SpyWare BeWare! ASAP
May 30, 2017, 04:07:46 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News:
 
   Home   Help Search Calendar Donations Login Register Chat  



Google It!
Pages: 1 [2]   Go Down
  Print  
Author Topic: disk antivirus professional / GetSavin Ads  (Read 2935 times)
0 Members and 1 Guest are viewing this topic.
melboy
Moderator
Hero Member
*****
Offline Offline

Date Registered:April 02, 2009, 02:56:03 AM
Posts: 756



« Reply #15 on: March 18, 2013, 12:22:50 PM »

Hi

How are things running now?

Stronghold Online Backup - Do you know what it is/use it?
Logged

Deftones4Life
Newbie
*
Offline Offline

Date Registered:March 13, 2013, 09:00:02 PM
Posts: 16


« Reply #16 on: March 18, 2013, 12:34:07 PM »

Pc seems to be running great. No more adds or pop ups. Does my PC have a clean bill of health?
Logged
melboy
Moderator
Hero Member
*****
Offline Offline

Date Registered:April 02, 2009, 02:56:03 AM
Posts: 756



« Reply #17 on: March 18, 2013, 12:40:15 PM »

There's a few other bits to tidy up, but we are nearly done.

Did you see the question above about Stronghold?
Logged

Deftones4Life
Newbie
*
Offline Offline

Date Registered:March 13, 2013, 09:00:02 PM
Posts: 16


« Reply #18 on: March 18, 2013, 12:58:49 PM »

Sorry I'm hung over and didnt have my glasses on lol. No I do not know what stonghold is.
Logged
melboy
Moderator
Hero Member
*****
Offline Offline

Date Registered:April 02, 2009, 02:56:03 AM
Posts: 756



« Reply #19 on: March 18, 2013, 01:53:15 PM »

Ok, well get rid of it. We should be done after this. Let me know how are things running.


COMBOFIX-Script

A word of warning: Please do not run ComboFix on your own. This tool is not for everyday use.

If combofix prompts you an update is available, please allow it to update.

  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below (Do not include Code:):

Code:
http://maddoktor2.com/forums/index.php/topic,64629.msg161150.html#msg161150

Collect::
c:\documents and settings\Nick\Application Data\Mozilla\Firefox\Profiles\pnjd1yr2.default\extensions\cca2b8f2-77b0-4282-9533-b31982107a80@ef5174e8-db70-4d61-88df-24b975460bd0.com

Folder::
c:\documents and settings\All Users\Application Data\STOPzilla!
c:\windows\0AC0F1B261C74B6EACEF58FCC0B94835.TMP
c:\program files\Common Files\Wise Installation Wizard
c:\windows\system32\AI_RecycleBin
c:\documents and settings\All Users\Application Data\Strongvault Online Backup
C:\AI_RecycleBin
C:\TDSSKiller_Quarantine

DDS::
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3220468
    .

  • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.
    .
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • If you need help to disable your protection programs see here.
    .

    .
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.
.
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
When CF finishes running, the ComboFix log will open along with a message box--do not be alarmed. With the above script, ComboFix will capture files to submit for analysis.

  • Ensure you are connected to the internet and click OK on the message box.
===========
Logged

Deftones4Life
Newbie
*
Offline Offline

Date Registered:March 13, 2013, 09:00:02 PM
Posts: 16


« Reply #20 on: March 18, 2013, 03:05:48 PM »

