windows\system32\javaws.exe
2008-12-12 21:29:26 ----A---- C:\Windows\system32\javaw.exe
2008-12-12 21:29:26 ----A---- C:\Windows\system32\java.exe
2008-12-12 21:29:26 ----A---- C:\Windows\system32\deploytk.dll
2008-12-12 21:28:55 ----D---- C:\Program Files\Java
2008-12-12 21:11:46 ----D---- C:\Program Files\SpywareBlaster
2008-12-12 18:54:12 ----D---- C:\Windows\temp
2008-12-12 18:54:11 ----A---- C:\ComboFix.txt
2008-12-12 18:45:49 ----D---- C:\ComboFix
2008-12-12 01:03:55 ----A---- C:\mbam-log-2008-12-12 (00-22-11).txt
2008-12-12 00:45:00 ----A---- C:\Windows\system32\locate.com
2008-12-12 00:43:38 ----D---- C:\MGtools
2008-12-12 00:43:26 ----A---- C:\MGtools.exe
2008-12-12 00:28:35 ----A---- C:\Windows\zip.exe
2008-12-12 00:28:35 ----A---- C:\Windows\VFIND.exe
2008-12-12 00:28:35 ----A---- C:\Windows\SWXCACLS.exe
2008-12-12 00:28:35 ----A---- C:\Windows\SWSC.exe
2008-12-12 00:28:35 ----A---- C:\Windows\SWREG.exe
2008-12-12 00:28:35 ----A---- C:\Windows\sed.exe
2008-12-12 00:28:35 ----A---- C:\Windows\NIRCMD.exe
2008-12-12 00:28:35 ----A---- C:\Windows\grep.exe
2008-12-12 00:28:35 ----A---- C:\Windows\fdsv.exe
2008-12-12 00:28:20 ----D---- C:\Windows\ERDNT
2008-12-12 00:28:20 ----AD---- C:\Qoobox
2008-12-11 23:56:54 ----D---- C:\ProgramData\Spybot - Search & Destroy
2008-12-11 23:56:54 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-11 20:19:02 ----D---- C:\Program Files\CCleaner
2008-12-11 18:58:22 ----A---- C:\Windows\system32\gpprefcl.dll
2008-12-11 07:35:03 ----A---- C:\Windows\system32\ShellManager310E2D762.dll
2008-12-11 07:34:04 ----A---- C:\Windows\Irremote.ini
2008-12-10 18:27:49 ----A---- C:\Windows\system32\tzres.dll
2008-12-10 18:25:47 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-12-10 18:25:45 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-12-10 18:25:42 ----A---- C:\Windows\system32\gdi32.dll
2008-12-10 18:25:33 ----A---- C:\Windows\system32\shell32.dll
2008-12-10 18:25:22 ----A---- C:\Windows\system32\mshtml.dll
2008-12-10 18:25:21 ----A---- C:\Windows\system32\urlmon.dll
2008-12-10 18:25:20 ----A---- C:\Windows\system32\wininet.dll
2008-12-10 18:25:20 ----A---- C:\Windows\system32\ieframe.dll
2008-12-10 18:25:19 ----A---- C:\Windows\system32\mstime.dll
2008-12-10 18:25:19 ----A---- C:\Windows\system32\iertutil.dll
2008-12-10 18:25:18 ----A---- C:\Windows\system32\jsproxy.dll
2008-12-10 18:24:44 ----A---- C:\Windows\explorer.exe
2008-12-10 18:24:40 ----A---- C:\Windows\system32\mf.dll
2008-12-10 18:24:39 ----A---- C:\Windows\system32\WMVCORE.DLL
2008-12-10 18:24:39 ----A---- C:\Windows\system32\WMNetMgr.dll
2008-12-10 18:24:39 ----A---- C:\Windows\system32\logagent.exe
2008-12-09 23:17:48 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2008-12-09 23:17:23 ----D---- C:\Users\z\AppData\Roaming\SUPERAntiSpyware.com
2008-12-09 23:17:23 ----D---- C:\Program Files\SUPERAntiSpyware
2008-12-09 23:16:05 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-09 23:03:41 ----D---- C:\Users\z\AppData\Roaming\Malwarebytes
2008-12-09 23:03:33 ----D---- C:\ProgramData\Malwarebytes
2008-12-09 23:03:33 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-07 18:53:01 ----D---- C:\ProgramData\WindowsSearch
2008-12-07 18:07:41 ----A---- C:\Windows\system32\tcpipcfg.dll
2008-12-07 18:07:41 ----A---- C:\Windows\system32\netiougc.exe
2008-12-04 20:46:07 ----A---- C:\Windows\system32\msshooks.dll
2008-12-04 20:46:06 ----A---- C:\Windows\system32\msscb.dll
2008-12-04 20:46:02 ----A---- C:\Windows\system32\SearchFilterHost.exe
