Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help to remove Sirefef.Y Virus


  • This topic is locked This topic is locked
3 replies to this topic

#1 aman_badyal

aman_badyal

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 19 June 2012 - 03:58 PM

I've got the Sirefef.Y virus on my Win 7 x64 laptop like others have reported recently and would appreciate your help in getting rid of it. The FRST log is below. The Search Log is in a new post.

FRST Scan Log:

Scan result of Farbar Recovery Scan Tool Version: 17-06-2012 04
Ran by SYSTEM at 19-06-2012 20:33:05
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-09] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [1128448 2012-01-09] (IDT, Inc.)
HKLM\...\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-10-31] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [336384 2011-07-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [169528 2011-06-30] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [336440 2011-06-13] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-05-17] (EasyBits Software AS)
HKLM-x32\...\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" [2416480 2012-01-24] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" [1104440 2012-06-12] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462408 2012-04-04] (Malwarebytes Corporation)
HKU\Navi\...\Run: [Google Update] "C:\Users\Navi\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2012-01-08] (Google Inc.)
HKU\Navi\...\Run: [Sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon [772096 2009-06-18] (Sony Ericsson Mobile Communications AB)
HKU\Navi\...\Run: [wecrer] rundll32.exe "C:\Users\Navi\AppData\Roaming\wecrer.dll",HrIndexOfMonth [115200 2012-06-16] (Duplex Secure Ltd.)
HKU\Navi\...\Run: [PSFactoryBuffer] "C:\Users\Navi\AppData\Local\PSFactoryBuffer\PSFactoryBuffer.exe" /y [x]
HKU\Navi\...\Run: [mgxtis] "C:\Windows\System32\rundll32.exe" "C:\Users\Navi\AppData\Roaming\mgxtis.dll",CountEntries [334848 2012-06-19] (M-Audio)
Tcpip\Parameters: [DhcpNameServer] 192.168.101.2 192.168.101.1 192.168.101.11

==================== Services (Whitelisted) ======

2 avgfws; "C:\Program Files (x86)\AVG\AVG2012\avgfws.exe" [2391832 2011-11-22] (AVG Technologies CZ, s.r.o.)
2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe" [4433248 2011-10-11] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" [192776 2011-08-01] (AVG Technologies CZ, s.r.o.)
2 ezSharedSvc; C:\Windows\SysWow64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS)
2 HP Support Assistant Service; "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [86072 2011-09-09] (Hewlett-Packard Company)
2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [35200 2012-03-05] (Hewlett-Packard Development Company, L.P.)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [654408 2012-04-04] (Malwarebytes Corporation)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [12600 2012-03-26] (Microsoft Corporation)
2 OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
2 vToolbarUpdater11.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [935480 2012-06-12] ()

