Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect malware, slowing computer


  • This topic is locked This topic is locked
2 replies to this topic

#1 Equalworker

Equalworker

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:32 AM

Posted 23 December 2010 - 03:55 PM

Hello,

I am hoping to get some help with my Windows XP 32 bit home version computer. I have been having problems with malware constantly for the last couple of months. I have Microsoft security essentials and Malware bytes. Sometimes they find stuff and get rid of it, other times they find nothing and the problems persist.
What's going on now is that I'm getting the annoying redirects when I go to sites such as twitter.com and also my computer has been running much slower than usual. I have ran full scans on both MSE and Malware bytes with nothing being discovered. I heard about this forum and using Combo fix, so I did the combo fix. When I rebooted I got like a Run DLL error or something not sure of the number. That was the first time i saw that - after the combo fix.
PS:I wish I had a better understanding of what it really takes to root out a virus. I feel generally people have no clue when the anti virus software falls short! Please help! Thanks in advance



ComboFix 10-12-23.02 - EQ 12/23/2010 14:29:10.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.151 [GMT -6:00]
Running from: c:\documents and settings\EQ\My Documents\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: Norton AntiVirus *Enabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\EQ\Application Data\cacaoweb
c:\documents and settings\EQ\Application Data\cacaoweb\adstorage.db
c:\documents and settings\EQ\Application Data\cacaoweb\replicating27FAB7C3168C90556A6A9DB7B3A899C4.cacao
c:\documents and settings\EQ\Application Data\cacaoweb\replicating6F5F050F96C05745EF5C7B7FFE6690C9.cacao
c:\documents and settings\EQ\Application Data\cacaoweb\replicatingCC6E919432E114AB9EB5AF5D66B03702.cacao
c:\documents and settings\EQ\Application Data\cacaoweb\replicatingE4DF3A015AF3E836516DD97DBF8C94D6.cacao
c:\documents and settings\EQ\Application Data\cacaoweb\storage.db
c:\documents and settings\EQ\Application Data\Sky-Banners
c:\documents and settings\EQ\Application Data\Sky-Banners\skb\log.xml
c:\documents and settings\EQ\Application Data\Street-Ads
c:\documents and settings\EQ\Local Settings\Application Data\{13C1DB28-A10B-4FE9-94BF-F190548187CA}
c:\documents and settings\EQ\Local Settings\Application Data\{13C1DB28-A10B-4FE9-94BF-F190548187CA}\chrome.manifest
c:\documents and settings\EQ\Local Settings\Application Data\{13C1DB28-A10B-4FE9-94BF-F190548187CA}\chrome\content\_cfg.js
c:\documents and settings\EQ\Local Settings\Application Data\{13C1DB28-A10B-4FE9-94BF-F190548187CA}\chrome\content\overlay.xul
c:\documents and settings\EQ\Local Settings\Application Data\{13C1DB28-A10B-4FE9-94BF-F190548187CA}\install.rdf
c:\documents and settings\EQ\My Documents\iexplore.exe
c:\documents and settings\Other\Application Data\cacaoweb
c:\documents and settings\Other\Application Data\cacaoweb\ad96D9145E8C867A23E1125CAAA9681BE1.ad
c:\documents and settings\Other\Application Data\cacaoweb\adstorage.db
c:\documents and settings\Other\Application Data\cacaoweb\megavideo35MC9RIU986040695.cacao
c:\documents and settings\Other\Application Data\cacaoweb\megavideoXDVO7FSE117148519.cacao
c:\documents and settings\Other\Application Data\cacaoweb\replicating4B9B95BF1EFD928550E15C51826B3950.cacao
c:\documents and settings\Other\Application Data\cacaoweb\replicatingD07D485774F455F7ED03F26A443AA360.cacao
c:\documents and settings\Other\Application Data\cacaoweb\storage.db
c:\documents and settings\Other\Application Data\Sky-Banners
c:\windows\$NtUninstallMTF1011$
c:\windows\$NtUninstallMTF1011$\apUninstall.exe
c:\windows\$NtUninstallMTF1011$\mmduch.dll
c:\windows\$NtUninstallMTF1011$\zrpt.xml
c:\windows\system32\Oeminfo.ini
c:\windows\system32\Thumbs.db
c:\windows\system32\xa.tmp

c:\windows\system32\kernel32.dll . . . is infected!!

.
((((((((((((((((((((((((( Files Created from 2010-11-23 to 2010-12-23 )))))))))))))))))))))))))))))))
.

