Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AppData\Roaming\Microsoft\server.exe runs at startup


  • This topic is locked This topic is locked
4 replies to this topic

#1 hungoverbunny

hungoverbunny

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:16 AM

Posted 28 May 2011 - 07:15 AM

I lent my computer to my brother for a few days while I went away.

He said when I got back that he downloaded a file from someone on omegle.com and he didn't know what it did...

When I start up my PC an exe file runs AppData\Roaming\Microsoft\server.exe and then command prompt flashes I'm worried this might be some kind of keylogger.

Needless to say my brother will not be getting the use of my Laptop ever again!I've had a look at the processes running in task manager but i can't seem to see anything out of the ordinary...

I'm running Windows Vista Home Premium 32-bit. I'm just looking for some advice or help on this and if anyone has experienced this before...thanks in advance.


.
DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_25
Run by Ciaran Smith at 14:02:20 on 2011-05-27
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.353.1033.18.3066.1061 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: McAfee VirusScan *Disabled/Updated* {91492D4B-0869-000E-929C-AE00AA450731}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Xobni\XobniService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe
C:\Program Files\O2 Connection Manager\WaHelper.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AirPort\APAgent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\TK8 StickyNotes\TK8StickyNotes.exe
C:\Program Files\doubleTwist 2.0\DoubleTwist.DeviceHelper.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Windows\ehome\ehmsas.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\Taskmgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ciaran Smith\Documents\Downloads\Defogger.exe
C:\Users\Ciaran Smith\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Ciaran Smith\Documents\Downloads\dds (1).scr
C:\Windows\system32\WSCRIPT.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = http://www.google.com
uStart Page = http://google.com/
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = http://www.google.ie/ig/dell?hl=en&client=dell-row&channel=ie&ibd=5081128
uSearch Bar = http://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = http://www.google.com/search/?q=%s
mSearchAssistant = http://start.facemoods.com/?a=mnv&s={searchTerms}&f=4
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
uURLSearchHooks: Softonic-Ireland Toolbar: {64d6c176-6174-4605-8982-3975075ac5ad} - c:\program files\softonic-ireland\tbSoft.dll
mURLSearchHooks: Softonic-Ireland Toolbar: {64d6c176-6174-4605-8982-3975075ac5ad} - c:\program files\softonic-ireland\tbSoft.dll
mWinlogon: Userinit=c:\windows\system32\userinit.exe
BHO: AutorunsDisabled - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: McAfee Phishing Filter: {377c180e-6f0e-4d4c-980f-f45bd3d40cf4} - c:\progra~1\mcafee\msk\mcapbho.dll
BHO: Softonic-Ireland Toolbar: {64d6c176-6174-4605-8982-3975075ac5ad} - c:\program files\softonic-ireland\tbSoft.dll
BHO: PodcastBHO Class: {65134fdf-f8a5-4b3d-91d9-cdf273cfd578} - c:\program files\common files\doubletwist\IEPodcastPlugin.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\Scriptcl.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: LastPass Browser Helper Object: {95d9ecf5-2a4d-4550-be49-70d42f71296e} - c:\program files\lastpass\LPBar.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Softonic-Ireland Toolbar: {64d6c176-6174-4605-8982-3975075ac5ad} - c:\program files\softonic-ireland\tbSoft.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - c:\program files\lastpass\LPBar.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
uRun: [Google Update] "c:\users\ciaran smith\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [TK8 StickyNotes] "c:\program files\tk8 stickynotes\TK8StickyNotes.exe"
uRun: [doubleTwist] c:\program files\doubletwist 2.0\DoubleTwist.DeviceHelper.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [irLdrZikqq] "c:\users\ciaran smith\appdata\local\temp\rundll32.exe"
