Jump to content

Xypheri

Members
  • Posts

    9
  • Joined

  • Last visited

Everything posted by Xypheri

  1. Reset.exe http://www.virustotal.com/analisis/fe8fba8...cddb-1250816295 fix.exe http://www.virustotal.com/analisis/716bcaf...a37b-1250816076 and: Results of screen317's Security Check version 0.98.9 Windows XP Service Pack 3 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Disabled! ESET NOD32 Antivirus ESET NOD32 Antivirus Antivirus up to date! `````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware HijackThis 2.0.2 Java 6 Update 14 Out of date Java installed! Adobe Flash Player 10 Adobe Reader 9 `````````````````````````````` Process Check: objlist.exe by Laurent Trend Micro HijackSomething HijackThis.exe `````````````````````````````` DNS Vulnerability Check: GREAT! (Not vulnerable to DNS cache poisoning) `````````End of Log```````````
  2. Uh, so I guess the Hijack this file doesnt want to upload. Sorry for flooding. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:45:54 PM, on 8/18/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Sprint\Mobile Broadband\SMBAUtilSvc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Palm\SDK\bin\novacom\x86\novacomd.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe c:\windows\softwaredistribution\download\install\STacSV.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\ZuneBusEnum.exe C:\Program Files\Cyberlink\Shared Files\brs.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program Files\Google\Google Talk\googletalk.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Zune\ZuneLauncher.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Documents and Settings\Rob\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\ComcastUI\Universal Installer\uinstaller.exe E:\Game Program Files\Steam\Steam.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackSomething\HijackThis.exe C:\WINDOWS\system32\SearchProtocolHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net?cid=NET_mmhpset R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [bDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [blackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe" O4 - HKLM\..\Run: [TrialReset] C:\WINDOWS\fix.exe O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe" O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [RGSC] D:\Games\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Rob\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" O4 - HKCU\..\Run: [universal Installer] "C:\Program Files\ComcastUI\Universal Installer\uinstaller.exe" /fromrun /starthidden O4 - HKCU\..\Run: [steam] "E:\Game Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [Desktop Software] "C:\Program Files\ComcastUI\Universal Installer\uinstaller.exe" /ini "uinstaller.ini" /fromrun /starthidden O4 - Startup: Anapod Manager.lnk = C:\Program Files\Red Chair Software\Anapod Explorer\anamgr.exe O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1225769798920 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Eset Trial Reset (.esettrialreset) - Unknown owner - C:\WINDOWS\reset.exe O23 - Service: Access Utility Service - SprintNextel - C:\Program Files\Sprint\Mobile Broadband\SMBAUtilSvc.exe O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\ O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Palm Novacom (NovacomD) - Unknown owner - C:\Program Files\Palm\SDK\bin\novacom\x86\novacomd.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - c:\windows\softwaredistribution\download\install\STacSV.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\WINDOWS\ -- End of file - 13072 bytes
  3. Eh, one of the attachments didn't make it. Here's the Hijack this log file.
  4. You are a hero. Here are the ComboFix.txt and HijackThis.txt logs. ComboFix.txt
  5. ComboFix doesn't appear to work. I get a status bar for a few moments, then the application disappears, without generating a C:\ComboFix.txt file.
  6. I have quite a doozy on my hands here. I've come across something that won't allow mbam, hijack this, combo-fix or just about anything else in the realm of anti-malware software to run to run after I've installed it. After the process terminates, I no longer have access to modify anything in the folder - I get "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item". I've tried the steps in the "Procedures to help resolve issues preventing MBAM from running" to no avail - either because I don't have any of the processes running (I'm running process explorer) that are listed in the first three topics, and whatever is infecting this computer kills the RootRepeal process before it can finish it's scan. The only program that has been successful at cleaning *some* of the mess up has been ESET Nod32. I'm now in safemode, and everything behaves the same. I'll also post my processes log to see if you can see something I can't. I am running Windows XP SP3. Procexp.txt
  7. Panda Active Scan Log ;***********************************************************************************************************************************************************************************ANALYSIS: 2008-12-11 10:36:01PROTECTIONS: 1MALWARE: 41SUSPECTS: 0;***********************************************************************************************************************************************************************************PROTECTIONSDescription Version Active Updated;===================================================================================================================================================================================ESET NOD32 Antivirus 3.0 3.0 Yes Yes;===================================================================================================================================================================================MALWAREId Description Type Active Severity Disinfectable Disinfected Location;===================================================================================================================================================================================00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@trafficmp[1].txt00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@trafficmp[1].txt00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@atdmt[2].txt00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@247realmedia[1].txt00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@tribalfusion[1].txt00145732 