Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Here is my hijack this log along with my ewido anti-malware log [

Started by jones24 , Mar 05 2006 07:39 AM

  • This topic is locked This topic is locked

#1
jones24
Posted 05 March 2006 - 07:39 AM

jones24

    Member

  • Member
  • PipPip
  • 25 posts
Okay here is the pasted log of my hijack this:



Logfile of HijackThis v1.99.1
Scan saved at 9:32:46 PM, on 3/5/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WIN\System32\smss.exe
C:\WIN\system32\winlogon.exe
C:\WIN\system32\services.exe
C:\WIN\system32\lsass.exe
C:\WIN\system32\svchost.exe
C:\WIN\System32\svchost.exe
C:\WIN\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WIN\system32\cisvc.exe
C:\WIN\System32\CTSvcCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\WIN\system32\ZoneLabs\vsmon.exe
C:\WIN\system32\rundll32.exe
C:\WIN\Explorer.EXE
C:\Program Files\Iomega\Iomega HotBurn Pro\Autolaunch.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\TrojanHunter 4.2\THGuard.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\X-NetStat 5.0\xns5.exe
C:\WIN\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Winamp\winamp.exe
C:\WIN\System32\CTPdeSrv.exe
C:\Documents and Settings\Eugene Goh\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet

Settings,ProxyServer = 69.10.139.104:8155
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -

C:\WIN\System32\msdxm.ocx
O4 - HKLM\..\Run: [Drag'n'Drop_Autolaunch] "C:\Program Files\Iomega\Iomega

HotBurn Pro\Autolaunch.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone

Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe"

/background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search &

Destroy\TeaTimer.exe
O4 - Startup: Iomega Product Registration.lnk.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program

Files\AIM\aim.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage

Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus

scanner) -

http://security.syma...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility

Class) -

http://security.syma...n/bin/cabsa.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}

(MsnMessengerSetupDownloadControl Class) -

http://messenger.msn...pDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -

"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: Unimodem - C:\WIN\system32\t2r80c9uef.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil

Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil

Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil

Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd -

C:\WIN\System32\CTSvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program

Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Iomega App Services - Iomega Corporation -

C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Unknown

owner - C:\Program Files\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: rundll.exe - Unknown owner - C:\WIN\rundll.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC -

C:\WIN\system32\ZoneLabs\vsmon.exe

____________________________________________________________




Here is the ewido anti-malware log:


---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 9:00:32 PM, 3/5/2006
+ Report-Checksum: 8B0A62A8

+ Scan result:

[628] C:\WIN\system32\dmcpsapi.dll -> Adware.Look2Me : Error during cleaning
[704] C:\WIN\system32\dmcpsapi.dll -> Adware.Look2Me : Error during cleaning
C:\WIN\NDNuninstall6_98.exe -> Adware.NewDotNet : Cleaned with backup
C:\WIN\rundll.exe -> Backdoor.SdBot.xd : Cleaned with backup
C:\WIN\system32\dyvxdec_0407.dll -> Adware.Look2Me : Cleaned with backup
C:\WIN\system32\eraseme_61422.exe -> Backdoor.SdBot.xd : Cleaned with backup
C:\WIN\system32\eraseme_80267.exe -> Backdoor.SdBot.xd : Cleaned with backup
C:\WIN\system32\fp8603lse.dll -> Adware.Look2Me : Cleaned with backup
C:\WIN\system32\g4lm0e31eh.dll -> Adware.Look2Me : Cleaned with backup
C:\WIN\system32\h2j40c1qef.dll -> Adware.Look2Me : Cleaned with backup
C:\WIN\system32\isxrip.dll -> Adware.Look2Me : Cleaned with backup
C:\WIN\system32\j06m0aj1edo.dll -> Adware.Look2Me : Cleaned with backup
C:\WIN\system32\j64olgh3164.dll -> Adware.Look2Me : Cleaned with backup
C:\WIN\system32\k0pmla711d.dll -> Adware.Look2Me : Cleaned with backup
C:\WIN\system32\lvj8091ue.dll -> Adware.Look2Me : Cleaned with backup
C:\WIN\system32\mgsec.dll -> Adware.Look2Me : Cleaned with backup
C:\WIN\system32\mv8ol9l31.dll -> Adware.Look2Me : Cleaned with backup
C:\WIN\system32\o2ns0c57ef.dll -> Adware.Look2Me : Cleaned with backup
C:\WIN\system32\skrobj.dll -> Adware.Look2Me : Cleaned with backup
C:\WIN\system32\wgadmoe.dll -> Adware.Look2Me : Cleaned with backup
C:\WIN\system32\winsvcs.exe.tcf -> Dropper.Delf.sc : Cleaned with backup


