Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Scrubber running on my comp...


  • This topic is locked This topic is locked
6 replies to this topic

#1 whisler

whisler

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:22 PM

Posted 11 November 2011 - 12:48 PM

Greetings all!!! This is my first time here and I am looking for some comp advice.

My google searches are being redirect to hxxp://63.209.69.107(search argument). I am running a Win7 professional 32-Bit OS. McAfee which failed to protect me. I use Firefox.

I followed all the directions here:
http://www.bleepingcomputer.com/forums/topic34773.html

I have installed DeFogger and disabled my CD Emulation drivers.
I also installed DDS and run the program and have the logs saved to review upon request.

I am savy enough to run though this and fix some of my issues as they appear. I am looking for help to resolve this issue.

Thank you in advance.

BC AdBot (Login to Remove)

 


#2 whisler

whisler
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:22 PM

Posted 11 November 2011 - 02:46 PM

Ran the combofix and saved the log file for review upon request.

#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,012 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:05:22 PM

Posted 12 November 2011 - 01:37 PM

Please post the DDS, GMER, and CF logs you created.

Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#4 whisler

whisler
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:22 PM

Posted 12 November 2011 - 06:41 PM

DDS (Ver_2011-06-23.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 9/17/2010 11:47:21 AM
System Uptime: 11/9/2011 3:22:51 AM (57 hours ago)
.
Motherboard: Dell Inc. | | 0N5KHN
Processor: Intel® Core™ i5 CPU M 540 @ 2.53GHz | CPU 1 | 2508/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 290 GiB total, 235.111 GiB free.
D: is CDROM ()
I: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP110: 11/6/2011 1:12:54 AM - Windows 7 Service Pack 1
RP111: 11/6/2011 3:07:53 AM - Windows Update
RP112: 11/7/2011 4:32:34 PM - Windows Update
RP113: 11/9/2011 3:00:22 AM - Windows Update
.
==== Installed Programs ======================
.
AccelerometerP11
Adobe Acrobat 9 Pro - English, Franšais, Deutsch
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.4
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AutoCAD 2011 - English
AutoCAD 2011 Language Pack - English
Autodesk Asset Locator
Autodesk CAD Manager Tools
Autodesk Material Library 2011
Autodesk Material Library 2011 Base Image library
Autodesk Network License Manager
Bing Bar
BioAPI Framework
BMC Remedy User 7.1
Bonjour
Crystal11_Redistributables
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Backup and Recovery Manager
Dell Control Point
Dell ControlPoint Security Manager
Dell ControlPoint System Manager
Dell ControlVault Host Components Installer
Dell Edoc Viewer
Dell Embassy Trust Suite by Wave Systems
Dell Security Device Driver Pack
Dell Touchpad
Dell Webcam Central
Document Manager Lite
Electra Elite IPK II PCPro
Electra Elite IPK SAT Release 4.61 [46049]
EMBASSY Security Center
EMBASSY Security Setup
ESC Home Page Plugin
FARO LS 1.1.406.58
Gemalto
Intel PROSet Wireless
Intel® Control Center
Intel® Management Engine Components
Intel® Network Connections 15.2.89.0
Intel® PROSet/Wireless WiFi Software
Intel® Rapid Storage Technology
Internet TV for Windows Media Center
iTunes
Java 2 Runtime Environment, SE v1.4.2_04
Java Auto Updater
Java™ 6 Update 20
Junk Mail filter update
LiveUpdate
McAfee Agent
McAfee VirusScan Enterprise
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft XML Parser
Mozilla Firefox (3.6.24)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Netflix in Windows Media Center
Network Stumbler 0.4.0 (remove only)
NTRU TCG Software Stack
NVIDIA Drivers
NVIDIA nView Desktop Manager
PowerDVD DX
Preboot Manager
Private Information Manager
RadioShack USB to Serial Driver
RDM+ 4.11
Roxio Activation Module
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler 3
Roxio Update Manager
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Excel 2010 (KB2553070)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Wizards
Sonic CinePlayer Decoder Pack
SSH Secure Shell
Symantec Procomm Plus
Trusted Drive Manager
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
UPEK TouchChip Fingerprint Reader
Wave Infrastructure Installer
Wave Support Software
WIDCOMM Bluetooth Software
Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Player Firefox Plugin
.
==== Event Viewer Messages From Past Week ========
.