ComboFix 13-03-17.01 - Nick 03/18/2013  12:49:14.3.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1023.659 [GMT -7:00]
Running from: c:\documents and settings\Nick\My Documents\Downloads\ComboFix.exe
Command switches used :: c:\documents and settings\Nick\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\AI_RecycleBin
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\0\Services\Support.BackupAgent.ApplicationUpdate.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\0\Services\Support.BackupAgent.Backup.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\0\Services\Support.BackupAgent.ClientMessaging.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\0\Services\Support.BackupAgent.Delay.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\0\Services\Support.BackupAgent.DropListener.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\0\Services\Support.BackupAgent.NotificationUpdate.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\0\Services\Support.BackupAgent.SchedulerPlugInUpdate.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\0\Services\Support.BackupAgent.SystemNotification.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\0\Services\Temp\Support.BackupAgent.ApplicationUpdate.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\0\Services\Temp\Support.BackupAgent.Backup.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\0\Services\Temp\Support.BackupAgent.ClientMessaging.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\0\Services\Temp\Support.BackupAgent.Delay.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\0\Services\Temp\Support.BackupAgent.DropListener.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\0\Services\Temp\Support.BackupAgent.NotificationUpdate.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\0\Services\Temp\Support.BackupAgent.SchedulerPlugInUpdate.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\0\Services\Temp\Support.BackupAgent.SystemNotification.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\1\dbConfig.mdb
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.0.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.1.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.10.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.11.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.12.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.13.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.14.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.15.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.16.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.17.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.18.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.19.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.2.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.20.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.21.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.22.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.23.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.24.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.25.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.26.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.27.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.28.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.29.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.3.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.30.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.31.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.32.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.33.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.34.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.35.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.36.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.4.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.5.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.6.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.7.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.8.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\0313004243\3331.9.tmp
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\mod.StrongVaultApp0.dat
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\StrongVaultApp.exe
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\StrongVaultApp0.dat
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\StrongVaultBrowser.exe
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\StrongVaultInfo.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\StrongVaultK.dat.U.dat
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\3\Strongvault\StrongVaultU.dat
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\AgentHeader.jpg
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\BackupAgent.exe
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\BackupLauncher.exe
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\BBV.Framework.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\BusinessLogic.ApplicationManagement.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\BusinessLogic.SosManagement.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\BusinessLogic.StrongholdManagement.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Chrome\background.html
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Chrome\images\icon_128.png
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Chrome\images\icon_16.png
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Chrome\images\icon_48.png
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Chrome\manifest.json
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Chrome\scripts\affiliatehook.js
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Chrome\scripts\droppad.js
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Chrome\scripts\init.js
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Chrome\scripts\jquery-1.7.2.min.js
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Chrome\scripts\jquery-ui-1.8.22.min.js
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Chrome\style\droppad.css
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Chrome\Temp.zip
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\ClassicViewLogo.jpg