::Report End



____________________________________________________________




I posted this because i found out that ewido cannot clean 2 dll files infected and everytime i run it again it will detetct these 2 errors and say it fixed it but they show again when i run it a 2nd time.


Thanks
  • 0

Advertisements

#2
Rawe
Posted 05 March 2006 - 07:46 AM

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts
Hello and welcome.. :tazz:

Please download Look2Me-Destroyer to your desktop.
  • Close all windows before continuing.
  • Double-click Look2Me-Destroyer.exe to run it.
  • Put a check next to Run this program as a task.
  • You will receive a message saying Look2Me-Destroyer will close and re-open in approximately 10 seconds. Click OK
  • When Look2Me-Destroyer re-opens, click the Scan for L2M button, your desktop icons will disappear, this is normal.
  • Once it's done scanning, click the Remove L2M button.
  • You will receive a Done Scanning message, click OK.
  • When completed, you will receive this message: Done removing infected files! Look2Me-Destroyer will now shutdown your computer, click OK.
  • Your computer will then shutdown.
  • Turn your computer back on.
  • Please post the contents of C:\Look2Me-Destroyer.txt in your next reply.
If you receive a message from your Firewall about this program accessing the Internet, please allow it.

If you receive a runtime error '339' please download MSWINSCK.OCX from the link below and place it in your C:\Windows\System32 Directory.
http://www.ascentive...ib/MSWINSCK.OCX

==

Post back with a fresh HijackThis log aswell as the contents of C:\Look2Me-Destroyer.txt.
Please make sure prior to posting the log, that WordWrap is disabled in Notepad. It makes it hard to read the logs. :)
  • 0

#3
jones24
Posted 05 March 2006 - 10:33 AM

jones24

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
ok here is my fresh hijack this log :


Logfile of HijackThis v1.99.1
Scan saved at 12:29:17 AM, on 3/6/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WIN\System32\smss.exe
C:\WIN\system32\csrss.exe
C:\WIN\system32\winlogon.exe
C:\WIN\system32\services.exe
C:\WIN\system32\lsass.exe
C:\WIN\system32\svchost.exe
C:\WIN\System32\svchost.exe
C:\WIN\System32\svchost.exe
C:\WIN\System32\svchost.exe
C:\WIN\system32\spoolsv.exe
C:\WIN\System32\alg.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WIN\system32\cisvc.exe
C:\WIN\System32\CTSvcCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\WIN\system32\ZoneLabs\vsmon.exe
C:\WIN\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WIN\System32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\X-NetStat 5.0\xns5.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Eugene Goh\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 69.10.139.104:8155
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WIN\System32\msdxm.ocx
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Iomega Product Registration.lnk.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: RunOnce- - C:\WIN\system32\i406leds1h06.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WIN\System32\CTSvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Unknown owner - C:\Program Files\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: rundll.exe - Unknown owner - C:\WIN\rundll.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WIN\system32\ZoneLabs\vsmon.exe

________________________________________________________________________


here is the look2me destroyer log:



Look2Me-Destroyer V1.0.7

Scanning for infected files.....
Scan started at 3/6/2006 12:01:55 AM

Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP0\A0000004.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001031.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001203.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001204.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001213.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001228.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001272.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001274.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001280.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002287.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002314.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002324.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002338.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002641.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002651.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002654.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002664.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0003668.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0003712.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0004722.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0004728.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0004737.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0004744.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0004752.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005004.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005008.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005011.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005012.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005013.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005014.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005015.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005016.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005017.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005018.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005019.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005020.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005021.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005022.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005023.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005025.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005034.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP3\A0007960.dll
Infected! C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP3\A0007975.dll
Infected! C:\WIN\system32\i406leds1h06.dll
Infected! C:\WIN\system32\l44q0eh5eh4.dll
Infected! C:\WIN\system32\t08u0al9edq.dll
Infected! C:\WIN\system32\utrfaxa.dll

Attempting to delete infected files...