11/9/2011 3:23:53 AM, Error: Service Control Manager [7001] - The NTRU TSS v1.2.1.29 TCS service depends on the TPM Base Services service which failed to start because of the following error: The operation completed successfully.
11/7/2011 4:34:46 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10003] - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
11/7/2011 10:48:24 PM, Error: Service Control Manager [7034] - The McAfee Task Manager service terminated unexpectedly. It has done this 1 time(s).
11/6/2011 4:33:05 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 8 for Windows 7 (KB2544521).
11/6/2011 4:10:11 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Security Update for Windows 7 (KB2536275).
11/6/2011 4:08:00 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Security Update for Windows 7 (KB2503665).
11/6/2011 4:05:46 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Update for Windows 7 (KB2492386).
11/6/2011 4:03:40 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Update for Windows 7 (KB2563227).
11/6/2011 4:01:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Update for Windows 7 (KB2506928).
11/6/2011 3:59:31 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Update for Windows 7 (KB2529073).
11/6/2011 3:57:24 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Security Update for Windows 7 (KB2510531).
11/6/2011 3:55:19 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Security Update for Windows 7 (KB2556532).
11/6/2011 3:53:09 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Security Update for Windows 7 (KB2509553).
11/6/2011 3:51:09 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Security Update for Windows 7 (KB2507618).
11/6/2011 3:49:00 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Update for Windows 7 (KB2552343).
11/6/2011 3:46:59 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Update for Windows 7 (KB982018).
11/6/2011 3:44:55 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Update for Windows 7 (KB2545698).
11/6/2011 3:41:18 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Security Update for Windows 7 (KB2579686).
11/6/2011 3:39:12 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Update for Internet Explorer 8 Compatibility View List for Windows 7 (KB2598845).
11/6/2011 3:36:42 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Security Update for Windows 7 (KB2532531).
11/6/2011 3:34:36 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Security Update for Windows 7 (KB2425227).
11/6/2011 3:32:23 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Security Update for Windows 7 (KB2536276).
11/6/2011 3:30:23 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Security Update for Windows 7 (KB2564958).
11/6/2011 3:27:59 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Update for Windows 7 (KB2570791).
11/6/2011 3:25:26 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Security Update for Windows 7 (KB2563894).
11/6/2011 3:25:21 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Security Update for Windows 7 (KB2544893).
11/6/2011 3:22:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Security Update for Windows 7 (KB2567053).
11/6/2011 3:20:54 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Update for Windows 7 (KB2547666).
11/6/2011 3:18:38 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Security Update for Windows 7 (KB2491683).
11/6/2011 3:15:49 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007000e: Update Rollup for ActiveX Killbits for Windows 7 (KB2562937).
11/6/2011 12:32:49 AM, Error: Microsoft-Windows-Service Pack Installer [6] - The Service Pack cannot be installed when the computer is running on battery power.
11/6/2011 12:12:18 AM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
11/6/2011 12:10:39 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
11/6/2011 12:07:19 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
11/5/2011 11:48:36 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/5/2011 11:48:36 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/5/2011 11:48:35 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21
11/5/2011 11:48:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/5/2011 11:48:27 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/5/2011 11:48:17 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache mfehidk spldr Wanarpv6
11/5/2011 11:48:17 PM, Error: Service Control Manager [7001] - The McAfee McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
11/5/2011 11:48:16 PM, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning.
.
==== End Of File ===========================