========================== Drivers (Whitelisted) =============

1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [48992 2011-05-22] (AVG Technologies CZ, s.r.o.)
3 AVGIDSDriver; C:\Windows\System32\Drivers\AVGIDSDriver.sys [120400 2011-07-10] (AVG Technologies CZ, s.r.o. )
0 AVGIDSEH; C:\Windows\System32\Drivers\AVGIDSEH.sys [26704 2011-07-10] (AVG Technologies CZ, s.r.o. )
3 AVGIDSFilter; C:\Windows\System32\Drivers\AVGIDSFilter.sys [29776 2011-07-10] (AVG Technologies CZ, s.r.o. )
1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [283728 2011-10-06] (AVG Technologies CZ, s.r.o.)
1 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [46672 2011-08-07] (AVG Technologies CZ, s.r.o.)
0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [37456 2011-09-12] (AVG Technologies CZ, s.r.o.)
1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [375376 2011-07-10] (AVG Technologies CZ, s.r.o.)
3 clwvd; C:\Windows\System32\Drivers\clwvd.sys [31088 2010-07-28] (CyberLink Corporation)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24904 2012-04-04] (Malwarebytes Corporation)
3 NVENETFD; C:\Windows\System32\DRIVERS\nvm62x64.sys [408960 2009-06-10] (NVIDIA Corporation)
3 RTL8192Ce; C:\Windows\System32\Drivers\RTL8192Ce.sys [878184 2012-06-04] (Realtek Semiconductor Corporation )
3 s1018bus; C:\Windows\System32\Drivers\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
3 s1018mdfl; C:\Windows\System32\Drivers\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
3 s1018mdm; C:\Windows\System32\Drivers\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
3 s1018mgmt; C:\Windows\System32\Drivers\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
3 s1018nd5; C:\Windows\System32\Drivers\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
3 s1018obex; C:\Windows\System32\Drivers\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
3 s1018unic; C:\Windows\System32\Drivers\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-06-19 09:32 - 2012-06-19 09:32 - 00000151 ____A C:\Users\Navi\Documents\am.txt
2012-06-19 09:27 - 2012-06-19 10:29 - 00684402 ____A C:\Windows\ntbtlog.txt
2012-06-19 09:09 - 2012-06-19 09:09 - 00001945 ____A C:\Windows\epplauncher.mif
2012-06-19 09:08 - 2012-06-19 09:08 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-06-19 09:08 - 2012-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-06-19 09:07 - 2012-06-19 09:08 - 12621696 ____A (Microsoft Corporation) C:\Users\Navi\Downloads\mseinstall.exe
2012-06-19 08:27 - 2012-06-19 08:27 - 00000000 ____D C:\Users\Navi\AppData\Roaming\Malwarebytes
2012-06-19 08:27 - 2012-06-19 08:27 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-06-19 08:27 - 2012-06-19 08:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-19 08:27 - 2012-06-19 06:47 - 10063000 ____A (Malwarebytes Corporation ) C:\mbam-setup-1.61.0.1400.exe
2012-06-19 08:27 - 2012-04-04 06:56 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-06-19 07:00 - 2012-06-19 08:53 - 00000000 ____D C:\Program Files (x86)\GridinSoft Trojan Killer
2012-06-19 07:00 - 2012-06-19 07:00 - 26853544 ____A (GridinSoft LLC) C:\Users\Navi\Downloads\gtk2121-setup.exe
2012-06-19 06:54 - 2012-06-19 06:54 - 00334848 ____A (M-Audio) C:\Users\Navi\AppData\Roaming\mgxtis.dll
2012-06-19 06:54 - 2012-06-19 06:54 - 00000000 ____D C:\Users\Navi\AppData\Local\{A3744D09-BA1E-11E1-8270-B8AC6F996F26}
2012-06-16 07:37 - 2012-06-16 07:37 - 00000355 ____A C:\Users\Navi\Desktop\Computer - Shortcut.lnk
2012-06-16 06:28 - 2012-06-16 06:28 - 00000000 __SHD C:\Windows\System32\%APPDATA%
2012-06-16 06:24 - 2012-06-16 06:24 - 00115200 __ASH (Duplex Secure Ltd.) C:\Users\Navi\AppData\Roaming\wecrer.dll
2012-06-14 12:52 - 2012-05-17 18:47 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-14 12:52 - 2012-05-17 18:16 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-14 12:52 - 2012-05-17 18:06 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-14 12:52 - 2012-05-17 17:59 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-14 12:52 - 2012-05-17 17:59 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-14 12:52 - 2012-05-17 17:58 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-14 12:52 - 2012-05-17 17:58 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-14 12:52 - 2012-05-17 17:56 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-14 12:52 - 2012-05-17 17:55 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-14 12:52 - 2012-05-17 17:55 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-14 12:52 - 2012-05-17 17:54 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-14 12:52 - 2012-05-17 17:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-14 12:52 - 2012-05-17 17:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-14 12:52 - 2012-05-17 17:47 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-14 12:52 - 2012-05-17 15:11 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-14 12:52 - 2012-05-17 14:48 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-14 12:52 - 2012-05-17 14:45 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-14 12:52 - 2012-05-17 14:36 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-14 12:52 - 2012-05-17 14:35 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-14 12:52 - 2012-05-17 14:35 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-14 12:52 - 2012-05-17 14:33 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-14 12:52 - 2012-05-17 14:31 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-14 12:52 - 2012-05-17 14:29 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-14 12:52 - 2012-05-17 14:29 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-14 12:52 - 2012-05-17 14:27 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-14 12:52 - 2012-05-17 14:25 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-14 12:52 - 2012-05-17 14:24 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-14 12:52 - 2012-05-17 14:20 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-13 01:54 - 2012-05-14 17:32 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-13 01:54 - 2012-05-04 03:06 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-06-13 01:54 - 2012-05-04 02:03 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-06-13 01:54 - 2012-05-04 02:03 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-06-13 01:54 - 2012-04-30 21:40 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-06-13 01:54 - 2012-04-27 19:55 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-06-13 01:54 - 2012-04-25 21:41 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-06-13 01:54 - 2012-04-25 21:41 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-06-13 01:54 - 2012-04-25 21:34 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-06-13 01:54 - 2012-04-23 21:37 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-06-13 01:54 - 2012-04-23 21:37 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-06-13 01:54 - 2012-04-23 21:37 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-06-13 01:54 - 2012-04-23 20:36 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-06-13 01:54 - 2012-04-23 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-06-13 01:54 - 2012-04-23 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-06-13 01:54 - 2012-04-07 04:31 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-06-13 01:54 - 2012-04-07 03:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-06-12 01:15 - 2012-06-12 01:15 - 11954826 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_543 (1).mp3
2012-06-12 01:06 - 2012-06-12 01:06 - 11954826 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_543.mp3
2012-06-09 04:38 - 2012-06-09 04:38 - 00206066 ____A C:\Users\Navi\Downloads\Tirabad___Year_8_Course_21___28_September_2012.pdf
2012-06-09 00:36 - 2012-06-09 00:36 - 03121674 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_497.mp3
2012-06-08 02:40 - 2012-06-08 02:40 - 13854328 ____A C:\Users\Navi\Downloads\VWWSetup.exe
2012-06-08 02:40 - 2012-06-08 02:40 - 00000000 ____D C:\Program Files (x86)\Utherverse Digital Inc
2012-06-06 23:46 - 2012-06-06 23:53 - 07708257 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_678.mp3
2012-06-06 23:42 - 2012-06-06 23:49 - 01309928 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_678.mp3
2012-06-06 03:15 - 2012-06-06 03:16 - 11988472 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_670_ (1).mp3
2012-06-06 03:10 - 2012-06-06 03:10 - 11988472 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_670_.mp3
2012-06-03 23:01 - 2012-06-03 23:01 - 19703057 ____A C:\Users\Navi\Downloads\joined (7).mp3
2012-06-03 14:40 - 2012-06-03 14:40 - 05675824 ____A C:\Users\Navi\Downloads\Navdeep Kaur An Application.pdf
2012-06-03 10:58 - 2012-06-03 10:58 - 00000000 ____D C:\Users\Navi\AppData\Local\Wild Tangent
2012-06-01 22:52 - 2012-06-01 22:52 - 11840201 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_634 (2).mp3
2012-06-01 22:50 - 2012-06-01 22:51 - 11840201 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_634 (1).mp3
2012-06-01 22:50 - 2012-06-01 22:50 - 11840201 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_634.mp3
2012-06-01 15:16 - 2012-06-01 15:16 - 00000000 ____D C:\Users\Navi\AppData\Local\{CC6D368C-4B8A-4CEF-969E-1E2486F4E6C5}
2012-06-01 15:15 - 2012-06-01 15:16 - 00000000 ____D C:\Users\Navi\AppData\Local\{8CB7DBB6-FC66-4478-8A75-4979FFC04B4C}
2012-05-27 00:45 - 2012-05-27 00:45 - 02164446 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_517 (3).mp3
2012-05-27 00:44 - 2012-05-27 00:44 - 02164446 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_517.mp3
2012-05-27 00:44 - 2012-05-27 00:44 - 02164446 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_517 (2).mp3
2012-05-27 00:44 - 2012-05-27 00:44 - 02164446 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_517 (1).mp3
2012-05-27 00:29 - 2012-05-27 00:30 - 19083354 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_489 (6).mp3
2012-05-27 00:29 - 2012-05-27 00:29 - 19083354 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_489 (5).mp3
2012-05-27 00:29 - 2012-05-27 00:29 - 19083354 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_489 (4).mp3
2012-05-27 00:29 - 2012-05-27 00:29 - 19083354 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_489 (3).mp3
2012-05-27 00:26 - 2012-05-27 00:27 - 19083354 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_489 (2).mp3
2012-05-27 00:26 - 2012-05-27 00:26 - 19083354 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_489.mp3
2012-05-27 00:26 - 2012-05-27 00:26 - 19083354 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_489 (1).mp3


