Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

started with Security Protection Virus now complete shutdown...Please Help!!


  • This topic is locked This topic is locked
3 replies to this topic

#1 knicewarner

knicewarner

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:57 AM

Posted 31 August 2011 - 07:57 PM

This whole mess started earlier this week. My wife received a virus infested email from a friend. Shortly after, the internet sites started running slower. She then received the "Security Protection" pop-ups. I already had Malwarebytes installed and ran a quick scan which only showed & fixed the Security Protection virus (2 infected files).
The computer stayed on the remainder of the night and when she woke up the next morning, it was worse than before. I ran a full system scan which revealed over 40+ infected files. I thought Malwarebytes successfully found all the viruses and the computer ran good for a few hours and then antivirus program "Microsoft Essentials" shut down and the computer began locking up. I tried several times thru a hard-boot to run Malwarebytes again but it would run for a few seconds and then shut off.

I have ran the various logs requested from reading the other posts but when trying to run GMER, the scan wouldn't finish and would shut off too.

LOGS:::
.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 8.0.6001.18702
Run by Kevin at 20:26:48 on 2011-08-31
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.681 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
============== Running Processes ===============
.
C:\WINDOWS\2440225872:2937818478.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.comcast.net/
uInternet Connection Wizard,ShellNext = hxxp://www.dell.com/
uInternet Settings,ProxyOverride = <local>
uURLSearchHooks: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - c:\program files\swag_bucks\prxtbSwag.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {1C3C4699-B285-475F-BE47-0B26088CE876} - No File
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - c:\program files\swag_bucks\prxtbSwag.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {F06E2ABE-3A50-4079-BE25-FC100D9EAA25} - No File
TB: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - c:\program files\swag_bucks\prxtbSwag.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [SetDefaultMIDI] MIDIDef.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [EPSON Stylus CX3200] c:\windows\system32\spool\drivers\w32x86\3\e_s10ic2.exe /a "c:\windows\system32\E_S269.tmp"
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [VX3000] c:\windows\vVX3000.exe
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [VoiceCenter] "c:\program files\creative\voicecenter\AndreaVC.exe" /tray
mRun: [CTSysVol] c:\program files\creative\sbaudigy\surround mixer\CTSysVol.exe /r
mRun: [MBMon] Rundll32 CTMBHA.DLL,MBMon
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\common files\microsoft shared\encarta search bar\ENCSBAR.DLL
LSP: mswsock.dll
Trusted Zone: musicmatch.com\online
DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/mygarmin/m/GarminAxControl.CAB
DPF: {00000075-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/voxacm.CAB
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {0B195D55-0AB4-48C7-828F-34BE10BA4266} - hxxp://www.worldwinner.com/games/v53/dealornodeal/dealornodeal.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} - hxxp://mypoints.worldwinner.com/games/v47/shared/FunGamesLoader.cab
DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} - hxxps://lowes.2020.net/planner/Core/Player/2020PlayerAX_Win32.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} - hxxp://www-cdn.freerealms.com/gamedata/plugins/1.0.3.84/FreeRealmsInstaller.cab?v=1035
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www.costcophotocenter.com/CostcoActivia.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab
DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} - hxxp://martins.coupons.smartsource.com/download/cscmv5X.cab
DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} - hxxp://www.worldwinner.com/games/v63/bjattack/bja.cab
DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - hxxp://www.gamehouse.com/games/gamehouse/ghplayer.cab
DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - hxxp://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab
DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} - hxxp://picture.vzw.com/activex/VerizonWirelessUploadControl.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - hxxp://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab
DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} - hxxp://www.worldwinner.com/games/v57/wof/wof.cab
DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} - hxxp://www.worldwinner.com/games/v67/swapit/swapit.cab
DPF: {BA35B9B8-DE9E-47C9-AFA7-3C77E3DDFD39} - hxxp://www.worldwinner.com/games/v46/monopoly/monopoly.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} - hxxp://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E856B973-45FD-4559-8F82-EAB539144667} - hxxp://pccheckup.dellfix.com/rel/41/install/gtdownde.cab
DPF: {FF1CD9A3-00CD-45C1-8182-4EEC229A182D} - hxxps://www.plaxo.com/activex/plx_upldr-2k-xp.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{ABF88B41-EBD8-4208-BF30-39FE0E293676} : DhcpNameServer = 192.168.2.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
STS: {655560a9-3ca8-4509-9632-6abbef21426b} - No File
mASetup: {4D3B13AF-559D-4427-A598-227ECC4833C2} - rundll32.exe "c:\documents and settings\jo anne\application data\remote\srjmh47.dll", UnregisterDll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\kevin\application data\mozilla\firefox\profiles\w9zwxbse.default\
FF - plugin: c:\documents and settings\jo anne\application data\move networks\plugins\npqmp071505000011.dll
FF - plugin: c:\documents and settings\jo anne\application data\move networks\plugins\npqmp071706000001.dll
FF - plugin: c:\documents and settings\kevin\application data\move networks\plugins\npqmp071505000011.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\picasa2\npPicasa3.dll
FF - plugin: c:\program files\sony online entertainment\npsoe.dll
FF - plugin: c:\program files\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\documents and settings\kevin\application data\Move Networks
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
============= SERVICES / DRIVERS ===============
.
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-10-5 65584]
S1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-7-6 214664]
S1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-12-2 165648]
S1 MpKsl12cd3926;MpKsl12cd3926;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{4c76a437-2bf5-40ef-8fb7-1a9384f9f353}\mpksl12cd3926.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{4c76a437-2bf5-40ef-8fb7-1a9384f9f353}\MpKsl12cd3926.sys [?]
S1 MpKsl27815720;MpKsl27815720;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d4fb8479-44a6-4cb5-bf24-8cc053dfb7f5}\mpksl27815720.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d4fb8479-44a6-4cb5-bf24-8cc053dfb7f5}\MpKsl27815720.sys [?]
S1 MpKsl27b262d3;MpKsl27b262d3;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{026a045b-8dac-4f1a-bf40-ab465ad87bfe}\MpKsl27b262d3.sys [2011-8-31 28752]
S1 MpKsl48058893;MpKsl48058893;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{43f4ed0b-0cec-4007-810c-e65dc7f93c0b}\mpksl48058893.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{43f4ed0b-0cec-4007-810c-e65dc7f93c0b}\MpKsl48058893.sys [?]
S1 MpKsl4a646df7;MpKsl4a646df7;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f510134f-92ce-49df-b2c8-3018e2b3dbdf}\mpksl4a646df7.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f510134f-92ce-49df-b2c8-3018e2b3dbdf}\MpKsl4a646df7.sys [?]
S1 MpKsl6378b6f6;MpKsl6378b6f6;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{07e19a7a-fb48-4636-b420-cbf4448a181c}\mpksl6378b6f6.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{07e19a7a-fb48-4636-b420-cbf4448a181c}\MpKsl6378b6f6.sys [?]
S1 MpKsl6f79e9a2;MpKsl6f79e9a2;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a9e4bfb5-1c00-4896-bdb7-fe4f701bfd1b}\mpksl6f79e9a2.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{a9e4bfb5-1c00-4896-bdb7-fe4f701bfd1b}\MpKsl6f79e9a2.sys [?]
S1 MpKsl7f1f8c96;MpKsl7f1f8c96;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{4924b65f-f7d9-403f-8b4a-a79aa7ff12c5}\mpksl7f1f8c96.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{4924b65f-f7d9-403f-8b4a-a79aa7ff12c5}\MpKsl7f1f8c96.sys [?]
S1 MpKsl9fecdc8b;MpKsl9fecdc8b;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1dc9d9f6-aadb-4bed-bb78-14e8620a430c}\mpksl9fecdc8b.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1dc9d9f6-aadb-4bed-bb78-14e8620a430c}\MpKsl9fecdc8b.sys [?]
S1 MpKslb2eb2475;MpKslb2eb2475;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f510134f-92ce-49df-b2c8-3018e2b3dbdf}\mpkslb2eb2475.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{f510134f-92ce-49df-b2c8-3018e2b3dbdf}\MpKslb2eb2475.sys [?]
