Jump to content

Can't dowload HJT or run MB


Recommended Posts

Ok, I've posted on here before. I am seriously ready to fix the computer now. The trojan/virus that I have will not let me use search engines, flash in Firefox will not work, will not let me run itunes, and the whole computer is running a little slow. So, I'm ready for help, lol. I will do my best to follow the advice you give. I greatly appreciate it.

Link to post
Share on other sites

  • Root Admin

Please post either log if it will run, if not then let me know.

Hello and Welcome to Malwarebytes.org

If you're having Malware related issues with your computer that you're unable to resolve.

  1. Please read and follow the instructions provided here: I'm infected - What do I do now?
  2. If needed please post your logs in a NEW topic here: Malware Removal - HijackThis Logs
  3. When posting logs please do not use any Quote, Code, or other tags. Please copy/paste directly into your post and do not attach files unless requested.
  • Please do not post any logs in the General forum. We do not work on any logs posted in the General forum.
  • Please do not install any software or use any removal/scanning tool except for those you're requested to run by the Helper that will assist you.
  • Using these other tools often makes the cleanup task more difficult and time consuming.
  • If you have already submitted for assistance at one of the other support sites on the Internet then you should not post a new log here, you should stay working with the Helper from that site until the issue is resolved.
  • Do not assume you're clean because you don't see something in the logs. Please wait until the person assisting you provides feedback.
  • There are often many others that require asistance as well, so please be patient. If no one has responded within 48 hours then please go ahead and post a request for review
  • NOTE: If for some reason you're unable to run some or any of the tools in the first link, then skip that step and move on to the next one. If you can't even run HijackThis, then just proceed and post a NEW topic as shown in the second link describing your issues and someone will assist you as soon as they can.
Link to post
Share on other sites

  • Root Admin

Please visit this webpage for instructions for downloading ComboFix to your
DESKTOP
:
how-to-use-combofix

Please ensure you read this guide carefully and install the Recovery Console first.

NOTE!!:

You must save and run
ComboFix.exe
on your DESKTOP and not from any other folder.

Also,
DO NOT
click the mouse or launch any other applications while this is running or it may stall the program

Additional links to download the tool:

Note:

The
Windows Recovery Console
will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

Once installed, you should see a blue screen prompt that says:

The Recovery Console was successfully installed.

Please continue as follows:
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Click
    Yes
    to allow ComboFix to continue scanning for malware.

  • When the tool is finished, it will produce a report for you.

  • Please post the
    C:\ComboFix.txt
    along with a
    new HijackThis log
    so we may continue cleaning the system.

Link to post
Share on other sites

Ok, the program ran successfully. Also, during the process of it running, it had to restart the computer 2 times. Here is the log.

ComboFix 09-03-04.01 - Leon Cowherd 2009-03-06 0:04:50.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1534.1166 [GMT -5:00]

Running from: c:\documents and settings\Leon Cowherd\Desktop\LeonC22.exe

AV: McAfee VirusScan *On-access scanning disabled* (Updated)

FW: Personal Firewall Plus *enabled*

* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\All Users\Application Data\CrucialSoft Ltd

c:\documents and settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\LOG\20090220130821875.log

c:\documents and settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\LOG\20090220171348859.log

c:\documents and settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\msas2009.exe

