Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I ran the DDS Program with Attach.txt & Screen Shots.


  • This topic is locked This topic is locked
34 replies to this topic

#1 irishmantx

irishmantx

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:39 PM

Posted 15 February 2014 - 11:32 AM

Dear Group,
 
   Here is the attachment with attach.txt and some screen shots.. (adapted for
smaller packing) I hope this helps.. I never saw XP / Windows Boot on Partition 2
before. Yes, I am sharing this on the ACTUAL Infected Computer.
 
Michael D. Lucas
76531

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 8/19/2011 11:57:47 AM
System Uptime: 2/15/2014 9:27:39 AM (0 hours ago)
.
Motherboard: Dell Inc. | | 0JC474
Processor: Intel® Pentium® 4 CPU 3.00GHz | Microprocessor | 2992/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 241 GiB total, 212.634 GiB free.
D: is FIXED (NTFS) - 225 GiB total, 187.467 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Active@ ISO Burner
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader XI (11.0.06)
Adobe Shockwave Player 12.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
CCleaner
Comodo Dragon
COMODO Internet Security
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
Intel® PROSet for Wired Connections
iTunes
Lexmark Z600 Series
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mouse Suite for Desktop Computers
Mozilla Firefox 16.0.2 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 7 Essentials
neroxml
Paltalk Messenger 11.1
PowerDVD
QuickTime
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2838727)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB2862772)
Security Update for Windows Internet Explorer 8 (KB2870699)
Security Update for Windows Internet Explorer 8 (KB2879017)
Security Update for Windows Internet Explorer 8 (KB2888505)
Security Update for Windows Internet Explorer 8 (KB2898785)
Security Update for Windows Internet Explorer 8 (KB2909210)
Security Update for Windows Internet Explorer 8 (KB2909921)
SigmaTel Audio
SUPERAntiSpyware
swMSM
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
USB 2.0 Wireless LAN Card Utility
WebFldrs XP
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Yahoo! Messenger
Zoom ADSL Modem
.
==== Event Viewer Messages From Past Week ========
.
2/15/2014 9:41:22 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
2/15/2014 9:41:17 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/15/2014 9:41:09 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
2/15/2014 9:29:45 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD cmdGuard cmdHlp Fips intelppm IPSec MpFilter MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip WS2IFSL
2/15/2014 9:29:45 AM, error: Service Control Manager [7023] - The System Restore Service service terminated with the following error: Access is denied.
2/15/2014 9:29:45 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
2/15/2014 9:29:45 AM, error: Service Control Manager [7001] - The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
2/15/2014 9:29:45 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
2/15/2014 9:29:45 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
2/15/2014 9:29:45 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
2/15/2014 9:29:45 AM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
2/15/2014 9:28:43 AM, error: SRService [104] - The System Restore initialization process failed.
.
==== End Of File ===========================

Attached Files


Edited by Oh My, 24 February 2014 - 10:06 AM.
Posted log


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,662 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:39 PM

Posted 20 February 2014 - 11:35 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/524399 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 irishmantx

irishmantx
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:39 PM

Posted 21 February 2014 - 11:10 PM

Yes I do need help!! My Partition is still compromised!

Pasting in content from elsewhere. ~ OB

I ran the program and I sent the Attach.txt with some Screen Shots! I don't know what would cause the Partition to be infected with an unremovable hidden, infection? Please help? I told my bank, and other institutions my hard drive is infected. They treat me like dirt, so I closed the account with them!


Edited by Orange Blossom, 22 February 2014 - 01:06 AM.


#4 irishmantx

irishmantx
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:39 PM

Posted 21 February 2014 - 11:25 PM

Attached File  Screen Shot Image.zip   87.82KB   4 downloads   This is the screen shots of it booting and when I had

'clicked' the SVCHOST.EXE in Safe Mode W/OUT Networking.   In 'Normal' Mode. I count 13 running

variations. SYSTEM has 8 instances of SVCHOST.EXE.. NETWORK SERVICE has 3 instances

of SVCHOST.EXE, and LOCAL SERVICE has 2 instances of SVCHOST.EXE. 

 

It looks like there is not enough room to upload a video. Do you have a FACEBOOK page with

room to upload videos? I can make a video of with my flip phone, or iPhone, and with the

Administrator granting me permission, I'd love to video my experience to share with you, when I

click to 'END PROCESS' and see the reaction if possible. I can even boot from the Copy Wipe 1.14

CD I made, show you what I am talking about. Assuming anyone can help me?

