Unsolved
This post is more than 5 years old
14 Posts
0
1285
January 29th, 2007 03:00
Viruses on computer (popups, computer running slow, programs not working)
I am extremely new to all this and have no clue what some of this stuff is. For example, I do not know what malware is. I am having issues with my computer. It started out as a minor annoyance about a month ago with a pop up or two here and there or my computer running slightly slower. Over time it has begun to cripple my computer and now I get tons of pop ups a day, some programs don't work, and sometimes I can only check emails but not go to websites. Please help! I am completely ignorant when it comes to fixing a problem like this on my computer. Thank you!
Logfile of HijackThis v1.99.1
Scan saved at 11:09:10 PM, on 1/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Scan saved at 11:09:10 PM, on 1/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NeroCheck.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\{74D83C19-0AE9-1033-1108-040416200001}\Update.exe
C:\DOCUME~1\User\MYDOCU~1\SMANTE~1\javaw.exe
C:\Program Files\?icrosoft.NET\s?ool32.exe
C:\WINDOWS\csrss.exe
C:\Program Files\AOL 9.0\aoltray.exe
c:\program files\common files\aol\1142033861\ee\services\antiSpywareApp\ver2_0_27_1\AOLSP Scheduler.exe
C:\Program Files\AOL Companion\companion.exe
C:\WINDOWS\system32\PackethSvc.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\AOL\1142033861\ee\aolsoftware.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
c:\program files\common files\aol\1142033861\ee\aolsoftware.exe
C:\DOCUME~1\User\LOCALS~1\Temp\services.exe
C:\DOCUME~1\User\LOCALS~1\Temp\services.exe
C:\DOCUME~1\User\LOCALS~1\Temp\services.exe
C:\DOCUME~1\User\LOCALS~1\Temp\services.exe
C:\DOCUME~1\User\LOCALS~1\Temp\services.exe
C:\DOCUME~1\User\LOCALS~1\Temp\services.exe
C:\DOCUME~1\User\LOCALS~1\Temp\services.exe
C:\DOCUME~1\User\LOCALS~1\Temp\services.exe
C:\America Online 6.0\waol.exe
C:\Program Files\Hijackthis\HijackThis.exe
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NeroCheck.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\{74D83C19-0AE9-1033-1108-040416200001}\Update.exe
C:\DOCUME~1\User\MYDOCU~1\SMANTE~1\javaw.exe
C:\Program Files\?icrosoft.NET\s?ool32.exe
C:\WINDOWS\csrss.exe
C:\Program Files\AOL 9.0\aoltray.exe
c:\program files\common files\aol\1142033861\ee\services\antiSpywareApp\ver2_0_27_1\AOLSP Scheduler.exe
C:\Program Files\AOL Companion\companion.exe
C:\WINDOWS\system32\PackethSvc.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\AOL\1142033861\ee\aolsoftware.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
c:\program files\common files\aol\1142033861\ee\aolsoftware.exe
C:\DOCUME~1\User\LOCALS~1\Temp\services.exe
C:\DOCUME~1\User\LOCALS~1\Temp\services.exe
C:\DOCUME~1\User\LOCALS~1\Temp\services.exe
C:\DOCUME~1\User\LOCALS~1\Temp\services.exe
C:\DOCUME~1\User\LOCALS~1\Temp\services.exe
C:\DOCUME~1\User\LOCALS~1\Temp\services.exe
C:\DOCUME~1\User\LOCALS~1\Temp\services.exe
C:\DOCUME~1\User\LOCALS~1\Temp\services.exe
C:\America Online 6.0\waol.exe
C:\Program Files\Hijackthis\HijackThis.exe
R3 - URLSearchHook: (no name) - {552CC461-2F80-7E0C-A1E9-05D58D21B29A} - C:\WINDOWS\system32\gxh.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {552CC461-2F80-7E0C-A1E9-05D58D21B29A} - C:\WINDOWS\system32\gxh.dll
O2 - BHO: (no name) - {B1AF6EE2-8D05-F28A-7603-F81A06CE0890} - C:\WINDOWS\system32\aiflqges.dll (file missing)
O3 - Toolbar: (no name) - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - (no file)
O3 - Toolbar: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1142033861\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [DLBXCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBXtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlbxmon.exe] "C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe"
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [Russ] "C:\DOCUME~1\User\MYDOCU~1\SMANTE~1\javaw.exe" -vt ndrv
O4 - HKCU\..\Run: [Dqgvly] C:\Program Files\?icrosoft.NET\s?ool32.exe
O4 - HKCU\..\Run: [zrwm] C:\PROGRA~1\COMMON~1\zrwm\zrwmm.exe
O4 - HKCU\..\Run: [Kernel Fault Safe] C:\WINDOWS\smss.exe
O4 - HKCU\..\Run: [Shell explorer driver] C:\WINDOWS\csrss.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/ZwinkyInitialSetup1.0.0.15.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C6248388-3CC1-4967-A3CD-3E14C2C4603A}: NameServer = 205.188.146.145