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Data.Repository.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Environment.Identification.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Infrastructure.Helpers.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Infrastructure.Metadata.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Infrastructure.Metrics.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Infrastructure.Models.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Interop.SHDocVw.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Metrics.Dispatching.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Microsoft.mshtml.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Newtonsoft.Json.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\Newtonsoft.Json.xml
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\System.ComponentModel.Composition.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\System.ComponentModel.Composition.xml
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\UI.MainApplication.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\updater.exe
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\webbackupdroppad.xpi
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebExtensions.DropPad.dll
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\content\images\NF-Background.jpg
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\content\images\NF-Join-Background.jpg
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\content\images\NF-Join-Button.jpg
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\content\images\NF-JoinThanks-Blurb.png
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\content\images\NF-JoinThanks-Bottom.png
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\content\images\NF-SHLearnMore.png
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\content\images\NF-SV-Headline.png
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\content\images\NF-SVLearnMore.png
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\content\images\NF-Upgrade-Blurb.png
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\content\images\NF-Upgrade-Bottom2.png
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\content\images\NF-Upgrade-Bullets.png
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\content\images\NF-UpgradeThanks-Blurb.png
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\content\images\NF-UpgradeThanks-Bottom2.png
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\content\images\processing.gif
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\content\images\spacer.gif
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\content\style\Join.css
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\content\style\JoinSuccess.css
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\content\style\Upgrade.css
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\content\style\UpgradeSuccess.css
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\Join.htm
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\Join.js
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\JoinSuccess.htm
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\Upgrade.htm
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\Upgrade.js
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\UpgradeSuccess.htm
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\6\Strongvault Online Backup\WebForms\UpgradeSuccess.js
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\7\Strongvault Online Backup\config.xml
c:\ai_recyclebin\{75C4A511-161C-44CB-A0FF-4364DAD6AB73}\7\Strongvault Online Backup\Logs\CtxMenu.dll (explorer.exe).log
c:\documents and settings\All Users\Application Data\STOPzilla!
c:\documents and settings\All Users\Application Data\STOPzilla!\modules_scanned.db
c:\documents and settings\All Users\Application Data\STOPzilla!\targets.db
c:\documents and settings\All Users\Application Data\STOPzilla!\userdata.db
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\AdviceTx.vdx
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\bhmem.vtd
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\bhsl.vtd
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\bmem.vtd
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\CatDesc.vdx
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\CatID.vdx
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\cblk.vtd
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\cmem.vtd
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\cname.wtd
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\Cookies.vdx
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\ctid.vtd
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\dex_hash.dat
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\dexmem.vtd
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\dnrl.vdx
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\elf_hash.dat
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\EPSigs.vdx
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\FastSigs.vdx
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\FileDT.vdx
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\FolderDT.vdx
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\fsigs.vdx
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\hcol.wtd
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\hstn.vtd
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\ih.vdx
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\ip.vtd
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\JSSigs.vdx
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\lgpl.dll
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\lib7zip.dll
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\libBase64.dll
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\libEmail.dll
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\libMachoUniv.dll
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\libMsCab.dll
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\libMsi.dll
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\libNSIS.dll
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\libOleA.dll
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\libRar.dll
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\libRTF.dll
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\libtd.dll
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\libVvs.dll
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\libZip.dll
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\MFastSigs.vdx
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\RegDT.vdx
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\remediation.dll
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\RTmem.vdx
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\ThreatDT.vdx
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\ThreatID.vdx
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\TImem.vdx
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\vcore.dll
