Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

nasty sirefef infection.


  • This topic is locked This topic is locked
2 replies to this topic

#1 blathmac

blathmac

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:03 AM

Posted 01 August 2012 - 04:39 PM

Hello.
I am hoping someone could help: i have the sirefef infection and i got to the point where my comp reboots every 60 seconds. not nearly enough time to run any tools. first thing it seems that people are asked to do, is run frst64. so here are the results. I am hoping someone could help me.

Thank you:

frst.txt:
Scan result of Farbar Recovery Scan Tool Version: 25-07-2012 01
Ran by SYSTEM at 01-08-2012 16:30:36
Running from G:\
Windows 7 Ultimate (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [nwiz] nwiz.exe /install [x]
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [16329760 2009-06-16] (NVIDIA Corporation)
HKLM\...\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start [93728 2009-06-16] (NVIDIA Corporation)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-09] (IDT, Inc.)
HKLM\...\Run: [picon] "C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe" [111640 2010-02-04] ()
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-27] (Apple Inc.)
HKU\concentriq\...\Run: [Google Update] "C:\Users\concentriq\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-01-23] (Google Inc.)
HKU\concentriq\...\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59240 2012-02-23] (Apple Inc.)
HKU\concentriq\...\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Google Calendar Sync.lnk
ShortcutTarget: Google Calendar Sync.lnk -> C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Windows Home Server.lnk
ShortcutTarget: Windows Home Server.lnk -> C:\Windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe (Microsoft Corporation)
Startup: C:\Users\concentriq\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Services (Whitelisted) ======

2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
2 arXfrSvc; "C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe" [231280 2011-01-10] (Microsoft Corporation)
2 esClient; "C:\Program Files\Windows Home Server\esClient.exe" [109936 2011-01-10] (Microsoft Corporation)
2 HPMSSConnectorSvc; "C:\Program Files\Hewlett-Packard\HP MediaSmart Server\MSSConnectorService.exe" [20992 2009-10-26] (HP)
2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2010-02-04] (Intel Corporation)
2 MediaCollectorService; "C:\Program Files\Hewlett-Packard\HP MediaSmart Server\MediaCollectorClient.exe" [81920 2009-10-26] (Hewlett-Packard Company)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [12600 2012-03-26] (Microsoft Corporation)
2 MSSQL$SQLEXPRESS; "C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS [57617752 2009-03-30] (Microsoft Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [291696 2012-03-26] (Microsoft Corporation)
4 SQLAgent$SQLEXPRESS; "C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE" -i SQLEXPRESS [427880 2009-03-30] (Microsoft Corporation)
2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\STacSV64.exe [244736 2010-03-09] (IDT, Inc.)
2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation)
2 WHSConnector; "C:\Program Files\Windows Home Server\WHSConnector.exe" [489840 2011-01-10] (Microsoft Corporation)