 



#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:39 PM

Posted 24 February 2014 - 10:04 AM

Greetings Michael and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. I need some additional information before taking any proactive steps. Please run this program for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log

Edited by Oh My, 24 February 2014 - 10:06 AM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:39 PM

Posted 27 February 2014 - 10:01 PM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 irishmantx

irishmantx
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:39 PM

Posted 01 March 2014 - 03:55 AM

It would appear, I am not taken seriously, I apologize for offending anyone..

I believe I will take this to someone who knows what they are doing. I am

truly sorry for wasting time. It appears nobody wants to help me resolve the

issue. :'( :'( :'(



#8 irishmantx

irishmantx
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:39 PM

Posted 01 March 2014 - 03:57 AM

I have a seriously infected computer.. and I do not understand

the apparent indifferent approach? I guess I'll have to invest

$75.00 an hour to have my hard drives cleaned properly... this

approach is not working. :'( Thank You..  



#9 irishmantx

irishmantx
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:39 PM

Posted 01 March 2014 - 05:54 AM

Attached File  FRST.txt   26.12KB   1 downloadsAttached File  Addition.txt   9.28KB   1 downloadsAttached File  Screen Shot Image.zip   87.82KB   1 downloads  I still have a problem.... Here are the files..

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-02-2014 02
Ran by JewdudeTX (administrator) on DELLDIM310-34CD on 01-03-2014 03:05:40
Running from D:\Program Files and Utilities\Program Files and Stuff
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Lexmark International, Inc.) C:\WINDOWS\system32\LEXBCES.EXE
(Lexmark International, Inc.) C:\WINDOWS\system32\LEXPPS.EXE
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
(Intel® Corporation) C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\locator.exe
(Conexant Systems, Inc.) C:\WINDOWS\system32\PRISMSVR.EXE
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
(Inside Core) D:\AutoRunExterminator-1.8\AutoRunExterminator.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\ea51d23b-d293-461a-97e7-754e44507c43.com
(mIRC Co. Ltd.) D:\Program Files\mIRC\mirc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [igfxhkcmd] - C:\WINDOWS\system32\hkcmd.exe [77824 2006-03-23] (Intel Corporation)
HKLM\...\Run: [igfxpers] - C:\WINDOWS\system32\igfxpers.exe [118784 2006-03-23] (Intel Corporation)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [6756048 2012-11-07] (COMODO)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [AutoRunExterminator] - D:\AutoRunExterminator-1.8\AutoRunExterminator.exe [47104 2010-05-13] (Inside Core)
Winlogon\Notify\PRISMAPI.DLL: C:\WINDOWS\system32\PRISMAPI.DLL (Conexant Systems, Inc.)
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\Run: [DWQueuedReporting] - C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
HKU\S-1-5-21-527237240-1708537768-1417001333-1005\...\Run: [ccleaner] - C:\Program Files\CCleaner\CCleaner.exe [4455704 2014-01-21] (Piriform Ltd)
HKU\S-1-5-21-527237240-1708537768-1417001333-1005\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5625624 2014-01-14] (SUPERAntiSpyware)
HKU\S-1-5-21-527237240-1708537768-1417001333-1005\...\Run: [Task Manager!] - C:\Windows\System32\taskmgr.exe [135680 2008-04-14] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE9SE_ENUS/120
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=OIE8MSE
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
SearchScopes: HKLM - DefaultScope value is missing.
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-18] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 205.171.203.226 205.171.2.226

FireFox:
========
FF ProfilePath: C:\Documents and Settings\JewdudeTX\Application Data\Mozilla\Firefox\Profiles\zg331cna.default-1388122430765
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-07-11] (SUPERAntiSpyware.com)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [1990464 2012-11-07] (COMODO)
S4 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [1552680 2007-06-25] (Nero AG)
R2 Iprip; C:\WINDOWS\System32\iprip.dll [35328 2008-04-14] (Microsoft Corporation)
R2 LexBceS; C:\WINDOWS\system32\LEXBCES.EXE [303104 2003-02-24] (Lexmark International, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [147456 2004-11-19] (Intel® Corporation)
S4 PRISMSVC; C:\WINDOWS\system32\PRISMSVC.EXE [61529 2006-10-12] (Conexant Systems, Inc.)