c:\documents and settings\Leon Cowherd\Application Data\SSEMBL~1

c:\documents and settings\Leon Cowherd\Application Data\SSEMBL~1\?ssembly\

c:\program files\Common Files\{380ED~1

c:\program files\Common Files\{380ED~1\toolbardll.lzma

c:\program files\Common Files\{380ED~1\UnInstall.exe

c:\program files\Common Files\{980ED~1

c:\program files\Common Files\ecurit~1

c:\program files\INSTALL.LOG

c:\program files\ipwins

c:\program files\ipwins\pop5.tmp

c:\program files\ipwins\pop9E.tmp

c:\program files\ipwins\Uninst.exe

c:\program files\outlook

c:\windows\dvdda.ini

c:\windows\gergepj.ini

c:\windows\IE4 Error Log.txt

c:\windows\system32\bszip.dll

c:\windows\system32\drivers\UACrlngftiq.sys

c:\windows\system32\resdobg.dll

c:\windows\SYSTEM32\sstwa.bak1

c:\windows\SYSTEM32\sstwa.bak2

c:\windows\SYSTEM32\sstwa.ini

c:\windows\system32\tar.exe

c:\windows\system32\taskkill.com

c:\windows\system32\UAChskbkbrf.log

c:\windows\system32\UACifexkbvo.dll

c:\windows\system32\UACixripjql.dll

c:\windows\system32\UACmeyxyqmh.dat

c:\windows\system32\UACoqvdlyap.dll

c:\windows\system32\UACwcpkowbp.log

c:\windows\system32\UACwrucmjpc.dll

c:\windows\system32\UACwskyiuuw.log

c:\windows\Tasks\zrnskrta.job

c:\windows\wiaserviv.log

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_UACd.sys

-------\Legacy_COM+_MESSAGES

-------\Legacy_REMOTE_PROCEDURE_CALL_(RPC)_(RPCSS)_

-------\Legacy_SYSREST.SYS

-------\Service_COM+ Messages

((((((((((((((((((((((((( Files Created from 2009-02-06 to 2009-03-06 )))))))))))))))))))))))))))))))

.

2009-03-01 04:20 . 2009-03-01 04:20 <DIR> d-------- c:\windows\SYSTEM32\NtmsData

2009-02-26 05:58 . 2009-02-26 05:58 <DIR> d-------- C:\aad1265d6ff4b6c6a28bd1

2009-02-21 01:28 . 2004-02-25 19:18 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Sonic

2009-02-21 01:28 . 2004-02-25 19:22 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Jasc Software Inc

2009-02-21 01:28 . 2009-02-21 01:28 <DIR> d-------- c:\documents and settings\Administrator

2009-02-20 14:06 . 2009-02-20 14:08 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware

2009-02-20 14:06 . 2009-02-11 10:19 38,496 --a------ c:\windows\SYSTEM32\DRIVERS\mbamswissarmy.sys

2009-02-20 14:06 . 2009-02-11 10:19 15,504 --a------ c:\windows\SYSTEM32\DRIVERS\mbam.sys

2009-02-20 03:05 . 2009-02-20 03:05 10,240 ---hs---- c:\program files\expdebug.exe

2009-02-20 03:05 . 2009-03-05 23:29 5,160 --a------ c:\windows\SYSTEM32\uacinit.dll

2009-02-20 03:05 . 2009-02-20 17:13 65 --a------ c:\windows\SYSTEM32\winconfig32.ini

2009-02-18 13:25 . 2009-02-18 13:25 <DIR> d-------- c:\documents and settings\Leon Cowherd\Application Data\CAST Software Inc

2009-02-18 13:14 . 2009-02-19 00:06 23,440 --a------ c:\windows\SYSTEM32\DRIVERS\3957E08B.bin

2009-02-18 13:10 . 32 c:\windows\SYSTEM32\DRIVERS\mshcmd.sys

2009-02-18 13:09 . 2009-02-18 13:09 177,152 --a------ c:\windows\SYSTEM32\DRIVERS\XRNBO.sys

2009-02-18 13:00 . 2009-02-18 13:00 <DIR> d-------- c:\program files\WYSIWYG Drivers

2009-02-18 12:54 . 2009-02-24 01:42 <DIR> d-------- c:\program files\WYSIWYG

2009-02-13 22:56 . 2009-02-13 22:56 <DIR> d-------- c:\documents and settings\All Users\Application Data\ATI

2009-02-13 22:54 . 2009-02-24 01:43 <DIR> d-------- c:\program files\ATI

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-02-27 05:05 --------- d-----w c:\program files\Microsoft Silverlight

2009-02-24 06:44 --------- d--h--w c:\program files\InstallShield Installation Information

2009-02-24 06:44 --------- d-----w c:\program files\iPod

2009-02-24 06:43 --------- d--h--w c:\documents and settings\Leon Cowherd\Application Data\Move Networks