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\VVSSigs.vdx
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\white.wtd
c:\documents and settings\All Users\Application Data\STOPzilla!\VIPRE\whsl.wtd
c:\documents and settings\All Users\Application Data\STOPzilla!\zilla5.log
c:\documents and settings\All Users\Application Data\Strongvault Online Backup
c:\documents and settings\All Users\Application Data\Strongvault Online Backup\Logs\CtxMenu.dll (explorer.exe).log
c:\documents and settings\Nick\Local Settings\Application Data\{5F535975-5B54-4712-B75C-51B7B8651E23}
c:\documents and settings\Nick\Local Settings\Application Data\{5F535975-5B54-4712-B75C-51B7B8651E23}\chrome\content\overlay.xul
c:\documents and settings\Nick\Local Settings\Application Data\{5F535975-5B54-4712-B75C-51B7B8651E23}\install.rdf
c:\program files\Common Files\Wise Installation Wizard
c:\program files\Common Files\Wise Installation Wizard\WIS0AC0F1B261C74B6EACEF58FCC0B94835_4_12_13_4202.MSI
C:\TDSSKiller_Quarantine
c:\tdsskiller_quarantine\13.03.2013_01.01.32\susp0000\object.ini
c:\tdsskiller_quarantine\13.03.2013_01.01.32\susp0000\svc0000\object.ini
c:\tdsskiller_quarantine\13.03.2013_01.01.32\susp0000\svc0000\tsk0000.dta
c:\tdsskiller_quarantine\13.03.2013_01.01.32\susp0000\svc0000\tsk0000.ini
c:\windows\0AC0F1B261C74B6EACEF58FCC0B94835.TMP
c:\windows\0AC0F1B261C74B6EACEF58FCC0B94835.TMP\WiseCustomCall.dll
c:\windows\0AC0F1B261C74B6EACEF58FCC0B94835.TMP\WiseCustomCalla.dll
c:\windows\0AC0F1B261C74B6EACEF58FCC0B94835.TMP\WiseCustomCalla17.dll
c:\windows\0AC0F1B261C74B6EACEF58FCC0B94835.TMP\WiseCustomCalla18.exe
c:\windows\0AC0F1B261C74B6EACEF58FCC0B94835.TMP\WiseCustomCalla19.dll
c:\windows\0AC0F1B261C74B6EACEF58FCC0B94835.TMP\WiseCustomCalla2.dll
c:\windows\0AC0F1B261C74B6EACEF58FCC0B94835.TMP\WiseCustomCalla20.dll
c:\windows\0AC0F1B261C74B6EACEF58FCC0B94835.TMP\WiseCustomCalla22.dll
c:\windows\0AC0F1B261C74B6EACEF58FCC0B94835.TMP\WiseCustomCalla22.exe
c:\windows\0AC0F1B261C74B6EACEF58FCC0B94835.TMP\WiseData.ini
c:\windows\system32\AI_RecycleBin
.
.
(((((((((((((((((((((((((   Files Created from 2013-02-18 to 2013-03-18  )))))))))))))))))))))))))))))))
.
.
2013-03-13 12:00 . 2013-03-13 12:00   --------   d-----w-   c:\documents and settings\Nick\Application Data\Anvisoft
2013-03-13 11:48 . 2013-03-13 11:48   --------   d-----w-   c:\documents and settings\All Users\Application Data\Anvisoft
2013-03-13 11:48 . 2013-03-13 12:28   --------   d-----w-   c:\program files\Anvisoft
2013-03-13 08:22 . 2013-03-06 22:32   228600   ----a-w-   c:\windows\system32\aswBoot.exe
2013-03-13 08:19 . 2013-03-13 08:19   --------   d-----w-   c:\program files\AVAST Software
2013-03-13 08:18 . 2013-03-13 13:08   --------   d-----w-   c:\documents and settings\All Users\Application Data\AVAST Software
2013-03-13 07:15 . 2013-03-13 13:19   --------   d-----w-   c:\documents and settings\Administrator.EXPLICIT.000
2013-03-13 07:07 . 2013-03-13 07:11   --------   d-----w-   c:\documents and settings\All Users\Application Data\89008F6A02243A7300008900066E3EB6
2013-03-05 07:11 . 2013-03-05 07:11   --------   d-----w-   c:\documents and settings\Nick\Local Settings\Application Data\WMTools Downloaded Files
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-15 03:42 . 2012-07-19 09:51   693976   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2013-03-15 03:42 . 2012-06-12 14:06   73432   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-30 10:53 . 2010-10-18 08:04   232336   ------w-   c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2009-01-31 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 122880]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"Wondershare Helper Compact.exe"="c:\program files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2011-12-21 1406976]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MultiMon Taskbar.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\MultiMon Taskbar.lnk
backup=c:\windows\pss\MultiMon Taskbar.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Nick^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
path=c:\documents and settings\Nick\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
2010-04-15 08:17   427328   ----a-w-   c:\program files\DAEMON Tools Pro\DTAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12   1695232   --sh--w-   c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2010-07-12 16:32   74752   ----a-w-   c:\program files\Winamp\winampa.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R2 Iprip;RIP Listener;c:\windows\System32\svchost.exe -k netsvcs [8/4/2004 5:00 AM 14336]
S1 A2DDA;A2 Direct Disk Access Support Driver;\??\c:\program files\Emsisoft Anti-Malware\a2ddax86.sys --> c:\program files\Emsisoft Anti-Malware\a2ddax86.sys [?]
S1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys --> c:\windows\system32\drivers\sbaphd.sys [?]
S2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys --> c:\windows\system32\drivers\sbapifs.sys [?]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\fxxandroidusb.sys [3/30/2010 12:31 PM 25728]
S3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys --> c:\windows\system32\drivers\gfiark.sys [?]
S3 qcusbser;Qualcomm USB Device for Legacy Serial Communication;c:\windows\system32\drivers\FXX\qcusbser.sys [3/30/2010 12:31 PM 103424]
S3 RtlPacket;RtlPacket;c:\windows\system32\Drivers\packet.sys --> c:\windows\system32\Drivers\packet.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc   REG_MULTI_SZ      p2psvc p2pimsvc p2pgasvc PNRPSvc
HPZ12   REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt   REG_MULTI_SZ      hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-18 c:\windows\Tasks\HP Photo Creations Messager.job
- c:\documents and settings\All Users\Application Data\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-18 13:00
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ...
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(644)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(528)
c:\windows\system32\WININET.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\WinSCP\DragExt.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\BCMSMMSG.exe
c:\windows\system32\tcpsvcs.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2013-03-18  13:01:51 - machine was rebooted
ComboFix-quarantined-files.txt  2013-03-18 20:01
ComboFix2.txt  2013-03-18 01:06
ComboFix3.txt  2013-03-15 00:14
.
Pre-Run: 6,975,680,512 bytes free
Post-Run: 7,140,388,864 bytes free
.
- - End Of File - - 4E264A3158C1AFF28D24E4C8C412E172
Logged
Deftones4Life
Newbie
*
Offline Offline