S1 MpKslfa068e7f;MpKslfa068e7f;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d795fe7c-4cb9-472a-9dcb-5cbe61098d75}\mpkslfa068e7f.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d795fe7c-4cb9-472a-9dcb-5cbe61098d75}\MpKslfa068e7f.sys [?]
S1 MpKslfed5d396;MpKslfed5d396;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9da057aa-02d5-416d-89fe-73812d882beb}\mpkslfed5d396.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9da057aa-02d5-416d-89fe-73812d882beb}\MpKslfed5d396.sys [?]
S2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2011-1-11 54760]
S2 gupdate1c98e3f7d66146;Google Update Service (gupdate1c98e3f7d66146);c:\program files\google\update\GoogleUpdate.exe [2009-2-13 133104]
S2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-2-13 133104]
S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-7-6 79816]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-7-6 35272]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-7-6 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-7-6 40552]
.
=============== Created Last 30 ================
.
2011-08-31 23:03:50 4194304 ----a-w- c:\windows\system32\pdmzmplg.dll
2011-08-31 21:51:17 28752 -c--a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{026a045b-8dac-4f1a-bf40-ab465ad87bfe}\MpKsl27b262d3.sys
2011-08-31 19:53:20 -------- d-----w- c:\documents and settings\kevin\application data\Remote
2011-08-30 23:41:01 7152464 -c--a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{026a045b-8dac-4f1a-bf40-ab465ad87bfe}\mpengine.dll
2011-08-29 18:10:10 90112 ------w- c:\windows\Updreg.EXE
2011-08-29 18:09:22 11264 ----a-w- c:\windows\INRES.DLL
2011-08-29 18:09:22 -------- d-----w- c:\windows\system32\Data
2011-08-29 18:08:22 9728 ------w- c:\windows\system32\drivers\PfModNT.sys
2011-08-29 15:52:27 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-08-29 15:52:27 -------- d-----w- c:\windows\system32\wbem\Repository
2011-08-10 05:22:31 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-10 05:22:13 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
2011-08-09 07:00:53 6881616 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\updates\mpengine.dll
.
==================== Find3M ====================
.
2011-08-14 10:48:09 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-06 23:52:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 23:52:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:36:30 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:36:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:36:30 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05:13 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-18 18:09:45 348160 ----a-w- c:\windows\system32\msvcr71.dll
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD2500JS-75NCB3 rev.10.02E04 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x8725E530]<<
_asm { MOV EAX, [ESP+0x4]; MOV ECX, [EAX+0x28]; PUSH EBP; MOV EBP, [ECX+0x4]; PUSH ESI; MOV ESI, [ESP+0x10]; PUSH EDI; MOV EDI, [ESI+0x60]; MOV AL, [EDI]; CMP AL, 0x16; JNZ 0x36; PUSH ESI; }
1 nt!IofCallDriver[0x804E37D5] -> \Device\Harddisk0\DR0[0x873D6AB8]
3 CLASSPNP[0xF78A4FD7] -> nt!IofCallDriver[0x804E37D5] -> [0x8724D5F0]
\Driver\00000411[0x8734F2A0] -> IRP_MJ_CREATE -> 0x8725E530
error: Read A device attached to the system is not functioning.
kernel: MBR read successfully
_asm { MOV AX, 0x0; MOV SS, AX; MOV SP, 0x7c00; MOV DS, AX; CLD ; MOV CX, 0x80; MOV SI, SP; MOV DI, 0x600; MOV ES, AX; REP MOVSD ; JMP FAR 0x0:0x62d; }
detected disk devices:
detected hooks:
\Driver\atapi DriverStartIo -> 0x872EA31B
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !
.
============= FINISH: 20:28:51.60 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 6/5/2007 7:55:19 PM
System Uptime: 8/31/2011 7:15:33 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0HJ054
Processor: Intel® Pentium® D CPU 3.20GHz | Microprocessor | 3192/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 228 GiB total, 150.855 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP662: 6/2/2011 10:15:56 AM - System Checkpoint
RP663: 6/3/2011 6:17:58 AM - Software Distribution Service 3.0
RP664: 6/4/2011 6:18:30 AM - Software Distribution Service 3.0
RP665: 6/5/2011 1:43:16 AM - Software Distribution Service 3.0
RP666: 6/6/2011 2:11:52 AM - System Checkpoint
RP667: 6/6/2011 9:15:08 AM - Software Distribution Service 3.0