2009-02-15 04:45 --------- d-----w c:\program files\Capture Polar

2009-02-14 03:59 --------- d-----w c:\documents and settings\Leon Cowherd\Application Data\MSN6

2009-02-14 03:52 --------- d-----w c:\program files\ATI Technologies

2009-01-14 07:14 3,455,488 ----a-w c:\windows\system32\drivers\ati2mtag.sys

2009-01-14 03:43 53,248 ----a-w c:\windows\system32\drivers\ati2erec.dll

2007-12-28 04:54 24,192 ----a-w c:\documents and settings\Leon Cowherd\usbsermptxp.sys

2007-12-28 04:54 22,768 ----a-w c:\documents and settings\Leon Cowherd\usbsermpt.sys

2006-02-20 03:36 60,792 ----a-w c:\documents and settings\Leon Cowherd\Application Data\GDIPFONTCACHEV1.DAT

2004-10-17 12:47 2,340,944 ----a-w c:\documents and settings\ICQLite\ICQLite.exe

2004-10-17 12:42 217,201 ----a-w c:\documents and settings\ICQLite\ICQLiteDBConverter.exe

2004-10-17 12:41 1,373,267 ----a-w c:\documents and settings\ICQLite\LiteUtil.dll

2004-10-17 12:34 820,318 ----a-w c:\documents and settings\ICQLite\LiteRes.dll

2004-10-17 12:33 51,834 ----a-w c:\documents and settings\ICQLite\ICQLiteUninstall.exe

2004-10-17 12:33 18,501 ----a-w c:\documents and settings\ICQLite\ICQLRun.exe

2004-10-17 12:33 12,357 ----a-w c:\documents and settings\ICQLite\ICQLSRP.EXE

2004-10-17 12:29 51,807 ----a-w c:\documents and settings\ICQLite\LiteSkinUtils.dll

2004-10-17 12:27 32,843 ----a-w c:\documents and settings\ICQLite\ICQRT.dll

1999-06-25 08:55 152,576 ----a-w c:\documents and settings\ICQLite\Unwise32.exe

2004-11-05 20:25 3,683,048 --sh--w c:\windows\3pmrvs.bak2

2004-10-05 16:04 1,142,927 --sh--w c:\windows\cksid.bak2

2004-11-06 18:06 3,891,180 --sh--w c:\windows\ptfpi.bak2

2004-11-09 16:05 23,383,226 --sha-w c:\windows\AppPatch\3pmbew.bak1

2004-11-15 21:05 116,853,473 --sh--w c:\windows\AppPatch\3pmbew.bak2

2004-11-19 04:14 556,782 --sh--w c:\windows\AppPatch\bac.bak1

2004-11-19 16:15 557,076 --sh--w c:\windows\AppPatch\bac.bak2

2004-11-11 15:56 455,268 --sh--w c:\windows\AppPatch\ksidpxe.bak2

2004-10-12 17:32 216,696 --sh--w c:\windows\assembly\salitu.bak2

2004-11-02 22:40 3,870,324 --sh--w c:\windows\assembly\GAC\Accessibility\bewpxe.bak2