==================== Drivers (Whitelisted) ====================

R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [497952 2012-11-07] (COMODO)
R1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [32640 2012-11-07] (COMODO)
R4 InCDfs; C:\WINDOWS\System32\drivers\InCDFs.sys [119080 2007-06-25] (Nero AG)
R1 InCDPass; C:\WINDOWS\System32\drivers\InCDPass.sys [36776 2007-06-25] (Nero AG)
U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [16040 2007-06-25] (Nero AG)
R1 incdrm; C:\WINDOWS\System32\drivers\InCDRm.sys [38440 2007-06-25] (Nero AG)
R0 Inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [99080 2012-11-07] (COMODO)
R0 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1047816 2005-11-16] (SigmaTel, Inc.)
S3 catchme; \??\C:\DOCUME~1\JEWDUD~1\LOCALS~1\Temp\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U3 TlntSvr;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-01 03:04 - 2014-03-01 03:05 - 00000000 ____D () C:\FRST
2014-03-01 01:42 - 2014-03-01 01:52 - 00032526 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-01 01:42 - 2014-03-01 01:50 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2014-03-01 01:42 - 2014-03-01 01:50 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2014-03-01 01:42 - 2014-03-01 01:50 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-03-01 01:42 - 2014-03-01 01:42 - 00001216 ____N () C:\WINDOWS\SchedLgU.Txt
2014-02-22 21:14 - 2014-02-22 21:14 - 00000049 _____ () C:\boot.ini
2014-02-21 14:05 - 2014-02-21 14:05 - 00004608 ___SH () C:\Thumbs.db
2014-02-18 04:01 - 2014-02-18 04:01 - 00005120 ___SH () C:\WINDOWS\system32\Thumbs.db
2014-02-15 09:51 - 2014-02-15 09:51 - 00010722 _____ () C:\Documents and Settings\Administrator\Desktop\dds.txt
2014-02-15 00:49 - 2014-02-15 08:49 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-13 18:53 - 2014-02-13 18:53 - 00107224 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-02-13 18:34 - 2014-02-13 18:34 - 00052312 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-02-12 19:35 - 2014-03-01 01:52 - 00000384 ____H () C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2014-02-12 17:19 - 2014-01-03 21:13 - 00420864 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vbscript.dll
2014-02-10 11:20 - 2014-02-10 11:20 - 00011427 _____ () C:\ComboFix.txt
2014-02-09 07:38 - 2014-02-13 21:34 - 00000000 ____D () C:\Documents and Settings\JewdudeTX\Desktop\mbar
2014-02-08 09:52 - 2014-02-08 09:52 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\USTechSupport
2014-02-08 09:35 - 2014-02-08 09:35 - 00000310 _____ () C:\mbr.log
2014-02-08 09:15 - 2014-02-08 09:15 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Macromedia
2014-02-08 09:13 - 2014-02-08 09:13 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
2014-02-08 09:13 - 2014-02-08 09:13 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Mozilla
2014-02-06 02:43 - 2014-02-06 02:43 - 00001454 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2014-02-06 02:43 - 2014-02-06 02:43 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2014-02-06 02:43 - 2012-08-21 13:01 - 00026840 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2014-02-06 02:42 - 2014-02-06 02:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-02-06 02:42 - 2014-02-06 02:42 - 00000000 ____D () C:\Program Files\iPod
2014-02-06 02:41 - 2014-02-06 02:41 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Apple Computer
2014-02-06 02:41 - 2013-03-18 16:51 - 06112864 _____ (Apple, Inc.) C:\WINDOWS\system32\usbaaplrc.dll
2014-02-06 02:41 - 2013-03-18 16:51 - 00045056 _____ (Apple, Inc.) C:\WINDOWS\system32\Drivers\usbaapl.sys
2014-02-02 11:10 - 2008-04-14 05:42 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpusd.dll
2014-02-02 11:10 - 2001-08-17 22:36 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpusb.dll