========================== Drivers (Whitelisted) =============

3 COREINFO100; \??\C:\Windows\system32\Drivers\COREINFO100.SYS [x]
3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [x]
3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [x]
3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-08-01 13:10 - 2012-08-01 13:10 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.A6A268BA6088EDC5
2012-08-01 13:07 - 2012-08-01 13:10 - 00138849 ____A C:\Users\concentriq\Desktop\yorkyt.exe.log
2012-08-01 13:07 - 2012-08-01 13:07 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.74AC98FC62FAB341
2012-08-01 13:07 - 2012-08-01 13:02 - 01415784 ____A C:\Users\concentriq\Desktop\yorkyt.exe
2012-08-01 13:00 - 2012-08-01 13:00 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.80AC18F4A909A879
2012-08-01 12:46 - 2012-08-01 12:46 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.B5A3BC7D4F5EA5CC
2012-08-01 12:39 - 2012-08-01 12:39 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.A159C39437C7AB4B
2012-08-01 12:36 - 2012-08-01 12:36 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.D5A8D3B2D8AD5203
2012-08-01 12:14 - 2012-08-01 12:14 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.B2B463F513F841C9
2012-08-01 12:11 - 2012-08-01 12:11 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.77F26445B8E9F594
2012-08-01 12:09 - 2012-08-01 12:09 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.483E74121E6C146A
2012-08-01 12:05 - 2012-08-01 12:05 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.79CC8716847AEF42
2012-08-01 12:00 - 2012-08-01 12:00 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.885F66CCD2FF501E
2012-08-01 11:49 - 2012-08-01 11:49 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-08-01 11:49 - 2012-08-01 11:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-07-29 09:41 - 2012-07-29 11:34 - 00015728 ____A C:\Users\concentriq\Desktop\RW24 Stats.xlsx
2012-07-27 11:18 - 2012-07-27 11:18 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-07-25 22:07 - 2012-07-25 22:07 - 00000000 ____D C:\Users\concentriq\AppData\Roaming\Mozilla
2012-07-22 21:20 - 2012-07-22 21:20 - 00051722 ____N C:\Users\concentriq\Desktop\Chi-keno.kml
2012-07-22 21:18 - 2012-07-22 21:18 - 00186762 ____N C:\Users\concentriq\Desktop\Chi-keno.gpx
2012-07-16 20:33 - 2012-07-16 20:34 - 53784984 ____A (Adobe Systems Incorporated) C:\Users\concentriq\Downloads\AdbeRdr1012_en_US.exe
2012-07-14 00:10 - 2012-06-11 19:08 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-14 00:01 - 2012-06-02 04:49 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-07-14 00:01 - 2012-06-02 04:17 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-07-14 00:01 - 2012-06-02 04:12 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-07-14 00:01 - 2012-06-02 04:05 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-07-14 00:01 - 2012-06-02 04:05 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-07-14 00:01 - 2012-06-02 04:04 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-07-14 00:01 - 2012-06-02 04:04 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-07-14 00:01 - 2012-06-02 04:03 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-07-14 00:01 - 2012-06-02 04:01 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-07-14 00:01 - 2012-06-02 04:00 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-07-14 00:01 - 2012-06-02 03:59 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-07-14 00:01 - 2012-06-02 03:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-07-14 00:01 - 2012-06-02 03:57 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-07-14 00:01 - 2012-06-02 03:54 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-07-14 00:01 - 2012-06-02 01:07 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-07-14 00:01 - 2012-06-02 00:43 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-07-14 00:01 - 2012-06-02 00:33 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-07-14 00:01 - 2012-06-02 00:26 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-07-14 00:01 - 2012-06-02 00:25 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-07-14 00:01 - 2012-06-02 00:25 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-07-14 00:01 - 2012-06-02 00:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-07-14 00:01 - 2012-06-02 00:21 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-07-14 00:01 - 2012-06-02 00:20 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-07-14 00:01 - 2012-06-02 00:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-07-14 00:01 - 2012-06-02 00:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-07-14 00:01 - 2012-06-02 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-07-14 00:01 - 2012-06-02 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-07-14 00:01 - 2012-06-02 00:14 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-07-13 21:10 - 2012-07-13 21:10 - 00000000 ____D C:\Users\concentriq\AppData\Local\{F4A539F7-FB05-4DFA-9C09-3F8C32584BEC}