RP668: 6/7/2011 9:16:07 AM - Software Distribution Service 3.0
RP669: 6/8/2011 9:38:17 AM - System Checkpoint
RP670: 6/9/2011 5:59:07 AM - Software Distribution Service 3.0
RP671: 6/10/2011 5:53:44 AM - Software Distribution Service 3.0
RP672: 6/11/2011 5:54:15 AM - Software Distribution Service 3.0
RP673: 6/12/2011 2:16:04 AM - Software Distribution Service 3.0
RP674: 6/12/2011 2:12:40 PM - Software Distribution Service 3.0
RP675: 6/13/2011 2:11:42 PM - Software Distribution Service 3.0
RP676: 6/14/2011 2:12:02 PM - Software Distribution Service 3.0
RP677: 6/15/2011 2:12:35 PM - Software Distribution Service 3.0
RP678: 6/16/2011 2:12:46 PM - Software Distribution Service 3.0
RP679: 6/17/2011 3:00:21 AM - Software Distribution Service 3.0
RP680: 6/18/2011 4:05:39 AM - System Checkpoint
RP681: 6/18/2011 8:57:08 AM - Software Distribution Service 3.0
RP682: 6/19/2011 9:27:03 AM - System Checkpoint
RP683: 6/20/2011 6:25:53 AM - Software Distribution Service 3.0
RP684: 6/20/2011 11:06:53 AM - Removed Microsoft Works Suite Add-in for Microsoft Word
RP685: 6/21/2011 9:38:36 AM - Software Distribution Service 3.0
RP686: 6/22/2011 10:28:46 AM - System Checkpoint
RP687: 6/23/2011 6:02:51 AM - Software Distribution Service 3.0
RP688: 6/24/2011 5:57:52 AM - Software Distribution Service 3.0
RP689: 6/25/2011 6:04:23 AM - System Checkpoint
RP690: 6/25/2011 9:24:19 PM - Software Distribution Service 3.0
RP691: 6/26/2011 2:21:49 AM - Software Distribution Service 3.0
RP692: 6/27/2011 3:01:05 AM - System Checkpoint
RP693: 6/27/2011 7:05:44 PM - Software Distribution Service 3.0
RP694: 6/28/2011 7:30:28 PM - System Checkpoint
RP695: 6/29/2011 3:00:16 AM - Software Distribution Service 3.0
RP696: 6/29/2011 3:35:35 AM - Software Distribution Service 3.0
RP697: 6/30/2011 9:54:25 AM - Software Distribution Service 3.0
RP698: 6/30/2011 1:14:09 PM - Configured Amazon Unbox Video
RP699: 7/1/2011 7:36:47 PM - Software Distribution Service 3.0
RP700: 7/2/2011 7:32:44 PM - Software Distribution Service 3.0
RP701: 7/3/2011 9:46:57 PM - Software Distribution Service 3.0
RP702: 7/4/2011 10:04:28 PM - System Checkpoint
RP703: 7/5/2011 3:49:43 PM - Software Distribution Service 3.0
RP704: 7/6/2011 4:15:27 PM - System Checkpoint
RP705: 7/7/2011 2:44:56 PM - Software Distribution Service 3.0
RP706: 7/8/2011 3:46:52 PM - System Checkpoint
RP707: 7/8/2011 8:29:34 PM - Software Distribution Service 3.0
RP708: 7/9/2011 8:42:37 PM - System Checkpoint
RP709: 7/10/2011 6:23:36 AM - Software Distribution Service 3.0
RP710: 7/11/2011 6:48:09 AM - System Checkpoint
RP711: 7/12/2011 5:51:47 AM - Software Distribution Service 3.0
RP712: 7/12/2011 6:08:17 PM - Software Distribution Service 3.0
RP713: 7/13/2011 7:54:23 AM - Software Distribution Service 3.0
RP714: 7/14/2011 7:48:18 AM - Software Distribution Service 3.0
RP715: 7/15/2011 7:53:19 AM - System Checkpoint
RP716: 7/15/2011 10:26:01 PM - Software Distribution Service 3.0
RP717: 7/16/2011 10:20:19 PM - Software Distribution Service 3.0
RP718: 7/18/2011 5:49:58 AM - Software Distribution Service 3.0
RP719: 7/19/2011 5:53:31 AM - System Checkpoint
RP720: 7/19/2011 8:57:19 PM - Software Distribution Service 3.0
RP721: 7/20/2011 8:57:29 PM - Software Distribution Service 3.0
RP722: 7/21/2011 10:14:53 PM - System Checkpoint
RP723: 7/22/2011 5:24:36 AM - Software Distribution Service 3.0
RP724: 7/23/2011 5:24:33 AM - Software Distribution Service 3.0
RP725: 7/24/2011 2:04:25 AM - Software Distribution Service 3.0
RP726: 7/25/2011 5:59:32 AM - Software Distribution Service 3.0
RP727: 7/26/2011 5:54:41 AM - Software Distribution Service 3.0
RP728: 7/27/2011 5:54:33 AM - Software Distribution Service 3.0
RP729: 7/28/2011 5:53:54 AM - Software Distribution Service 3.0
RP730: 7/29/2011 5:54:29 AM - Software Distribution Service 3.0
RP731: 7/30/2011 7:51:56 AM - System Checkpoint
RP732: 7/30/2011 7:54:26 PM - Software Distribution Service 3.0
RP733: 7/31/2011 1:42:11 AM - Software Distribution Service 3.0
RP734: 7/31/2011 7:54:43 PM - Software Distribution Service 3.0
RP735: 8/1/2011 9:31:55 PM - System Checkpoint
RP736: 8/2/2011 7:53:37 AM - Software Distribution Service 3.0
RP737: 8/3/2011 10:04:27 AM - System Checkpoint
RP738: 8/4/2011 7:36:08 AM - Software Distribution Service 3.0
RP739: 8/5/2011 8:48:13 AM - Software Distribution Service 3.0
RP740: 8/6/2011 10:17:00 AM - System Checkpoint
RP741: 8/7/2011 6:24:38 AM - Software Distribution Service 3.0