2008-12-04 20:46:02 ----A---- C:\Windows\system32\propdefs.dll
2008-12-04 20:46:02 ----A---- C:\Windows\system32\msstrc.dll
2008-12-04 20:46:02 ----A---- C:\Windows\system32\mssitlb.dll
2008-12-04 20:46:01 ----A---- C:\Windows\system32\thawbrkr.dll
2008-12-04 20:46:01 ----A---- C:\Windows\system32\srchadmin.dll
2008-12-04 20:46:01 ----A---- C:\Windows\system32\propsys.dll
2008-12-04 20:46:01 ----A---- C:\Windows\system32\mssprxy.dll
2008-12-04 20:46:01 ----A---- C:\Windows\system32\msshsq.dll
2008-12-04 20:46:01 ----A---- C:\Windows\system32\korwbrkr.dll
2008-12-04 20:46:00 ----A---- C:\Windows\system32\xmlfilter.dll
2008-12-04 20:46:00 ----A---- C:\Windows\system32\wsepno.dll
2008-12-04 20:46:00 ----A---- C:\Windows\system32\rtffilt.dll
2008-12-04 20:46:00 ----A---- C:\Windows\system32\offfilt.dll
2008-12-04 20:46:00 ----A---- C:\Windows\system32\nlhtml.dll
2008-12-04 20:46:00 ----A---- C:\Windows\system32\msscntrs.dll
2008-12-04 20:46:00 ----A---- C:\Windows\system32\mimefilt.dll
2008-12-04 20:46:00 ----A---- C:\Windows\system32\chsbrkr.dll
2008-12-04 20:45:59 ----A---- C:\Windows\system32\tquery.dll
2008-12-04 20:45:59 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2008-12-04 20:45:59 ----A---- C:\Windows\system32\SearchIndexer.exe
2008-12-04 20:45:59 ----A---- C:\Windows\system32\mssvp.dll
2008-12-04 20:45:59 ----A---- C:\Windows\system32\mssrch.dll
2008-12-04 20:45:59 ----A---- C:\Windows\system32\chtbrkr.dll
2008-12-04 20:45:58 ----A---- C:\Windows\system32\mssphtb.dll
2008-12-04 20:45:58 ----A---- C:\Windows\system32\mssph.dll
2008-12-04 20:30:56 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2008-12-04 20:30:55 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2008-12-04 20:30:54 ----A---- C:\Windows\system32\WindowsCodecs.dll
2008-12-04 20:25:49 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2008-12-04 20:25:30 ----A---- C:\Windows\system32\connect.dll
2008-12-03 19:04:11 ----A---- C:\Windows\system32\wups2.dll
2008-12-03 19:04:11 ----A---- C:\Windows\system32\wuauclt.exe
2008-12-03 19:04:10 ----A---- C:\Windows\system32\wucltux.dll
2008-12-03 19:04:10 ----A---- C:\Windows\system32\wuaueng.dll
2008-12-03 19:03:45 ----A---- C:\Windows\system32\wups.dll
2008-12-03 19:03:45 ----A---- C:\Windows\system32\wudriver.dll
2008-12-03 19:03:45 ----A---- C:\Windows\system32\wuapi.dll
2008-12-03 19:03:14 ----A---- C:\Windows\system32\wuwebv.dll
2008-12-03 19:03:13 ----A---- C:\Windows\system32\wuapp.exe
2008-11-24 20:55:39 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-11-24 20:55:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-11-24 20:52:08 ----A---- C:\Windows\system32\EncDec.dll
2008-11-24 20:52:05 ----A---- C:\Windows\system32\psisdecd.dll
2008-11-24 19:51:49 ----A---- C:\Windows\system32\msxml6.dll
2008-11-24 19:51:14 ----A---- C:\Windows\system32\emdmgmt.dll
2008-11-24 19:51:14 ----A---- C:\Windows\system32\dataclen.dll
2008-11-24 19:51:13 ----A---- C:\Windows\system32\cdd.dll
2008-11-24 19:49:19 ----A---- C:\Windows\system32\win32spl.dll
2008-11-24 19:44:10 ----A---- C:\Windows\system32\msxml3.dll
2008-11-24 19:40:40 ----A---- C:\Windows\system32\netapi32.dll
2008-11-24 19:36:57 ----A---- C:\Windows\system32\es.dll
2008-11-24 19:36:47 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-11-24 19:35:26 ----A---- C:\Windows\system32\wersvc.dll
2008-11-24 19:35:26 ----A---- C:\Windows\system32\Faultrep.dll
2008-11-24 19:34:42 ----A---- C:\Windows\system32\inetcomm.dll
2008-11-24 19:34:24 ----A---- C:\Windows\system32\wmpeffects.dll