============ 3 Months Modified Files and Folders =============

2012-06-19 20:33 - 2012-06-19 20:32 - 00000000 ____D C:\FRST
2012-06-19 10:43 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-06-19 10:43 - 2009-07-13 20:51 - 00064833 ____A C:\Windows\setupact.log
2012-06-19 10:42 - 2012-01-08 10:19 - 3735977984 __ASH C:\pagefile.sys
2012-06-19 10:42 - 2011-11-25 01:12 - 2801983488 __ASH C:\hiberfil.sys
2012-06-19 10:41 - 2012-01-11 03:57 - 00000000 __SHD C:\Users\Navi\AppData\Local\{243a9a4b-3c89-9ec1-8efa-bfcc52325f1a}
2012-06-19 10:29 - 2012-06-19 09:27 - 00684402 ____A C:\Windows\ntbtlog.txt
2012-06-19 10:20 - 2012-01-14 15:12 - 00000000 ____D C:\Users\Navi\AppData\Local\CrashDumps
2012-06-19 09:58 - 2012-01-08 06:04 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-956735876-591256918-681856697-1001UA.job
2012-06-19 09:32 - 2012-06-19 09:32 - 00000151 ____A C:\Users\Navi\Documents\am.txt
2012-06-19 09:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows
2012-06-19 09:17 - 2011-11-25 01:01 - 00000000 ____D C:\Users\All Users\Norton
2012-06-19 09:17 - 2011-07-15 21:08 - 00000000 __SHD C:\System Volume Information
2012-06-19 09:17 - 2010-11-20 19:47 - 00403952 ____A C:\Windows\PFRO.log
2012-06-19 09:17 - 2009-07-13 19:20 - 00000000 ___RD C:\Program Files (x86)
2012-06-19 09:15 - 2011-11-25 00:41 - 02044746 ____A C:\Windows\WindowsUpdate.log
2012-06-19 09:13 - 2009-07-13 20:45 - 00032064 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-06-19 09:13 - 2009-07-13 20:45 - 00032064 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-06-19 09:09 - 2012-06-19 09:09 - 00001945 ____A C:\Windows\epplauncher.mif
2012-06-19 09:09 - 2012-04-29 05:30 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-06-19 09:08 - 2012-06-19 09:08 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-06-19 09:08 - 2012-06-19 09:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-06-19 09:08 - 2012-06-19 09:07 - 12621696 ____A (Microsoft Corporation) C:\Users\Navi\Downloads\mseinstall.exe
2012-06-19 09:08 - 2011-11-25 00:48 - 00789006 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-06-19 09:08 - 2009-07-13 19:20 - 00000000 ___RD C:\Program Files
2012-06-19 09:00 - 2012-05-08 11:11 - 00000000 ____D C:\Program Files (x86)\I Want This
2012-06-19 09:00 - 2012-04-01 10:17 - 00000000 ____D C:\Users\All Users\TheBflix
2012-06-19 09:00 - 2012-04-01 04:56 - 00000000 ____D C:\Users\All Users\Codecv
2012-06-19 08:53 - 2012-06-19 07:00 - 00000000 ____D C:\Program Files (x86)\GridinSoft Trojan Killer
2012-06-19 08:27 - 2012-06-19 08:27 - 00000000 ____D C:\Users\Navi\AppData\Roaming\Malwarebytes
2012-06-19 08:27 - 2012-06-19 08:27 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-06-19 08:27 - 2012-06-19 08:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-19 08:27 - 2009-07-13 19:20 - 00000000 ___HD C:\ProgramData
2012-06-19 07:00 - 2012-06-19 07:00 - 26853544 ____A (GridinSoft LLC) C:\Users\Navi\Downloads\gtk2121-setup.exe
2012-06-19 06:58 - 2012-01-08 06:04 - 00000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-956735876-591256918-681856697-1001Core.job
2012-06-19 06:54 - 2012-06-19 06:54 - 00334848 ____A (M-Audio) C:\Users\Navi\AppData\Roaming\mgxtis.dll
2012-06-19 06:54 - 2012-06-19 06:54 - 00000000 ____D C:\Users\Navi\AppData\Local\{A3744D09-BA1E-11E1-8270-B8AC6F996F26}
2012-06-19 06:54 - 2009-07-13 21:13 - 00779724 ____A C:\Windows\System32\PerfStringBackup.INI
2012-06-19 06:47 - 2012-06-19 08:27 - 10063000 ____A (Malwarebytes Corporation ) C:\mbam-setup-1.61.0.1400.exe
2012-06-16 07:37 - 2012-06-16 07:37 - 00000355 ____A C:\Users\Navi\Desktop\Computer - Shortcut.lnk
2012-06-16 07:36 - 2012-01-10 07:21 - 00000000 ____D C:\Users\Navi\Documents\Youcam
2012-06-16 06:28 - 2012-06-16 06:28 - 00000000 __SHD C:\Windows\System32\%APPDATA%
2012-06-16 06:26 - 2012-01-09 13:58 - 00000000 ____D C:\Users\Navi\AppData\Roaming\Skype
2012-06-16 06:24 - 2012-06-16 06:24 - 00115200 __ASH (Duplex Secure Ltd.) C:\Users\Navi\AppData\Roaming\wecrer.dll
2012-06-16 06:24 - 2012-01-08 02:23 - 00000000 ____D C:\Users\Navi\AppData\Local\VirtualStore
2012-06-14 15:07 - 2009-07-13 20:45 - 00292680 ____A C:\Windows\System32\FNTCACHE.DAT
2012-06-12 23:49 - 2012-03-09 15:01 - 00000000 ____D C:\Users\All Users\AVG Secure Search
2012-06-12 23:49 - 2012-03-09 15:01 - 00000000 ____D C:\Program Files (x86)\AVG Secure Search
2012-06-12 01:15 - 2012-06-12 01:15 - 11954826 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_543 (1).mp3
2012-06-12 01:06 - 2012-06-12 01:06 - 11954826 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_543.mp3
2012-06-11 23:09 - 2012-01-08 06:04 - 00002350 ____A C:\Users\Navi\Desktop\Google Chrome.lnk
2012-06-09 04:38 - 2012-06-09 04:38 - 00206066 ____A C:\Users\Navi\Downloads\Tirabad___Year_8_Course_21___28_September_2012.pdf
2012-06-09 00:36 - 2012-06-09 00:36 - 03121674 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_497.mp3
2012-06-08 02:40 - 2012-06-08 02:40 - 13854328 ____A C:\Users\Navi\Downloads\VWWSetup.exe
2012-06-08 02:40 - 2012-06-08 02:40 - 00000000 ____D C:\Program Files (x86)\Utherverse Digital Inc
2012-06-06 23:53 - 2012-06-06 23:46 - 07708257 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_678.mp3
2012-06-06 23:49 - 2012-06-06 23:42 - 01309928 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_678.mp3
2012-06-06 03:16 - 2012-06-06 03:15 - 11988472 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_670_ (1).mp3
2012-06-06 03:10 - 2012-06-06 03:10 - 11988472 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_670_.mp3
2012-06-05 07:22 - 2012-01-30 04:33 - 00000328 ____A C:\Windows\Tasks\HPCeeScheduleForNavi.job
2012-06-04 15:02 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF
2012-06-04 07:56 - 2012-01-08 02:22 - 00000000 ____D C:\users\Navi
2012-06-04 07:55 - 2012-01-09 07:43 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log
2012-06-04 07:54 - 2011-07-15 21:16 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2012-06-04 07:54 - 2011-02-10 11:23 - 00000000 ____D C:\SWSetup
2012-06-04 07:53 - 2011-11-25 00:53 - 00878184 ____A (Realtek Semiconductor Corporation ) C:\Windows\System32\Drivers\rtl8192ce.sys
2012-06-04 07:53 - 2011-11-25 00:51 - 00000000 ____D C:\Program Files (x86)\Realtek
2012-06-04 07:52 - 2011-07-15 21:27 - 00000000 ____D C:\Users\All Users\Hewlett-Packard