uRun: [HKCU] c:\users\ciaran smith\appdata\roaming\microsoft\server.exe
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\UdaterUI.exe" /StartedFromRunKey
mRun: [<NO NAME>]
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] c:\program files\google\gmail notifier\gnotify.exe
mRun: [DVD or CD Sharing] "c:\program files\dvd or cd sharing\ODSAgent.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [MaxMenuMgr] "c:\program files\seagate\seagatemanager\freeagent status\StxMenuMgr.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [TRUUpdater] "c:\program files\sierra wireless inc\webupdater\TRUUpdater.exe" /bkground
mRun: [WatcherHelper] "c:\program files\o2 connection manager\WaHelper.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AirPort Base Station Agent] "c:\program files\airport\APAgent.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\users\ciaran~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe
StartupFolder: c:\users\ciaran~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\seagat~1.lnk - c:\users\ciaran smith\appdata\roaming\leadertech\powerregister\Seagate Product Registration.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\device~1.lnk - c:\program files\olympus\devicedetector\DevDtct2.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: LastPass - file://c:\program files\lastpass\context.html?cmd=lastpass
IE: LastPass Fill Forms - file://c:\program files\lastpass\context.html?cmd=fillforms
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\flashget\FlashGet.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger1\MSMSGS.EXE
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang0401
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang0404
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang0405
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang0406
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang0407
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang0408
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang0409
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang040b
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang040c
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang040d
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang040e
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang0410
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang0411
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang0412
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang0413
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang0414
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang0415
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang0416
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang0419
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang041b
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang041d
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang041f
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang0424
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang0804
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang0816
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683}\Lang0c0a
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - c:\program files\lastpass\LPBar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} - http://support.euro.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - http://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUplden-ie.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
AppInit_DLLs: c:\progra~1\google\google~3\GOEC62~1.DLL
STS: FencesShlExt Class: {1984dd45-52cf-49cd-ab77-18f378fea264} - c:\program files\stardock\fences\FencesMenu.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\ciaran smith\appdata\roaming\mozilla\firefox\profiles\0teb803o.default\
FF - prefs.js: browser.search.defaulturl - http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15000
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - http://google.com
FF - prefs.js: keyword.URL - http://start.facemoods.com/results.php?f=5&a=mnv&q=