======List of files/folders modified in the last 1 months======

2008-12-13 10:03:03 ----D---- C:\Windows\Prefetch
2008-12-13 10:02:47 ----RD---- C:\Program Files
2008-12-13 09:20:14 ----D---- C:\Windows\System32
2008-12-13 09:20:14 ----D---- C:\Windows\inf
2008-12-13 09:20:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-12-13 09:13:03 ----D---- C:\Windows\system32\drivers
2008-12-13 09:10:05 ----D---- C:\Users\z\AppData\Roaming\uTorrent
2008-12-13 01:28:43 ----HD---- C:\ProgramData
2008-12-13 01:25:52 ----D---- C:\Windows\system32\Msdtc
2008-12-13 01:25:50 ----D---- C:\Windows\system32\wbem
2008-12-13 01:25:50 ----D---- C:\Windows
2008-12-13 01:24:53 ----D---- C:\Windows\system32\config
2008-12-13 01:24:44 ----D---- C:\Windows\Tasks
2008-12-13 01:24:44 ----D---- C:\Windows\system32\ZoneLabs
2008-12-13 01:24:44 ----D---- C:\Windows\system32\spool
2008-12-13 01:24:44 ----D---- C:\Windows\system32\CodeIntegrity
2008-12-13 01:24:44 ----D---- C:\Windows\system32\catroot2
2008-12-13 01:24:42 ----D---- C:\Windows\registration
2008-12-13 01:22:00 ----SHD---- C:\System Volume Information
2008-12-12 21:43:52 ----D---- C:\Windows\Internet Logs
2008-12-12 21:29:39 ----SHD---- C:\Windows\Installer
2008-12-12 21:26:31 ----SD---- C:\Windows\Downloaded Program Files
2008-12-12 21:04:26 ----D---- C:\Windows\system32\catroot
2008-12-12 18:54:13 ----D---- C:\Windows\system32\en-US
2008-12-12 18:49:07 ----N---- C:\Windows\system.ini
2008-12-12 18:48:21 ----D---- C:\Windows\AppPatch
2008-12-12 18:48:21 ----D---- C:\Program Files\Common Files
2008-12-12 09:03:51 ----D---- C:\Program Files\Google
2008-12-12 08:29:22 ----D---- C:\Program Files\Common Files\microsoft shared
2008-12-12 02:25:18 ----D---- C:\Program Files\Mozilla Firefox
2008-12-11 21:13:34 ----D---- C:\Windows\rescache
2008-12-11 20:34:44 ----D---- C:\Windows\Crystal
2008-12-11 20:34:29 ----A---- C:\Windows\vbaddin.ini
2008-12-11 20:26:30 ----D---- C:\Windows\Debug
2008-12-11 18:58:30 ----D---- C:\Windows\winsxs
2008-12-11 07:37:44 ----RSD---- C:\Windows\assembly
2008-12-11 07:37:42 ----D---- C:\Program Files\Common Files\Nero
2008-12-11 07:37:41 ----D---- C:\ProgramData\Nero
2008-12-11 07:34:24 ----A---- C:\Windows\system32\MsiExec.exe.log
2008-12-11 07:29:04 ----D---- C:\Windows\system32\appmgmt
2008-12-10 23:09:30 ----HD---- C:\Windows\system32\GroupPolicy
2008-12-10 18:30:53 ----D---- C:\Program Files\Windows Mail
2008-12-10 18:26:49 ----D---- C:\ProgramData\Microsoft Help
2008-12-10 18:24:08 ----SD---- C:\Users\z\AppData\Roaming\Microsoft
2008-12-10 10:24:37 ----A---- C:\Windows\system32\mrt.exe
2008-12-09 21:31:42 ----D---- C:\Windows\system32\Tasks
2008-12-08 20:55:12 ----D---- C:\Users\z\AppData\Roaming\OpenOffice.org2
2008-12-07 18:13:29 ----D---- C:\Windows\system32\migration
2008-12-07 17:50:03 ----D---- C:\Program Files\Adobe
2008-12-07 17:25:14 ----D---- C:\Windows\PolicyDefinitions
2008-11-27 21:37:06 ----D---- C:\Windows\Microsoft.NET
2008-11-27 20:02:28 ----D---- C:\Windows\ehome
2008-11-27 04:21:30 ----A---- C:\Windows\system32\aswBoot.exe
2008-11-25 07:40:31 ----HD---- C:\Windows\msdownld.tmp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-11-27 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-11-27 111184]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-11-27 50864]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2008-01-21 350720]
R1 OADevice;OADriver; \??\C:\Windows\system32\drivers\OADriver.sys [2008-10-07 178376]