2012-06-04 02:16 - 2012-01-16 04:24 - 00000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2012-06-03 23:01 - 2012-06-03 23:01 - 19703057 ____A C:\Users\Navi\Downloads\joined (7).mp3
2012-06-03 14:40 - 2012-06-03 14:40 - 05675824 ____A C:\Users\Navi\Downloads\Navdeep Kaur An Application.pdf
2012-06-03 10:58 - 2012-06-03 10:58 - 00000000 ____D C:\Users\Navi\AppData\Local\Wild Tangent
2012-06-03 10:57 - 2011-07-15 21:22 - 00002590 ____N C:\Users\Public\Desktop\WildTangent Games App - hp.lnk
2012-06-03 08:00 - 2011-11-25 01:31 - 00000000 ___RD C:\Users\Public\Recorded TV
2012-06-01 22:52 - 2012-06-01 22:52 - 11840201 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_634 (2).mp3
2012-06-01 22:51 - 2012-06-01 22:50 - 11840201 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_634 (1).mp3
2012-06-01 22:50 - 2012-06-01 22:50 - 11840201 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_634.mp3
2012-06-01 15:16 - 2012-06-01 15:16 - 00000000 ____D C:\Users\Navi\AppData\Local\{CC6D368C-4B8A-4CEF-969E-1E2486F4E6C5}
2012-06-01 15:16 - 2012-06-01 15:15 - 00000000 ____D C:\Users\Navi\AppData\Local\{8CB7DBB6-FC66-4478-8A75-4979FFC04B4C}
2012-06-01 15:15 - 2012-02-08 01:22 - 00000000 ____D C:\Users\Navi\AppData\Local\Windows Live
2012-05-27 00:45 - 2012-05-27 00:45 - 02164446 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_517 (3).mp3
2012-05-27 00:44 - 2012-05-27 00:44 - 02164446 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_517.mp3
2012-05-27 00:44 - 2012-05-27 00:44 - 02164446 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_517 (2).mp3
2012-05-27 00:44 - 2012-05-27 00:44 - 02164446 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_517 (1).mp3
2012-05-27 00:30 - 2012-05-27 00:29 - 19083354 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_489 (6).mp3
2012-05-27 00:29 - 2012-05-27 00:29 - 19083354 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_489 (5).mp3
2012-05-27 00:29 - 2012-05-27 00:29 - 19083354 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_489 (4).mp3
2012-05-27 00:29 - 2012-05-27 00:29 - 19083354 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_489 (3).mp3
2012-05-27 00:27 - 2012-05-27 00:26 - 19083354 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_489 (2).mp3
2012-05-27 00:26 - 2012-05-27 00:26 - 19083354 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_489.mp3
2012-05-27 00:26 - 2012-05-27 00:26 - 19083354 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_489 (1).mp3
2012-05-18 22:26 - 2012-05-18 22:26 - 11328097 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_547.mp3
2012-05-17 18:47 - 2012-06-14 12:52 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-05-17 18:16 - 2012-06-14 12:52 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-05-17 18:06 - 2012-06-14 12:52 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-05-17 17:59 - 2012-06-14 12:52 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-05-17 17:59 - 2012-06-14 12:52 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-05-17 17:58 - 2012-06-14 12:52 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-05-17 17:58 - 2012-06-14 12:52 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-05-17 17:56 - 2012-06-14 12:52 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-05-17 17:55 - 2012-06-14 12:52 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-05-17 17:55 - 2012-06-14 12:52 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-05-17 17:54 - 2012-06-14 12:52 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-05-17 17:51 - 2012-06-14 12:52 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-05-17 17:51 - 2012-06-14 12:52 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-05-17 17:47 - 2012-06-14 12:52 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-05-17 15:11 - 2012-06-14 12:52 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-05-17 14:48 - 2012-06-14 12:52 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-05-17 14:45 - 2012-06-14 12:52 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-05-17 14:36 - 2012-06-14 12:52 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-05-17 14:35 - 2012-06-14 12:52 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-05-17 14:35 - 2012-06-14 12:52 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-05-17 14:33 - 2012-06-14 12:52 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-05-17 14:31 - 2012-06-14 12:52 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-05-17 14:29 - 2012-06-14 12:52 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-05-17 14:29 - 2012-06-14 12:52 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-05-17 14:27 - 2012-06-14 12:52 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-05-17 14:25 - 2012-06-14 12:52 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-05-17 14:24 - 2012-06-14 12:52 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-05-17 14:20 - 2012-06-14 12:52 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-05-15 23:37 - 2012-05-15 23:37 - 02016697 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_578 (1).mp3
2012-05-15 23:06 - 2012-05-15 23:06 - 02016697 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_578.mp3
2012-05-14 17:32 - 2012-06-13 01:54 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-05-12 13:49 - 2011-07-15 21:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-05-12 12:27 - 2011-11-25 00:50 - 00163892 ____A C:\Windows\DPINST.LOG
2012-05-12 12:26 - 2012-05-12 12:26 - 00148736 ____A (Avanquest Software) C:\Users\All Users\hpe1C76.dll
2012-05-12 12:26 - 2012-05-12 12:26 - 00002210 ____A C:\Users\Public\Desktop\Sony Ericsson PC Suite 6.0.lnk
2012-05-12 12:26 - 2012-05-12 12:17 - 00000000 ____D C:\Users\All Users\Sony Ericsson
2012-05-12 12:26 - 2012-05-12 12:17 - 00000000 ____D C:\Program Files (x86)\Sony Ericsson
2012-05-12 12:26 - 2011-07-15 21:38 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-05-12 12:20 - 2012-05-12 12:20 - 00000000 ____D C:\Users\Navi\AppData\Roaming\Sony Setup
2012-05-12 12:20 - 2012-05-12 12:20 - 00000000 ____D C:\Users\Navi\AppData\Roaming\Sony
2012-05-12 12:19 - 2012-05-12 12:19 - 00000000 ____D C:\Users\Navi\AppData\Local\Sony Ericsson
2012-05-12 12:17 - 2012-05-12 12:17 - 00002260 ____A C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.5.lnk
