Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Logfile


  • This topic is locked This topic is locked
7 replies to this topic

#1 uca

uca

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 28 September 2011 - 01:15 PM

Hey. Could you possibly check this log for me. Would be greeaaatly appreciated!

ComboFix 11-09-28.01 - Schüler Cafe 28.09.2011 18:56:51.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1031.18.3005.1587 [GMT 2:00]
ausgeführt von:: c:\users\Sch³ler Cafe\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\google\common\google updater\googleupdaterservice.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-08-28 bis 2011-09-28 ))))))))))))))))))))))))))))))
.
.
2011-09-28 17:05 . 2011-09-28 17:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-28 17:02 . 2011-09-28 17:02 -------- d-----w- c:\program files\ESET
2011-09-28 17:02 . 2011-09-28 17:02 -------- d--h--w- c:\windows\AxInstSV
2011-09-28 16:46 . 2011-09-28 16:46 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-28 16:46 . 2011-09-28 16:46 -------- d-----w- c:\users\Schüler Cafe\AppData\Roaming\Malwarebytes
2011-09-28 16:46 . 2011-09-28 16:46 -------- d-----w- c:\programdata\Malwarebytes
2011-09-28 16:46 . 2011-09-28 16:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-28 16:46 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-28 16:37 . 2011-07-21 10:11 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-09-28 16:37 . 2011-07-21 10:11 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-09-28 16:37 . 2011-09-28 16:37 -------- d-----w- c:\programdata\Avira
2011-09-28 16:37 . 2011-09-28 16:37 -------- d-----w- c:\program files\Avira
2011-09-28 16:30 . 2011-09-28 16:30 -------- d-----w- c:\program files\Safari
2011-09-28 16:29 . 2011-09-28 16:29 -------- d-----w- c:\program files\Bonjour
2011-09-28 16:28 . 2011-09-28 16:28 -------- d-----w- c:\program files\Apple Software Update
2011-09-28 16:24 . 2011-09-28 16:24 -------- d-----w- c:\users\Schüler
2011-09-28 15:38 . 2011-09-28 15:38 -------- d-----w- c:\users\Schüler Cafe\AppData\Roaming\OpenDNS Updater
2011-09-28 15:38 . 2011-09-28 15:38 -------- d-----w- c:\program files\OpenDNS Updater
2011-09-28 14:58 . 2011-09-28 14:58 -------- d-----w- c:\program files\Symantec
2011-09-28 14:58 . 2011-09-28 14:58 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-09-28 14:58 . 2011-09-28 14:58 -------- d-----w- c:\program files\Common Files\Symantec Shared
2011-09-28 14:58 . 2011-09-28 14:58 -------- d-----w- c:\windows\system32\drivers\NSM
2011-09-28 14:58 . 2011-09-28 14:58 -------- d-----w- c:\program files\Norton Online
2011-09-28 14:58 . 2011-09-28 14:58 -------- d-----w- c:\windows\system32\drivers\NOF
2011-09-28 14:43 . 2011-09-28 14:43 -------- d-----w- c:\program files\NortonInstaller
2011-09-28 14:42 . 2011-09-28 14:42 -------- d-----w- c:\users\Schüler Cafe\AppData\Local\Eqs0YsNwh
2011-09-28 12:34 . 2011-09-28 12:34 -------- d-----w- c:\program files\Common Files\PROVISIO
2011-09-28 12:19 . 2011-09-28 12:19 -------- d-----w- c:\users\TEMP
2011-09-28 12:19 . 2011-09-28 12:19 -------- d-----w- c:\programdata\PROVISIO
2011-09-28 12:17 . 2011-09-28 14:42 -------- d-----w- c:\program files\SiteKiosk
2011-09-28 12:15 . 2011-09-28 12:15 -------- d-----w- c:\users\Schüler Cafe\AppData\Local\Downloaded Installations
2011-09-28 11:54 . 2011-09-12 23:14 7269712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{13085781-78E9-4D8E-A159-7B1BA1BD3F9B}\mpengine.dll
2011-09-28 11:54 . 2011-09-28 16:55 -------- d-----w- c:\program files\Blue Coat K9 Web Protection
2011-09-11 12:33 . 2011-09-11 12:33 -------- d-----w- c:\program files\DVDVideoSoft
2011-09-08 20:25 . 2011-09-08 20:27 -------- d-----w- c:\users\Schüler Cafe\AppData\Roaming\PhotoScape
2011-09-08 20:25 . 2011-09-08 20:25 -------- d-----w- c:\program files\PhotoScape
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-22 04:56 . 2011-08-11 22:18 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-16 04:37 . 2011-08-11 22:18 169984 ----a-w- c:\windows\system32\winsrv.dll
2011-07-16 04:34 . 2011-08-11 22:18 290816 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 04:31 . 2011-08-11 22:18 271360 ----a-w- c:\windows\system32\conhost.exe