FF - component: c:\users\ciaran smith\appdata\roaming\mozilla\firefox\profiles\0teb803o.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\ciaran smith\appdata\roaming\mozilla\firefox\profiles\0teb803o.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\ciaran smith\appdata\roaming\mozilla\firefox\profiles\0teb803o.default\extensions\support@lastpass.com\platform\winnt_x86-msvc\components\lpxpcom.dll
FF - plugin: c:\program files\common files\doubletwist\NPPodcast.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\opera\program\plugins\np_gp.dll
FF - plugin: c:\program files\opera\program\plugins\NPDocBox.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\ciaran smith\appdata\local\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Linkification: {35106bca-6c78-48c7-ac28-56df30b51d2a} - %profile%\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
FF - Ext: Bloody Red: {2458abc0-f443-11dd-87af-0800200c9a66} - %profile%\extensions\{2458abc0-f443-11dd-87af-0800200c9a66}
FF - Ext: FennecFox: {989e9382-d540-4189-88d1-fc54a949a387} - %profile%\extensions\{989e9382-d540-4189-88d1-fc54a949a387}
FF - Ext: AmbientFox: {c8f71e5b-88f8-42a7-98bb-e4c506161de9} - %profile%\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: Oskar: {5b175400-2368-11de-8c30-0800200c9a66} - %profile%\extensions\{5b175400-2368-11de-8c30-0800200c9a66}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Babylon-English Community Toolbar: {ce18769b-c7fa-42d2-860d-17c4662c70ad} - %profile%\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}
FF - Ext: LavaFox V1-Blue: djziggy@gmail.com - %profile%\extensions\djziggy@gmail.com
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: LastPass: support@lastpass.com - %profile%\extensions\support@lastpass.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165264]
R1 MpKsl41c07ff5;MpKsl41c07ff5;c:\programdata\microsoft\microsoft antimalware\definition updates\{47ef2a64-3788-4531-b47a-61e372e111c3}\MpKsl41c07ff5.sys [2011-5-27 28752]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_f6ef8056\AEstSrv.exe [2010-4-14 81920]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-9-23 155648]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-9-25 189736]
R2 iPodDrv;iPodDrv;c:\windows\system32\drivers\iPodDrv.sys [2010-8-4 6656]
R2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2008-12-17 104000]
R2 McShield;McAfee McShield;c:\program files\mcafee\virusscan enterprise\Mcshield.exe [2006-11-30 144960]
R2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\VsTskMgr.exe [2006-11-30 54872]
R2 TeamViewer5;TeamViewer 5;c:\program files\teamviewer\version5\TeamViewer_Service.exe [2010-3-18 172328]
R2 XobniService;XobniService;c:\program files\xobni\XobniService.exe [2010-3-16 55016]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2008-11-27 29736]
R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\drivers\itecir.sys [2008-11-28 54784]
R3 k57nd60x;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2008-11-28 203264]
R3 mfeavfk;McAfee Inc.;c:\windows\system32\drivers\mfeavfk.sys [2009-9-23 72264]
R3 mfehidk;McAfee Inc.;c:\windows\system32\drivers\mfehidk.sys [2008-11-28 201320]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2010-11-11 206360]
R3 RLDesignVirtualAudioCableWdm;Live! Cam Virtual;c:\windows\system32\drivers\livecamv.sys [2010-3-8 31616]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [2010-3-11 25088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2011-2-26 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-11-28 30192]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2008-11-28 33832]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2008-11-28 40488]
S3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\drivers\OA001Ufd.sys [2009-3-6 133632]
S3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\drivers\OA001Vid.sys [2009-3-8 280096]
S3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);c:\windows\system32\drivers\swnc8ua3.sys [2009-7-22 197504]
S3 SWUMXA3;Sierra Wireless USB MUX Driver (UMTSA3);c:\windows\system32\drivers\swumxa3.sys [2009-7-22 148992]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2008-11-28 358224]