==================== One Month Modified Files and Folders =======

2014-03-01 03:05 - 2014-03-01 03:04 - 00000000 ____D () C:\FRST
2014-03-01 03:05 - 2012-06-23 20:21 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-01 02:21 - 2013-11-24 12:31 - 00000000 ____D () C:\Documents and Settings\JewdudeTX\Application Data\mIRC
2014-03-01 01:52 - 2014-03-01 01:42 - 00032526 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-01 01:52 - 2014-02-12 19:35 - 00000384 ____H () C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2014-03-01 01:50 - 2014-03-01 01:42 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2014-03-01 01:50 - 2014-03-01 01:42 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2014-03-01 01:50 - 2014-03-01 01:42 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2014-03-01 01:50 - 2013-01-11 06:36 - 00065536 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt
2014-03-01 01:50 - 2013-01-11 06:17 - 00065536 _____ () C:\WINDOWS\system32\config\EventForwarding-Operational.Evt
2014-03-01 01:50 - 2011-08-20 01:22 - 00000000 ____D () C:\Documents and Settings\JewdudeTX
2014-03-01 01:50 - 2011-08-19 14:21 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2014-03-01 01:43 - 2013-01-15 01:15 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-03-01 01:42 - 2014-03-01 01:42 - 00001216 ____N () C:\WINDOWS\SchedLgU.Txt
2014-03-01 01:42 - 2011-08-19 11:02 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-01 01:38 - 2011-09-25 01:57 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-02-28 21:23 - 2011-09-13 06:44 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Lexmark Z600 Series
2014-02-28 21:11 - 2014-01-25 07:57 - 00000000 ____D () C:\Qoobox
2014-02-28 07:52 - 2012-11-16 01:46 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Application Data\COMODO
2014-02-28 07:52 - 2011-08-19 13:13 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\COMODO
2014-02-27 08:08 - 2008-04-14 06:00 - 00013734 _____ () C:\WINDOWS\system32\wpa.dbl
2014-02-24 10:52 - 2011-08-20 01:22 - 00000178 ___SH () C:\Documents and Settings\JewdudeTX\ntuser.ini
2014-02-23 11:08 - 2013-12-26 15:34 - 00008704 _____ () C:\Documents and Settings\JewdudeTX\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-22 21:14 - 2014-02-22 21:14 - 00000049 _____ () C:\boot.ini
2014-02-21 14:06 - 2012-04-12 09:18 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-21 14:06 - 2011-08-20 22:21 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-02-21 14:05 - 2014-02-21 14:05 - 00004608 ___SH () C:\Thumbs.db
2014-02-21 14:05 - 2012-10-30 23:17 - 00035328 ___SH () C:\WINDOWS\Thumbs.db
2014-02-21 14:05 - 2012-02-06 09:38 - 00000000 ____D () C:\Program Files\Zoom
2014-02-21 14:05 - 2011-08-19 15:55 - 00000000 ____D () C:\Program Files\Windows Media Connect 2
2014-02-19 21:27 - 2011-09-25 01:57 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-02-18 04:01 - 2014-02-18 04:01 - 00005120 ___SH () C:\WINDOWS\system32\Thumbs.db
2014-02-18 04:01 - 2011-08-25 03:14 - 00000069 _____ () C:\WINDOWS\NeroDigital.ini
2014-02-18 04:01 - 2011-08-19 05:41 - 00000000 ____D () C:\WINDOWS\Web
2014-02-16 01:55 - 2011-08-19 12:20 - 00000682 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-02-16 01:55 - 2011-08-19 12:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-15 09:51 - 2014-02-15 09:51 - 00010722 _____ () C:\Documents and Settings\Administrator\Desktop\dds.txt
2014-02-15 08:55 - 2013-09-30 18:41 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-02-15 08:49 - 2014-02-15 00:49 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-14 15:13 - 2013-12-26 23:40 - 00000000 ____D () C:\AdwCleaner
2014-02-13 21:42 - 2011-08-19 12:04 - 00000000 ____D () C:\WINDOWS\Options
2014-02-13 21:34 - 2014-02-09 07:38 - 00000000 ____D () C:\Documents and Settings\JewdudeTX\Desktop\mbar
2014-02-13 21:34 - 2013-12-27 02:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2014-02-13 18:53 - 2014-02-13 18:53 - 00107224 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-02-13 18:34 - 2014-02-13 18:34 - 00052312 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-02-12 18:41 - 2011-08-19 15:32 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-02-12 17:48 - 2011-08-19 05:47 - 00570120 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-12 17:42 - 2013-07-14 15:03 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-12 17:40 - 2011-08-20 22:22 - 85946576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-12 17:27 - 2011-12-15 01:07 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-02-12 16:26 - 2011-08-30 18:28 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-02-10 11:20 - 2014-02-10 11:20 - 00011427 _____ () C:\ComboFix.txt
2014-02-10 11:19 - 2008-04-14 06:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-02-10 11:18 - 2014-01-09 10:28 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\USBSecurity
2014-02-08 13:55 - 2011-08-19 10:58 - 00000000 ____D () C:\Documents and Settings\NetworkService
2014-02-08 13:50 - 2011-08-19 11:02 - 00000000 ____D () C:\Documents and Settings\LocalService
2014-02-08 09:52 - 2014-02-08 09:52 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\USTechSupport
2014-02-08 09:35 - 2014-02-08 09:35 - 00000310 _____ () C:\mbr.log
2014-02-08 09:15 - 2014-02-08 09:15 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Macromedia
2014-02-08 09:13 - 2014-02-08 09:13 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
2014-02-08 09:13 - 2014-02-08 09:13 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Mozilla
2014-02-08 07:45 - 2011-08-19 10:54 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-02-08 07:42 - 2011-08-19 10:58 - 00000178 ___SH () C:\Documents and Settings\NetworkService\ntuser.ini
2014-02-07 19:13 - 2014-01-21 17:52 - 00000000 ____D () C:\Documents and Settings\JewdudeTX\Desktop\Cell Phone Pics To Sort Out