2011-07-16 04:19 . 2011-08-11 22:18 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 04:19 . 2011-08-11 22:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-16 02:21 . 2011-08-11 22:18 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:21 . 2011-08-11 22:18 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:21 . 2011-08-11 22:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:21 . 2011-08-11 22:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-09 04:30 . 2011-08-28 15:37 2048 ----a-w- c:\windows\system32\tzres.dll
2011-07-09 02:26 . 2011-08-11 22:18 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-07-07 14:58 . 2008-09-17 13:29 14744 ----a-w- c:\users\Schüler Cafe\AppData\Roaming\Microsoft\IdentityCRL\production\ppcrlconfig.dll
2011-07-07 14:58 . 2008-09-17 13:29 14744 ----a-w- c:\users\Schüler Cafe\AppData\Roaming\Microsoft\IdentityCRL\production\ppcrlconfig.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"OpenDNS Updater"="c:\program files\OpenDNS Updater\OpenDNSUpdater.exe" [2010-06-16 839680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-06-12 1533224]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2007-07-26 192512]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-06-02 7518752]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"YouCam Mirror Tray icon"="c:\program files\CyberLink\YouCam\YouCamTray.exe" [2009-07-08 162912]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
c:\users\Schler Cafe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 KMService;KMService;c:\windows\system32\srvany.exe [2003-04-18 8192]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S1 bckd;bckd;c:\windows\system32\drivers\bckd.sys [2011-06-10 86544]
S1 ccSet_NOF;Norton Online Settings Manager;c:\windows\system32\drivers\NOF\0202000.01A\ccSetx86.sys [2011-08-08 132744]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]
S2 bckwfs;Blue Coat K9 Web Protection;c:\program files\Blue Coat K9 Web Protection\k9filter.exe [2011-06-10 1575184]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 NOF;Norton Online;c:\program files\Norton Online\Engine\2.2.0.26\ccSvcHst.exe [2011-08-10 138760]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-05-18 119256]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-09-28 41272]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-22 167936]
S3 SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A};Symantec Redirector - Norton Safety Minder;c:\windows\system32\drivers\NSM\0202000.022\SymRdrS.SYS [2011-05-10 172152]
S3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [2006-11-18 118784]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - AVGNTFLT
*NewlyCreated* - AVIPBB
*NewlyCreated* - BCKD
*NewlyCreated* - CCSET_NOF
*NewlyCreated* - MBAMPROTECTOR
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - MODEM
*NewlyCreated* - SYMEVENT
*NewlyCreated* - SYMRDR_{78CA3BF0-9C3B-40E1-B46D-38C877EF059A}
.
Inhalt des "geplante Tasks" Ordners
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\users\Schüler Cafe\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 80.69.100.174
FF - ProfilePath - c:\users\Schüler Cafe\AppData\Roaming\Mozilla\Firefox\Profiles\hcgw5b7s.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-CtrlVol - c:\program files\Launch Manager\CtrlVol.exe
HKLM-Run-LaunchAp - c:\program files\Launch Manager\LaunchAp.exe
HKLM-Run-Wbutton - c:\program files\Launch Manager\WButton.exe
AddRemove-DivX Plus DirectShow Filters - c:\program files\DivX\DivXDSFiltersUninstall.exe
AddRemove-Free Audio CD Burner_is1 - c:\program files\DVDVideoSoft\Free Audio CD Burner\unins000.exe
AddRemove-Uninstall_is1 - c:\program files\Common Files\DVDVideoSoft\unins000.exe
AddRemove-{7585478E9D9B42108671C12F8714CEFE} - c:\program files\DivX\DivXConverterUninstall.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
AddRemove-{8ADFC4160D694100B5B8A22DE9DCABD9} - c:\program files\DivX\DivXPlayerUninstall.exe
AddRemove-{B13A7C41581B411290FBC0395694E2A9} - c:\program files\DivX\DivXConverterUninstall.exe
AddRemove-{B7050CBDB2504B34BC2A9CA0A692CC29} - c:\program files\DivX\DivXWebPlayerUninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NOF]
"ImagePath"="\"c:\program files\Norton Online\Engine\2.2.0.26\ccSvcHst.exe\" /s \"NOF\" /m \"c:\program files\Norton Online\Engine\2.2.0.26\diMaster.dll\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-09-28 19:09:11
ComboFix-quarantined-files.txt 2011-09-28 17:09
.
Vor Suchlauf: 10 Verzeichnis(se), 457.745.661.952 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 457.322.930.176 Bytes frei
.
- - End Of File - - 9CDF986B9A9D4FC02E8FF1E692FA0E2C