S4 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2008-11-28 695624]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2008-7-11 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [2008-7-10 242712]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2008-7-11 369688]
S4 VMCService;Vodafone Mobile Connect Service;c:\program files\vodafone\vodafone mobile connect\bin\VMCService.exe [2008-3-13 24576]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2011-05-27 12:41:11 -------- d-----w- c:\users\ciaran smith\appdata\local\{1C1FC152-5C9B-47AA-AEEF-C7BC278C1F67}
2011-05-27 11:41:07 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{47ef2a64-3788-4531-b47a-61e372e111c3}\MpKsl41c07ff5.sys
2011-05-27 10:53:14 6962000 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{47ef2a64-3788-4531-b47a-61e372e111c3}\mpengine.dll
2011-05-26 15:36:23 -------- d-----w- c:\users\ciaran smith\appdata\local\{AD09DE5D-7339-407B-AFBA-4CEB0288C2C7}
2011-05-25 20:25:08 -------- d-----w- c:\users\ciaran smith\appdata\local\{C710ABAF-1CA7-4692-B340-6C17EAC36D86}
2011-05-24 21:25:17 -------- d-----w- c:\users\ciaran smith\appdata\local\{9E2B1DEA-12BD-481A-82A4-C5D4A3DE741E}
2011-05-24 19:45:56 -------- d-----w- c:\users\ciaran smith\appdata\local\{D676AECC-64E8-4ED6-B0EC-D7643ECCC835}
2011-05-24 18:05:14 -------- d-----w- c:\users\ciaran smith\appdata\local\{FCD3F598-5F43-47CD-824E-553795B90C7F}
2011-05-23 17:24:47 -------- d-----w- c:\users\ciaran smith\appdata\local\{1036CBBE-6539-448A-965A-B11BBF5DC345}
2011-05-22 17:14:21 -------- d-----w- c:\users\ciaran smith\appdata\local\{F2260F9B-D319-4BC6-82C5-508DDBDE3D73}
2011-05-21 13:36:39 -------- d-----w- c:\users\ciaran smith\appdata\local\{89713548-E8A6-46A0-8B8E-7EE6419FAAA5}
2011-05-20 13:35:15 -------- d-----w- c:\users\ciaran smith\appdata\local\{23CB4650-9E26-44C0-B078-D98E6E5BD9A4}
2011-05-20 10:22:32 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-20 01:34:24 -------- d-----w- c:\users\ciaran smith\appdata\local\{752F4942-2532-4AB8-99DE-4EE9527A42E5}
2011-05-19 13:33:28 -------- d-----w- c:\users\ciaran smith\appdata\local\{06CA195F-AC11-48AB-8BA7-2B94DAE0183A}
2011-05-19 10:47:02 439632 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{773454f3-8965-4135-882e-e39d93e64758}\gapaengine.dll
2011-05-17 19:01:52 -------- d-----w- c:\users\ciaran smith\appdata\local\{99EBDFE2-56A5-47EE-A43E-F95B0C304FAC}
2011-05-16 17:41:58 -------- d-----w- c:\users\ciaran smith\appdata\local\{D907C923-7D51-413D-B9BF-B62F2262F2DF}
2011-05-15 17:15:23 -------- d-----w- c:\users\ciaran smith\appdata\local\{04F0718A-58FF-4BA7-8351-556F326ADFB2}
2011-05-14 13:45:14 -------- d-----w- c:\users\ciaran smith\appdata\local\{712D2AC6-7D06-4A6D-BB30-5412F2FB1283}
2011-05-14 13:41:21 -------- d-----w- c:\users\ciaran smith\appdata\local\{70C10CB4-D588-425A-9D5B-37E56EF18E8F}
2011-05-13 23:25:11 -------- d-----w- c:\users\ciaran smith\appdata\local\{0B80A0CF-6904-461D-BB08-B3D3CAA3DA84}
2011-05-13 10:55:20 -------- d-----w- c:\users\ciaran smith\appdata\local\{83E13408-AB78-4CD5-9305-6761793A35F8}
2011-05-12 15:26:16 -------- d-----w- c:\users\ciaran smith\appdata\local\{1D731D72-BEAE-4C52-A3F7-D4EBD81869FD}
2011-05-11 18:21:19 -------- d-----w- c:\programdata\Skype Extras
2011-05-11 17:51:41 -------- d-----w- c:\users\ciaran smith\appdata\local\{7FED9D2B-B16F-4CD4-AA01-DC3181BFB763}
2011-05-10 17:38:34 -------- d-----w- c:\users\ciaran smith\appdata\local\{9A84F170-7C66-450C-83D3-73FEDE4ED122}
2011-05-10 17:22:57 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-05-09 17:18:46 -------- d-----w- c:\users\ciaran smith\appdata\local\{E232273A-4BF6-434F-B1B8-64F9F2572C58}
2011-05-08 18:08:47 -------- d-----w- c:\users\ciaran smith\appdata\local\{96B77D7D-1BB0-42F6-A344-51BB66B7165A}
2011-05-07 22:15:40 -------- d-----w- c:\users\ciaran smith\appdata\local\{9FD381A2-AECA-4E2C-B95C-C5E328FD7428}
2011-05-07 22:14:35 -------- d-----w- c:\programdata\DivX
2011-05-07 10:15:06 -------- d-----w- c:\users\ciaran smith\appdata\local\{9432EB70-B046-4723-A551-A5770513910D}
2011-05-06 15:26:17 -------- d-----w- c:\users\ciaran smith\appdata\local\{EB658CA7-395E-4D29-82D3-194E1754ACFC}