RP742: 8/8/2011 6:53:32 AM - System Checkpoint
RP743: 8/9/2011 3:00:16 AM - Software Distribution Service 3.0
RP744: 8/10/2011 3:00:17 AM - Software Distribution Service 3.0
RP745: 8/10/2011 3:38:04 AM - Software Distribution Service 3.0
RP746: 8/11/2011 4:01:42 AM - System Checkpoint
RP747: 8/11/2011 6:06:40 AM - Software Distribution Service 3.0
RP748: 8/12/2011 6:06:52 AM - Software Distribution Service 3.0
RP749: 8/13/2011 6:06:59 AM - Software Distribution Service 3.0
RP750: 8/14/2011 6:29:26 AM - Software Distribution Service 3.0
RP751: 8/15/2011 6:50:49 AM - System Checkpoint
RP752: 8/16/2011 5:54:27 AM - Software Distribution Service 3.0
RP753: 8/17/2011 5:55:11 AM - Software Distribution Service 3.0
RP754: 8/18/2011 6:18:39 AM - System Checkpoint
RP755: 8/18/2011 7:26:19 PM - Software Distribution Service 3.0
RP756: 8/19/2011 10:20:00 PM - System Checkpoint
RP757: 8/20/2011 6:21:36 AM - Software Distribution Service 3.0
RP758: 8/21/2011 1:48:36 AM - Software Distribution Service 3.0
RP759: 8/22/2011 2:18:55 AM - System Checkpoint
RP760: 8/22/2011 6:21:02 AM - Software Distribution Service 3.0
RP761: 8/23/2011 6:21:35 AM - Software Distribution Service 3.0
RP762: 8/23/2011 11:50:26 PM - Software Distribution Service 3.0
RP763: 8/24/2011 7:00:13 AM - Software Distribution Service 3.0
RP764: 8/25/2011 7:38:14 AM - System Checkpoint
RP765: 8/26/2011 5:26:10 AM - Software Distribution Service 3.0
RP766: 8/27/2011 9:20:55 AM - System Checkpoint
RP767: 8/28/2011 2:07:56 AM - Software Distribution Service 3.0
RP768: 8/29/2011 11:50:51 AM - Restore Operation
RP769: 8/29/2011 12:02:26 PM - Software Distribution Service 3.0
RP770: 8/30/2011 12:40:45 PM - System Checkpoint
RP771: 8/31/2011 6:06:48 PM - System Checkpoint
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.1.0)
Adobe Shockwave Player 11.5
Advanced Decoder Patch
Amazon MP3 Downloader 1.0.3
Amazon Unbox Video
Andrea VoiceCenter
AOLIcon
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoImpression
ATI Control Panel
ATI Display Driver
ATI Parental Control
Bonjour
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
CCleaner (remove only)
Citrix online plug-in - web
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
Compatibility Pack for the 2007 Office system
Conduit Engine
Conexant D850 56K V.9x DFVc Modem
Coupon Printer for Windows
Creative MediaSource
Critical Update for Windows Media Player 11 (KB959772)
Dell CinePlayer
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Game Console
DellSupport
Digital Line Detect
DivXCodecPack
Documentation & Support Launcher
Drv
ELIcon
EPSON Copy Utility
EPSON Photo Print
EPSON Printer Software
EPSON Smart Panel
EPSON TWAIN 5
EPSON User's Guide
Games, Music, & Photos Launcher
Garmin Communicator Plugin
Garmin MapInstall
Garmin USB Drivers
Garmin WebUpdater
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
GoToAssist 8.0.0.514
High Definition Audio Driver Package - KB835221
honestech VHS to DVD 3.0 SE
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Format 11 SDK (KB939209)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Inca Ball
Intel® PRO Network Connections Drivers
Intel® PROSet for Wired Connections
IrfanView (remove only)
iTunes
Java 2 Runtime Environment, SE v1.4.2_03
Java™ 6 Update 11
Java™ 6 Update 2
Java™ 6 Update 3
Java™ 6 Update 5
Java™ 6 Update 6
Java™ 6 Update 7
Junk Mail filter update
Malwarebytes' Anti-Malware version 1.51.1.1800
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Standard 2006
Microsoft Digital Image Standard 2006 Editor
Microsoft Digital Image Standard 2006 Library
Microsoft Encarta Encyclopedia Standard 2006
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft LifeCam
Microsoft Money 2006
Microsoft National Language Support Downlevel APIs
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Word 2002
Microsoft Works
Microsoft Works Suite 2006 Setup Launcher
MobileMe Control Panel
Modem Helper
Move Media Player
Mozilla Firefox (3.6.8)
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Musicmatch for Windows Media Player
Musicmatch® Jukebox
NetWaiting
NetZeroInstallers
OTOY
Otto
palmOne
Photo Viewer
Picasa 3
Qualxserve Service Agreement
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Roxio DLA
Roxio Express Labeler
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Safari
ScanToWeb
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SigmaTel Audio
Sonic Activation Module
Sonic Encoders
Sonic Update Manager