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,764 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:01 PM

Posted 03 October 2011 - 09:41 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Please download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information about your system.

Posted Image
Download DDS and save it to your desktop from here or here.
Disable any script blocker, and then double click dds.scr to run the tool.
  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop.

Please just paste the contents of the DDS.txt log in your next post.
===

Third party programs if not up to date can be the cause infiltration of an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Please post the logs and let me know the nature of your problems with this computer.

#3 uca

uca
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 03 October 2011 - 11:08 AM

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_20
Run by Schüler Cafe at 18:03:53 on 2011-10-03
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1031.18.3005.1826 [GMT 2:00]
.
AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
C:\Program Files\Norton Online\Engine\2.2.0.26\ccSvcHst.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Norton Online\Engine\2.2.0.26\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\WisLMSvc.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\CyberLink\YouCam\YouCamTray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Users\Schüler\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Avira\AntiVir Desktop\avnotify.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Norton Online\Engine\2.2.0.26\ccSvcHst.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\CyberLink\YouCam\YouCamTray.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskhost.exe
C:\Users\Schüler Cafe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Schüler Cafe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Schüler Cafe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Schüler Cafe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Schüler Cafe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Schüler Cafe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Schüler Cafe\Downloads\dds.pif
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.de/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Anmelde-Hilfsprogramm: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Norton Safety Minder BHO: {b8e07826-0971-4f16-b133-047b88034e89} - c:\program files\norton online\addons\norton safety minder\engine\2.2.0.34\coIEPlg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [OpenDNS Updater] "c:\program files\opendns updater\OpenDNSUpdater.exe" /autostart
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [HotkeyApp] "c:\program files\launch manager\HotkeyApp.exe"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\3.0"
mRun: [YouCam Mirror Tray icon] "c:\program files\cyberlink\youcam\YouCamTray.exe" /s
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
StartupFolder: c:\users\schler~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: SoftwareSASGeneration = 1 (0x1)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\users\schüler cafe\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
TCP: DhcpNameServer = 192.168.1.1 80.69.100.174
TCP: Interfaces\{1E057818-0DA1-4B49-B40F-B5FBF748FC3B} : DhcpNameServer = 192.168.1.1 80.69.100.174
TCP: Interfaces\{1E057818-0DA1-4B49-B40F-B5FBF748FC3B}\46C696E6B60343 : DhcpNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\schüler cafe\appdata\roaming\mozilla\firefox\profiles\hcgw5b7s.default\
.
============= SERVICES / DRIVERS ===============
.
R1 bckd;bckd;c:\windows\system32\drivers\bckd.sys [2011-6-10 86544]
R1 ccSet_NOF;Norton Online Settings Manager;c:\windows\system32\drivers\nof\0202000.01a\ccSetx86.sys [2011-9-28 132744]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\avira\antivir desktop\sched.exe [2011-9-28 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-9-28 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-9-28 66616]
R2 bckwfs;Blue Coat K9 Web Protection;c:\program files\blue coat k9 web protection\k9filter.exe [2011-6-10 1575184]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-28 366152]