2004-11-10 23:58 454,902 --sha-w c:\windows\Config\cvsipat.bak1

2004-10-13 18:28 1,688,718 --sh--w c:\windows\Config\yekksid.bak2

2004-11-19 02:35 96,417,420 --sha-w c:\windows\Help\spcvs.bak1

2004-11-19 02:37 96,417,420 --sh--w c:\windows\Help\spcvs.bak2

2004-11-10 00:23 617,079 --sh--w c:\windows\INF\rvsnu.bak2

2004-11-20 20:09 557,027 --sh--w c:\windows\Microsoft.NET\lldtun.bak1

2004-11-23 17:00 29,952,624 --sh--w c:\windows\Microsoft.NET\lldtun.bak2

2004-10-24 02:41 1,889,678 --sh--w c:\windows\Microsoft.NET\niblmx.bak2

2004-11-15 04:38 86,482,152 --sha-w c:\windows\MSAGENT\ofnielo.bak1

2004-11-15 05:51 172,960,305 --sh--w c:\windows\MSAGENT\ofnielo.bak2

2004-11-10 04:11 620,618 --sha-w c:\windows\Registration\agvmoc.bak1

2004-11-10 17:11 32,109,879 --sh--w c:\windows\Registration\agvmoc.bak2

2004-11-10 00:22 361 --sha-w c:\windows\REPAIR\pctrba.bak1

2004-11-10 00:23 620,584 --sh--w c:\windows\REPAIR\pctrba.bak2

2004-10-22 16:47 1,190,695 --sh--w c:\windows\SECURITY\Database\tenievaw.bak2

2004-11-15 20:57 93,470,257 --sh--w c:\windows\SYSTEM\cmsa.bak2

2004-11-01 01:42 682,947 --sh--w c:\windows\SYSTEM\itnasar.bak2

2004-11-02 22:41 3,870,340 --sha-w c:\windows\SYSTEM\vasar.bak1

2004-11-05 20:25 3,681,106 --sh--w c:\windows\SYSTEM\vasar.bak2

2008-10-21 21:23 32,768 --sha-w c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\MSHist012008102120081022\index.dat

2004-11-09 22:55 617,079 --sha-w c:\windows\Web\svrs.bak1

2004-10-20 22:28 575,984 --sh--w c:\windows\Web\PRINTERS\cbdodvd.bak2

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-02-28 2321600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MCAgentExe"="c:\progra~1\mcafee.com\agent\mcagent.exe" [2005-09-22 303104]

"MCUpdateExe"="c:\progra~1\mcafee.com\agent\McUpdate.exe" [2006-01-11 212992]

"ShStatEXE"="c:\program files\Network Associates\VirusScan\SHSTAT.EXE" [2004-08-18 94208]

"McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UpdaterUI.exe" [2004-08-06 139320]

"VSOCheckTask"="c:\progra~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-08 151552]

"VirusScan Online"="c:\program files\McAfee.com\VSO\mcvsshld.exe" [2005-08-10 163840]

"IgfxTray"="c:\windows\System32\igfxtray.exe" [2003-04-07 155648]

"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2003-04-07 114688]

"OASClnt"="c:\program files\McAfee.com\VSO\oasclnt.exe" [2005-08-11 53248]

"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-08 289576]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]

"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2007-10-04 307200]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]

Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

Microsoft Works Calendar Reminders.lnk - c:\program files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe [2001-08-07 24633]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"SpecifyDefaultButtons"= 1 (0x1)

"Btn_Search"= 2 (0x2)

"NoBandCustomize"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=jdskej.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"MSACM.MSNAUDIO"= msnaudio.acm

"MSVideo"= CSvidcap.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

"FirewallDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\system32\\drivers\\svchost.exe"=

"c:\\Program Files\\Capture Polar\\Capture.exe"=

"c:\\Program Files\\Flying Pig Systems\\Hog3PC\\launcher-win32-golden.exe"=

"c:\\Program Files\\Flying Pig Systems\\Hog3PC\\server-win32-golden.exe"=

"c:\\Program Files\\Flying Pig Systems\\Hog3PC\\ob2000-win32-golden.exe"=

"c:\\Program Files\\Flying Pig Systems\\Hog3PC\\livecache-win32-golden.exe"=

"c:\\Program Files\\Flying Pig Systems\\Hog3PC\\desktop-win32-golden.exe"=

"c:\\Program Files\\Flying Pig Systems\\Hog3PC\\critical-win32-golden.exe"=

"c:\\Program Files\\LimeWire\\LimeWire.exe"=

R1 NaiAvTdi1;NaiAvTdi1;c:\windows\SYSTEM32\DRIVERS\mvstdi5x.sys [2004-11-29 58016]

S3 XRNBO;XRNBO;c:\windows\SYSTEM32\DRIVERS\XRNBO.sys [2009-02-18 177152]

.