Sound Blaster Audigy ADVANCED MB
Swag Bucks Toolbar
Tasco SkyWatch (Remove only)
Unity Web Player
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Viewpoint Media Player
WD Diagnostics
WebCyberCoach 3.2 Dell
WebFldrs XP
WildTangent Web Driver
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Media Player 11
Windows PowerShell™ 1.0
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
Works Upgrade
.
==== Event Viewer Messages From Past Week ========
.
8/31/2011 8:21:18 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
8/31/2011 7:51:07 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
8/31/2011 7:50:56 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000010' while processing the file 'loader.tlb' on the volume 'ACPI#PNP0303#2&da1a3ff&0'. It has stopped monitoring the volume.
8/31/2011 7:50:34 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/31/2011 7:47:47 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD ctxusbm Fips intelppm IPSec mfehidk MpFilter MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
8/31/2011 7:47:47 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
8/31/2011 7:47:47 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/31/2011 7:47:47 AM, error: Service Control Manager [7001] - The fssfltr service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/31/2011 7:47:47 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/31/2011 7:47:47 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
8/31/2011 7:47:47 AM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/31/2011 7:47:47 AM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/31/2011 7:09:02 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'pdmzmplg.dll' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
8/31/2011 7:04:03 PM, error: Service Control Manager [7000] - The Microsoft Antimalware Service service failed to start due to the following error: Access is denied.
8/31/2011 7:03:53 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000010' while processing the file 'L' on the volume 'ACPI#PNP0303#2&da1a3ff&0'. It has stopped monitoring the volume.
8/31/2011 7:03:52 PM, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
8/31/2011 5:32:56 AM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 9 time(s).
8/31/2011 5:32:31 AM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 8 time(s).
8/31/2011 5:31:33 AM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 7 time(s).
8/31/2011 5:31:11 AM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 6 time(s).
8/31/2011 5:30:35 AM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 5 time(s).
8/31/2011 5:29:50 AM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 4 time(s).
8/31/2011 5:29:05 AM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 3 time(s).
8/31/2011 5:28:20 AM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/31/2011 5:26:58 AM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
8/31/2011 5:24:23 PM, error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Alureon.A&threatid=2147636949 Name: Trojan:DOS/Alureon.A ID: 2147636949 Severity: Severe Category: Trojan Path: rootkit:_Alureon->Mbr::Alureon Detection Origin: Unknown Detection Type: Concrete Detection Source: User User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Remove Action Status: To finish removing malware and other potentially unwanted software, restart the computer. To see how to finish removing malware and other potentially unwanted software, see the support article on the Microsoft Security website. Error Code: 0x800704ec Error description: Windows cannot open this program because it has been prevented by a software restriction policy. For more information, open Event Viewer or contact your system administrator. Signature Version: AV: 1.111.1106.0, AS: 1.111.1106.0, NIS: 0.0.0.0 Engine Version: AM: 1.1.7604.0, NIS: 0.0.0.0
8/31/2011 5:17:15 AM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/31/2011 5:17:01 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
8/31/2011 4:51:20 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.111.1106.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7604.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
8/31/2011 3:52:25 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.111.1106.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7604.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
