Sign In
Create Account
0
I've tried everything. Spyware Terminator, Malware Bytes, Ad-Aware, my AVG, but nothing works! And now, ever since I've updated to the latest definition list for Malware Bytes now doesn't detect Spyware Guard2008 in its scans when it is still there! I can't update via online so I have to use the offline update so I've got 1526 - Version. I am willing to use Team Viewer for someone to look at my computer, and to try and help me. Note: I will only do this if you have a rank here!
I need every bit of help I can get. Please. I really need it!
Back to top
#2
Posted 22 December 2008 - 01:47 AM
-
- Trusted Advisors
-
- 5,527 posts
Mostly Cantankerous
- Gender:Male
- Location:Fortville, IN
Hello.
Please follow these instructions for posting in our Malware Removal - HijackThis Logs forum, and one of our malware removal experts will be more than happy to give you a hand.
Please follow these instructions for posting in our Malware Removal - HijackThis Logs forum, and one of our malware removal experts will be more than happy to give you a hand.
Quote
For we wrestle not against flesh and blood, but against principalities, against powers, and against the worldly governors, the princes of the darkness of this world...
#3
Posted 22 December 2008 - 02:14 AM
-
- Members
-
- 19 posts
New Member
- Gender:Male
I've posted there, but for some reason, I do not see my topic. =S Since you are an expert yourself, can you please just help me here?
#4
Posted 22 December 2008 - 02:19 AM
-
- Trusted Advisors
-
- 5,527 posts
Mostly Cantankerous
- Gender:Male
- Location:Fortville, IN
OK, go ahead and follow these instructions, and post your logs here.
Quote
For we wrestle not against flesh and blood, but against principalities, against powers, and against the worldly governors, the princes of the darkness of this world...
#5
Posted 22 December 2008 - 02:21 AM
-
- Members
-
- 19 posts
New Member
- Gender:Male
I was hoping with you being an expert, that you could just help me. Please. I need it.
#6
Posted 22 December 2008 - 02:22 AM
-
- Members
-
- 19 posts
New Member
- Gender:Male
Dark, on Dec 22 2008, 02:21 AM, said:
I was hoping with you being an expert, that you could just help me. Please. I need it.
#7
Posted 22 December 2008 - 02:33 AM
-
- Members
-
- 19 posts
New Member
- Gender:Male
Dark, on Dec 22 2008, 02:22 AM, said:
Can't edit. Ok, I will.
Thank you.
#8
Posted 22 December 2008 - 02:40 AM
-
- Members
-
- 19 posts
New Member
- Gender:Male
I couldn't use the Panda scan but here is Malware Bytes and Hijack this. Malware found something.
Malwarebytes' Anti-Malware 1.31
Database version: 1526
Windows 5.1.2600 Service Pack 2
22/12/2008 1:39:11 PM
LOG!
Scan type: Quick Scan
Objects scanned: 75728
Time elapsed: 13 minute(s), 53 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 3
Registry Keys Infected: 7
Registry Values Infected: 3
Registry Data Items Infected: 2
Folders Infected: 3
Files Infected: 22
Memory Processes Infected:
C:\WINDOWS\system32\winscenter.exe (Trojan.FakeAlert) -> No action taken.
Memory Modules Infected:
C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\igcjkydkoc.dll (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\moduleie.dll (Trojan.FakeAlert) -> No action taken.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\spyware guard 2008 (Rogue.SpywareGuard) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Spyware Guard 2008 (Rogue.SpywareGuard) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Spyware Guard 2008 (Rogue.SpywareGuard) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{fdad87ac-b450-45dd-a225-59a3a88489b3} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3ed9af41-003f-4ade-8d9e-7dd03b8f9e28} (Trojan.FakeAlert) -> No action taken.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\spywareguard (Rogue.SpywareGuard) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\internetconnection (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\iemodule (Trojan.FakeAlert) -> No action taken.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\ -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\ -> No action taken.
Folders Infected:
C:\Program Files\Spyware Guard 2008 (Rogue.SpywareGuard) -> No action taken.
C:\Program Files\Spyware Guard 2008\quarantine (Rogue.SpywareGuard) -> No action taken.
C:\Documents and Settings\Owner\Start Menu\Programs\Spyware Guard 2008 (Rogue.SpywareGuard) -> No action taken.
Files Infected:
C:\Program Files\Spyware Guard 2008\conf.cfg (Rogue.SpywareGuard) -> No action taken.
C:\Program Files\Spyware Guard 2008\mbase.vdb (Rogue.SpywareGuard) -> No action taken.
C:\Program Files\Spyware Guard 2008\quarantine.vdb (Rogue.SpywareGuard) -> No action taken.
C:\Program Files\Spyware Guard 2008\queue.vdb (Rogue.SpywareGuard) -> No action taken.
C:\Program Files\Spyware Guard 2008\spywareguard.exe (Rogue.SpywareGuard) -> No action taken.
