Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is my pc infected?


  • This topic is locked This topic is locked
2 replies to this topic

#1 Renberg

Renberg

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:08 PM

Posted 15 February 2009 - 03:40 PM

My pc looses the network connection at regular occasions several times a day. One of these occasions are around 00.00. The connection is lost for about a minute or so.

I couldn't run dds.scr as my pc thinks it's an Autocad script and therefore opens it in Notepad. Instead I've been adviced to use RSIT.exe. Here's the log:

Logfile of random's system information tool 1.05 (written by random/random)
Run by Erik at 2009-02-15 21:32:24
Microsoft Windows XP Professional Service Pack 3
System drive C: has 6 GB (18%) free of 35 GB
Total RAM: 3326 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:32:34, on 2009-02-15
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program\Lavasoft\Ad-Aware\aawservice.exe
C:\Program\Alwil Software\Avast4\aswUpdSv.exe
C:\Program\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\FileZilla Server\FileZilla Server.exe
C:\Program\Java\jre6\bin\jqs.exe
C:\Program\Tall Emu\Online Armor\oacat.exe
C:\Program\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\Alwil Software\Avast4\ashMaiSv.exe
C:\Program\Alwil Software\Avast4\ashWebSv.exe
C:\Program\Raxco\PerfectDisk\PDEngine.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program\ALWILS~1\Avast4\ashDisp.exe
C:\Program\Java\jre6\bin\jusched.exe
C:\Program\Tall Emu\Online Armor\oaui.exe
C:\Program\Windows Defender\MSASCui.exe
C:\Program\DAEMON Tools\daemon.exe
C:\Documents and Settings\Erik\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe
C:\Program\Microsoft ActiveSync\wcescomm.exe
C:\Program\MICROS~2\rapimgr.exe
C:\Program\Curse\CurseClient.exe
C:\Program\Tall Emu\Online Armor\oahlp.exe
C:\Program\Logitech\SetPoint\SetPoint.exe
C:\Program\Delade filer\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program\FileZilla Server\FileZilla Server Interface.exe
C:\Documents and Settings\Erik\Skrivbord\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program\Trend Micro\HijackThis\Erik.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://skandia.se/hem/default.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\SPYBOT~1\SDHelper.dll
O2 - BHO: DIALux 3.1 ULDBrowserHelper Class - {69AB812A-8CE4-4BF3-B49B-3B60A9F31FB2} - C:\Program\DIALux\DLXShellExtension.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\Program\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Erik\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [CurseClient] C:\Program\Curse\CurseClient.exe -silent
O4 - HKCU\..\Run: [NBJ] "C:\Program\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Registration Silent Hunter III.LNK = D:\Spel\SHIII\Support\Register\RegistrationReminder.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: WordWeb.lnk = C:\Program\WordWeb\wweb32.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED36331C-E1DF-41B4-BA40-9EDA38A326C1}: NameServer = 83.216.208.10,83.255.249.10
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DirMS_Defragmentation - Unknown owner - C:\Program\MATCO\DirmsService.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program\FileZilla Server\FileZilla Server.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe
O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Program\Tall Emu\Online Armor\oacat.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program\Tall Emu\Online Armor\oasrv.exe