2012-07-13 21:09 - 2012-07-13 21:09 - 00000000 ____D C:\Users\concentriq\AppData\Local\{6B7C438A-043A-4CE4-885E-224420BE9F5F}
2012-07-12 07:41 - 2012-07-12 07:41 - 00000000 ____D C:\Users\concentriq\AppData\Local\{1BC53E79-C598-454C-B27A-94D1E90CBF7C}
2012-07-11 13:37 - 2012-06-08 21:43 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-07-11 13:37 - 2012-06-08 20:41 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-07-11 13:37 - 2012-06-05 22:06 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-07-11 13:37 - 2012-06-05 22:06 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-07-11 13:37 - 2012-06-05 21:05 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-07-11 13:37 - 2012-06-05 21:05 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-07-11 13:37 - 2010-06-25 19:55 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2012-07-11 13:37 - 2010-06-25 19:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2012-07-11 13:36 - 2012-06-05 22:02 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-07-11 13:36 - 2012-06-05 21:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-07-11 13:36 - 2012-06-01 21:50 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-07-11 13:36 - 2012-06-01 21:48 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-07-11 13:36 - 2012-06-01 21:48 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-07-11 13:36 - 2012-06-01 21:45 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-07-11 13:36 - 2012-06-01 21:44 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-07-11 13:36 - 2012-06-01 20:40 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-07-11 13:36 - 2012-06-01 20:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-07-11 13:36 - 2012-06-01 20:39 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-07-11 13:36 - 2012-06-01 20:34 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-07-11 13:27 - 2012-07-11 13:28 - 00000000 ____D C:\Users\concentriq\AppData\Local\{29B67CEB-7CD7-46F1-93EE-4E41CF18731B}
2012-07-11 13:27 - 2012-07-11 13:27 - 00000000 ____D C:\Users\concentriq\AppData\Local\{973D8576-63BC-4769-8353-F4D2FEF7F562}
2012-07-10 15:11 - 2012-07-10 15:11 - 00000000 ____D C:\Users\concentriq\AppData\Local\{198B5F2F-0340-4D2D-89B5-71FE4CB9888D}
2012-07-10 15:10 - 2012-07-10 15:11 - 00000000 ____D C:\Users\concentriq\AppData\Local\{2AC96431-9050-4735-ABCD-3DAF3D97400F}
2012-07-09 18:09 - 2012-07-09 18:09 - 00000000 ____D C:\Users\concentriq\AppData\Local\{51697872-7D74-4257-8E72-285A7F4B6663}
2012-07-09 18:09 - 2012-07-09 18:09 - 00000000 ____D C:\Users\concentriq\AppData\Local\{2CB17E0A-9BD6-47BC-A628-DD5AD9D59F5A}
2012-07-09 07:58 - 2012-07-09 07:58 - 02853991 ____N C:\Users\concentriq\Desktop\image.jpeg
2012-07-09 05:19 - 2012-07-09 05:19 - 00000000 ____D C:\Users\concentriq\AppData\Local\{F23EA133-3F70-4E6E-AEF2-8FB8F8A8EF13}
2012-07-09 05:19 - 2012-07-09 05:19 - 00000000 ____D C:\Users\concentriq\AppData\Local\{1CE179E3-F667-47E9-B954-EFD1AAF4E329}
2012-07-08 10:10 - 2012-07-08 10:10 - 00000000 ____D C:\Users\concentriq\AppData\Local\{84299B80-D107-4052-8EE1-7ADDBA9EC3B1}
2012-07-08 10:10 - 2012-07-08 10:10 - 00000000 ____D C:\Users\concentriq\AppData\Local\{1F6B0014-D1D6-4253-B316-267C30414EB7}
2012-07-07 21:36 - 2012-07-07 21:37 - 00000000 ____D C:\Users\concentriq\AppData\Local\{AF6B224C-BB0E-495E-A212-330BB9C2A2C0}
2012-07-07 21:36 - 2012-07-07 21:36 - 00000000 ____D C:\Users\concentriq\AppData\Local\{B02637B5-52FB-4DD3-91A2-7B3DDC9C5D85}
2012-07-07 12:07 - 2012-07-07 12:07 - 00178970 ____A C:\Users\concentriq\Desktop\Red_White_Blue_68_mile_2012.gpx
2012-07-07 12:00 - 2012-07-07 12:00 - 00696115 ____A C:\Users\concentriq\Desktop\Red_White_Blue_68_mile_2012.tcx
2012-07-07 08:51 - 2012-07-07 08:51 - 00000000 ____D C:\Users\concentriq\AppData\Local\{197257C1-618B-43F2-8E60-A7C4D7C1A419}
2012-07-07 08:50 - 2012-07-07 08:51 - 00000000 ____D C:\Users\concentriq\AppData\Local\{7DDB14F8-0DDE-4D90-BD62-7CD17CA683C5}
2012-07-06 11:23 - 2012-07-06 11:23 - 00000000 ____D C:\Users\concentriq\AppData\Local\{E8A7B96E-C557-413D-B485-89E412AFA386}
2012-07-06 11:23 - 2012-07-06 11:23 - 00000000 ____D C:\Users\concentriq\AppData\Local\{6B24974B-7B6D-4282-9D33-F3303CF7305D}
2012-07-05 11:13 - 2012-07-05 11:13 - 00000000 ____D C:\Users\concentriq\AppData\Local\{0D31EDC6-7D2A-4988-8CC9-11F26966C4F6}
2012-07-05 11:12 - 2012-07-05 11:12 - 00000000 ____D C:\Users\concentriq\AppData\Local\{7BFA3831-E478-4FE7-9D32-B9559FC1FBEB}