2010-12-22 23:07 . 2010-12-22 23:07 -------- d-----w- c:\program files\Common Files\Skype
2010-12-22 09:46 . 2010-11-10 04:33 6273872 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E4616C79-E189-4AEB-8423-A261F3DE94FA}\mpengine.dll
2010-12-15 09:15 . 2010-12-17 03:27 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2010-12-14 00:26 . 2010-12-14 00:26 -------- d-----w- c:\documents and settings\Other\Application Data\DivX
2010-12-14 00:26 . 2010-12-14 00:26 -------- d-----w- c:\documents and settings\Other\Local Settings\Application Data\Sony
2010-12-14 00:26 . 2010-12-14 00:26 -------- d-----w- c:\documents and settings\Other\Application Data\Sony
2010-12-05 04:25 . 2010-12-05 04:25 -------- d-----w- c:\documents and settings\Other\Local Settings\Application Data\WMTools Downloaded Files
2010-12-05 03:49 . 2010-12-05 03:49 -------- d-----w- c:\program files\Flip Video
2010-12-05 03:49 . 2010-12-05 03:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Flip Video
2010-12-05 03:33 . 2010-12-05 03:33 -------- d-----w- c:\documents and settings\Other\Application Data\Apple Computer
2010-12-04 01:56 . 2010-12-04 01:56 -------- d-----w- c:\documents and settings\Other\Local Settings\Application Data\Temp
2010-12-03 20:49 . 2010-12-06 06:02 -------- d-----w- c:\documents and settings\Other\Application Data\skypePM
2010-12-03 20:48 . 2010-12-08 06:30 -------- d-----w- c:\documents and settings\Other\Application Data\Skype
2010-12-03 20:35 . 2010-12-03 20:35 -------- d-----w- c:\documents and settings\Other\Application Data\Malwarebytes
2010-12-02 16:20 . 2010-12-02 16:20 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2010-12-01 19:08 . 2010-03-30 06:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-01 19:08 . 2010-12-01 19:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-01 19:08 . 2010-03-30 06:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-29 08:11 . 2010-11-29 08:11 -------- d-----w- c:\documents and settings\EQ\Application Data\Publish Providers
2010-11-29 07:55 . 2010-11-29 07:55 -------- d-----w- c:\documents and settings\EQ\Local Settings\Application Data\Sony
2010-11-29 07:49 . 2010-11-29 07:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony
2010-11-29 07:48 . 2010-11-29 07:49 -------- d-----w- c:\program files\Sony
2010-11-29 07:45 . 2010-11-29 07:46 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-11-29 07:41 . 2010-11-29 07:41 -------- d-----w- c:\program files\MSBuild
2010-11-29 07:32 . 2010-11-29 07:32 -------- d-----w- c:\windows\system32\XPSViewer
2010-11-29 07:30 . 2010-11-29 07:30 -------- d-----w- c:\program files\Reference Assemblies
2010-11-29 07:30 . 2006-10-14 22:43 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-11-29 07:29 . 2006-06-29 19:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-11-29 07:18 . 2010-11-29 07:18 -------- d-----w- c:\documents and settings\EQ\Application Data\Sony Setup
2010-11-29 07:06 . 2010-11-29 08:11 -------- d-----w- c:\documents and settings\EQ\Application Data\Sony
2010-11-29 06:26 . 2010-11-29 06:26 -------- d-----w- c:\documents and settings\EQ\Application Data\Roxio
2010-11-29 06:23 . 2010-11-29 06:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Uninstall
2010-11-29 06:23 . 2010-11-29 06:23 -------- d-----w- c:\program files\Common Files\SureThing Shared
2010-11-29 06:22 . 2010-11-29 06:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Sonic
2010-11-29 06:22 . 2010-11-29 06:22 -------- d-----w- c:\program files\Common Files\Sonic Shared
2010-11-29 06:21 . 2010-11-29 06:22 -------- d-----w- c:\program files\Common Files\Roxio Shared
2010-11-29 06:21 . 2010-11-29 06:21 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2010-11-29 06:21 . 2010-11-29 06:23 -------- d-----w- c:\program files\Roxio
2010-11-24 21:24 . 2010-11-24 21:24 -------- d-----w- c:\program files\CCleaner

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-10 04:33 . 2010-10-01 20:38 6273872 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2010-10-19 20:51 . 2010-02-21 09:01 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-10 18:31 . 2010-10-10 18:30 8892928 ----a-w- c:\documents and settings\All Users\Application Data\atscie.msi
.
<pre>
c:\program files\Adobe\Reader 8.0\Reader\Reader_sl .exe
c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM .exe
c:\program files\Common Files\Java\Java Update\jusched .exe
c:\program files\Common Files\Microsoft Shared\DW\dwtrig20 .exe
c:\program files\CyberLink\PowerDVD\PDVDServ .exe
c:\program files\CyberLink\PowerDVD\Language\Language .exe
c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu .exe
c:\program files\DivX\DivX Update\DivXUpdate .exe
c:\program files\IDT\WDM\sttray .exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif .exe
c:\program files\iTunes\iTunesHelper .exe
c:\program files\QuickTime\QTTask             .exe
c:\windows\system32\rundll32 .exe
</pre>