R1 OAmon;OAmon; \??\C:\Windows\system32\drivers\OAmon.sys [2008-10-07 30920]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2008-12-04 8944]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2008-12-04 55024]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2007-10-03 64128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-11-27 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-11-27 51792]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-01-30 3483648]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2008-02-01 187904]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 NETw4v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-27 2251776]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-01-15 48472]
R3 QIOMem;Generic IO & Memory Access; C:\Windows\system32\DRIVERS\QIOMem.sys [2007-04-09 8192]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2008-12-04 7408]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-11-29 196144]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-19 16128]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-11 41600]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-24 9216]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-18 18432]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-29 43008]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-28 298496]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-21 45696]
S3 aswArKrn;aswArKrn; \??\C:\Users\z\AppData\Local\Temp\aswArKrn.sys []
S3 Avc;AVC Device; C:\Windows\system32\DRIVERS\avc.sys [2008-01-21 40448]
S3 AVCSTRM;AVC Streaming Filter Driver; C:\Windows\system32\DRIVERS\avcstrm.sys [2008-01-21 14208]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2008-01-21 219648]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2008-01-21 29184]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTAPE;Microsoft AV/C Tape Subunit Device; C:\Windows\system32\DRIVERS\mstape.sys [2008-01-21 50048]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-21 49664]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2007-12-27 131584]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2007-11-30 36608]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2007-11-30 74240]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-10-19 41856]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-27 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-01-30 643072]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-27 155160]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-26 40960]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 o2flash;O2Micro Flash Memory Card Service; c:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2007-02-12 65536]
R2 OAcat;Online Armor Helper Service; C:\Program Files\Tall Emu\Online Armor\oacat.exe [2008-10-07 1402568]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-07-07 809296]
R2 SvcOnlineArmor;Online Armor; C:\Program Files\Tall Emu\Online Armor\oasrv.exe [2008-10-07 3321032]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-01-21 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-22 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2008-01-18 431456]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-09-29 128360]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-04 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-24 49152]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-27 254040]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-27 352920]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-21 523776]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-06-15 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2008-01-21 917504]