============ 3 Months Modified Files ========================

2012-08-01 13:12 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-08-01 13:12 - 2009-07-13 20:51 - 00029230 ____A C:\Windows\setupact.log
2012-08-01 13:10 - 2012-08-01 13:10 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.A6A268BA6088EDC5
2012-08-01 13:10 - 2012-08-01 13:07 - 00138849 ____A C:\Users\concentriq\Desktop\yorkyt.exe.log
2012-08-01 13:09 - 2011-08-23 16:04 - 00000902 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-08-01 13:07 - 2012-08-01 13:07 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.74AC98FC62FAB341
2012-08-01 13:07 - 2011-01-23 13:46 - 00000928 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3736072955-298987368-2876486745-1000UA.job
2012-08-01 13:02 - 2012-08-01 13:07 - 01415784 ____A C:\Users\concentriq\Desktop\yorkyt.exe
2012-08-01 13:00 - 2012-08-01 13:00 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.80AC18F4A909A879
2012-08-01 13:00 - 2009-07-13 21:13 - 00880144 ____A C:\Windows\System32\PerfStringBackup.INI
2012-08-01 12:46 - 2012-08-01 12:46 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.B5A3BC7D4F5EA5CC
2012-08-01 12:39 - 2012-08-01 12:39 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.A159C39437C7AB4B
2012-08-01 12:36 - 2012-08-01 12:36 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.D5A8D3B2D8AD5203
2012-08-01 12:35 - 2011-01-23 13:39 - 00041344 ____A C:\Windows\PFRO.log
2012-08-01 12:14 - 2012-08-01 12:14 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.B2B463F513F841C9
2012-08-01 12:11 - 2012-08-01 12:11 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.77F26445B8E9F594
2012-08-01 12:10 - 2012-04-09 14:16 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-08-01 12:09 - 2012-08-01 12:09 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.483E74121E6C146A
2012-08-01 12:05 - 2012-08-01 12:05 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.79CC8716847AEF42
2012-08-01 12:00 - 2012-08-01 12:00 - 00328704 ____A (Microsoft Corporation) C:\Windows\System32\services.exe.885F66CCD2FF501E
2012-08-01 11:50 - 2011-01-23 15:28 - 01253639 ____A C:\Windows\WindowsUpdate.log
2012-08-01 11:50 - 2011-01-23 13:46 - 00000876 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3736072955-298987368-2876486745-1000Core.job
2012-08-01 11:50 - 2011-01-23 13:42 - 00001945 ____A C:\Windows\epplauncher.mif
2012-08-01 11:49 - 2011-01-23 13:42 - 00894294 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-08-01 11:44 - 2011-08-23 16:04 - 00000906 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-07-29 11:34 - 2012-07-29 09:41 - 00015728 ____A C:\Users\concentriq\Desktop\RW24 Stats.xlsx
2012-07-26 22:55 - 2012-04-09 14:16 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-07-26 22:55 - 2011-06-02 11:52 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-07-22 21:20 - 2012-07-22 21:20 - 00051722 ____N C:\Users\concentriq\Desktop\Chi-keno.kml
2012-07-22 21:18 - 2012-07-22 21:18 - 00186762 ____N C:\Users\concentriq\Desktop\Chi-keno.gpx
2012-07-22 16:12 - 2009-07-13 20:45 - 00015136 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-07-22 16:12 - 2009-07-13 20:45 - 00015136 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-07-16 20:34 - 2012-07-16 20:33 - 53784984 ____A (Adobe Systems Incorporated) C:\Users\concentriq\Downloads\AdbeRdr1012_en_US.exe
2012-07-14 00:30 - 2009-07-13 20:45 - 00342712 ____A C:\Windows\System32\FNTCACHE.DAT
2012-07-14 00:03 - 2011-01-23 14:58 - 59701280 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-07-09 07:58 - 2012-07-09 07:58 - 02853991 ____N C:\Users\concentriq\Desktop\image.jpeg
2012-07-07 12:07 - 2012-07-07 12:07 - 00178970 ____A C:\Users\concentriq\Desktop\Red_White_Blue_68_mile_2012.gpx
2012-07-07 12:00 - 2012-07-07 12:00 - 00696115 ____A C:\Users\concentriq\Desktop\Red_White_Blue_68_mile_2012.tcx
2012-06-20 20:20 - 2012-06-20 20:20 - 00069378 ____A C:\Users\concentriq\Desktop\MKE-CLE.xps
2012-06-11 19:08 - 2012-07-14 00:10 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-08 21:43 - 2012-07-11 13:37 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-06-08 20:41 - 2012-07-11 13:37 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-06-05 22:06 - 2012-07-11 13:37 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-06-05 22:06 - 2012-07-11 13:37 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-06-05 22:02 - 2012-07-11 13:36 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-06-05 21:05 - 2012-07-11 13:37 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-06-05 21:05 - 2012-07-11 13:37 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-06-05 21:03 - 2012-07-11 13:36 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-06-02 14:19 - 2012-06-26 20:30 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 14:19 - 2012-06-26 20:30 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 14:19 - 2012-06-26 20:30 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 