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress"="NA" [X]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2010-04-29 5248312]
"cacaoweb"="c:\program files\cacaoweb\cacaoweb.exe" [2010-12-23 307952]
"Starfield Updater"="c:\program files\Starfield\StarfieldUpdate.exe" [2010-11-16 32960]
"wben"="c:\program files\Starfield\wben.exe" [2010-11-08 1074384]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-12-03 14944136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-08-21 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-08-21 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-08-21 137752]
"AESTFltr"="c:\windows\system32\AESTFltr.exe" [2008-09-09 466944]
"Easy Dock"="c:\documents and settings\EQ\My Documents\RCA easyRip\EZDock .exe" [2009-04-03 573440]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-15 141608]
"bipro"="c:\windows\$NtUninstallMTF1011$\mmduch.dll" [N/A]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1094224]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

c:\documents and settings\EQ\Start Menu\Programs\Startup\
RCA Detective.lnk - c:\documents and settings\EQ\My Documents\RCA Detective\RCADetective.exe [2010-3-23 942592]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
VPN Client.lnk - c:\windows\Installer\{A7091E1D-36A4-47F1-A739-173CC341414F}\Icon3E5562ED7.ico [2010-3-23 6144]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\CA Personal Firewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiMalware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\cacaoweb\\cacaoweb.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5900:TCP"= 5900:TCP:RealVNC

R2 File Backup;File Backup Service;c:\program files\Starfield\offSyncService.exe [7/16/2010 1:47 PM 1310960]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [9/22/2008 8:21 PM 108160]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [8/27/2008 5:48 AM 93568]
S1 uvmtyjbk;uvmtyjbk;\??\c:\windows\system32\drivers\uvmtyjbk.sys --> c:\windows\system32\drivers\uvmtyjbk.sys [?]
S1 wisdnmqw;wisdnmqw;\??\c:\windows\system32\drivers\wisdnmqw.sys --> c:\windows\system32\drivers\wisdnmqw.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5/7/2010 3:41 PM 136176]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [12/1/2010 1:08 PM 38224]
.
Contents of the 'Scheduled Tasks' folder

2010-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-07 21:40]

2010-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-07 21:40]

2010-12-23 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2010-03-26 02:40]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:23012
DPF: {DBDC1CDA-B64B-49F7-9535-6317AA416E51} - hxxp://vdina.suth.com/downloads/VMware-viewclient.cab
FF - ProfilePath - c:\documents and settings\EQ\Application Data\Mozilla\Firefox\Profiles\t9cfuxao.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: cacaoweb: cacaoweb@cacaoweb.org - %profile%\extensions\cacaoweb@cacaoweb.org
FF - Ext: EWOQ Mobile Setup extension: {f035aa18-ee32-4e6e-81d2-57e32867f8a7} - %profile%\extensions\{f035aa18-ee32-4e6e-81d2-57e32867f8a7}
FF - Ext: wmlbrowser: {c4dc572a-3295-40eb-b30f-b54aa4cdc4b7} - %profile%\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}
FF - Ext: Flashblock: {3d7eb24f-2740-49df-8937-200b1cc08f8a} - %profile%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
FF - Ext: XHTML Mobile Profile: {8ea9957e-2953-402f-80e0-bceb5f169d6f} - %profile%\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}
FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
- - - - ORPHANS REMOVED - - - -

BHO-{129933CF-3713-4FEB-8362-E03890D13C65} - c:\windows\$NtUninstallMTF1011$\mmduch.dll
Toolbar-Locked - (no file)
AddRemove-$NtUninstallMTF1011$ - c:\windows\$NtUninstallMTF1011$\apUninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-23 14:38
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
cacaoweb = "c:\program files\cacaoweb\cacaoweb.exe" -noplayer?abled:cacaoweb?es??????????????????N?????????????l?N???N???????????N???N? ??|`??|????????????????( ??????Service Pack 3?????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3576)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\idt\xpv_v080829\wdm\stacsv.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Flip Video\FlipShare\FlipShareService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\taskmgr.exe
.
**************************************************************************
.
Completion time: 2010-12-23 14:43:17 - machine was rebooted
ComboFix-quarantined-files.txt 2010-12-23 20:43

Pre-Run: 97,556,168,704 bytes free
Post-Run: 98,384,228,352 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - DBF9CC03C223E985525A110450A8E528

Edited by hamluis, 23 December 2010 - 04:59 PM.
Moved from XP to Malware Removal Logs ~ Hamluis.


BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:09:32 AM

Posted 31 December 2010 - 01:22 PM

Hello Equalworker ,

Posted Image

Sorry for the delay. :( If you still need help, please post a new DDS/HijackThis log and I'll be happy to look at it. :)

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:09:32 AM

Posted 10 January 2011 - 12:04 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users