2014-02-07 15:04 - 2012-01-20 00:12 - 00000000 ____D () C:\Documents and Settings\JewManTX\Start Menu\Programs\Accessories
2014-02-07 15:04 - 2011-09-25 01:57 - 00000000 ____D () C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
2014-02-07 15:04 - 2011-08-20 01:22 - 00000000 ____D () C:\Documents and Settings\JewdudeTX\Start Menu\Programs\Accessories
2014-02-07 15:04 - 2011-08-19 10:55 - 00000000 ____D () C:\Documents and Settings\Default User\Start Menu\Programs\Accessories
2014-02-07 15:04 - 2011-08-19 10:53 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Games
2014-02-07 15:04 - 2011-08-19 10:52 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
2014-02-06 03:54 - 2011-12-15 01:01 - 00174592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2014-02-06 03:54 - 2008-04-14 06:00 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-06 02:44 - 2012-06-30 07:28 - 00000000 ____D () C:\Documents and Settings\JewdudeTX\Application Data\Apple Computer
2014-02-06 02:43 - 2014-02-06 02:43 - 00001454 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2014-02-06 02:43 - 2014-02-06 02:43 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2014-02-06 02:43 - 2014-02-06 02:42 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-02-06 02:43 - 2011-08-30 18:27 - 00000000 ____D () C:\Documents and Settings\JewdudeTX\Local Settings\Application Data\Apple Computer
2014-02-06 02:42 - 2014-02-06 02:42 - 00000000 ____D () C:\Program Files\iPod
2014-02-06 02:42 - 2013-06-19 15:30 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple Computer
2014-02-06 02:42 - 2012-06-30 07:20 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-02-06 02:41 - 2014-02-06 02:41 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Apple Computer
2014-02-06 02:41 - 2011-08-30 18:28 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple
2014-02-05 21:42 - 2011-08-20 17:45 - 00000000 ____D () C:\Documents and Settings\JewdudeTX\Local Settings\Application Data\Adobe
2014-02-05 17:26 - 2013-09-11 10:20 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll
2014-02-05 17:26 - 2013-02-18 19:27 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2014-02-05 17:26 - 2012-06-22 20:26 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-02-05 17:26 - 2011-12-15 01:02 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-02-05 17:26 - 2011-12-15 01:02 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2014-02-05 17:26 - 2011-12-15 01:02 - 00611840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2014-02-05 17:26 - 2011-12-15 01:02 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2014-02-05 17:26 - 2011-12-15 01:02 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2014-02-05 17:26 - 2011-12-15 01:02 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2014-02-05 17:26 - 2011-12-15 01:02 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2014-02-05 17:26 - 2011-12-15 01:02 - 00067072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2014-02-05 17:26 - 2011-12-15 01:02 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2014-02-05 17:26 - 2011-12-15 01:02 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2014-02-05 17:26 - 2011-12-15 01:02 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2014-02-05 17:26 - 2011-12-15 01:02 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2014-02-05 17:26 - 2011-12-15 01:01 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2014-02-05 17:26 - 2011-12-15 01:01 - 06021120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-02-05 17:26 - 2011-12-15 01:01 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2014-02-05 17:26 - 2011-12-15 01:01 - 01469440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2014-02-05 17:26 - 2011-12-15 01:01 - 01216000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2014-02-05 17:26 - 2011-12-15 01:01 - 00920064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2014-02-05 17:26 - 2011-12-15 01:01 - 00387584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2014-02-05 17:26 - 2009-03-08 03:39 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-05 17:26 - 2009-03-08 03:32 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-05 17:26 - 2009-03-08 03:32 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-05 17:26 - 2009-03-08 03:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-02-05 17:26 - 2008-04-14 06:00 - 06021120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-05 17:26 - 2008-04-14 06:00 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-05 17:26 - 2008-04-14 06:00 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-05 17:26 - 2008-04-14 06:00 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-05 17:26 - 2008-04-14 06:00 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2014-02-05 17:26 - 2008-04-14 06:00 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-02-05 17:26 - 2008-04-14 06:00 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-02-05 17:26 - 2008-04-14 06:00 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-02-05 17:26 - 2008-04-14 06:00 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-02-05 17:26 - 2008-04-14 06:00 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-02-05 17:26 - 2008-04-14 06:00 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-02-05 17:26 - 2008-04-14 06:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-05 17:26 - 2008-04-14 06:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll
2014-02-05 16:24 - 2008-04-14 06:00 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-02-2014 02
Ran by JewdudeTX at 2014-03-01 03:06:21
Running from D:\Program Files and Utilities\Program Files and Stuff
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Disabled - Up to date) {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: COMODO Firewall (Disabled) {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