Contents of the 'Scheduled Tasks' folder

2008-11-29 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

.

- - - - ORPHANS REMOVED - - - -

Toolbar-{C1B4DEC2-2623-438e-9CA2-C9043AB28508} - (no file)

Toolbar-{84938242-5C5B-4A55-B6B9-A1507543B418} - c:\program files\Video Access ActiveX Object\iesplugin.dll

WebBrowser-{84938242-5C5B-4A55-B6B9-A1507543B418} - c:\program files\Video Access ActiveX Object\iesplugin.dll

HKCU-Run-Microsoft Works Update Detection - c:\program files\Microsoft Works\WkDetect.exe

HKLM-Run-realtehs - c:\documents and settings\Leon Cowherd\Application Data\Google\vgwsn871850.exe

HKU-Default-Run-MS AntiSpyware 2009 - c:\documents and settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\msas2009.exe

SharedTaskScheduler-{2016a466-91a2-43c6-97d8-2fd380f065ef} - c:\windows\system32\higehsg.dll

SSODL-eitheror-{2016a466-91a2-43c6-97d8-2fd380f065ef} - c:\windows\system32\higehsg.dll

.

------- Supplementary Scan -------

.

uSearchMigratedDefaultURL = hxxp://www.google.com/

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyServer = 127.0.0.1:9090

uInternet Settings,ProxyOverride = *.local;<local>

uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com

IE: {{869EE607-5376-486d-8DAC-EDC8E239AD5F}

IE: {{BE2F2769-8A63-4bc7-8A99-06C2C4AD7B9B}

FF - ProfilePath - c:\documents and settings\Leon Cowherd\Application Data\Mozilla\Firefox\Profiles\qsb8vrt6.default\

FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-03-06 00:25:20

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(632)

c:\windows\system32\Ati2evxx.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\SYSTEM32\ati2evxx.exe

c:\windows\SYSTEM32\ati2evxx.exe

c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Network Associates\Common Framework\FrameworkService.exe

c:\program files\McAfee.com\Agent\Mcdetect.exe

c:\progra~1\NETWOR~1\COMMON~1\naPrdMgr.exe

c:\progra~1\McAfee.com\VSO\McShield.exe

c:\progra~1\McAfee.com\Agent\McTskshd.exe

c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

c:\progra~1\McAfee.com\PERSON~1\MpfService.exe

c:\progra~1\McAfee.com\PERSON~1\MpfAgent.exe

c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

.

**************************************************************************

.

Completion time: 2009-03-06 0:35:02 - machine was rebooted

ComboFix-quarantined-files.txt 2009-03-06 05:33:43

Pre-Run: 524,029,952 bytes free

Post-Run: 4,749,139,968 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

263 --- E O F --- 2009-02-26 10:58:52

Link to post
Share on other sites

  • Root Admin

Sorry for the late reply. Please try to install and update MBAM now.

Update and Scan with Malwarebytes' Anti-Malware

  • Start MalwareBytes AntiMalware (Vista users must Right click and choose RunAs Admin)
  • Please DO NOT run MBAM in Safe Mode unless requested to, you MUST run it in normal Windows mode.
    • Update Malwarebytes' Anti-Malware
    • Select the Update tab
    • Click Update

    [*]When the update is complete, select the Scanner tab

    [*]Select Perform quick scan, then click Scan.

    [*]When the scan is complete, click OK, then Show Results to view the results.

    [*]Be sure that everything is checked, and click Remove Selected.

    [*]When completed, a log will open in Notepad. please copy and paste the log into your next reply

    • If you accidently close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Then post back the MBAM log and a new Hijackthis log.

Link to post
Share on other sites

That's fine. The computer seems to be running fine now, but the MBAM found one trojan. Here is the log:

Malwarebytes' Anti-Malware 1.34

Database version: 1828

Windows 5.1.2600 Service Pack 3

3/8/2009 11:46:53 PM

mbam-log-2009-03-08 (23-46-53).txt

Scan type: Quick Scan

Objects scanned: 70687

Time elapsed: 6 minute(s), 20 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\SYSTEM32\uacinit.dll (Trojan.Agent) -> Quarantined and deleted successfully.