R2 NOF;Norton Online;c:\program files\norton online\engine\2.2.0.26\ccSvcHst.exe [2011-9-28 138760]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2010-1-11 119256]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-9-28 22216]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-1-11 167936]
R3 SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A};Symantec Redirector - Norton Safety Minder;c:\windows\system32\drivers\nsm\0202000.022\symrdrs.sys [2011-9-28 172152]
R3 WisLMSvc;WisLMSvc;c:\program files\launch manager\WisLMSvc.exe [2010-1-25 118784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 KMService;KMService;c:\windows\system32\srvany.exe [2011-2-22 8192]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
.
=============== Created Last 30 ================
.
2011-10-03 16:03:54 -------- d-----w- c:\users\sch³ler cafe\appdata\local\Microsoft
2011-09-28 17:09:16 -------- d-sh--w- C:\$RECYCLE.BIN
2011-09-28 17:02:20 -------- d-----w- c:\program files\ESET
2011-09-28 16:54:04 98816 ----a-w- c:\windows\sed.exe
2011-09-28 16:54:04 518144 ----a-w- c:\windows\SWREG.exe
2011-09-28 16:54:04 256000 ----a-w- c:\windows\PEV.exe
2011-09-28 16:54:04 208896 ----a-w- c:\windows\MBR.exe
2011-09-28 16:46:34 -------- d-----w- c:\users\schüler cafe\appdata\roaming\Malwarebytes
2011-09-28 16:46:06 -------- d-----w- c:\programdata\Malwarebytes
2011-09-28 16:46:03 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-28 16:46:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-28 16:37:14 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-09-28 16:37:13 -------- d-----w- c:\programdata\Avira
2011-09-28 16:37:13 -------- d-----w- c:\program files\Avira
2011-09-28 16:29:26 -------- d-----w- c:\program files\Bonjour
2011-09-28 15:38:07 -------- d-----w- c:\users\schüler cafe\appdata\roaming\OpenDNS Updater
2011-09-28 15:38:05 -------- d-----w- c:\program files\OpenDNS Updater
2011-09-28 14:58:22 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-09-28 14:58:22 -------- d-----w- c:\program files\Symantec
2011-09-28 14:58:22 -------- d-----w- c:\program files\common files\Symantec Shared
2011-09-28 14:58:16 172152 ----a-r- c:\windows\system32\drivers\nsm\0202000.022\symrdrs.sys
2011-09-28 14:58:15 -------- d-----w- c:\windows\system32\drivers\nsm\0202000.022
2011-09-28 14:58:15 -------- d-----w- c:\windows\system32\drivers\NSM
2011-09-28 14:58:10 132744 ----a-r- c:\windows\system32\drivers\nof\0202000.01a\ccSetx86.sys
2011-09-28 14:58:09 -------- d-----w- c:\windows\system32\drivers\nof\0202000.01A
2011-09-28 14:58:09 -------- d-----w- c:\windows\system32\drivers\NOF
2011-09-28 14:58:09 -------- d-----w- c:\program files\Norton Online
2011-09-28 14:43:43 -------- d-----w- c:\program files\NortonInstaller
2011-09-28 12:34:50 -------- d-----w- c:\program files\common files\PROVISIO
2011-09-28 12:19:05 -------- d-----w- c:\programdata\PROVISIO
2011-09-28 12:17:38 -------- d-----w- c:\program files\SiteKiosk
2011-09-28 11:54:34 7269712 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{13085781-78e9-4d8e-a159-7b1ba1bd3f9b}\mpengine.dll
2011-09-28 11:54:04 -------- d-----w- c:\program files\Blue Coat K9 Web Protection
2011-09-11 12:33:57 -------- d-----w- c:\program files\DVDVideoSoft
2011-09-08 20:25:37 -------- d-----w- c:\users\schüler cafe\appdata\roaming\PhotoScape
2011-09-08 20:25:22 -------- d-----w- c:\program files\PhotoScape
.
==================== Find3M ====================
.
2011-07-22 04:56:17 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-16 04:37:32 169984 ----a-w- c:\windows\system32\winsrv.dll
2011-07-16 04:34:28 290816 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 04:31:12 271360 ----a-w- c:\windows\system32\conhost.exe
2011-07-16 02:21:47 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:21:47 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:21:47 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:21:47 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-09 04:30:52 2048 ----a-w- c:\windows\system32\tzres.dll
2011-07-09 02:26:10 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
.
============= FINISH: 18:04:51,86 ===============