-----------------EOF-----------------





info.txt logfile of random's system information tool 1.04 2008-12-13 10:03:04

======Uninstall list======

-->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}
-->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x9
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVIcodec (remove only)-->"C:\Program Files\AVIcodec\uninst.exe"
BitTornado 0.3.18-->C:\Program Files\BitTornado\uninst.exe
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
BS.Player PRO-->"C:\Program Files\Webteh\BSplayerPro\uninstall.exe"
BulletProof FTP Client (remove only)-->"C:\Program Files\BulletProof FTP Client v2.6\Uninstall\unins000.exe"
Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe -runfromtemp -l0x0009
Catalyst Control Center - Branding-->MsiExec.exe /I{D58A1E94-9EEA-4C6E-B9FB-D7C63DC6C941}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CD/DVD Drive Acoustic Silencer-->C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe -runfromtemp -l0x0009 -removeonly
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -ITE1HERza.INF
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x9
FlickrDown-->C:\Windows\FlickrDown Uninstaller.exe
FM Tuner Utility-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{F2EF0002-9141-439B-B6F3-237DD2A18938} /l1033
foobar2000 v0.9.5.3-->"C:\Program Files\foobar2000\uninstall.exe"
FrameShots Video Screen Capture-->C:\Program Files\FrameShots\Uninst.exe
HDMI Control Manager-->C:\Program Files\InstallShield Installation Information\{CBDF64B0-8CAB-45C7-B3B2-4637C9F88769}\setup.exe -runfromtemp -l0x0009 -removeonly
HeidiSQL 3.2-->"C:\Program Files\HeidiSQL\unins000.exe"
HijackThis 2.0.2-->"C:\MGTools\HijackThis.exe" /uninstall
ICQ6-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
Java™ 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
MediaMonkey 3.0-->"C:\Program Files\MediaMonkey\unins000.exe"
Microsoft Office 2007 Primary Interop Assemblies-->MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Small Business Connectivity Components-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D}
Microsoft Office Visio 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {AA4F2610-5FF1-4DCD-A6FB-BCA2D09A6443}
Microsoft Office Visio 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-0054-0409-0000-0000000FF1CE} /uninstall {EA35370F-586C-45E1-AC6C-A4E275C6B762}
Microsoft Office Visio MUI (English) 2007-->MsiExec.exe /X{90120000-0054-0409-0000-0000000FF1CE}
Microsoft Office Visio Professional 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall VISPRO /dll OSETUP.DLL
Microsoft Office Visio Professional 2007-->MsiExec.exe /X{90120000-0051-0000-0000-0000000FF1CE}
Microsoft SQL Server Native Client-->MsiExec.exe /I{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O2Micro Flash Memory Card Reader Driver (x86)-->MsiExec.exe /X{372B31CF-77FB-4E29-860C-A0EA2985AB7F}
OJOsoft Total Video Converter-->"C:\Program Files\OJOsoft\uninstall.exe" "/U:C:\Program Files\OJOsoft\OJOsoft Total Video Converter\Uninstall\uninstall.xml"
Online Armor 3.0-->"C:\Program Files\Tall Emu\Online Armor\unins000.exe"
OpenOffice.org 2.4-->MsiExec.exe /I{2CD2C0DB-81C3-416B-9FA6-589B9235359B}
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office Visio 2007 (KB947590)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {199018BD-578E-44BD-A28F-7F944931CABD}
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
SharpKeys-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B6685367-A8AD-4414-A2A3-10B40EC5CF30}\setup.exe" SharpKeys
Sony Vegas Pro 8.0-->MsiExec.exe /X{1246FF64-3035-4A92-8FE6-A968275495EB}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe"
SUPERAntiSpyware Professional-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TextPad 5-->MsiExec.exe /X{B6EC7388-E277-4A5B-8C8F-71067A41BA64}
TMPGEnc DVD Author 1.5-->MsiExec.exe /I{49062DAB-7009-4EBD-903A-830B283407C4}
TOSHIBA Assist-->C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe -runfromtemp -l0x0009 -removeonly
TOSHIBA ConfigFree-->MsiExec.exe /X{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}
TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
TOSHIBA DVD PLAYER-->C:\Program Files\InstallShield Installation Information\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}\setup.exe -runfromtemp -l0x0009 -ADDREMOVE -removeonly
TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x0409
TOSHIBA Face Recognition-->"C:\Program Files\InstallShield Installation Information\{C730E42C-935A-45BB-A0C5-37E5234D111B}\setup.exe" -runfromtemp -l0x0409 -removeonly
TOSHIBA Face Recognition-->MsiExec.exe /I{C730E42C-935A-45BB-A0C5-37E5234D111B}
TOSHIBA Hardware Setup-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{52573F8D-F099-4CB5-9EDE-5C27ECB4A02B} /l1033
TOSHIBA Recovery Disc Creator-->MsiExec.exe /X{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}
TOSHIBA Remote Control Manager-->C:\Program Files\InstallShield Installation Information\{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}\setup.exe -runfromtemp -l0x0009 -removeonly
TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
TOSHIBA Speech System Applications-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}\Setup.exe" -l0x9
TOSHIBA Speech System SR Engine(U.S.) Version1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{008D69EB-70FF-46AB-9C75-924620DF191A}\Setup.exe" -l0x9 UNINSTALL
TOSHIBA Speech System TTS Engine(U.S.) Version1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}\Setup.exe" -l0x9
TOSHIBA Supervisor Password-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{491DD193-1B57-4D1C-8B14-18B96992A89F} /l1033
TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x0409
TrueSuite Access Manager-->C:\Program Files\InstallShield Installation Information\{A2075A09-28AA-4D30-9BCC-82EAD9FA51BD}\setup.exe -runfromtemp -l0x0009 -removeonly
Update for Microsoft Office 2007 Help for Common Features (KB957244)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {C8C72583-C907-4D20-8973-C3858D96BD9E}
Update for Microsoft Office Visio 2007 Help (KB957251)-->msiexec /package {90120000-0054-0409-0000-0000000FF1CE} /uninstall {24F43C74-6200-432B-98C7-85AC1CF1A7AF}
Update for Microsoft Script Editor Help (KB957253)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {F21BF703-548C-47B2-B92A-6876E9566C42}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
VanDyke Software SecureCRT 6.0-->MsiExec.exe /I{ED218669-1F95-477C-9DFD-D78AEA99A2AF}
VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
Video Edit Magic 4-->"C:\Program Files\Deskshare\Video Edit Magic 4.4\unins000.exe"
VSO Image Resizer 2.0.1.5-->"C:\Program Files\VSO\Image Resizer\unins000.exe"
Winbond CIR Device Drivers-->MsiExec.exe /X{2AFEA17A-2B70-453A-8FC0-FD5FC0C704EC}
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Winmx Community 1-->C:\Program Files\Winmx\Remove1.exe
WinRAR archiver-->C:\Program Files\WinRar\uninstall.exe
WinSCP 4.0.7-->"C:\Program Files\WinSCP\unins000.exe"
WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Xvid 1.1.3 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: avast! antivirus 4.8.1296 [VPS 081206-0]
AS: Spybot - Search and Destroy (disabled)
AS: Windows Defender
AS: SUPERAntiSpyware
AS: avast! antivirus 4.8.1296 [VPS 081206-0]

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG;C:\Program Files\Rational\ClearQuest
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"TMPDIR"=C:\Users\z\AppData\Local\Temp
"DISPLAY"=:0.0
"ROOTDIR"=C:\PROGRA~1\RATIONAL\RATION~1\NUTCROOT
"SHELL"=C:\PROGRA~1\RATIONAL\RATION~1\NUTCROOT\mksnt\sh.exe

-----------------EOF-----------------



Help is very very much appreciated, i want to be clean again ! :D

BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,011 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:03:04 PM

Posted 20 December 2008 - 12:13 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.

Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results, click no to the Optional_Scan
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 rewn

rewn
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:04 AM

Posted 20 December 2008 - 05:17 PM

Yeah, fixed it yesterday thanks ! :D

#4 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,011 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:03:04 PM

Posted 20 December 2008 - 07:01 PM

Hello rewn,

Thank you for posting back. I'm glad that your computer problems have been fixed. Since this issue seems to be resolved, this thread will now be closed.

In case you experience any problems with the computer, please start a new topic.

Happy computing,

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users