Link to post
Share on other sites

  • Root Admin

Yes that was a left over file that was pretty much left dormant due to the removal of the parent.

Please run an online Anti-Virus scan to confirm nothing else is there.

PANDA ONLINE SCAN

Please go >here< to run Panda's ActiveScan

  • Once you are on the Panda site, click the Scan your PC now button
  • A new window will open...click the Scan Now button
  • Allow the ActiveX control to be installed. It will start downloading the files it requires for the scan. Note: This may take a couple of minutes
  • Run the ActiveX control, if requested. The screen will then show the scanning progress - the scan will take a while to finish. Please be patient.
  • When the scan has finished, click on Export To
  • Save the file as Activescan.txt to your Desktop
  • Close the Activescan window then go to your Desktop
  • Double-click on Activescan.txt and it will open in Notepad
  • In Notepad, click Edit > Select all, then Edit > Copy
  • Reply to this thread and click Ctrl+V to paste the log in your reply

PANDA ONLINE SCAN

Then make sure if you're running JAVA that you have it up to date and only the latest installed which is 6 build 12

Link to post
Share on other sites

Sorry it took so long for me to get back to you. Here is the log from the panda scan.

;*******************************************************************************

********************************************************************************

*

*******************

ANALYSIS: 2009-03-13 18:22:58

PROTECTIONS: 1

MALWARE: 87

SUSPECTS: 0

;*******************************************************************************

********************************************************************************

*

*******************

PROTECTIONS

Description Version Active Updated

;===============================================================================

================================================================================

=

===================

McAfee VirusScan No Yes

;===============================================================================

================================================================================

=

===================

MALWARE

Id Description Type Active Severity Disinfectable Disinfected Location

;===============================================================================

================================================================================

=

===================

00013512 adware/searchaid Adware No 0 Yes No hkey_classes_root\winshow.viewsource.1

00013512 adware/searchaid Adware No 0 Yes No hkey_local_machine\software\classes\winshow.viewsource.1

00013512 adware/searchaid Adware No 0 Yes No hkey_local_machine\software\classes\winshow.viewsource

00013512 adware/searchaid Adware No 0 Yes No c:\documents and settings\leon cowherd\application data\winlink

00013512 adware/searchaid Adware No 0 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\winshow

00013512 adware/searchaid Adware No 0 Yes No hkey_classes_root\winshow.viewsource

00020255 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\6.0\58\57fba77a-73548ed5[Dummy.class]

00020255 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv413.jar-2dea1b82-616b13ff.zip[Dummy.class]

00027660 adware/savenow Adware No 0 Yes No hkey_local_machine\software\classes\runmsc.loader.1

00027660 adware/savenow Adware No 0 Yes No c:\program files\vvsn

00027660 adware/savenow Adware No 0 Yes No hkey_local_machine\software\classes\runmsc.loader

00027660 adware/savenow Adware No 0 Yes No hkey_classes_root\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}

00027660 adware/savenow Adware No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{9f95f736-0f62-4214-a4b4-caa6738d4c07}

00029434 spyware/virtumonde Spyware No 1 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F32F8ECD-6CF3-459D-82F2-9738392C85A8}

00035722 adware/comet Adware No 0 Yes No c:\windows\inf\dm.pnf

00046435 adware/isearch Adware No 0 Yes No hkey_local_machine\software\classes\isearch.object.1

00046435 adware/isearch Adware No 0 Yes No hkey_classes_root\isearch.object.1

00066038 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\6.0\58\57fba77a-73548ed5[Parser.class]

00066038 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv413.jar-2dea1b82-616b13ff.zip[Parser.class]

00099408 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv413.jar-2dea1b82-616b13ff.zip[Counter.class]

00099408 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\6.0\58\57fba77a-73548ed5[Counter.class]

00118082 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv413.jar-2dea1b82-616b13ff.zip[Matrix.class]

00118082 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\6.0\58\57fba77a-73548ed5[Matrix.class]