C:\Program Files\Spyware Guard 2008\uninstall.exe (Rogue.SpywareGuard) -> No action taken.
C:\Program Files\Spyware Guard 2008\vbase.vdb (Rogue.SpywareGuard) -> No action taken.
C:\Documents and Settings\Owner\Start Menu\Programs\Spyware Guard 2008\Spyware Guard 2008.lnk (Rogue.SpywareGuard) -> No action taken.
C:\Documents and Settings\Owner\Start Menu\Programs\Spyware Guard 2008\Uninstall.lnk (Rogue.SpywareGuard) -> No action taken.
C:\Documents and Settings\All Users\Application Data\svhost.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\ (Trojan.Agent) -> No action taken.
C:\WINDOWS\sysexplorer.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\winscenter.exe (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\igcjkydkoc.dll (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\moduleie.dll (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\reged.exe (Rogue.SpywareGuard) -> No action taken.
C:\WINDOWS\spoolsystem.exe (Rogue.SpywareGuard) -> No action taken.
C:\WINDOWS\sys.com (Rogue.SpywareGuard) -> No action taken.
C:\WINDOWS\syscert.exe (Rogue.SpywareGuard) -> No action taken.
C:\WINDOWS\vmreg.dll (Rogue.SpywareGuard) -> No action taken.
C:\Documents and Settings\Owner\Desktop\Spyware Guard 2008.lnk (Rogue.SpywareGuard) -> No action taken.
Hijack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:37:32 PM, on 22/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\InterVideo\Common\bin\WinCinemaMgr.exe
C:\WINDOWS\system32\ps2.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\winscenter.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
C:\Documents and Settings\Owner\Desktop\Malwarebytes' Anti-Malware\mbam.bat
C:\Documents and Settings\Owner\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://au10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=60341
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://optuszoo.ninemsn.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://au10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.c...spx?tb_id=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.c...aspx?TbId=60341
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://au10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.c...spx?tb_id=60341
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.c...aspx?TbId=60341
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinCinemaMgr] "C:\Program Files\InterVideo\Common\bin\WinCinemaMgr.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [spywareguard] C:\Program Files\Spyware Guard 2008\spywareguard.exe
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealOne Player\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: LG SyncManager.lnk = C:\Program Files\LG PC Suite\LG PC Sync\LGSyncManager.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Owner\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by113fd.bay11...es/MsnPUpld.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com...ageUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1224222684588
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: ieModule - {3ED9AF41-003F-4ADE-8D9E-7DD03B8F9E28} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll
O21 - SSODL: InternetConnection - {FDAD87AC-B450-45DD-A225-59A3A88489B3} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\igcjkydkoc.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
--
End of file - 11538 bytes
Malwarebytes' Anti-Malware 1.31
Database version: 1526
Windows 5.1.2600 Service Pack 2
22/12/2008 1:39:11 PM
LOG!
Scan type: Quick Scan
Objects scanned: 75728
Time elapsed: 13 minute(s), 53 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 3
Registry Keys Infected: 7
Registry Values Infected: 3
Registry Data Items Infected: 2
Folders Infected: 3
Files Infected: 22
Memory Processes Infected:
C:\WINDOWS\system32\winscenter.exe (Trojan.FakeAlert) -> No action taken.
Memory Modules Infected:
C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\igcjkydkoc.dll (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\moduleie.dll (Trojan.FakeAlert) -> No action taken.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\spyware guard 2008 (Rogue.SpywareGuard) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Spyware Guard 2008 (Rogue.SpywareGuard) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Spyware Guard 2008 (Rogue.SpywareGuard) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{fdad87ac-b450-45dd-a225-59a3a88489b3} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3ed9af41-003f-4ade-8d9e-7dd03b8f9e28} (Trojan.FakeAlert) -> No action taken.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\spywareguard (Rogue.SpywareGuard) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\internetconnection (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\iemodule (Trojan.FakeAlert) -> No action taken.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\ -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\ -> No action taken.
Folders Infected:
C:\Program Files\Spyware Guard 2008 (Rogue.SpywareGuard) -> No action taken.
C:\Program Files\Spyware Guard 2008\quarantine (Rogue.SpywareGuard) -> No action taken.
C:\Documents and Settings\Owner\Start Menu\Programs\Spyware Guard 2008 (Rogue.SpywareGuard) -> No action taken.
Files Infected:
C:\Program Files\Spyware Guard 2008\conf.cfg (Rogue.SpywareGuard) -> No action taken.
C:\Program Files\Spyware Guard 2008\mbase.vdb (Rogue.SpywareGuard) -> No action taken.
C:\Program Files\Spyware Guard 2008\quarantine.vdb (Rogue.SpywareGuard) -> No action taken.
C:\Program Files\Spyware Guard 2008\queue.vdb (Rogue.SpywareGuard) -> No action taken.
C:\Program Files\Spyware Guard 2008\spywareguard.exe (Rogue.SpywareGuard) -> No action taken.