14:19 - 2012-06-26 20:29 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 14:19 - 2012-06-26 20:29 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 14:15 - 2012-06-26 20:30 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 14:15 - 2012-06-26 20:29 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 12:19 - 2012-06-26 20:29 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 12:15 - 2012-06-26 20:29 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-02 04:49 - 2012-07-14 00:01 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-02 04:17 - 2012-07-14 00:01 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-02 04:12 - 2012-07-14 00:01 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-02 04:05 - 2012-07-14 00:01 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-02 04:05 - 2012-07-14 00:01 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-02 04:04 - 2012-07-14 00:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-02 04:04 - 2012-07-14 00:01 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-02 04:03 - 2012-07-14 00:01 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-02 04:01 - 2012-07-14 00:01 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-02 04:00 - 2012-07-14 00:01 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-02 03:59 - 2012-07-14 00:01 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-02 03:57 - 2012-07-14 00:01 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-02 03:57 - 2012-07-14 00:01 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-02 03:54 - 2012-07-14 00:01 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-02 01:07 - 2012-07-14 00:01 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-02 00:43 - 2012-07-14 00:01 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-02 00:33 - 2012-07-14 00:01 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-02 00:26 - 2012-07-14 00:01 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-02 00:25 - 2012-07-14 00:01 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-02 00:25 - 2012-07-14 00:01 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-02 00:23 - 2012-07-14 00:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-02 00:21 - 2012-07-14 00:01 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-02 00:20 - 2012-07-14 00:01 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-02 00:19 - 2012-07-14 00:01 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-02 00:19 - 2012-07-14 00:01 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-02 00:17 - 2012-07-14 00:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-02 00:16 - 2012-07-14 00:01 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-02 00:14 - 2012-07-14 00:01 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-01 21:50 - 2012-07-11 13:36 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-06-01 21:48 - 2012-07-11 13:36 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-06-01 21:48 - 2012-07-11 13:36 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-06-01 21:45 - 2012-07-11 13:36 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-06-01 21:44 - 2012-07-11 13:36 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-06-01 20:40 - 2012-07-11 13:36 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-06-01 20:40 - 2012-07-11 13:36 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-06-01 20:39 - 2012-07-11 13:36 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-06-01 20:34 - 2012-07-11 13:36 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-05-22 22:13 - 2012-05-22 22:13 - 00289839 ____A C:\Users\concentriq\Downloads\Akvarium_(Boris_Grebenshchikov)_-_Diskografiya_(1973-2008)_MP3_[pslan.com] (1).torrent
2012-05-22 22:10 - 2012-05-22 22:10 - 00289839 ____A C:\Users\concentriq\Downloads\Akvarium_(Boris_Grebenshchikov)_-_Diskografiya_(1973-2008)_MP3_[pslan.com].torrent
2012-05-21 21:56 - 2011-02-05 10:13 - 00002066 ___AH C:\Users\concentriq\Documents\Default.rdp
2012-05-20 07:40 - 2012-05-20 07:39 - 25917448 ____A C:\Users\concentriq\Downloads\Milwaukee7261937_9-796_7x9.tif
2012-05-15 23:30 - 2012-05-15 23:30 - 25916844 ____A C:\Users\concentriq\Downloads\Milwaukee7261937_9-797_7x9.tif
2012-05-15 23:14 - 2012-05-15 23:14 - 25917688 ____A C:\Users\concentriq\Downloads\Milwaukee7261937_9-768_7x9.tif
2012-05-15 23:09 - 2012-05-15 23:08 - 25918136 ____A C:\Users\concentriq\Downloads\Milwaukee7261937_9-769_7x9.tif
2012-05-15 17:34 - 2012-05-15 17:34 - 03718953 ____A C:\Users\concentriq\Downloads\IPhoneSMSToGmail (2).exe
2012-05-06 10:59 - 2011-01-23 14:25 - 00001347 ____A C:\Windows\DirectX.log
2012-05-05 11:04 - 2012-05-05 11:04 - 00012585 ____A C:\Users\concentriq\Downloads\winmail.dat
2012-05-04 03:06 - 2012-06-12 19:48 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-05-04 02:03 - 2012-06-12 19:48 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-05-04 02:03 - 2012-06-12 19:48 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe


ZeroAccess:
C:\Windows\Installer\{2299271c-d446-9da9-a00f-d9e9632924c5}
C:\Windows\Installer\{2299271c-d446-9da9-a00f-d9e9632924c5}\@
C:\Windows\Installer\{2299271c-d446-9da9-a00f-d9e9632924c5}\L
C:\Windows\Installer\{2299271c-d446-9da9-a00f-d9e9632924c5}\n
C:\Windows\Installer\{2299271c-d446-9da9-a00f-d9e9632924c5}\U
C:\Windows\Installer\{2299271c-d446-9da9-a00f-d9e9632924c5}\L\00000004.@
C:\Windows\Installer\{2299271c-d446-9da9-a00f-d9e9632924c5}\L\201d3dde
C:\Windows\Installer\{2299271c-d446-9da9-a00f-d9e9632924c5}\U\00000008.@

ZeroAccess:
C:\Users\concentriq\AppData\Local\{2299271c-d446-9da9-a00f-d9e9632924c5}
C:\Users\concentriq\AppData\Local\{2299271c-d446-9da9-a00f-d9e9632924c5}\@
C:\Users\concentriq\AppData\Local\{2299271c-d446-9da9-a00f-d9e9632924c5}\L
C:\Users\concentriq\AppData\Local\{2299271c-d446-9da9-a00f-d9e9632924c5}\U

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 014A9CB92514E27C0107614DF764BC06 ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 16%
Total physical RAM: 4019.89 MB
Available physical RAM: 3362.48 MB
Total Pagefile: 4018.04 MB
Available Pagefile: 3368.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:78.03 GB) (Free:20.44 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:152.71 GB) (Free:29.12 GB) NTFS
3 Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive f: (GRMCULXFRER_EN_DVD) (CDROM) (Total:3 GB) (Free:0 GB) UDF
5 Drive g: () (Removable) (Total:0.95 GB) (Free:0.91 GB) FAT32
6 Drive r: (RECOVERY) (Fixed) (Total:2 GB) (Free:1.38 GB) NTFS
7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 232 GB 1024 KB *
Disk 1 Online 977 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 54 MB 31 KB
Partition 2 Dynamic Data 2048 MB 54 MB
Partition 3 Dynamic Data 100 MB 2103 MB
Partition 4 Dynamic Data 78 GB 2203 MB

==================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 6 FAT Partition 54 MB Healthy Hidden

==================================================================================

Disk: 0
Partition 2
Type : 42
Hidden: Yes
Active: No

There is no volume associated with this partition.

==================================================================================

Disk: 0
Partition 3
Type : 42
Hidden: Yes
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E System Rese NTFS Simple 100 MB Healthy

==================================================================================

Disk: 0
Partition 4
Type : 42
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C NTFS Simple 78 GB Healthy

==================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
* Partition 1 Primary 977 MB 0 B

==================================================================================

Disk: 1
There is no partition selected.

There is no partition selected.
Please select a partition and try again.

==================================================================================

==========================================================

Last Boot: 2012-07-29 16:12

======================= End Of Log ==========================


search.txt:
Farbar Recovery Scan Tool Version: 25-07-2012 01
Ran by SYSTEM at 2012-08-01 16:32:37
Running from G:\

================== Search: "services.exe" ===================

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 014A9CB92514E27C0107614DF764BC06

====== End Of Search ======

BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:11:03 AM

Posted 02 August 2012 - 04:55 PM

Please do the following:


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

start
HKLM-x32\...\Run: [] [x]
C:\Windows\Installer\{2299271c-d446-9da9-a00f-d9e9632924c5}
C:\Users\concentriq\AppData\Local\{2299271c-d446-9da9-a00f-d9e9632924c5}
C:\Windows\assembly\GAC_32\Desktop.ini
C:\Windows\assembly\GAC_64\Desktop.ini
replace: C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\Windows\System32\services.exe
end

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options then select Command Prompt

Run FRST (or FRST64 if you have the 64bit version) and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.


Reboot Normally.


NEXT


Refer to the ComboFix User's Guide

  • Download ComboFix from the following location:

    Link

    * IMPORTANT !!! Place ComboFix.exe on your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
    You can get help on disabling your protection programs here
  • Double click on ComboFix.exe & follow the prompts.
  • Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
  • When finished, it shall produce a log for you. Post that log in your next reply

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


    ---------------------------------------------------------------------------------------------
  • Ensure your AntiVirus and AntiSpyware applications are re-enabled.

    ---------------------------------------------------------------------------------------------

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:11:03 AM

Posted 10 August 2012 - 03:15 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users