==================== Installed Programs ======================

Active@ ISO Burner (HKLM\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.5.1 - LSoft Technologies)
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{10E3A6DD-84D8-4D8A-BB11-5E5314BCA7FD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
COMODO Internet Security (HKLM\...\{E62381A7-B1C1-4121-8262-84D38C77786C}) (Version: 5.12.59641.2599 - COMODO Security Solutions Inc.)
Google Update Helper (Version: 1.3.21.111 - Google Inc.) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4543 - )
Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version: - )
Intel® PROSet for Wired Connections (HKLM\...\{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}) (Version: 9.20.0000 - Dell)
iTunes (HKLM\...\{616445AF-BBCF-41C1-A4D6-8CFF171C182D}) (Version: 11.1.4.62 - Apple Inc.)
Lexmark Z600 Series (HKLM\...\Lexmark Z600 Series) (Version: - )
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2742597) (HKLM\...\M2742597) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30730 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mouse Suite for Desktop Computers (HKLM\...\{448E2D77-E504-4221-B2C2-93646B344729}) (Version: 1.00.0000 - Dell)
Mozilla Firefox 16.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 16.0.2 (x86 en-US)) (Version: 16.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM\...\{C5B66421-3963-4ACD-9074-2648A4741033}) (Version: 7.03.0839 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
Paltalk Messenger 11.1 (HKLM\...\Paltalk Messenger) (Version: 11.1.0 - AVM Software Inc.)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.4600.0 - SigmaTel)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
USB 2.0 Wireless LAN Card Utility (HKLM\...\{A3BC5D37-30F9-4CF7-BD5C-0DFF063E4B6D}) (Version: 8.1.55 - Dell Inc.)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Zoom ADSL Modem (HKLM\...\{52C8CFE4-7C7C-11D7-A021-0060979CE4D3}) (Version: - )

==================== Restore Points =========================


==================== Hosts content: ==========================

2008-04-14 06:00 - 2014-02-10 11:18 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => c:\Program Files\Microsoft Security Client\MpCmdRun.exe

==================== Loaded Modules (whitelisted) =============

2014-02-15 00:49 - 2014-02-15 00:50 - 03578992 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-02-21 14:05 - 2014-02-21 14:05 - 16265096 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Documents and Settings^JewdudeTX^Start Menu^Programs^Startup^Kaluach3.lnk => C:\WINDOWS\pss\Kaluach3.lnkStartup
MSCONFIG\startupreg: iTunesHelper => "D:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 38%
Total physical RAM: 2038.07 MB
Available physical RAM: 1251.02 MB
Total Pagefile: 7999.02 MB
Available Pagefile: 7250.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1958.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:241.09 GB) (Free:212.55 GB) NTFS
Drive d: (Storage 1a) (Fixed) (Total:224.66 GB) (Free:189.81 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 54985498)
Partition 1: (Not Active) - (Size=241 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=225 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Edited by Oh My, 01 March 2014 - 09:44 PM.