C:\Program Files\Spyware Guard 2008\uninstall.exe (Rogue.SpywareGuard) -> No action taken.
C:\Program Files\Spyware Guard 2008\vbase.vdb (Rogue.SpywareGuard) -> No action taken.
C:\Documents and Settings\Owner\Start Menu\Programs\Spyware Guard 2008\Spyware Guard 2008.lnk (Rogue.SpywareGuard) -> No action taken.
C:\Documents and Settings\Owner\Start Menu\Programs\Spyware Guard 2008\Uninstall.lnk (Rogue.SpywareGuard) -> No action taken.
C:\Documents and Settings\All Users\Application Data\svhost.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\ (Trojan.Agent) -> No action taken.
C:\WINDOWS\sysexplorer.exe (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\system32\winscenter.exe (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\igcjkydkoc.dll (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll (Trojan.FakeAlert) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\moduleie.dll (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\reged.exe (Rogue.SpywareGuard) -> No action taken.
C:\WINDOWS\spoolsystem.exe (Rogue.SpywareGuard) -> No action taken.
C:\WINDOWS\sys.com (Rogue.SpywareGuard) -> No action taken.
C:\WINDOWS\syscert.exe (Rogue.SpywareGuard) -> No action taken.
C:\WINDOWS\vmreg.dll (Rogue.SpywareGuard) -> No action taken.
C:\Documents and Settings\Owner\Desktop\Spyware Guard 2008.lnk (Rogue.SpywareGuard) -> No action taken.
Hijack
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:37:32 PM, on 22/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\InterVideo\Common\bin\WinCinemaMgr.exe
C:\WINDOWS\system32\ps2.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\winscenter.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
C:\Documents and Settings\Owner\Desktop\Malwarebytes' Anti-Malware\mbam.bat
C:\Documents and Settings\Owner\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://au10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=60341
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://optuszoo.ninemsn.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://au10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.c...spx?tb_id=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.c...aspx?TbId=60341
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://au10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.c...spx?tb_id=60341
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.c...aspx?TbId=60341
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinCinemaMgr] "C:\Program Files\InterVideo\Common\bin\WinCinemaMgr.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [spywareguard] C:\Program Files\Spyware Guard 2008\spywareguard.exe
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RealPlayer] "C:\Program Files\Real\RealOne Player\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: LG SyncManager.lnk = C:\Program Files\LG PC Suite\LG PC Sync\LGSyncManager.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Owner\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by113fd.bay11...es/MsnPUpld.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com...ageUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1224222684588
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O21 - SSODL: ieModule - {3ED9AF41-003F-4ADE-8D9E-7DD03B8F9E28} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll
O21 - SSODL: InternetConnection - {FDAD87AC-B450-45DD-A225-59A3A88489B3} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\igcjkydkoc.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
--
End of file - 11538 bytes
Edited by AdvancedSetup, 22 December 2008 - 03:31 AM.
Removed un-needed code tags
#9
Posted 22 December 2008 - 02:40 AM
-
- Trusted Advisors
-
- 5,527 posts
Mostly Cantankerous
- Gender:Male
- Location:Fortville, IN
Dark Bow, please do not post your e-mail address on a public forum. That is a very bad idea.
I will help you, but you need to follow these instructions, and post the logs that are refered to.
I will help you, but you need to follow these instructions, and post the logs that are refered to.
Quote
For we wrestle not against flesh and blood, but against principalities, against powers, and against the worldly governors, the princes of the darkness of this world...
#10
Posted 22 December 2008 - 02:46 AM
-
- Members
-
- 19 posts
New Member
- Gender:Male
I'm sorry, I will edit it out. BTW, I can't see any posts, Internet issues, so my friend will be telling me what you reply with. I am also about to do "Remove all" on Malware Bytes so my computer will need to restart. Please wait.
#11
Posted 22 December 2008 - 02:52 AM
-
- Trusted Advisors
-
- 5,527 posts
Mostly Cantankerous
- Gender:Male
- Location:Fortville, IN
Dark Bow!!!!!, on Dec 21 2008, 09:46 PM, said:
I'm sorry, I will edit it out. BTW, I can't see any posts, Internet issues, so my friend will be telling me what you reply with. I am also about to do "Remove all" on Malware Bytes so my computer will need to restart. Please wait.
I had an admin remove your e-mail address the moment I saw it.
Do you mind waiting until Tom gets back? You've got a proxy entry in your HijackThis log that I'm not 100% sure about, and I'd rather let him tell you what to do than just tell you to remove it.
Quote
For we wrestle not against flesh and blood, but against principalities, against powers, and against the worldly governors, the princes of the darkness of this world...
#12
Posted 22 December 2008 - 02:58 AM
-
- Members
-
- 19 posts
New Member
- Gender:Male
OMFG! YAY! DON'T WORRY! IT IS GONE! YAY! It finally removed it. Thank you for your support and I thank this program for saving my computer! I am running scans with AVG, and Malware Bytes, just to make sure it is gone. =] Thank you.
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