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP0\A0000004.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP0\A0000004.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001031.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001031.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001203.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001203.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001204.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001204.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001213.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001213.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001228.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001228.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001272.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001272.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001274.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001274.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001280.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0001280.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002287.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002287.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002314.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002314.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002324.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002324.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002338.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002338.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002641.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002641.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002651.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002651.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002654.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002654.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002664.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0002664.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0003668.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP1\A0003668.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0003712.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0003712.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0004722.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0004722.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0004728.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0004728.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0004737.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0004737.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0004744.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0004744.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0004752.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0004752.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005004.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005004.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005008.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005008.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005011.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005011.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005012.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005012.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005013.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005013.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005014.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005014.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005015.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005015.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005016.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005016.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005017.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005017.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005018.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005018.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005019.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005019.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005020.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005020.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005021.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005021.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005022.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005022.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005023.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005023.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005025.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005025.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005034.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP2\A0005034.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP3\A0007960.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP3\A0007960.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP3\A0007975.dll
C:\System Volume Information\_restore{D8D91882-ABAF-4FDB-8C62-1F019B47410B}\RP3\A0007975.dll Deleted successfully!

Attempting to delete: C:\WIN\system32\i406leds1h06.dll
C:\WIN\system32\i406leds1h06.dll Deleted successfully!

Attempting to delete: C:\WIN\system32\l44q0eh5eh4.dll
C:\WIN\system32\l44q0eh5eh4.dll Deleted successfully!

Attempting to delete: C:\WIN\system32\t08u0al9edq.dll
C:\WIN\system32\t08u0al9edq.dll Deleted successfully!

Attempting to delete: C:\WIN\system32\utrfaxa.dll
C:\WIN\system32\utrfaxa.dll Deleted successfully!

Making registry repairs.


Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{ECB9ECAB-8813-4F16-B8AF-AF39D69B9908}"
HKCR\Clsid\{ECB9ECAB-8813-4F16-B8AF-AF39D69B9908}

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{5A2DF3B0-9AC2-4E48-ABB4-F4228AEB76BD}"
HKCR\Clsid\{5A2DF3B0-9AC2-4E48-ABB4-F4228AEB76BD}

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{ADF036CC-097B-448D-9FCF-5FCAAE4A61EE}"
HKCR\Clsid\{ADF036CC-097B-448D-9FCF-5FCAAE4A61EE}

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{7989AE07-8EF7-4F55-85E9-76DB53F2A209}"
HKCR\Clsid\{7989AE07-8EF7-4F55-85E9-76DB53F2A209}

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{3F62F7F9-31A0-4472-BC29-E72B7D198FC1}"
HKCR\Clsid\{3F62F7F9-31A0-4472-BC29-E72B7D198FC1}

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{490820D4-7E38-4E58-A0A8-544FF82CAFD4}"
HKCR\Clsid\{490820D4-7E38-4E58-A0A8-544FF82CAFD4}

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{804209E5-569C-4397-ACF8-E59985355C3A}"
HKCR\Clsid\{804209E5-569C-4397-ACF8-E59985355C3A}

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{0F06FA5B-7E72-4D0C-A105-62164808AE81}"
HKCR\Clsid\{0F06FA5B-7E72-4D0C-A105-62164808AE81}

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{36898428-3BB9-472F-85E3-E055120C9A98}"
HKCR\Clsid\{36898428-3BB9-472F-85E3-E055120C9A98}

Restoring Windows certificates.

Replaced hosts file with default windows hosts file


Restoring SeDebugPrivilege for Administrators - Succeeded

________________________________________________________________________


Hope everything is fine, no unwanted webpages load like before.
  • 0

#4
Rawe
Posted 05 March 2006 - 10:39 AM

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts
Hi; couple things to do anymore. :tazz:

Run a scan with HijackThis and check the following object for removal:

O20 - Winlogon Notify: RunOnce- - C:\WIN\system32\i406leds1h06.dll (file missing)

Now close ALL other open windows except for HijackThis and hit FIX CHECKED.