2012-05-10 12:55 - 2012-04-08 12:11 - 00000000 ____D C:\Users\Navi\AppData\Roaming\SoftGrid Client
2012-05-10 12:53 - 2012-05-10 12:53 - 00495104 ____A C:\Users\Navi\Downloads\20111221_ICAS1_Assessment_book_Cookridge_Carpets (2).doc
2012-05-10 12:53 - 2012-05-10 12:53 - 00495104 ____A C:\Users\Navi\Downloads\20111221_ICAS1_Assessment_book_Cookridge_Carpets (2) (1).doc
2012-05-10 12:52 - 2012-05-10 12:52 - 00495104 ____A C:\Users\Navi\Downloads\20111221_ICAS1_Assessment_book_Cookridge_Carpets (1).doc
2012-05-09 09:10 - 2012-05-09 09:10 - 00015381 ____A C:\Users\Navi\Downloads\Icarus and Daedalus (3).docx
2012-05-09 07:05 - 2012-01-08 05:47 - 00063696 ____A C:\Users\Navi\AppData\Local\GDIPFONTCACHEV1.DAT
2012-05-08 11:35 - 2012-05-08 11:35 - 00000000 ____D C:\Users\Navi\AppData\Roaming\OfficeSuiteX
2012-05-08 11:34 - 2012-05-08 11:26 - 00000000 ____D C:\Users\Navi\Desktop\OfSX
2012-05-08 11:32 - 2012-05-08 11:32 - 00001120 ____A C:\Users\Public\Desktop\Office Suite X 3.3.lnk
2012-05-08 11:32 - 2012-05-08 11:32 - 00000000 ____D C:\Program Files (x86)\Office Suite X 3
2012-05-08 11:31 - 2012-05-08 11:31 - 00000000 ____D C:\Users\All Users\Sun
2012-05-08 11:27 - 2012-05-08 11:27 - 00472808 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2012-05-08 11:27 - 2012-05-08 11:27 - 00153376 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2012-05-08 11:27 - 2012-05-08 11:27 - 00145184 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2012-05-08 11:27 - 2012-05-08 11:27 - 00145184 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2012-05-08 11:27 - 2012-05-08 11:27 - 00000000 ____D C:\Program Files (x86)\Java
2012-05-08 11:11 - 2012-04-01 10:17 - 00000498 ____A C:\user.js
2012-05-08 11:10 - 2012-05-08 11:10 - 00521688 ____A C:\Users\Navi\Downloads\WordInstaller.exe
2012-05-08 11:08 - 2012-05-08 11:08 - 00000000 ____A C:\Users\Navi\Documents\New Microsoft Word Document.docx
2012-05-08 10:55 - 2012-05-08 10:55 - 00014726 ____A C:\Users\Navi\Downloads\Icarus and Daedalus (2).docx
2012-05-08 10:55 - 2012-05-08 10:55 - 00014726 ____A C:\Users\Navi\Downloads\Icarus and Daedalus (1).docx
2012-05-08 10:50 - 2012-05-08 10:50 - 00014726 ____A C:\Users\Navi\Downloads\Icarus and Daedalus.docx
2012-05-08 10:50 - 2012-05-08 10:50 - 00000000 ____D C:\Users\Navi\AppData\Local\{EF2F6AF9-D213-4195-83AD-613C35B8A5AC}
2012-05-04 03:06 - 2012-06-13 01:54 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-05-04 02:03 - 2012-06-13 01:54 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-05-04 02:03 - 2012-06-13 01:54 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-05-03 23:53 - 2012-05-03 23:53 - 19494417 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_668.mp3
2012-05-02 01:27 - 2012-05-02 01:27 - 19805640 ____A C:\Users\Navi\Downloads\joined (6).mp3
2012-05-02 00:47 - 2012-05-02 00:47 - 19805640 ____A C:\Users\Navi\Downloads\joined (5).mp3
2012-05-02 00:32 - 2012-05-02 00:32 - 19805640 ____A C:\Users\Navi\Downloads\joined (4).mp3
2012-04-30 21:40 - 2012-06-13 01:54 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-04-30 01:28 - 2012-04-30 01:28 - 11246908 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_639 (4).mp3
2012-04-30 01:25 - 2012-04-30 01:25 - 00000000 ____D C:\Users\Navi\AppData\Local\AVG Secure Search
2012-04-29 07:02 - 2012-04-29 07:02 - 00000000 ____D C:\Users\Navi\AppData\Local\{51A93D46-84E2-4D5E-934C-C6B6A6132B8A}
2012-04-29 05:30 - 2012-04-29 05:30 - 00418464 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-04-29 05:30 - 2012-04-29 05:30 - 00000000 ____D C:\Windows\System32\Macromed
2012-04-29 05:30 - 2011-07-15 21:20 - 00070304 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-04-29 05:30 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2012-04-27 19:55 - 2012-06-13 01:54 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-04-27 00:21 - 2012-04-27 00:21 - 02786578 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_760.mp3
2012-04-26 08:31 - 2012-04-26 08:31 - 00000000 ____D C:\Users\Navi\Documents\suk
2012-04-26 08:18 - 2012-04-26 08:18 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2012-04-25 21:41 - 2012-06-13 01:54 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-04-25 21:41 - 2012-06-13 01:54 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-04-25 21:34 - 2012-06-13 01:54 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-04-24 01:32 - 2012-04-24 01:32 - 19703057 ____A C:\Users\Navi\Downloads\joined (3).mp3
2012-04-23 21:37 - 2012-06-13 01:54 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-04-23 21:37 - 2012-06-13 01:54 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-04-23 21:37 - 2012-06-13 01:54 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-04-23 20:36 - 2012-06-13 01:54 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-04-23 20:36 - 2012-06-13 01:54 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-04-23 20:36 - 2012-06-13 01:54 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-04-21 01:43 - 2012-04-21 01:43 - 05704501 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_896 (1).mp3
2012-04-21 01:36 - 2012-04-21 01:36 - 05704501 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_896.mp3
2012-04-20 00:04 - 2012-04-20 00:04 - 01071378 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_793.mp3
2012-04-19 00:26 - 2012-04-19 00:26 - 18867948 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_537.mp3
2012-04-19 00:19 - 2012-04-19 00:19 - 01808554 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_537 (1).mp3
2012-04-18 02:37 - 2012-04-18 02:37 - 01795806 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_500 (1).mp3
2012-04-18 02:37 - 2012-04-18 02:36 - 01795806 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_500.mp3
2012-04-17 00:24 - 2012-04-17 00:24 - 13402637 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_466.mp3
2012-04-17 00:13 - 2012-04-17 00:13 - 02581778 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_446.mp3
2012-04-15 12:50 - 2012-04-15 12:50 - 00000000 __RHD C:\MSOCache
2012-04-15 11:18 - 2012-04-15 11:18 - 00000162 ___AH C:\Users\Navi\Documents\~$111221_ICAS1_Assessment_book_Cookridge_Carpets.doc
2012-04-15 00:23 - 2012-04-15 00:23 - 20013000 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_761_.mp3