00132447 adware program Adware No 0 Yes No c:\windows\ss3unstl.exe

00132447 adware program Adware No 0 Yes No hkey_current_user\software\ssb3

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@trafficmp[1].txt

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@casalemedia[2].txt

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@doubleclick[1].txt

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@atdmt[2].txt

00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@247realmedia[1].txt

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@fastclick[2].txt

00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@tribalfusion[2].txt

00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@mediaplex[2].txt

00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@linksynergy[1].txt

00147824 Cookie/Clickbank TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@clickbank[1].txt

00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@com[1].txt

00167647 Cookie/Yadro TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@yadro[2].txt

00167653 Cookie/Outster TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@outster[1].txt

00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@azjmp[1].txt

00167749 Cookie/Toplist TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@toplist[2].txt

00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@statcounter[2].txt

00167760 Cookie/Hitslink TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@counter.hitslink[1].txt

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@ad.yieldmanager[2].txt

00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@apmebf[1].txt

00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@burstnet[1].txt

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@serving-sys[2].txt

00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@bs.serving-sys[2].txt

00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@www.burstbeacon[1].txt

00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@adtech[1].txt

00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@server.iad.liveperson[2].txt

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@advertising[2].txt

00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@media.adrevolver[3].txt

00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@statse.webtrendslive[1].txt

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@ads.pointroll[1].txt

00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@overture[2].txt

00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@realmedia[2].txt

00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@questionmarket[1].txt

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@zedo[1].txt

00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@bluestreak[2].txt

00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@adrevolver[1].txt

00184934 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\6.0\55\ee685f7-17fcda87[NewURLClassLoader.class]

00184934 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-2338f20e-4e4672c0.zip[NewURLClassLoader.class]

00184935 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\6.0\55\ee685f7-17fcda87[NewSecurityClassLoader.class]

00184935 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-2338f20e-4e4672c0.zip[NewSecurityClassLoader.class]

00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@adultfriendfinder[1].txt

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@go[2].txt

00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@target[1].txt

00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@did-it[1].txt

00236757 Adware/CWS.Searchmeup Adware No 1 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-2338f20e-4e4672c0.zip[GetAccess.class]

00236757 Adware/CWS.Searchmeup Adware No 1 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\6.0\55\ee685f7-17fcda87[GetAccess.class]

00236759 Adware/CWS.Searchmeup Adware No 1 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\6.0\55\ee685f7-17fcda87[installer.class]

00236759 Adware/CWS.Searchmeup Adware No 1 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-2338f20e-4e4672c0.zip[installer.class]

00286736 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@www6.addfreestats[1].txt

00349456 Adware/Mytoolbar Adware No 0 Yes No C:\Qoobox\Quarantine\C\Program Files\Common Files\{380ED~1\UnInstall.exe.vir

00515709 JS/Downloader.NOE Virus/Trojan No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\6.0\23\1d19b497-1873d371[VaaaaaaaBaa.class]

00515709 JS/Downloader.NOE Virus/Trojan No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-7ba8ab78-61acc139.zip[VaaaaaaaBaa.class]

00515710 JS/Downloader.NOE Virus/Trojan No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\6.0\23\1d19b497-1873d371[baaaaa.class]

00515710 JS/Downloader.NOE Virus/Trojan No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-7ba8ab78-61acc139.zip[baaaaa.class]

00515711 JS/Downloader.NOE Virus/Trojan No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-7ba8ab78-61acc139.zip[baaaaBaa.class]

00515711 JS/Downloader.NOE Virus/Trojan No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\6.0\23\1d19b497-1873d371[baaaaBaa.class]

00516819 JS/Downloader.NOE Virus/Trojan No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\6.0\23\1d19b497-1873d371[Dex.class]

00516819 JS/Downloader.NOE Virus/Trojan No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-7ba8ab78-61acc139.zip[Dex.class]

00516820 JS/Downloader.NOE Virus/Trojan No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\6.0\23\1d19b497-1873d371[Dvnny.class]