ComboFix 11-11-11.04 - tech-8 11/11/2011 13:27:36.1.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3318.1656 [GMT -5:00]
Running from: c:\users\tech-8\Desktop\GTFO\CF.exe
AV: McAfee VirusScan Enterprise *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\KeyboardNotifierProfile.dll
c:\users\tech-8\AppData\Local\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}
c:\users\tech-8\AppData\Local\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}Update\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}up.DLL
c:\users\tech-8\AppData\Local\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}\chrome.manifest
c:\users\tech-8\AppData\Local\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}\chrome\content\_cfg.js
c:\users\tech-8\AppData\Local\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}\chrome\content\overlay.xul
c:\users\tech-8\AppData\Local\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}\install.rdf
c:\users\tech-8\AppData\Local\Apple\AppleUpdate\Appleup.DLL
c:\users\tech-8\AppData\Local\ServicePTR.dll
c:\users\tech-8\AppData\Roaming\Microsoft\conhost.exe
c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\extensions\{07cd8b25-e4c4-4595-b4cd-1fc35c44eddd}
c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\extensions\{07cd8b25-e4c4-4595-b4cd-1fc35c44eddd}\chrome.manifest
c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\extensions\{07cd8b25-e4c4-4595-b4cd-1fc35c44eddd}\chrome\xulcache.jar
c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\extensions\{07cd8b25-e4c4-4595-b4cd-1fc35c44eddd}\defaults\preferences\xulcache.js
c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\extensions\{07cd8b25-e4c4-4595-b4cd-1fc35c44eddd}\install.rdf
c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\extensions\{7c1d9b96-5762-42f3-8e8b-62c1f506588a}
c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\extensions\{7c1d9b96-5762-42f3-8e8b-62c1f506588a}\chrome.manifest
c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\extensions\{7c1d9b96-5762-42f3-8e8b-62c1f506588a}\chrome\xulcache.jar
c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\extensions\{7c1d9b96-5762-42f3-8e8b-62c1f506588a}\defaults\preferences\xulcache.js
c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\extensions\{7c1d9b96-5762-42f3-8e8b-62c1f506588a}\install.rdf
c:\windows\iun6002.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-10-11 to 2011-11-11 )))))))))))))))))))))))))))))))
.
.
2011-11-11 18:37 . 2011-11-11 18:37 -------- d-----w- c:\users\Guest\AppData\Local\temp
2011-11-11 18:37 . 2011-11-11 18:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-11 18:18 . 2011-11-11 18:43 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F801A920-6AB1-456D-9D0A-F60DE49E1578}\offreg.dll
2011-11-11 14:37 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F801A920-6AB1-456D-9D0A-F60DE49E1578}\mpengine.dll
2011-11-10 04:19 . 2011-11-11 18:17 -------- d-----w- c:\users\tech-8\Tracing
2011-11-09 05:32 . 2011-09-29 16:03 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 05:32 . 2011-10-01 04:37 708608 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-09 05:32 . 2011-09-29 03:37 2341888 ----a-w- c:\windows\system32\win32k.sys
2011-11-06 07:00 . 2011-11-06 07:00 748336 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2011-11-06 06:13 . 2011-11-06 06:13 -------- d-----w- c:\windows\system32\SPReview
2011-11-06 05:31 . 2011-11-06 05:31 -------- d-----w- c:\windows\system32\EventProviders
2011-11-03 07:03 . 2011-11-03 07:03 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-10-16 23:55 . 2011-10-16 23:55 18139008 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
2011-10-12 22:29 . 2011-08-17 04:24 465408 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-12 22:29 . 2011-08-17 04:19 75776 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-12 22:29 . 2010-11-20 12:16 204288 ----a-w- c:\windows\system32\MSNP.ax
2011-10-12 22:29 . 2010-11-20 12:16 72704 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-10-12 22:29 . 2010-11-20 12:16 59904 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-10-12 22:29 . 2011-08-27 04:26 233472 ----a-w- c:\windows\system32\oleacc.dll
2011-10-12 22:29 . 2011-08-27 04:26 571904 ----a-w- c:\windows\system32\oleaut32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-11 18:16 . 2010-09-17 15:48 0 ----a-w- c:\users\tech-8\AppData\Local\WavXMapDrive.bat
2011-11-06 06:25 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-08-31 03:05 . 2011-08-31 03:05 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-31 03:05 . 2011-08-31 03:05 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-08-31 03:05 . 2011-08-31 03:05 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-08-31 03:05 . 2011-08-31 03:05 178536 ----a-w- c:\windows\system32\dnssdX.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2010-03-29 17:45 62832 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2010-03-29 17:45 62832 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-05-13 288112]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-05-26 495708]
"nwiz"="nwiz.exe" [2010-04-15 1657448]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-17 13838952]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2010-04-17 92776]
"IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"IMSS"="c:\program files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" [2010-04-14 112152]
"DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2009-11-02 657920]
"WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2010-07-21 147840]
"USCService"="c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe" [2010-06-22 34232]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-12-29 140520]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-03-12 462993]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2009-08-25 136512]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2010-03-26 124224]
"DBRMTray"="c:\dell\DBRM\Reminder\DbrmTrayIcon.exe" [2010-05-20 206336]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-12 640376]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-10-09 421736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"DBRMTray"="c:\dell\DBRM\Reminder\TrayApp.exe" [2010-02-04 7168]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-1-8 828704]
Dell ControlPoint System Manager.lnk - c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe [2009-12-10 1327392]
TdmNotify.lnk - c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe [2010-3-29 132456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 InstallFilterService;FF Install Filter Service;c:\program files\STMicroelectronics\AccelerometerP11\InstallFilterService.exe [2010-01-10 60928]
R2 RDMPLocalService;RDM+ Local Service;c:\program files\RDM+\rdmpserv.exe [2011-02-28 1071616]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
R3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\Drivers\CtAudDrv.sys [2009-05-28 134144]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-03-26 66600]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
R3 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe86.sys [2010-03-21 48640]
R3 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe86.sys [2010-03-21 38912]
R3 Ser2rs;Radioshack USB to Serial Driver;c:\windows\system32\DRIVERS\ser2rs.sys [2007-06-25 76288]
R3 Svk2pl;GigawareX USB to Serial Driver;c:\windows\system32\DRIVERS\Svk2pl.sys [2010-04-01 81408]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-22 1343400]
S0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdfltn.sys [2010-01-18 17072]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2010-05-26 81920]
S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
S2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [2009-11-20 278304]
S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2010-03-24 812448]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2010-03-24 27040]
S2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [2009-12-10 386848]
S2 HMuKstOO;Kensington TrackballWorks Orbit Optical USB HID Device Filter Driver;c:\windows\system32\DRIVERS\HMuKstOO.sys [2010-05-20 51280]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 McAfeeEngineService;McAfee Engine Service;c:\program files\McAfee\VirusScan Enterprise\engineserver.exe [2010-03-26 22816]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2010-03-26 70728]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe86.sys [2010-03-21 59904]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-04-14 2533400]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2010-01-18 42672]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-01-11 274472]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-11 33320]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-09-16 144576]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2009-10-30 33832]
S3 dfmirage;dfmirage;c:\windows\system32\DRIVERS\dfmirage.sys [2009-05-29 34128]
S3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k6232.sys [2010-04-06 224424]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 125696]
S3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-01-28 68200]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.udel.edu/
uInternet Settings,ProxyServer = http=127.0.0.1:55556
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 128.175.13.16 128.175.13.17
FF - ProfilePath - c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\
FF - prefs.js: browser.startup.homepage - hxxps://mail.udel.edu/wm/mail/login.html
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 55556
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: StumbleUpon: {AE93811A-5C9A-4d34-8462-F7B864FC4696} - %profile%\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
.
.
------- File Associations -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKCU-Run-conhost - c:\users\tech-8\AppData\Roaming\Microsoft\conhost.exe
HKCU-Run-KeyboardNotifierProfile - c:\programdata\KeyboardNotifierProfile.dll
HKCU-Run-Sysinternals Update - c:\users\tech-8\AppData\Local\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}Update\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}up.DLL
HKCU-Run-Policies Update - c:\users\tech-8\AppData\Local\Apple\AppleUpdate\Appleup.DLL
AddRemove-Electra_Elite_IPK_Uninstall - c:\windows\iun6002.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\IDT\WDM\STacSV.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\McAfee\Common Framework\FrameworkService.exe
c:\program files\McAfee\VirusScan Enterprise\vstskmgr.exe
c:\program files\McAfee\Common Framework\naPrdMgr.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\McAfee\VirusScan Enterprise\mcshield.exe
c:\program files\McAfee\VirusScan Enterprise\mfeann.exe
c:\windows\system32\conhost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\taskhost.exe
c:\program files\RDM+\rdmpserv_cpanel.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Java\Java Update\jusched.exe
c:\windows\system32\consent.exe
.
**************************************************************************
.
Completion time: 2011-11-11 14:14:20 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-11 19:14
.
Pre-Run: 252,200,091,648 bytes free
Post-Run: 253,626,933,248 bytes free
.
- - End Of File - - 288EA8A0876C2B22884F66DCD2CB465A

#5 whisler

whisler
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:22 PM

Posted 14 November 2011 - 08:44 AM

ComboFix 11-11-11.04 - tech-8 11/11/2011 13:27:36.1.4 - x86


Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3318.1656 [GMT -5:00]
Running from: c:\users\tech-8\Desktop\GTFO\CF.exe
AV: McAfee VirusScan Enterprise *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\KeyboardNotifierProfile.dll
c:\users\tech-8\AppData\Local\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}
c:\users\tech-8\AppData\Local\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}Update\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}up.DLL
c:\users\tech-8\AppData\Local\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}\chrome.manifest
c:\users\tech-8\AppData\Local\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}\chrome\content\_cfg.js
c:\users\tech-8\AppData\Local\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}\chrome\content\overlay.xul
c:\users\tech-8\AppData\Local\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}\install.rdf
c:\users\tech-8\AppData\Local\Apple\AppleUpdate\Appleup.DLL
c:\users\tech-8\AppData\Local\ServicePTR.dll
c:\users\tech-8\AppData\Roaming\Microsoft\conhost.exe
c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\extensions\{07cd8b25-e4c4-4595-b4cd-1fc35c44eddd}
c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\extensions\{07cd8b25-e4c4-4595-b4cd-1fc35c44eddd}\chrome.manifest
c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\extensions\{07cd8b25-e4c4-4595-b4cd-1fc35c44eddd}\chrome\xulcache.jar
c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\extensions\{07cd8b25-e4c4-4595-b4cd-1fc35c44eddd}\defaults\preferences\xulcache.js
c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\extensions\{07cd8b25-e4c4-4595-b4cd-1fc35c44eddd}\install.rdf
c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\extensions\{7c1d9b96-5762-42f3-8e8b-62c1f506588a}
c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\extensions\{7c1d9b96-5762-42f3-8e8b-62c1f506588a}\chrome.manifest
c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\extensions\{7c1d9b96-5762-42f3-8e8b-62c1f506588a}\chrome\xulcache.jar
c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\extensions\{7c1d9b96-5762-42f3-8e8b-62c1f506588a}\defaults\preferences\xulcache.js
c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\extensions\{7c1d9b96-5762-42f3-8e8b-62c1f506588a}\install.rdf
c:\windows\iun6002.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-10-11 to 2011-11-11 )))))))))))))))))))))))))))))))
.
.
2011-11-11 18:37 . 2011-11-11 18:37 -------- d-----w- c:\users\Guest\AppData\Local\temp
2011-11-11 18:37 . 2011-11-11 18:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-11 18:18 . 2011-11-11 18:43 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F801A920-6AB1-456D-9D0A-F60DE49E1578}\offreg.dll
2011-11-11 14:37 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F801A920-6AB1-456D-9D0A-F60DE49E1578}\mpengine.dll
2011-11-10 04:19 . 2011-11-11 18:17 -------- d-----w- c:\users\tech-8\Tracing
2011-11-09 05:32 . 2011-09-29 16:03 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 05:32 . 2011-10-01 04:37 708608 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-09 05:32 . 2011-09-29 03:37 2341888 ----a-w- c:\windows\system32\win32k.sys
2011-11-06 07:00 . 2011-11-06 07:00 748336 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2011-11-06 06:13 . 2011-11-06 06:13 -------- d-----w- c:\windows\system32\SPReview
2011-11-06 05:31 . 2011-11-06 05:31 -------- d-----w- c:\windows\system32\EventProviders
2011-11-03 07:03 . 2011-11-03 07:03 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-10-16 23:55 . 2011-10-16 23:55 18139008 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
2011-10-12 22:29 . 2011-08-17 04:24 465408 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-12 22:29 . 2011-08-17 04:19 75776 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-12 22:29 . 2010-11-20 12:16 204288 ----a-w- c:\windows\system32\MSNP.ax
2011-10-12 22:29 . 2010-11-20 12:16 72704 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-10-12 22:29 . 2010-11-20 12:16 59904 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-10-12 22:29 . 2011-08-27 04:26 233472 ----a-w- c:\windows\system32\oleacc.dll
2011-10-12 22:29 . 2011-08-27 04:26 571904 ----a-w- c:\windows\system32\oleaut32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-11 18:16 . 2010-09-17 15:48 0 ----a-w- c:\users\tech-8\AppData\Local\WavXMapDrive.bat
2011-11-06 06:25 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-08-31 03:05 . 2011-08-31 03:05 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-31 03:05 . 2011-08-31 03:05 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-08-31 03:05 . 2011-08-31 03:05 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-08-31 03:05 . 2011-08-31 03:05 178536 ----a-w- c:\windows\system32\dnssdX.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2010-03-29 17:45 62832 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2010-03-29 17:45 62832 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-05-13 288112]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-05-26 495708]
"nwiz"="nwiz.exe" [2010-04-15 1657448]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-17 13838952]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2010-04-17 92776]
"IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"IMSS"="c:\program files\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" [2010-04-14 112152]
"DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2009-11-02 657920]
"WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2010-07-21 147840]
"USCService"="c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe" [2010-06-22 34232]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-12-29 140520]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-03-12 462993]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2009-08-25 136512]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2010-03-26 124224]