2012-04-13 06:49 - 2011-07-15 21:22 - 00000000 ____D C:\Users\All Users\WildTangent
2012-04-13 06:41 - 2012-03-31 04:47 - 00000000 ____D C:\Users\Navi\AppData\Local\Microsoft Games
2012-04-12 14:42 - 2012-04-12 14:42 - 00495104 ____A C:\Users\Navi\Documents\20111221_ICAS1_Assessment_book_Cookridge_Carpets.doc
2012-04-12 14:38 - 2012-04-12 14:38 - 00495104 ____A C:\Users\Navi\Downloads\20111221_ICAS1_Assessment_book_Cookridge_Carpets.doc
2012-04-12 08:21 - 2012-04-12 08:20 - 11682820 ____A C:\Users\Navi\Downloads\amanPic.png
2012-04-11 23:08 - 2012-04-11 23:08 - 10761240 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_515 (4).mp3
2012-04-11 23:07 - 2012-04-11 23:07 - 10761240 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_515 (3).mp3
2012-04-11 23:06 - 2012-04-11 23:06 - 10761240 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_515 (2).mp3
2012-04-11 22:45 - 2012-04-11 22:45 - 10761240 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_515 (1).mp3
2012-04-11 22:32 - 2012-04-11 22:32 - 10761240 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_515.mp3
2012-04-10 22:19 - 2012-04-10 22:19 - 11286928 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_506 (9).mp3
2012-04-10 22:07 - 2012-04-10 22:07 - 04119032 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_506 (3).mp3
2012-04-10 22:06 - 2009-07-13 21:08 - 00032560 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-04-09 23:53 - 2012-04-09 06:41 - 00000000 ____D C:\Users\All Users\VirtualizedApplications
2012-04-09 12:32 - 2012-04-08 12:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2012-04-09 07:25 - 2012-03-09 15:00 - 00000000 ____D C:\Windows\System32\Drivers\AVG
2012-04-08 12:37 - 2012-04-08 12:37 - 03869480 ____A (AVG Technologies) C:\Users\Navi\Downloads\avg_free_stb_all_2012_2125_cnet.exe
2012-04-08 12:37 - 2012-03-09 14:52 - 00000000 ____D C:\Users\All Users\MFAData
2012-04-08 12:12 - 2012-04-08 12:10 - 00000000 ____D C:\Users\Navi\AppData\Roaming\TP
2012-04-08 12:11 - 2012-04-08 12:11 - 00000000 ____D C:\Users\Navi\AppData\Local\SoftGrid Client
2012-04-08 12:10 - 2012-04-08 12:10 - 00000000 ____D C:\Program Files\Microsoft Office
2012-04-08 12:10 - 2011-07-15 21:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2012-04-08 12:10 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2012-04-08 12:09 - 2012-04-08 12:09 - 00126464 ____A C:\Users\Navi\Downloads\DanR_ICAS_PCS_22_Apr_2010.doc
2012-04-08 00:38 - 2012-04-08 00:38 - 11286928 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_506 (8).mp3
2012-04-08 00:38 - 2012-04-08 00:38 - 11286928 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_506 (7).mp3
2012-04-08 00:37 - 2012-04-08 00:37 - 11286928 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_506 (6).mp3
2012-04-08 00:37 - 2012-04-08 00:37 - 11286928 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_506 (5).mp3
2012-04-08 00:37 - 2012-04-08 00:37 - 11286928 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_506 (4).mp3
2012-04-08 00:37 - 2012-04-08 00:37 - 11286928 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_506 (3).mp3
2012-04-08 00:37 - 2012-04-08 00:37 - 04119032 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_506 (2).mp3
2012-04-08 00:37 - 2012-04-08 00:37 - 04119032 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_506 (1).mp3
2012-04-08 00:37 - 2012-04-08 00:36 - 11286928 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_506 (2).mp3
2012-04-08 00:36 - 2012-04-08 00:36 - 11286928 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_506 (1).mp3
2012-04-08 00:23 - 2012-04-08 00:23 - 11286928 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_506.mp3
2012-04-08 00:21 - 2012-04-08 00:21 - 04119032 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_506.mp3
2012-04-08 00:06 - 2012-04-08 00:06 - 01224176 ____A (Google Inc.) C:\Users\Navi\Downloads\chrome (1).exe
2012-04-07 04:31 - 2012-06-13 01:54 - 03216384 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-04-07 03:26 - 2012-06-13 01:54 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2012-04-06 23:34 - 2012-04-06 23:34 - 20268634 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_542 (1).mp3
2012-04-06 23:29 - 2012-04-06 23:29 - 02235813 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_542.mp3
2012-04-06 23:28 - 2012-04-06 23:27 - 20268634 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_542.mp3
2012-04-06 05:52 - 2012-04-06 05:52 - 13817434 ____A C:\Users\Navi\Downloads\joined (2).mp3
2012-04-06 01:23 - 2012-04-06 01:23 - 13817434 ____A C:\Users\Navi\Downloads\joined (1).mp3
2012-04-06 01:23 - 2012-04-06 01:23 - 01413138 ____A C:\Users\Navi\Downloads\recorded_audio_06-jan-2011_08-02-46_am (1).mp3
2012-04-06 01:22 - 2012-04-06 01:22 - 01413138 ____A C:\Users\Navi\Downloads\recorded_audio_06-jan-2011_08-02-46_am.mp3
2012-04-05 12:13 - 2012-04-05 12:13 - 00000000 ___HD C:\$AVG
2012-04-05 00:40 - 2012-04-05 00:40 - 22031194 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_637 (1).mp3
2012-04-05 00:40 - 2012-04-05 00:39 - 22031194 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_637.mp3
2012-04-04 06:56 - 2012-06-19 08:27 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-04-01 10:17 - 2012-04-01 10:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-04-01 10:17 - 2012-04-01 10:17 - 00000000 ____D C:\Program Files (x86)\Incredibar.com
2012-04-01 04:57 - 2012-04-01 04:57 - 00000000 ____D C:\Users\All Users\Premium
2012-04-01 04:56 - 2012-04-01 04:56 - 00000000 ____D C:\codec-info
2012-03-30 03:35 - 2012-05-10 22:46 - 01918320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-03-29 00:09 - 2012-03-29 00:09 - 01808554 ____A C:\Users\Navi\Downloads\harmandir_sahib_hukam-ang_537.mp3
2012-03-28 12:12 - 2012-03-28 12:12 - 01201468 ____A C:\Users\Navi\Downloads\sgpcnetjan10.ang535.mp3
2012-03-27 11:32 - 2012-03-27 11:31 - 07405608 ____A C:\Users\Navi\Downloads\pic.pdf
2012-03-27 08:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2012-03-24 12:53 - 2012-03-24 12:53 - 17088748 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_569.mp3
2012-03-22 06:36 - 2012-03-22 06:34 - 18871423 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_666 (1).mp3
2012-03-22 06:34 - 2012-03-22 06:33 - 18871423 ____A C:\Users\Navi\Downloads\punjabi_hukam_katha-ang_666.mp3