Date Registered:March 13, 2013, 09:00:02 PM
Posts: 16


« Reply #21 on: March 18, 2013, 08:10:26 PM »

PC is still running good. No problems so far.
Logged
melboy
Moderator
Hero Member
*****
Offline Offline

Date Registered:April 02, 2009, 02:56:03 AM
Posts: 756



« Reply #22 on: March 19, 2013, 08:08:23 AM »

Excellent - well done.  thumbsup

Update Adobe Reader & then a quick re-run of DDs to ensure the original signs of the infection are gone and you should be good to go.


Update Adobe Reader

Your Adobe Reader is out of date.
Older versions may have vulnerabilities that malware can use to infect your system.

  • Uninstall via Start > Control Panel  > Add/Remove Programs:
    Quote
    Adobe Reader X (10.1.5)

    Please visit the Adobe Site & download & install Adobe Reader XI (11.0.2).

    (Note: Uncheck the optional Mcafee Security Scan)

  • Then using the internal updater ensure the software is updated to the current increment 11.0.2
  • Open Adobe Reader go to > Help > Check for updates and allow the updater to check.
  • Click to download and install any necessary updates.
.


Re-run DDS

  • Double click dds.scr to run the tool.
  • When done, please copy & paste  the contents of :
  • DDS.txt
.
And post it in your next reply.
Logged

Deftones4Life
Newbie
*
Offline Offline

Date Registered:March 13, 2013, 09:00:02 PM
Posts: 16


« Reply #23 on: March 19, 2013, 03:03:07 PM »



DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 9/3/2010 9:03:56 PM
System Uptime: 3/19/2013 12:34:55 PM (1 hours ago)
.
Motherboard: Dell Computer Corp. |  |       
Processor:               Intel(R) Pentium(R) 4 CPU 2.80GHz | Microprocessor | 2790/533mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 112 GiB total, 5.827 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1: 3/14/2013 4:45:58 PM - System Checkpoint
RP2: 3/14/2013 7:04:53 PM - Installed Windows Internet Explorer 8.
RP3: 3/14/2013 7:06:56 PM - Removed Java 7 Update 9
RP4: 3/14/2013 7:08:19 PM - Removed Java(TM) 6 Update 18
RP5: 3/14/2013 7:09:08 PM - Removed Java(TM) 6 Update 31
RP6: 3/15/2013 9:43:33 PM - Software Distribution Service 3.0
RP7: 3/16/2013 12:12:10 AM - Software Distribution Service 3.0
RP8: 3/17/2013 5:13:22 PM - Software Distribution Service 3.0
RP9: 3/18/2013 6:38:17 PM - System Checkpoint
RP10: 3/19/2013 12:31:34 PM - Removed Adobe Reader X (10.1.5).
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.02)
AIM 7
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
B57Inst
BCM V.92 56K Modem
Broadcom Driver Installer
BufferChm
C4400
C4400_Help
Cards_Calendar_OrderGift_DoMorePlugout
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center HydraVision Full
Catalyst Control Center Localization All
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Command & Conquer The First Decade
Copy
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DivX Setup
DocProc
DocProcQFolder
Download Updater (AOL LLC)
Free Picture Resize Starter 4.5
GIMP 2.6.11
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
HP Imaging Device Functions 10.0
HP Photo Creations
HP Photosmart C4400 All-In-One Driver Software 10.0 Rel .3
HP Photosmart Essential 2.5
HP Smart Web Printing
HP Update
HPPhotoSmartPhotobookWebPack1
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet II
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSVCRT Redists
MSXML 6 Service Pack 2 (KB973686)
OCR Software by I.R.I.S. 10.0
OpenAL
PanoStandAlone
Phone F USB Driver
PS_AIO_03_C4400_ProductContext
PS_AIO_03_C4400_Software
PS_AIO_03_C4400_Software_Min
PSSWCORE
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Skins
SmartWebPrintingOC
Sound Blaster Live!
Status
STOPzilla
Toolbox
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.6195
VideoToolkit01
WebFldrs XP
WebReg
Winamp
Winamp Detector Plug-in
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Imaging Component
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
WinSCP 4.3.5
Wondershare Video Converter Ultimate(Build 5.7.1.1)
.
==== Event Viewer Messages From Past Week ========
.
3/17/2013 5:48:20 PM, error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Media Player Network Sharing Service service, but this action failed with the following error:  An instance of the service is already running.
3/17/2013 5:42:12 PM, error: Service Control Manager [7031]  - The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
3/15/2013 7:10:37 PM, error: Service Control Manager [7023]  - The Application Management service terminated with the following error:  The specified module could not be found.
3/15/2013 7:08:53 PM, error: Service Control Manager [7022]  - The HP CUE DeviceDiscovery Service service hung on starting.
3/15/2013 7:07:30 PM, error: Service Control Manager [7000]  - The STOPzilla Service service failed to start due to the following error:  The system cannot find the file specified.
3/15/2013 7:07:30 PM, error: Service Control Manager [7000]  - The sbapifs service failed to start due to the following error:  The system cannot find the file specified.
3/15/2013 10:34:25 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  Fips intelppm MpFilter
3/15/2013 10:33:07 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
.
==== End Of File ===========================
Logged
Deftones4Life
Newbie
*
Offline Offline

Date Registered:March 13, 2013, 09:00:02 PM
Posts: 16


« Reply #24 on: March 19, 2013, 03:03:56 PM »

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Nick at 13:01:05 on 2013-03-19
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1023.545 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [BCMSMMSG] BCMSMMSG.exe
mRun: [Wondershare Helper Compact.exe] c:\program files\common files\wondershare\wondershare helper compact\WSHelper.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{BFC2AB17-789C-478D-B21E-512238566BCE} : DHCPNameServer = 209.18.47.61 209.18.47.62
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R2 Iprip;RIP Listener;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S1 A2DDA;A2 Direct Disk Access Support Driver;\??\c:\program files\emsisoft anti-malware\a2ddax86.sys --> c:\program files\emsisoft anti-malware\a2ddax86.sys [?]
S1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys --> c:\windows\system32\drivers\sbaphd.sys [?]
S2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys --> c:\windows\system32\drivers\sbapifs.sys [?]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\fxxandroidusb.sys [2010-3-30 25728]
S3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys --> c:\windows\system32\drivers\gfiark.sys [?]
S3 qcusbser;Qualcomm USB Device for Legacy Serial Communication;c:\windows\system32\drivers\fxx\qcusbser.sys [2010-3-30 103424]
S3 RtlPacket;RtlPacket;c:\windows\system32\drivers\packet.sys --> c:\windows\system32\drivers\packet.sys [?]
.
=============== Created Last 30 ================
.
2013-03-14 23:58:32   --------   d-sha-r-   C:\cmdcons
2013-03-14 23:41:54   98816   ----a-w-   c:\windows\sed.exe
2013-03-14 23:41:54   256000   ----a-w-   c:\windows\PEV.exe
2013-03-14 23:41:54   208896   ----a-w-   c:\windows\MBR.exe
2013-03-13 12:00:31   --------   d-----w-   c:\documents and settings\nick\application data\Anvisoft
2013-03-13 11:48:46   --------   d-----w-   c:\documents and settings\all users\application data\Anvisoft
2013-03-13 11:48:19   --------   d-----w-   c:\program files\Anvisoft
2013-03-13 08:19:06   --------   d-----w-   c:\program files\AVAST Software
2013-03-13 08:18:00   --------   d-----w-   c:\documents and settings\all users\application data\AVAST Software
2013-03-13 07:07:55   --------   d-----w-   c:\documents and settings\all users\application data\89008F6A02243A7300008900066E3EB6
2013-03-05 07:11:23   --------   d-----w-   c:\documents and settings\nick\local settings\application data\WMTools Downloaded Files
.
==================== Find3M  ====================
.
2013-03-15 03:42:42   693976   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2013-03-15 03:42:41   73432   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-30 10:53:21   232336   ------w-   c:\windows\system32\MpSigStub.exe
.
============= FINISH: 13:01:35.34 ===============
Logged
melboy
Moderator
Hero Member
*****
Offline Offline

Date Registered:April 02, 2009, 02:56:03 AM
Posts: 756



« Reply #25 on: March 19, 2013, 03:44:20 PM »

Hi

Let me know if you have any problems.


Show Hidden Folders

  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab. Under the Hidden files and folders heading select Show hidden files and folders.
  • Click OK.
.

Delete folder

Using Windows Explore by right-clicking the start button and left clicking Explore, navigate to and find the following folder. If found, right click and delete it.

Folder:

c:\documents and settings\all users\application data\89008F6A02243A7300008900066E3EB6


--------------------------------------


Your log now appears to be clean. Congratulations!
This is my general post for when your logs show no more signs of malware Wink - Please let me know if you still are having problems with your computer and what these problems are before continuing with the instructions below.


Uninstall Combofix

We Need to Remove ComboFix

  • Please go to Start -> Run
  • Enter "ComboFix /uninstall" (without quotes). Note the space between "ComboFix" and "/uninstall", it needs to be there.