#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:39 PM

Posted 01 March 2014 - 12:07 PM

Greetings Michael,

 

As you can see I have been waiting for 5 days for a reply from you.  Despite your unkind comments (to say the least) shall I assume your posting of the logs indicates you would like to work together to address your problems?  I guess I am confused because your accusations seem inconsistent with now asking the recipient of those accusations for help.

 

Please let me know if you desire and are able to work on this together, and do so in a more civilized way.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 irishmantx

irishmantx
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:39 PM

Posted 01 March 2014 - 06:24 PM

Posted Today, 11:07 AM

Greetings Michael,

 

As you can see I have been waiting for 5 days for a reply from you.  Despite your unkind comments (to say the least) shall I assume your posting of the logs indicates you would like to work together to address your problems?  I guess I am confused because your accusations seem inconsistent with now asking the recipient of those accusations for help.

 

Please let me know if you desire and are able to work on this together, and do so in a more civilized way.

 

I admit and confess, I work night shift, and not accessible to my computer for a response. I work in

security for 4 nights on, and 4 nights off.. I wasn't able to get back in the time alloted and I admit, I

assumed I was 'passed away' to automated script response. *SIGH* I profusely apologize and hope to

reconcile. Yet as it stands, the very computer I am on, is infected with a partition / worm virus that chokes

my computer performance, and after running combo fix several times, and other utility programs, I can only

hope there is a way to resolve the issue. In any advent, I feel and I am accountable for my response and I

owe you and only you a FREE MEXICAN Dinner if you are ever in Texas. :D Or.. a ONE TIME FREE FULL TANK

of GAS! :)  

 

The best time to reach me, is perhaps 1pm to 4pm Central Standard Time, or on my nights off, I am

available late to over night. Again my deepest apologies and I attempt to be sincerely sorry for my

response. Some of the forums do have many automated features, that bump, dump, or flump responses.

I honestly didn't know how backlogged or 'flooded' all of you have been.. With crisis situations that appear

to be an endless ocean, being the lifeguard to save that one computer soul from oblivion. :'(  I am facing

oblivion when XP is being ended this coming April.. and with 3 other hard drives infested with the same

issue, I felt flooded and monsooned myself!

 

I provided screen shots taken with my cell phone when booting into safemode.. and with copy wipe

partition view screen, shows the 'mysterious' partition that won't let me delete or remove. :'(



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:39 PM

Posted 01 March 2014 - 09:43 PM

Hi Michael,

Thank you for your more than kind response. Now that I know we are going to work together on this please allow me some time to review what you have posted. I am going to modify your post where you provided the logs and copy/paste then into the Post. It makes it easier and faster to work through so unless I request the information be attached the copy/paste is best for both of us.

OK my friend, let's get started. I will be posting back soon. :)
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 irishmantx

irishmantx
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:10:39 PM

Posted 01 March 2014 - 09:55 PM

Dear Oh My,

 

   I just ran Combo Fix again.. I have the 'latest' log file to send..

I hope all is well on your side of the Internet.. Texas is dry, and

drought stricken. Watching winds howl dust and high warning

of wild fires. :'(  

 

Shalom,

 

Michael D. Lucas

76531

 

Attached File  ComboFix.txt   12.16KB   0 downloadsAttached File  03012014 Lucas Dell Comp log.txt   12.16KB   1 downloads



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:39 PM

Posted 01 March 2014 - 10:00 PM

HI Micheal,

I would like to look for a file. Please do this.

===================================================

Farbar's Recovery Scan Tool Search

--------------------
  • Launch FRST
  • Copy/paste the following in the Search Field
mirc*
  • Click Search File(s) button
  • When completed click OK and a Search.txt document will open on your desktop
  • Copy and paste the contents of that document your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Search log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:39 PM

Posted 01 March 2014 - 10:02 PM

Hi Michael,

Please refrain from running anything from this point forward unless I ask you to do so.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users