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: dlbx_device - Dell - C:\WINDOWS\system32\dlbxcoms.exe
O23 - Service: (Network Monitor) - Unknown owner - C:\WINDOWS\.exe (file missing)
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\system32\PackethSvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {552CC461-2F80-7E0C-A1E9-05D58D21B29A} - C:\WINDOWS\system32\gxh.dll
O2 - BHO: (no name) - {B1AF6EE2-8D05-F28A-7603-F81A06CE0890} - C:\WINDOWS\system32\aiflqges.dll (file missing)
O3 - Toolbar: (no name) - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - (no file)
O3 - Toolbar: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1142033861\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [DLBXCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBXtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlbxmon.exe] "C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe"
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [Russ] "C:\DOCUME~1\User\MYDOCU~1\SMANTE~1\javaw.exe" -vt ndrv
O4 - HKCU\..\Run: [Dqgvly] C:\Program Files\?icrosoft.NET\s?ool32.exe
O4 - HKCU\..\Run: [zrwm] C:\PROGRA~1\COMMON~1\zrwm\zrwmm.exe
O4 - HKCU\..\Run: [Kernel Fault Safe] C:\WINDOWS\smss.exe
O4 - HKCU\..\Run: [Shell explorer driver] C:\WINDOWS\csrss.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/ZwinkyInitialSetup1.0.0.15.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C6248388-3CC1-4967-A3CD-3E14C2C4603A}: NameServer = 205.188.146.145
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: dlbx_device - Dell - C:\WINDOWS\system32\dlbxcoms.exe
O23 - Service: (Network Monitor) - Unknown owner - C:\WINDOWS\.exe (file missing)
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\system32\PackethSvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
bamajim
10.4K Posts
0
January 29th, 2007 13:00
Welcome to DCF
That's quite an infection you have there.
Re Run Hijackthis
- At the Main window select " Open the misc tool section"
Copy and paste that list as a reply to this threadThen select " Open uninstall manager"
Then " save list" and save it to your desktop
twinzz4me
14 Posts
0
January 29th, 2007 23:00
Adobe Flash Player 9 ActiveX
Adobe Reader 7.0.5
AOL Coach Version 1.0(Build:20020131.1)
AOL Coach Version 1.0(Build:20040229.1 uk)
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Toolbar
AOL UK (Choose which version to remove)
AOL Uninstaller (Choose which Products to Remove)
AOL You've Got Pictures Screensaver
Dell Photo AIO Printer 962
Google Desktop Search
Hijackthis 1.99.1
HijackThis 1.99.1
Intel(R) 537EP V9x DF PCI Modem
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Adapters and Drivers
IrfanView (remove only)
J2SE Runtime Environment 5.0 Update 3
Jasc Paint Shop Photo Album
Jasc Paint Shop Pro 8 Dell Edition
Learn2 Player (Uninstall Only)
Microsoft .NET Framework 1.1
Microsoft Web Publishing Wizard 1.52
MySpaceIM
Nero OEM
OpenOffice.org 2.0
Outerinfo
Outerinfo
PowerDVD
Print to Fax
RealPlayer Basic
S3 S3Display
S3 S3Gamma2
S3 S3Info2
S3 S3Overlay
S3 S3TrayPlus
Security Toolbar
Shockwave
SoundMAX
The Print Shop 20
Ultimate Sudoku - The Emperor's Challenge
UniChrome Pro IGP Display Driver and Utilities
VIA Platform Device Manager
VIA Vinyl Audio Codecs Driver Setup Program
Viewpoint Media Player
Winamp (remove only)
Windows Media Format Runtime
bamajim
10.4K Posts
0
January 30th, 2007 00:00
1. Reboot into Safe Mode
This can be done by
Begin tapping the F8 key twice a second untill you reach another menu screen (black background with white menu choices)
Use your arrow keys and select Safe Mode and then Enter
2. Go to Add/Remove Programs (Click Start->>Control Panel->>Add/Remove Programs)
And Uninstall
Outerinfo
Outerinfo
Security Toolbar
Close Add/Remove Programs->>Reboot your PC into Normal Windows
3. Go here and download Purity Scan Uninstaller
4. Please run the Purity scan Uninstaller
If you have any problems a Tutorial can be found here
5. Reboot your PC->>Rerun Hijackthis and post a fresh Hijackthis log
twinzz4me
14 Posts
0
January 30th, 2007 01:00
Scan saved at 8:56:06 PM, on 1/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NeroCheck.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Common Files\AOL\1142033861\ee\AOLSoftware.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\{74D83C19-0AE9-1033-1108-040416200001}\Update.exe
C:\WINDOWS\csrss.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\AOL 9.0\aoltray.exe