2011-05-05 17:29:49 -------- d-----w- c:\users\ciaran smith\BeeperPickingKarel
2011-05-05 17:08:48 -------- d-----w- c:\users\ciaran smith\.metadata
2011-05-05 15:24:04 -------- d-----w- c:\program files\ConvertHelper
2011-05-05 14:56:34 -------- d-----w- c:\users\ciaran smith\appdata\local\{33452B86-9A7F-4506-9FF3-E569FB4BA539}
2011-05-04 17:29:48 -------- d-----w- c:\users\ciaran smith\appdata\local\{BE10BE15-5EA0-470B-BA9A-932F168B4349}
2011-05-03 21:46:03 9331400 ----a-w- c:\program files\common files\lpuninstall.exe
2011-05-03 21:45:36 -------- d-----w- c:\program files\LastPass
2011-05-03 17:18:08 -------- d-----w- c:\users\ciaran smith\appdata\local\{3D9FD3DA-C37C-47EA-B357-E7D64F0A5388}
2011-05-02 18:08:03 -------- d-----w- c:\users\ciaran smith\appdata\local\{3A6EF5D4-7EDC-41C2-873D-D7DB77CBF55D}
2011-05-01 23:01:34 -------- d-----w- c:\program files\AirPort
2011-05-01 22:48:54 -------- d-----w- c:\program files\iPod
2011-05-01 17:32:50 -------- d-----w- c:\users\ciaran smith\appdata\local\{82A75E6D-B455-46C1-9918-2505AF0DECD1}
2011-05-01 05:31:40 -------- d-----w- c:\users\ciaran smith\appdata\local\{A47AE515-93B8-4DD6-BE37-5CF2BA351FE9}
2011-04-30 14:19:15 -------- d-----w- c:\users\ciaran smith\appdata\local\{37F14B92-191E-45B5-92D1-EAB8207264C6}
2011-04-29 09:10:48 -------- d-----w- c:\users\ciaran smith\appdata\local\{5FF66CA5-16E8-49D4-8AD6-2B37EBE4293F}
2011-04-28 15:10:04 -------- d-----w- c:\users\ciaran smith\appdata\local\{FB4763FC-A835-4015-BD3D-634624599B7B}
2011-04-27 18:16:34 -------- d-----w- c:\users\ciaran smith\appdata\local\{B6B998A7-D91D-4969-BC4C-F5E5F3F93735}
.
==================== Find3M ====================
.
2011-05-05 17:55:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-12 21:55:52 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-03-10 17:03:51 1162240 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-10 17:03:51 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-03-03 15:42:03 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 15:40:13 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-03-03 15:40:07 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40:05 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40:05 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40:04 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-03-03 13:35:36 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-03-03 13:25:11 2041856 ----a-w- c:\windows\system32\win32k.sys
2011-03-02 15:44:27 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
.
============= FINISH: 14:02:55.34 ===============

Attached Files


Edited by hungoverbunny, 28 May 2011 - 09:27 AM.


BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:16 AM

Posted 29 May 2011 - 01:27 PM

Hi,

Please do the following

Refer to the ComboFix User's Guide

  • Download ComboFix from one of these locations:

    Link 1
    Link 2

    * IMPORTANT !!! Place ComboFix.exe on your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.


    You can get help on disabling your protection programs here
  • Double click on ComboFix.exe & follow the prompts.
  • Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
  • When finished, it shall produce a log for you. Post that log in your next reply

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


    ---------------------------------------------------------------------------------------------
  • Ensure your AntiVirus and AntiSpyware applications are re-enabled.

    ---------------------------------------------------------------------------------------------

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 hungoverbunny

hungoverbunny
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:16 AM

Posted 29 May 2011 - 01:43 PM

thanks got it sorted

Edited by hungoverbunny, 29 May 2011 - 01:43 PM.


#4 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:16 AM

Posted 29 May 2011 - 02:25 PM

OK, thanks for letting me know

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#5 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:02:16 AM

Posted 29 May 2011 - 02:25 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users