Cookie/Falkag TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@as-eu.falkag[2].txt00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@mediaplex[2].txt00167430 Cookie/myaffiliateprogram TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@www.myaffiliateprogram[1].txt00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@com[1].txt00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@xiti[1].txt00167749 Cookie/Toplist TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@toplist[1].txt00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@perf.overture[1].txt00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@serving-sys[1].txt00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@serving-sys[1].txt00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@bs.serving-sys[1].txt00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@weborama[1].txt00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@weborama[1].txt00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@adtech[2].txt00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@server.iad.liveperson[1].txt00168114 Cookie/onestat.com TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@stat.onestat[2].txt00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@advertising[2].txt00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@advertising[1].txt00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@ads.pointroll[2].txt00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@overture[1].txt00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@realmedia[1].txt00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@questionmarket[2].txt00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@questionmarket[1].txt00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@zedo[2].txt00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@metriweb[1].txt00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@bluestreak[2].txt00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@go[1].txt00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@go[3].txt00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint_and_karen@target[1].txt00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@atwola[1].txt00286739 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@ehg-dig.hitbox[1].txt00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Documents and Settings\Clint and Karen\Cookies\clint and karen@ads.addynamix[2].txt00413318 Application/Antivirus2010 HackTools No 0 Yes No C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\SO1VBJSS\svchost[1].exe00413318 Application/Antivirus2010 HackTools No 0 Yes No C:\system volume information\_restore{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP184\A0030223.EXE00444112 Bck/Tdss.C Virus/Trojan No 0 Yes No C:\system volume information\_restore{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP184\A0030220.SYS00449733 Bck/Tdss.C Virus/Trojan No 0 Yes No C:\system volume information\_restore{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP184\A0030216.DLL00455834 Adware/RapidAntivirus Adware No 0 Yes No C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\W9MV4HIV\6002[1].exe03939308 Adware/XPAntiSpyware2009 Adware No 1 Yes No C:\system volume information\_restore{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP184\A0030217.DLL03939310 Adware/UltimateDefender Adware No 0 Yes No C:\system volume information\_restore{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP184\A0030218.DLL04181111 Generic Trojan Virus/Trojan No 0 Yes No F:\SYSTEM.EXE04181111 Generic Trojan Virus/Trojan No 0 Yes No C:\system volume information\_restore{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP184\A0030221.EXE04181111 Generic Trojan Virus/Trojan No 0 Yes No C:\Documents and Settings\Clint and Karen\Local Settings\Temporary Internet Files\Content.IE5\0HONGVWF\load[1].exe04206933 Generic Trojan Virus/Trojan No 0 Yes No C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\6DT9YZ01\AV2010[1].exe04206933 Generic Trojan Virus/Trojan No 0 Yes No C:\system volume information\_restore{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP184\A0030222.EXE04224900 Generic Trojan Virus/Trojan No 0 Yes No C:\system volume information\_restore{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP184\A0030219.DLL04235143 Trj/Downloader.MDW Virus/Trojan No 1 Yes No C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GPABGHIZ\mmm[1].exe04310274 Generic Trojan Virus/Trojan No 0 Yes No C:\system volume information\_restore{522AA546-BDE3-4168-A439-CC5B83810CC6}\RP184\A0030215.DLL04310274 Generic Trojan Virus/Trojan No 0 Yes No C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\F86M6LY6\IEDefender[1].dll;===================================================================================================================================================================================SUSPECTSSent Location };===================================================================================================================================================================================;===================================================================================================================================================================================VULNERABILITIESId Severity Description };===================================================================================================================================================================================;===================================================================================================================================================================================