--
End of file - 9326 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-573735546-839522115-1003.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69AB812A-8CE4-4BF3-B49B-3B60A9F31FB2}]
DIALux 3.1 ULDBrowserHelper Class - C:\Program\DIALux\DLXShellExtension.dll [2008-07-09 530432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program\Java\jre6\bin\ssv.dll [2008-12-13 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program\Java\jre6\bin\jp2ssv.dll [2008-12-13 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-13 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2006-03-02 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-03-02 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-03-02 455168]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-02-29 76304]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-11-30 16858624]
"StartCCC"=C:\Program\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-01 61440]
"Adobe Reader Speed Launcher"=C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"avast!"=C:\Program\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"SunJavaUpdateSched"=C:\Program\Java\jre6\bin\jusched.exe [2008-12-13 136600]
"@OnlineArmor GUI"=C:\Program\Tall Emu\Online Armor\oaui.exe [2008-11-26 6223048]
"Windows Defender"=C:\Program\Windows Defender\MSASCui.exe [2006-11-03 866584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools"=C:\Program\DAEMON Tools\daemon.exe [2007-11-17 171464]
"Google Update"=C:\Documents and Settings\Erik\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe [2008-11-19 133104]
"H/PC Connection Agent"=C:\Program\Microsoft ActiveSync\wcescomm.exe [2006-06-26 1207080]
"CurseClient"=C:\Program\Curse\CurseClient.exe [2008-10-10 4789760]
"NBJ"=C:\Program\Ahead\Nero BackItUp\NBJ.exe [2005-10-11 1961984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Allway Sync]
C:\Program\Allway Sync\Bin\syncappw.exe [2008-07-23 79568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileZilla Server Interface]
C:\Program\FileZilla Server\FileZilla Server Interface.exe [2007-02-27 937984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
C:\Program\Microsoft ActiveSync\wcescomm.exe [2006-06-26 1207080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
C:\Program\Nokia\Nokia PC Suite 7\PCSync2.exe [2008-06-17 1249280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program\Nokia\Nokia PC Suite 7\PCSuite.exe [2008-10-02 1124352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusClient]
C:\Program\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [2002-12-16 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\spel\steam\steam.exe [2008-10-15 1410296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup]
C:\Program\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-03-31 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start-meny^Program^Autostart^Allway Sync.lnk]
C:\Program\ALLWAY~1\Bin\syncappw.exe [2008-07-23 79568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start-meny^Program^Autostart^BankID säkerhetsprogram.lnk]
C:\Program\Personal\bin\Personal.exe [2008-06-18 910864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Erik^Start-meny^Program^Autostart^OpenOffice.org 3.0.lnk]
C:\Program\OPENOF~1.ORG\program\QUICKS~1.EXE [2008-09-12 384000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Erik^Start-meny^Program^Autostart^TK8 EasyNote.lnk]
C:\DOCUME~1\Erik\APPLIC~1\TK8SOF~1\TK8EAS~1\EasyNote.exe [2001-01-22 439808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"LBTServ"=3

C:\Documents and Settings\All Users\Start-meny\Program\Autostart
Logitech SetPoint.lnk - C:\Program\Logitech\SetPoint\SetPoint.exe
WordWeb.lnk - C:\Program\WordWeb\wweb32.exe

C:\Documents and Settings\Erik\Start-meny\Program\Autostart
Adobe Gamma.lnk - C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe
Registration Silent Hunter III.LNK - D:\Spel\SHIII\Support\Register\RegistrationReminder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-09-24 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program\delade filer\logishrd\bluetooth\LBTWlgn.dll [2008-05-02 72208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\Program\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"=C:\Program\TALLEM~1\ONLINE~1\oaevent.dll [2008-11-26 886984]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"F:\Spel\BF 2\BF2.exe"="F:\Spel\BF 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Program\Messenger\msmsgs.exe"="C:\Program\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"D:\Spel\NVN2\nwn2main.exe"="D:\Spel\NVN2\nwn2main.exe:*:Enabled:Neverwinter Nights 2 Main"
"D:\Spel\NVN2\nwn2main_amdxp.exe"="D:\Spel\NVN2\nwn2main_amdxp.exe:*:Enabled:Neverwinter Nights 2 AMD"
"D:\Spel\NVN2\nwupdate.exe"="D:\Spel\NVN2\nwupdate.exe:*:Enabled:Neverwinter Nights 2 Updater"
"D:\Spel\NVN2\nwn2server.exe"="D:\Spel\NVN2\nwn2server.exe:*:Enabled:Neverwinter Nights 2 Server"
"C:\Program\Microsoft ActiveSync\rapimgr.exe"="C:\Program\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program\Microsoft ActiveSync\wcescomm.exe"="C:\Program\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program\Microsoft ActiveSync\WCESMgr.exe"="C:\Program\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Spel\Mass Effect\Binaries\MassEffect.exe"="D:\Spel\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game"
"D:\Spel\Mass Effect\MassEffectLauncher.exe"="D:\Spel\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher"
"F:\Spel\CoD4\iw3mp.exe"="F:\Spel\CoD4\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare™ "
"C:\Program\Curse\CurseClient.exe"="C:\Program\Curse\CurseClient.exe:*:Enabled:Curse Client"
"C:\Program\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe"="C:\Program\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Disabled:javaw"
"C:\Program\uTorrent\uTorrent.exe"="C:\Program\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program\Microsoft ActiveSync\rapimgr.exe"="C:\Program\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program\Microsoft ActiveSync\wcescomm.exe"="C:\Program\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program\Microsoft ActiveSync\WCESMgr.exe"="C:\Program\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1c29fccf-07b7-11dd-b920-001617be2300}]
shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{66ba19f2-7e31-11db-8e37-806d6172696f}]
shell\AutoRun\command - G:\Autorun.exe