"DBRMTray"="c:\dell\DBRM\Reminder\DbrmTrayIcon.exe" [2010-05-20 206336]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-12 640376]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-10-09 421736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"DBRMTray"="c:\dell\DBRM\Reminder\TrayApp.exe" [2010-02-04 7168]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-1-8 828704]
Dell ControlPoint System Manager.lnk - c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe [2009-12-10 1327392]
TdmNotify.lnk - c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe [2010-3-29 132456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 InstallFilterService;FF Install Filter Service;c:\program files\STMicroelectronics\AccelerometerP11\InstallFilterService.exe [2010-01-10 60928]
R2 RDMPLocalService;RDM+ Local Service;c:\program files\RDM+\rdmpserv.exe [2011-02-28 1071616]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
R3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\Drivers\CtAudDrv.sys [2009-05-28 134144]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-03-26 66600]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
R3 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe86.sys [2010-03-21 48640]
R3 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe86.sys [2010-03-21 38912]
R3 Ser2rs;Radioshack USB to Serial Driver;c:\windows\system32\DRIVERS\ser2rs.sys [2007-06-25 76288]
R3 Svk2pl;GigawareX USB to Serial Driver;c:\windows\system32\DRIVERS\Svk2pl.sys [2010-04-01 81408]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-22 1343400]
S0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdfltn.sys [2010-01-18 17072]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2010-05-26 81920]
S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
S2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [2009-11-20 278304]
S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2010-03-24 812448]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2010-03-24 27040]
S2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [2009-12-10 386848]
S2 HMuKstOO;Kensington TrackballWorks Orbit Optical USB HID Device Filter Driver;c:\windows\system32\DRIVERS\HMuKstOO.sys [2010-05-20 51280]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 McAfeeEngineService;McAfee Engine Service;c:\program files\McAfee\VirusScan Enterprise\engineserver.exe [2010-03-26 22816]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2010-03-26 70728]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe86.sys [2010-03-21 59904]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-04-14 2533400]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2010-01-18 42672]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-01-11 274472]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-11 33320]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-09-16 144576]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2009-10-30 33832]
S3 dfmirage;dfmirage;c:\windows\system32\DRIVERS\dfmirage.sys [2009-05-29 34128]
S3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k6232.sys [2010-04-06 224424]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 125696]
S3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-01-28 68200]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.udel.edu/
uInternet Settings,ProxyServer = http=127.0.0.1:55556
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 128.175.13.16 128.175.13.17
FF - ProfilePath - c:\users\tech-8\AppData\Roaming\Mozilla\Firefox\Profiles\h0ob0dg6.default\
FF - prefs.js: browser.startup.homepage - hxxps://mail.udel.edu/wm/mail/login.html
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 55556
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: StumbleUpon: {AE93811A-5C9A-4d34-8462-F7B864FC4696} - %profile%\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
.
.
------- File Associations -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKCU-Run-conhost - c:\users\tech-8\AppData\Roaming\Microsoft\conhost.exe
HKCU-Run-KeyboardNotifierProfile - c:\programdata\KeyboardNotifierProfile.dll
HKCU-Run-Sysinternals Update - c:\users\tech-8\AppData\Local\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}Update\{DF6A221B-1F15-4623-8DB9-927E70DE50A2}up.DLL
HKCU-Run-Policies Update - c:\users\tech-8\AppData\Local\Apple\AppleUpdate\Appleup.DLL
AddRemove-Electra_Elite_IPK_Uninstall - c:\windows\iun6002.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\IDT\WDM\STacSV.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\McAfee\Common Framework\FrameworkService.exe
c:\program files\McAfee\VirusScan Enterprise\vstskmgr.exe
c:\program files\McAfee\Common Framework\naPrdMgr.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\McAfee\VirusScan Enterprise\mcshield.exe
c:\program files\McAfee\VirusScan Enterprise\mfeann.exe
c:\windows\system32\conhost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\taskhost.exe
c:\program files\RDM+\rdmpserv_cpanel.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Java\Java Update\jusched.exe
c:\windows\system32\consent.exe
.
**************************************************************************
.
Completion time: 2011-11-11 14:14:20 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-11 19:14
.
Pre-Run: 252,200,091,648 bytes free
Post-Run: 253,626,933,248 bytes free
.
- - End Of File - - 288EA8A0876C2B22884F66DCD2CB465A

#6 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,744 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:22 PM

Posted 16 November 2011 - 12:50 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/427417 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#7 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,744 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:22 PM

Posted 21 November 2011 - 12:55 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users