  • Press OK (Or hit enter).
  • Allow ComboFix to remove itself.
.
Please inform me if combofix fails to uninstall.


OTC by OldTimer

Download OTC by Old Timer and save it to your Desktop.

  • Double-click OTC.exe
  • Click the CleanUp! button
  • Select Yes when the Begin cleanup Process? Prompt appears
  • If you are prompted to Reboot during the cleanup, select Yes
  • The tool will delete itself once it finishes, if not delete it by yourself
.

==============================================================


General Security and Computer Health
Below are some steps to follow in order to dramatically lower the chances of reinfection. You may have already implemented some of the steps below, however you should follow any steps that you have not already implemented.

  • Make sure that you keep your antivirus updated
    New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.
    Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.
    Uninstall Tools for Major Antivirus Products
  • Security Updates for Windows, Internet Explorer & Microsoft Office
    Whenever a security problem in its software is found, Microsoft will usually create a patch so that after the patch is installed, attackers can't use the vulnerability to install malicious software on your PC.  Keeping up with these patches will help to prevent malicious software being installed on your PC. Ensure you are registered for Windows updates via Start > right-click on My Computer > Properties > Automatic Updates tab or visit the Microsoft Update site on a regular basis.
    Note: The update process uses ActiveX, so you will need to use internet explorer for it and allow the ActiveX control to install.
  • Update Non-Microsoft Programs
    Microsoft isn't the only company whose products can contain security vulnerabilities.  To check whether other programs running on your PC are in need of an update, you can use the Secunia Software Inspector - I suggest that you run it at least once a month.
  • Make Internet Explorer More Secure
    Even if you do not use Internet Explorer as you Primary/Default browser it is important to keep it updated. Internet Explorer can be utilised by other programs and therefore must be kept updated to avoid exploitable vulnerabilities.
.

Recommended Programs

I would recommend the download and installation of some or all of the following programs (if not already present), and the updating of them on a regular basis.

  • WinPatrol
    As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission.  WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.  For more information, please visit HERE.
  • Malwarebytes' Anti-Malware
    As you already have Malwarebytes' Anti-Malware on board I would keep it regularly updated and run regular quick scans with it. Malwarebytes' Anti-Malware is an anti-malware application that can thoroughly remove even the most advanced malware. The Full version can be used as an addition to an anti-virus & includes a number of features, including a built in protection monitor that blocks malicious processes before they even start. It's IP Protection provides an additional layer of security for your computer, by preventing access to known malicious IP addresses and IP ranges. You can now trial the full versions features within the program. Click the Protection Tab to see.
  • Hosts File
    For added protection you may also like to add a host file.  A simple explanation of what a Hosts file does is HERE and for more information regarding host files read HERE.
.

Finally I am trying to make one point very clear. It is absolutely essential to keep all of your security programs and other applications & programs up to date.

Also please read this great article by Tony Klein So How Did I Get Infected In First Place

I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.

Happy surfing and stay clean!


Logged

Deftones4Life
Newbie
*
Offline Offline

Date Registered:March 13, 2013, 09:00:02 PM
Posts: 16


« Reply #26 on: March 19, 2013, 05:03:58 PM »

Just got done follwing your instrutions. ComboFix was installed without any problmes. Thanks for taking the time to fix my PC. Its running great! I'll make sure to follow the tips you posted up.

Thanks again and have a good day.
Logged
melboy
Moderator
Hero Member
*****
Offline Offline

Date Registered:April 02, 2009, 02:56:03 AM
Posts: 756



« Reply #27 on: March 19, 2013, 05:06:59 PM »

You're most welcome! Smiley
Logged

melboy
Moderator
Hero Member
*****
Offline Offline

Date Registered:April 02, 2009, 02:56:03 AM
Posts: 756



« Reply #28 on: March 19, 2013, 05:31:26 PM »


As this issue appears resolved this Topic is now closed.

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine.

Any other members requiring Malware Removal assistance, Please Start HERE!


If you have been helped and wish to donate to help with the costs of this volunteer site:
Please Help Support This Site and ASAPô


Thanks!
Logged

Pages: 1 [2]   Go Up
  Print  
 
Jump to:  


Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2013, Simple Machines Valid XHTML 1.0! Valid CSS!