ZeroAccess:
C:\Windows\Installer\{243a9a4b-3c89-9ec1-8efa-bfcc52325f1a}
C:\Windows\Installer\{243a9a4b-3c89-9ec1-8efa-bfcc52325f1a}\@
C:\Windows\Installer\{243a9a4b-3c89-9ec1-8efa-bfcc52325f1a}\L
C:\Windows\Installer\{243a9a4b-3c89-9ec1-8efa-bfcc52325f1a}\n
C:\Windows\Installer\{243a9a4b-3c89-9ec1-8efa-bfcc52325f1a}\U

ZeroAccess:
C:\Users\Navi\AppData\Local\{243a9a4b-3c89-9ec1-8efa-bfcc52325f1a}
C:\Users\Navi\AppData\Local\{243a9a4b-3c89-9ec1-8efa-bfcc52325f1a}\@
C:\Users\Navi\AppData\Local\{243a9a4b-3c89-9ec1-8efa-bfcc52325f1a}\L
C:\Users\Navi\AppData\Local\{243a9a4b-3c89-9ec1-8efa-bfcc52325f1a}\n
C:\Users\Navi\AppData\Local\{243a9a4b-3c89-9ec1-8efa-bfcc52325f1a}\U
C:\Users\Navi\AppData\Local\{243a9a4b-3c89-9ec1-8efa-bfcc52325f1a}\U\00000001.@
C:\Users\Navi\AppData\Local\{243a9a4b-3c89-9ec1-8efa-bfcc52325f1a}\U\80000000.@
C:\Users\Navi\AppData\Local\{243a9a4b-3c89-9ec1-8efa-bfcc52325f1a}\U\800000cb.@