00516820 JS/Downloader.NOE Virus/Trojan No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-7ba8ab78-61acc139.zip[Dvnny.class]

00516821 JS/Downloader.NOE Virus/Trojan No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\6.0\23\1d19b497-1873d371[Dux.class]

00516821 JS/Downloader.NOE Virus/Trojan No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-7ba8ab78-61acc139.zip[Dux.class]

00516823 JS/Downloader.NOE Virus/Trojan No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\statistic.jar-7ba8ab78-61acc139.zip[Dix.class]

00516823 JS/Downloader.NOE Virus/Trojan No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\6.0\23\1d19b497-1873d371[Dix.class]

00532141 Trj/Agent.LQK Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP111\A0019962.dll

00532141 Trj/Agent.LQK Virus/Trojan No 1 Yes No C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\UACifexkbvo.dll.vir

00551622 Spyware/MSJuan Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\pkrtnofa.dll

00551622 Spyware/MSJuan Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\giakdl.dll

00590315 Rootkit/Agent.LNB HackTools No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP96\A0017324.sys

00590315 Rootkit/Agent.LNB HackTools No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP88\A0017008.sys

01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP111\A0020019.EXE

01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Documents and Settings\Leon Cowherd\Cookies\leon_cowherd@enhance[2].txt

02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP111\A0019963.sys

02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP111\A0019995.sys

02941683 ASF/GetaCodec.A Virus No 0 Yes No C:\Documents and Settings\Leon Cowherd\Shared\i like it lot bubba sparxx.mp3

02941683 ASF/GetaCodec.A Virus No 0 Yes No C:\Documents and Settings\Leon Cowherd\Shared\cool anthony hamilton.mp3

02947949 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\6.0\44\877afac-32e7f010

02947949 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Leon Cowherd\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\animan.class-726a168a-2f31b372.class

02950502 Generic Trojan Virus/Trojan No 0 No No C:\Documents and Settings\Leon Cowherd\My Documents\TechSmith.Camtasia.Studio.v5.0.1.453.Keygen.Only-HAZE.rar[keygen.exe]

04415496 Generic Malware Virus/Trojan No 0 No No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP88\A0016964.exe[LaunchHelp.dll]

04814221 Generic Malware Virus/Trojan No 0 Yes No C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\UACwrucmjpc.dll.vir

04814221 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP111\A0019960.dll

04826705 Generic Trojan Virus/Trojan No 0 Yes No C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\UACoqvdlyap.dll.vir

04826705 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP111\A0019959.dll

04826785 Generic Malware Virus/Trojan No 0 Yes No C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\UACixripjql.dll.vir

04826785 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP111\A0019961.dll

04826787 Adware/SpywareGuard2008 Adware No 0 Yes No C:\Qoobox\Quarantine\C\WINDOWS\SYSTEM32\DRIVERS\_UACrlngftiq_.sys.zip[uACrlngftiq.sys]

05081400 Adware/Xpantivirus2008 Adware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP111\A0019979.exe

05081400 Adware/Xpantivirus2008 Adware No 0 Yes No C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\msas2009.exe.vir

;===============================================================================

================================================================================

=

===================

SUSPECTS

Sent Location ߁

;===============================================================================

================================================================================

=

===================

;===============================================================================

================================================================================

=

===================

VULNERABILITIES

Id Severity Description ߁

;===============================================================================

================================================================================

=

===================

;===============================================================================

================================================================================

=

===================

Link to post
Share on other sites

  • Root Admin

TechSmith.Camtasia.Studio.v5.0.1.453.Keygen.Only-HAZE.rar

Well I'm sorry but since you have evidence of cracked or pirated software you're using on the system I have no choice but to close this thread now.

If you feel this is inaccurate information please send any Moderator a private message explaining in detail and they will review your information in private.

HiJack This! Forum Policy

We will not be party to obvious use of key gens, cracks, warez or other illegal means of downloading software, music, videos ect. This means no P2P evidence will be supported. Logs that show these in them, will given the option to remove the P2P items. Keygens, cracks, warez and similar will have the thread closed period. It's theft and against the law.
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.