#4 uca

uca
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 03 October 2011 - 11:10 AM

Results of screen317's Security Check version 0.99.20
Windows 7 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Avira AntiVir Personal - Free Antivirus
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
Java™ 6 Update 20
Out of date Java installed!
Flash Player Out of Date!
Adobe Flash Player 10.1.102.64
Mozilla Firefox (Player..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Norton ccSvcHst.exe
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
``````````End of Log````````````




#5 uca

uca
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 03 October 2011 - 11:13 AM

According to Avira there are supposed to be two trojan horses on the notebook. I wanted to make sure that they have been deleted successfully due to the reason that the notebook is used by many students rather freely. Do you have any idea whether the Sitekiosk software would make it secure and shut out trojans?

#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,764 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:01 PM

Posted 04 October 2011 - 08:54 AM

Secure your system by updating 3rd party programs.

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Updating Java:
  • Download the latest version of Java SE Runtime Environment 6 Update 27.
  • In the box labeled "Java Platform, Standard Edition", click the "Download JRE" button to the right.
  • In the Window that opens, select Windows (or Windows x64), and check the "agree" box and click "Continue".
  • Click on the link to download Windows Offline Installation and save to your Desktop.
  • Then from your Desktop double-click on jre-6u27-windows-i586.exe that you have downloaded to install the newest version.

    For the x64 bit version download this on jre-6u27-windows-x64.exe). Make sure you download the corrent version.

    - Note: If you are running Vista or Windows 7, you may need to right-click on the installation file and select Run as Administrator.

If present remove the old version(s) of Java using the Add/Remove Programs applet.


list....

===

Critical vulnerabilities have been identified in Adobe Flash Player 10.3.183.7 and earlier versions... being exploited in the wild in active targeted attacks... update to Adobe Flash Player 10.3.183.10 ... Flash Player for Android update to Adobe Flash Player for Android 10.3.186.7

Direct download current version - executable Flash Player installer... to your Desktop, then double-click to install.

Download for Internet Explorer

Download for Firefox and other browsers
<<<>>>

Do you have any idea whether the Sitekiosk software would make it secure and shut out trojans?


This may help but will not secure your system 100%. Nothing Does.

It's difficult for a parent to control their children how you can control all those that use your system is in my view impossible. This may help.

Surf Safely, and Think Prevention!
===

p.s. installing the recommended HOSTS will give you an other level of security.

Your DDS log was clean.

We can check further by running this tool.

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop

IMPORTANT....

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall


Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html


Please let me know what issues you are having with this computer.

#7 uca

uca
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 04 October 2011 - 10:43 AM

thanks a thousand times. very helpful! i really appreciate your help. many students will thank it to you.

#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,764 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:01 PM

Posted 09 October 2011 - 08:10 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users