c:\program files\common files\aol\1142033861\ee\services\antiSpywareApp\ver2_0_27_1\AOLSP Scheduler.exe
c:\program files\common files\aol\1142033861\ee\aolsoftware.exe
C:\Program Files\AOL Companion\companion.exe
C:\Program Files\Hijackthis\HijackThis.exe
O2 - BHO: (no name) - {057AC367-28D4-7E09-A1E9-05D58D21B699} - C:\WINDOWS\system32\npiepp.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {B1AF6EE2-8D05-F28A-7603-F81A06CE0890} - C:\WINDOWS\system32\aiflqges.dll (file missing)
O3 - Toolbar: (no name) - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - (no file)
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1142033861\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [DLBXCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBXtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlbxmon.exe] "C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe"
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [zrwm] C:\PROGRA~1\COMMON~1\zrwm\zrwmm.exe
O4 - HKCU\..\Run: [Kernel Fault Safe] C:\WINDOWS\smss.exe
O4 - HKCU\..\Run: [Shell explorer driver] C:\WINDOWS\csrss.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/ZwinkyInitialSetup1.0.0.15.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: dlbx_device - Dell - C:\WINDOWS\system32\dlbxcoms.exe
O23 - Service: (Network Monitor) - Unknown owner - C:\WINDOWS\.exe (file missing)
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\system32\PackethSvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
bamajim
10.4K Posts
0
January 30th, 2007 02:00
Glad to hear it, we still have some things to do here.
1. Copy and paste the following into NotePad (Not Wordpad)
sc delete Network Monitor
Click File ->> Save as ->>type in cmd.bat
Close Notepad
The cmd.bat file should now appear on your Desktop
Double Click that file (It will appear that nothing has happened, but that's o.k.)
2. Open TaskManager (Rt Click a blank space on your lower toolbar->>Taskmanager)
Under the processes tab, Locate
csrss.exe
Hilight one at a time and Select End Process and Close Taskmanager
3. Rerun Hijackthis (scan only) and place checks beside the follwoing entries
O2 - BHO: (no name) - {B1AF6EE2-8D05-F28A-7603-F81A06CE0890} - C:\WINDOWS\system32\aiflqges.dll (file missing)
O3 - Toolbar: (no name) - {736b5468-bdad-41be-92d0-22ae2ddf7bcb} - (no file)
O4 - HKCU\..\Run: [zrwm] C:\PROGRA~1\COMMON~1\zrwm\zrwmm.exe
O4 - HKCU\..\Run: [Kernel Fault Safe] C:\WINDOWS\smss.exe
O4 - HKCU\..\Run: [Shell explorer driver] C:\WINDOWS\csrss.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/ZwinkyInitialSetup1.0.0.15.cab
4. Using Windows Explorer
Locate and Delete the following folders
C:\PROGRA~1\COMMON~1\zrwm <<-Should Translate C:\Program Files\Common Files\zrwm->>
twinzz4me
14 Posts
0
January 31st, 2007 00:00
Scan saved at 8:38:47 PM, on 1/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NeroCheck.exe
C:\Program Files\Common Files\AOL\1142033861\ee\AOLSoftware.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\csrss.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\AOL 9.0\aoltray.exe
c:\program files\common files\aol\1142033861\ee\services\antiSpywareApp\ver2_0_27_1\AOLSP Scheduler.exe
C:\Program Files\AOL Companion\companion.exe
C:\America Online 6.0\waol.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\PackethSvc.exe
C:\Program Files\Hijackthis\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1142033861\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [DLBXCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBXtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlbxmon.exe] "C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe"
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [Shell explorer driver] C:\WINDOWS\csrss.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{C6248388-3CC1-4967-A3CD-3E14C2C4603A}: NameServer = 205.188.146.145
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: dlbx_device - Dell - C:\WINDOWS\system32\dlbxcoms.exe
O23 - Service: (Network Monitor) - Unknown owner - C:\WINDOWS\.exe (file missing)
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\system32\PackethSvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
RKinner
2 Intern
•
5.9K Posts
0
January 31st, 2007 18:00
http://207.210.72.89/KillBox.exe
Boot into Safe Mode (without networking) by rebooting and when you see the maker's logo start tapping the F8 key until it gives you the Safe Mode menu. Choose the top option and login as your usual login.