8/31/2011 3:51:30 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.111.1106.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7604.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
8/31/2011 3:40:12 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the HTTP SSL service to connect.
8/31/2011 3:40:12 PM, error: Service Control Manager [7000] - The HTTP SSL service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/31/2011 3:39:42 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Creative Labs Licensing Service service to connect.
8/31/2011 3:39:42 PM, error: Service Control Manager [7000] - The Creative Labs Licensing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/31/2011 3:38:26 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the COM+ System Application service to connect.
8/31/2011 3:38:26 PM, error: Service Control Manager [7000] - The COM+ System Application service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/31/2011 3:38:26 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service COMSysApp with arguments "" in order to run the server: {ECABAFBC-7F19-11D2-978E-0000F8757E2A}
8/31/2011 12:46:25 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the EpsonBidirectionalService service to connect.
8/31/2011 12:46:25 PM, error: Service Control Manager [7000] - The EpsonBidirectionalService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/31/2011 11:36:17 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ctxusbm Fips intelppm mfehidk MpFilter
8/31/2011 11:09:11 AM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 13 time(s).
8/31/2011 11:08:21 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Print Spooler service to connect.
8/31/2011 11:08:21 AM, error: Service Control Manager [7000] - The Print Spooler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/31/2011 11:07:02 AM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 12 time(s).
8/31/2011 11:06:26 AM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 11 time(s).
8/31/2011 11:05:07 AM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 10 time(s).
8/29/2011 7:45:54 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.111.915.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7604.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
8/29/2011 7:39:16 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Media Center Scheduler Service service to connect.
8/29/2011 7:39:16 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Bonjour Service service to connect.
8/29/2011 7:39:16 AM, error: Service Control Manager [7000] - The Media Center Scheduler Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/29/2011 7:39:16 AM, error: Service Control Manager [7000] - The Bonjour Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/29/2011 5:54:21 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.111.915.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7604.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
8/29/2011 2:19:18 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Apple Mobile Device service to connect.
8/29/2011 2:19:18 PM, error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/29/2011 12:02:44 AM, error: Service Control Manager [7022] - The WebClient service hung on starting.
8/29/2011 11:40:18 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service gusvc with arguments "" in order to run the server: {89DAE4CD-9F17-4980-902A-99BA84A8F5C8}
8/28/2011 6:44:35 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Media Center Receiver Service service to connect.
8/28/2011 6:44:35 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Google Software Updater service to connect.
8/27/2011 5:27:30 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.111.775.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7604.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
.
==== End Of File ===========================

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:57 PM

Posted 03 September 2011 - 01:15 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 knicewarner

knicewarner
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:57 AM

Posted 04 September 2011 - 08:25 PM

Gringo,

Thanks for offering to assist me. I had to send the computer to a tech for repair & am just getting it back today. You can close my topic..

Thanks again

Edited by knicewarner, 04 September 2011 - 08:26 PM.


#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:57 PM

Posted 04 September 2011 - 08:27 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users