======File associations======

.scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2009-02-15 21:32:24 ----D---- C:\rsit
2009-02-13 00:11:36 ----D---- C:\Program\WMIAL-Free
2009-02-11 03:01:39 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-11 00:56:47 ----D---- C:\Program\foldit
2009-02-11 00:56:47 ----D---- C:\Documents and Settings\All Users\Application Data\foldit
2009-01-25 01:08:47 ----D---- C:\Documents and Settings\All Users\Application Data\CanonCP
2009-01-25 01:07:12 ----D---- C:\Program\Delade filer\Canon
2009-01-19 01:03:40 ----D---- C:\Program\Delade filer\Symantec Shared

======List of files/folders modified in the last 1 months======

2009-02-15 21:32:34 ----D---- C:\WINDOWS\Prefetch
2009-02-15 21:32:25 ----D---- C:\WINDOWS\temp
2009-02-15 20:37:01 ----D---- C:\Program\Mozilla Thunderbird
2009-02-15 18:10:22 ----D---- C:\Program\Mozilla Firefox
2009-02-15 15:39:15 ----D---- C:\WINDOWS\system32\drivers
2009-02-15 15:39:15 ----D---- C:\Documents and Settings\Erik\Application Data\GSC 2.00
2009-02-13 16:49:19 ----D---- C:\Documents and Settings\Erik\Application Data\uTorrent
2009-02-13 16:03:48 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-13 16:03:46 ----SD---- C:\WINDOWS\Tasks
2009-02-13 16:02:11 ----D---- C:\Documents and Settings\Erik\Application Data\OnlineArmor
2009-02-13 02:09:17 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-13 00:11:36 ----D---- C:\Program
2009-02-13 00:02:22 ----D---- C:\WINDOWS\system32
2009-02-11 16:35:45 ----D---- C:\WINDOWS
2009-02-11 03:01:41 ----HD---- C:\WINDOWS\inf
2009-02-11 03:01:38 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-11 03:00:58 ----A---- C:\WINDOWS\imsins.BAK
2009-02-11 03:00:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-11 03:00:50 ----D---- C:\Program\Internet Explorer
2009-02-11 03:00:43 ----D---- C:\WINDOWS\ie7updates
2009-02-09 21:01:15 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-02-07 17:05:28 ----A---- C:\WINDOWS\NeroDigital.ini
2009-02-05 22:11:35 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-02-04 00:21:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-03 14:37:46 ----D---- C:\WINDOWS\pss
2009-01-28 18:13:28 ----D---- C:\Program\HO
2009-01-27 00:27:23 ----SH---- C:\boot.ini
2009-01-27 00:27:23 ----A---- C:\WINDOWS\win.ini
2009-01-27 00:27:23 ----A---- C:\WINDOWS\system.ini
2009-01-26 20:09:12 ----D---- C:\Documents and Settings\Erik\Application Data\FileZilla
2009-01-25 01:08:49 ----A---- C:\WINDOWS\WININIT.INI
2009-01-25 01:07:12 ----D---- C:\Program\Delade filer
2009-01-23 18:33:15 ----D---- C:\Program\Winamp
2009-01-23 18:27:56 ----A---- C:\WINDOWS\gmer.ini
2009-01-23 18:20:55 ----SHD---- C:\WINDOWS\Installer
2009-01-23 18:20:54 ----SHD---- C:\Config.Msi
2009-01-19 17:36:48 ----A---- C:\WINDOWS\Dialux.ini
2009-01-19 00:29:23 ----D---- C:\Program\mIRC
2009-01-17 17:40:23 ----D---- C:\WINDOWS\Debug
2009-01-16 21:31:18 ----A---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 intelppm;Intel-processordrivrutin; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40320]
R1 kbdhid;HID-drivrutin för tangentbord; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 OADevice;OADriver; \??\C:\WINDOWS\system32\drivers\OADriver.sys []
R1 OAmon;OAmon; \??\C:\WINDOWS\system32\drivers\OAmon.sys []
R1 OAnet;OAnet; \??\C:\WINDOWS\system32\drivers\OAnet.sys []
R1 prcmondrv;prcmondrv; \??\C:\WINDOWS\system32\drivers\prcmondrv1041.sys []
R1 truecrypt;truecrypt; \??\C:\WINDOWS\system32\Drivers\truecrypt.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R3 Arp1394;1394 ARP-klientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-09-24 3331072]
R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2006-07-19 230400]
R3 HDAudBus;Microsoft UAA-bussdrivrutin för High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID-klassdrivrutin; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-12-05 4632576]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2008-02-29 28944]
R3 mouhid;HID-drivrutin för mus; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-06 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Drivrutin för Microsoft USB-standardnav (hub); C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 as5ommra;as5ommra; C:\WINDOWS\system32\drivers\as5ommra.sys []
S3 CCDECODE;Avkodare för dold textning; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 Dot4;MS IEEE-1284.4-drivrutin; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976]