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 014A9CB92514E27C0107614DF764BC06 ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 18%
Total physical RAM: 3562.91 MB
Available physical RAM: 2887.34 MB
Total Pagefile: 3561.05 MB
Available Pagefile: 2876.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:446.91 GB) (Free:403.13 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive e: (Recovery) (Fixed) (Total:14.69 GB) (Free:1.63 GB) NTFS
3 Drive f: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.1 GB) FAT32
5 Drive h: (UDISK) (Removable) (Total:0.95 GB) (Free:0.27 GB) FAT
6 Drive x: (Boot) (Fixed) (Total:0.25 GB) (Free:0.25 GB) NTFS
7 Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 970 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 199 MB 1024 KB
Partition 2 Primary 446 GB 200 MB
Partition 3 Primary 14 GB 447 GB
Partition 4 Primary 4063 MB 461 GB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM NTFS Partition 199 MB Healthy

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 446 GB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E Recovery NTFS Partition 14 GB Healthy

======================================================================================================

Disk: 0
Partition 4
Type : 0C
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 F HP_TOOLS FAT32 Partition 4063 MB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 969 MB 16 KB

======================================================================================================

Disk: 1
Partition 1
Type : 06
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H UDISK FAT Removable 969 MB Healthy

======================================================================================================

==========================================================

Last Boot: 2012-06-09 00:12

======================= End Of Log ==========================

Search Log:

Farbar Recovery Scan Tool Version: 17-06-2012 04
Ran by SYSTEM at 2012-06-19 20:35:20
Running from H:\

================== Search: "services.exe" ===================

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 014A9CB92514E27C0107614DF764BC06

====== End Of Search ======

BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:17 AM

Posted 19 June 2012 - 04:00 PM

Hello aman_badyal,
  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

  • Finally, please reply using the ADD REPLY button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.


Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt

HKU\Navi\...\Run: [wecrer] rundll32.exe "C:\Users\Navi\AppData\Roaming\wecrer.dll",HrIndexOfMonth [115200 2012-06-16] (Duplex Secure Ltd.)
HKU\Navi\...\Run: [mgxtis] "C:\Windows\System32\rundll32.exe" "C:\Users\Navi\AppData\Roaming\mgxtis.dll",CountEntries [334848 2012-06-19] (M-Audio)
C:\Windows\Installer\{243a9a4b-3c89-9ec1-8efa-bfcc52325f1a}
C:\Users\Navi\AppData\Local\{243a9a4b-3c89-9ec1-8efa-bfcc52325f1a}
C:\Users\Navi\AppData\Roaming\wecrer.dll
C:\Users\Navi\AppData\Roaming\mgxtis.dll
Replace: C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\Windows\System32\services.exe


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the BartPE CD.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Edited by fireman4it, 19 June 2012 - 04:15 PM.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:17 AM

Posted 21 June 2012 - 02:06 PM

Hello.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 3-5 days the topic will need to be closed.

Thanks for understanding :)

With Regards,
fireman4it

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:17 AM

Posted 24 June 2012 - 11:21 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users