  8. Here is the HiJack This log: Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:28:59 AM, on 12/11/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16735)Boot mode: Normal Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\WINDOWS\system32\spoolsv.exec:\program files\common files\logitech\lvmvfm\LVPrcSrv.exeC:\Acer\Empowering Technology\ePerformance\MemCheck.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exeC:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exeC:\Program Files\Intel\Wireless\Bin\RegSrvc.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\wbem\wmiapsrv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\ehome\ehtray.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\AGRSMMSG.exeC:\WINDOWS\system32\igfxtray.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\Program Files\Launch Manager\LaunchAp.exeC:\Program Files\Launch Manager\HotkeyApp.exeC:\Program Files\Launch Manager\OSDCtrl.exeC:\Program Files\Launch Manager\Wbutton.exeC:\Acer\Empowering Technology\eDataSecurity\eDSloader.exeC:\Acer\Empowering Technology\ePower\ePower_DMC.exeC:\Acer\Empowering Technology\ePresentation\ePresentation.exeC:\Acer\Empowering Technology\eRecovery\eRAgent.exeC:\WINDOWS\system32\LVCOMSX.EXEC:\Program Files\Acer\OrbiCam\CameraAssistant.exeC:\WINDOWS\system32\ElkCtrl.exeC:\Program Files\Java\jre1.6.0_07\bin\jusched.exeC:\Program Files\Lexmark 2400 Series\lxcrmon.exeC:\Program Files\Lexmark 2400 Series\ezprint.exeC:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\ESET\ESET NOD32 Antivirus\egui.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\WINDOWS\system32\ctfmon.exeC:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exeC:\WINDOWS\system32\lxcrcoms.exeC:\WINDOWS\system32\wbem\unsecapp.exeC:\Program Files\OpenOffice.org 2.1\program\soffice.exeC:\Program Files\OpenOffice.org 2.1\program\soffice.BINC:\WINDOWS\eHome\ehSched.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\system32\dllhost.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\WINDOWS\eHome\ehmsas.exeC:\WINDOWS\system32\NOTEPAD.EXEC:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/O1 - Hosts: 217.20.175.74 www.review.2009softwarereviews.comO1 - Hosts: 217.20.175.74 review.2009softwarereviews.comO1 - Hosts: 217.20.175.74 www.a1.review.zdnet.comO1 - Hosts: 217.20.175.74 a1.review.zdnet.comO1 - Hosts: 217.20.175.74 www.d1.reviews.cnet.comO1 - Hosts: 217.20.175.74 d1.reviews.cnet.comO1 - Hosts: 217.20.175.74 www.reviews.toptenreviews.comO1 - Hosts: 217.20.175.74 reviews.toptenreviews.comO1 - Hosts: 217.20.175.74 www.reviews.download.comO1 - Hosts: 217.20.175.74 reviews.download.comO1 - Hosts: 217.20.175.74 www.reviews.pcadvisor.co.ukO1 - Hosts: 217.20.175.74 reviews.pcadvisor.co.ukO1 - Hosts: 217.20.175.74 www.reviews.pcmag.comO1 - Hosts: 217.20.175.74 reviews.pcmag.comO1 - Hosts: 217.20.175.74 www.reviews.pcpro.co.ukO1 - Hosts: 217.20.175.74 reviews.pcpro.co.ukO1 - Hosts: 217.20.175.74 www.reviews.reevoo.comO1 - Hosts: 217.20.175.74 reviews.reevoo.comO1 - Hosts: 217.20.175.74 www.reviews.riverstreams.co.ukO1 - Hosts: 217.20.175.74 reviews.riverstreams.co.ukO1 - Hosts: 217.20.175.74 www.reviews.techradar.comO1 - Hosts: 217.20.175.74 reviews.techradar.comO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dllO2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dllO3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dllO3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dllO4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exeO4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exeO4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exeO4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exeO4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exeO4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNCO4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNCO4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMENameO4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exeO4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exeO4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exeO4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exeO4 - HKLM\..\Run: [boot] C:\Acer\Empowering Technology\ePower\Boot.exeO4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exeO4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exeO4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXEO4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exeO4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspectO4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automationO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitserviceO4 - HKLM\..\Run: [TrialReset] C:\WINDOWS\fix.exeO4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exeO4 - Global Startup: Acer Empowering Technology.lnk = ?O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cabO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exeO23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeO23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exeO23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exeO23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exeO23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXEO23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exeO23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exeO23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exeO23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exeO23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exeO23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exeO23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe --End of file - 12690 bytes
  9. Hello! I have here probably one of the most infected computers I've worked on in recent memory. Its been a challenge, but I think I'm almost there. I had a piece of malware that would prevent anti-malware programs from operating. I stopped the service responsible for that, and was able to use Spybot and MBAM without issue, but I know this computer is still pretty infected and I'm having a difficult time cleaning it Here are my MBAM results, and Panda is running now. Then I'll post the HJT log. I thank you for your help in advance. Malwarebytes' Anti-Malware 1.31Database version: 1488Windows 5.1.2600 Service Pack 2 12/11/2008 1:13:23 AMmbam-log-2008-12-11 (01-13-22).txt Scan type: Quick ScanObjects scanned: 65379Time elapsed: 7 minute(s), 9 second(s) Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 1Registry Data Items Infected: 0Folders Infected: 0Files Infected: 1 Memory Processes Infected:(No malicious items detected) Memory Modules Infected:(No malicious items detected) Registry Keys Infected:(No malicious items detected) Registry Values Infected:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Gamma Display (Trojan.FakeAlert) -> Quarantined and deleted successfully. Registry Data Items Infected:(No malicious items detected) Folders Infected:(No malicious items detected) Files Infected:C:\Documents and Settings\Clint and Karen\Start Menu\Programs\Startup\Rapid Antivirus.lnk (Rogue.RapidAntivirus) -> Quarantined and deleted successfully.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.