O4 - HKCU\..\Run: [Shell explorer driver] C:\WINDOWS\csrss.exe
Then press the red button to delete the file.
twinzz4me
14 Posts
0
February 1st, 2007 01:00
Scan saved at 9:16:27 PM, on 1/31/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NeroCheck.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Common Files\AOL\1142033861\ee\AOLSoftware.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\csrss.exe
C:\Program Files\AOL 9.0\aoltray.exe
c:\program files\common files\aol\1142033861\ee\services\antiSpywareApp\ver2_0_27_1\AOLSP Scheduler.exe
c:\program files\common files\aol\1142033861\ee\aolsoftware.exe
C:\Program Files\AOL Companion\companion.exe
C:\WINDOWS\system32\PackethSvc.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\wuauclt.exe
c:\program files\internet explorer\iexplore.exe
C:\America Online 6.0\waol.exe
C:\DOCUME~1\User\LOCALS~1\Temp\services.exe
C:\Program Files\Hijackthis\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1142033861\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [DLBXCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBXtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlbxmon.exe] "C:\Program Files\Dell Photo AIO Printer 962\dlbxmon.exe"
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [Shell explorer driver] C:\WINDOWS\csrss.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{C6248388-3CC1-4967-A3CD-3E14C2C4603A}: NameServer = 205.188.146.145
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: dlbx_device - Dell - C:\WINDOWS\system32\dlbxcoms.exe
O23 - Service: (Network Monitor) - Unknown owner - C:\WINDOWS\.exe (file missing)
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\system32\PackethSvc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
RKinner
2 Intern
•
5.9K Posts
0
February 1st, 2007 11:00
2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you.
Note: Do not mouseclick combofix's window while it's running. That may cause it to stall
This thing generates a giant log but for now all I want in your next reply is the first part of it from where it starts with
twinzz4me
14 Posts
0
February 2nd, 2007 01:00
2007-01-31 21:09
2007-01-30 20:36
2007-01-28 23:08
2007-01-07 21:43 68 --a------ C:\WINDOWS\v2odt77re.dll
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-01-31 21:05 -------- d-------- C:\Program Files\dl_cats
2007-01-26 20:05 -------- d-------- C:\DOCUME~1\User\Application Data\openoffice.org2
2006-12-20 22:00 -------- d-------- C:\Program Files\ultimate sudoku - the emperor's challenge
2006-12-20 21:59 -------- d--h----- C:\Program Files\installshield installation information
2006-12-17 23:31 -------- d-------- C:\Program Files\Common Files\aolshare
2006-12-14 23:01 -------- d-------- C:\Program Files\quicktime
2006-12-14 19:03 8552 --a------ C:\WINDOWS\system32\drivers\asctrm.sys
2006-12-14 19:03 -------- d-------- C:\Program Files\learn2.com
2006-12-14 19:03 -------- d-------- C:\Program Files\Common Files\real
2006-12-14 19:03 -------- d-------- C:\Program Files\aol toolbar
2006-12-14 19:03 -------- d-------- C:\Program Files\aol companion
2006-12-14 19:03 -------- d-------- C:\Program Files\aol 9.0
2006-12-14 19:02 -------- d-------- C:\Program Files\Common Files\aol
2006-12-13 21:57 30613864 --a------ C:\WINDOWS\aolback.exe
2006-12-12 21:52 -------- d-------- C:\Program Files\dell photo aio printer 962
2006-12-12 21:52 -------- d-------- C:\Program Files\america online 9.0
2006-12-12 21:50 69632 --a------ C:\WINDOWS\system32\nerocheck.exe
2006-12-12 21:50 69632 --a------ C:\WINDOWS\system32\igfxtray.exe
2006-12-12 21:50 69632 --a------ C:\WINDOWS\system32\hkcmd.exe
2006-12-06 21:02 -------- d-------- C:\DOCUME~1\User\Application Data\adobeum
2006-12-03 22:06 129 --a-s---- C:\WINDOWS\test.bat
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
RKinner
2 Intern
•
5.9K Posts
0
February 2nd, 2007 15:00
twinzz4me
14 Posts
0
February 4th, 2007 19:00
2007-01-07 21:43 68 --a------ C:\WINDOWS\v2odt77re.dll
RKinner
2 Intern
•
5.9K Posts
0
February 5th, 2007 13:00
twinzz4me
14 Posts
0
February 6th, 2007 01:00
RKinner
2 Intern
•
5.9K Posts
0
February 6th, 2007 08:00
Then press the red button to delete the file.