S3 Dot4Print;Utskriftsklassdrivrutin för IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-09-06 23936]
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-12-10 68961]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSTEE;Tee/Sink-to-Sink-konverterare för Microsoft-direktuppspelning; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video-anslutning; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 Profos;Profos; \??\C:\Program\Delade filer\BitDefender\BitDefender Threat Scanner\profos.sys []
S3 Razerlow;Razerlow USB Filter Driver; C:\WINDOWS\System32\Drivers\Razerlow.sys [2005-04-24 13225]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 Trufos;Trufos; \??\C:\Program\Delade filer\BitDefender\BitDefender Threat Scanner\trufos.sys []
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbprint;Microsoft USB-skrivarklass; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Drivrutin för USB-skanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Drivrutin för USB-masslagringsenheter; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-04-10 104576]
S3 WDM_Capture_225;Digital-TV Receiver.; C:\WINDOWS\System32\Drivers\WDM_Capture_225.sys [2006-03-20 19328]
S3 WDM_Loader_225;DVB-T TV; C:\WINDOWS\System32\Drivers\WDM_Loader_225.sys [2006-06-05 17024]
S3 WSTCODEC;Teletext-codec för världsstandard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program\Lavasoft\Ad-Aware\aawservice.exe [2008-11-03 611664]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-09-24 581632]
R2 avast! Antivirus;avast! Antivirus; C:\Program\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 FileZilla Server;FileZilla Server FTP server; C:\Program\FileZilla Server\FileZilla Server.exe [2007-02-27 584192]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program\Java\jre6\bin\jqs.exe [2008-12-13 152984]
R2 OAcat;Online Armor Helper Service; C:\Program\Tall Emu\Online Armor\oacat.exe [2008-11-26 1402568]
R2 PDAgent;PDAgent; C:\Program\Raxco\PerfectDisk\PDAgent.exe [2006-10-10 402960]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-12-14 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-02-09 202040]
R2 SvcOnlineArmor;Online Armor; C:\Program\Tall Emu\Online Armor\oasrv.exe [2008-11-26 3321032]
R2 WinDefend;Windows Defender; C:\Program\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
R3 PDEngine;PDEngine; C:\Program\Raxco\PerfectDisk\PDEngine.exe [2006-10-10 603664]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-09-23 593920]
S3 Adobe LM Service;Adobe LM Service; C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-02-27 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 DirMS_Defragmentation;DirMS_Defragmentation; C:\Program\MATCO\DirmsService.exe [2006-11-27 245760]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program\Google\Google Desktop Search\GoogleDesktopManager.exe [2007-02-27 69120]
S3 IDriverT;InstallDriver Table Manager; C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S3 ServiceLayer;ServiceLayer; C:\Program\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program\Windows Media Player\WMPNetwk.exe [2006-11-15 912384]
S4 LBTServ;Logitech Bluetooth Service; C:\Program\Delade filer\Logishrd\Bluetooth\LBTServ.exe [2008-05-02 121360]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------



BC AdBot (Login to Remove)

 


#2 Baabiouz

Baabiouz

    Finnish Malware Fighter


  • Members
  • 3,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:10:08 PM

Posted 26 February 2009 - 02:39 PM

Hello

Apologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.
If you have since resolved the original problem you were having would appreciate you letting us know If not please perform the following below so I can have a look at the current condition of your machine.

Thanks and again sorry for the delay.

Before we can continue, please post a fresh HijackThis log back here :thumbup2:
Posted Image

#3 Baabiouz

Baabiouz

    Finnish Malware Fighter


  • Members
  • 3,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:10:08 PM

Posted 11 March 2009 - 08:25 AM

This thread will now be closed.
If you need this topic reopened, please contact me.

This applies only to the original topic starter.
Everyone else please begin a New Topic.
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users