Now, please do the following..

Please copy the following text in the quotebox below to a blank Notepad file. Make sure the filetype is set to "All Files" and save it as Removeservice.bat. to your desktop.

@echo off
sc stop rundll.exe
sc delete rundll.exe


Double-click on Removeservice.bat. A window will pop up and close. This is normal. Please reboot.

==

Post back with a fresh HijackThis log.. Do you see any problems now? :)
  • 0

#5
jones24
Posted 05 March 2006 - 11:10 AM

jones24

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
OK here is the newest hijack this file with 020 deleted just as you told me
sorry not sure if i can tell if there are any problems with my comp all i know is that it's much better compared to a couple hrs ago :)

Logfile of HijackThis v1.99.1
Scan saved at 1:05:40 AM, on 3/6/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WIN\System32\smss.exe
C:\WIN\system32\csrss.exe
C:\WIN\system32\winlogon.exe
C:\WIN\system32\services.exe
C:\WIN\system32\lsass.exe
C:\WIN\system32\svchost.exe
C:\WIN\System32\svchost.exe
C:\WIN\System32\svchost.exe
C:\WIN\System32\svchost.exe
C:\WIN\system32\spoolsv.exe
C:\WIN\System32\alg.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WIN\system32\cisvc.exe
C:\WIN\System32\CTSvcCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\WIN\system32\ZoneLabs\vsmon.exe
C:\WIN\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WIN\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\X-NetStat 5.0\xns5.exe
C:\Documents and Settings\Eugene Goh\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 69.10.139.104:8155
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WIN\System32\msdxm.ocx
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Iomega Product Registration.lnk.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WIN\System32\CTSvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Unknown owner - C:\Program Files\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WIN\system32\ZoneLabs\vsmon.exe

______________________________________________________________


Looks like my comp is truely fixed. thanks for such prompt replies and such useful advice. Your really good :tazz:




Ps. I have a tcf file named rundll.exe in my c drive folder. The icon is in a shape of a bug with a circle and cross over it.
  • 0

#6
Rawe
Posted 06 March 2006 - 12:35 AM

Rawe

    Visiting Staff

  • Member
  • PipPipPipPipPipPipPip
  • 4,746 posts

Ps. I have a tcf file named rundll.exe in my c drive folder. The icon is in a shape of a bug with a circle and cross over it.

Go ahead and delete it. :tazz:

You're welcome.

==

First priority: Install Service Pack 2 by visiting WindowsUpdates. After you have installed it, reboot, download & install ALL the available critical updates. Then some more preventive maintenance:

Read here how to clear old restore points and create a new one.

Stand Up and Be Counted ---> Malware Complaints <--- where you can make difference!

The site offers people who have been (or are) victims of malware the opportunity to document their story and, in that way, launch a complaint against the malware and the makers of the malware.

Here's some tips for future to prevent spyware;

Detect and Remove Programs:
  • How to use Ad-Aware to remove Spyware <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Ad-Aware.
  • How to use Spybot to remove Spyware <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Spybot. Similar to Ad-Aware, I strongly recommend both to catch most spyware.
Prevention Programs:
  • Spywareblaster <= SpywareBlaster will prevent spyware from being installed. (My favourite)
  • Spywareguard <= SpywareGuard offers realtime protection from spyware installation attempts.
  • MVPS Hosts file <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer
  • Google Toolbar <= Get the free google toolbar to help stop pop up windows.
Other necessary Programs:
  • AntiVirus Program <= An AntiVirus program is a must! Whether it is a free version like AVG or Anti-Vir, or a shareware version like Norton or Kaspersky, this is a must have.
  • Firewall <= A firewall is definatley a must have. Two good free versions are Sygate and ZoneLabs.
  • More Secure Browser <= Internet Explorer is not the most secure and best browser. There are safer and better alternatives available. I recommend Firefox.
And also see TonyKlein's good advice;
So how did I get infected in the first place? (My favourite)
  • 0

#7
Metallica
Posted 08 March 2006 - 07:49 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :tazz:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP