Jump to content

Windows XP Restore Virus


Recommended Posts

Windows XP (Service Pack 3) A week ago I got the XP Restore virus. Thanks to your site and Malwarebytes tool and Avira, I seemed to get rid of most of the problem. The virus was completely removed from my system (or so the two tools said) and I was able to restore a working, clickable desktop (google "nodesktop" (no space between the o and d) in registry) unhide icons (including quick start using unhide.exe), and restore the task manager (googled a registry fix). Yeah!

A few problems remain:

1. If I go to Start -> Programs, most of programs identified have "empty" next to it. Unless you have a quick fix, I can insert the shortcuts to the exe files manually. No biggy.

2. If I go to Start -> Programs, there is a button that says XP restore. This first appeared when I got the virus. It's still there, but hopefully not functioning. Question: How do I get rid of it? It is not the Restore function that USED TO BE under Start -> Programs -> Accessories -> System Tools. That option is now "empty". Question: How do I get that back? And if there is no way to do it, how to I begin using system restore again?

3. For years, I had a quick launch button that started a DOS program called ACT. I now get a message c:\PROGRA~1\Symantec\S32EVNT1.DLL. An intallable Virtual Device Driver failed Dll initialization. Choose 'close' to terminate the application. I believe MalwareBytes or Avira removed that DLL. Is there an easy way to get it back.

4. When I initially ran MWBytes, it found about ten or fifteen problems. Then Avira found two more. I was so giddy at getting everything back that I ran System Restore (I believe thru the Control Panel.) It didn't help anything, but the system seemed okay - until I ran GMER. Three times, the computer rebooted before GMER finished. I ran Avira. It found and removed the TR/Kazy.438476 from JAR Cache. (I think this is part of the Windows Restore bug) GMER ran okay after that. Here are my questions: Am I going to get the virus again if I run Firefox? Can I delete the cache without opening Firefox? Also, the initial run of AVIRA found Java/Fester.D.1 in my Documents and Settings - Applic Data - Sun Deployment etc. Supposedly this was remored by Avira, but should I reinstall something here?

Thanks very much for all your help. Your site's initial suggestion to run MalwareBytes/Avira restored my faith in mankind.

DDS follows:

.

DDS (Ver_2011-06-03.01) - NTFSx86

Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_26

Run by USER NAME REMOVEd at 17:25:52 on 2011-06-16

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1483 [GMT -5:00]

.

AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}

AV: Microsoft Security Essentials *Enabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

FW: COMODO Firewall *Enabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

C:\WINDOWS\system32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

svchost.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\dllhost.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\System32\PGPsdkServ.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

C:\WINDOWS\System32\svchost.exe -k imgsvc

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe

C:\Program Files\WordWeb\wweb32.exe

C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe

C:\WINDOWS\System32\dmadmin.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Program Files\NCH Swift Sound\TRx\trx.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.drudgereport.com/

uSearchAssistant =

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

uRun: [skMtEGuPVoS] c:\documents and settings\all users\application data\SkMtEGuPVoS.exe

mRun: [nwiz] nwiz.exe /installquiet

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h

mRun: [brStsMon00] c:\program files\browny02\brother\BrStMonW.exe /AUTORUN

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

mRun: [sunJavaUpdateSched] c:\program files\java\jre6\bin\jusched.exe

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

dRunOnce: [sRUUninstall] "c:\windows\system32\msiexec.exe" /x {6AF90EF6-F7F9-466C-99F4-1774826FBB40} /qn REBOOT=ReallySuppress

StartupFolder: c:\docume~1\nicke~1.nix\startm~1\programs\startup\wordweb.lnk - c:\program files\wordweb\wweb32.exe

IE: &WordWeb... - c:\windows\wweb32.dll/lookup.html

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\windows\system32\msjava.dll

Trusted Zone: 0

Trusted Zone: 0\www

DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1269047199406

DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} - hxxp://www.ca.com/us/securityadvisor/virusinfo/webscan.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{F78D82D7-78ED-47F4-86C7-8BBAE040EF0D} : DhcpNameServer = 192.168.1.1

Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL

AppInit_DLLs: c:\windows\system32\guard32.dll

SEH: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - No File

SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, ntoskrnl.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\nick e. nixon\application data\mozilla\firefox\profiles\default.4zd\

FF - prefs.js: browser.startup.homepage - hxxp://www.drudgereport.com/

FF - plugin: c:\documents and settings\nick e. nixon\application data\move networks\plugins\npqmp071505000010.dll

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

FF - Ext: Clear Cache Button: {563e4790-7e70-11da-a72b-0800200c9a66} - %profile%\extensions\{563e4790-7e70-11da-a72b-0800200c9a66}

FF - Ext: CacheViewer: {71328583-3CA7-4809-B4BA-570A85818FBB} - %profile%\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}

FF - Ext: DNS Cache: dnscache@dominik.jungowski - %profile%\extensions\dnscache@dominik.jungowski

FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff

.

============= SERVICES / DRIVERS ===============

.

R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2011-6-12 11608]

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2010-6-4 239368]

R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-6-1 27576]

R1 MemAlloc;MemAlloc;c:\windows\system32\drivers\MemAlloc.sys [2003-1-8 5543]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-6-12 136360]

R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-6-12 269480]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-6-12 61960]

R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2010-6-1 1771288]

R2 PGPsdkServ;PGPsdkService;c:\windows\system32\PGPsdkServ.exe [2003-8-3 77824]

S1 LStone;Pinnacle Systems Studio AV/DV Overlay;c:\windows\system32\drivers\LStone2k.sys [2008-11-28 247936]

S3 RTL8187B;TRENDnet TEW-424UB 54M USB Dongle;c:\windows\system32\drivers\rtl8187b.sys --> c:\windows\system32\drivers\RTL8187B.sys [?]

S3 Si670m;WayTech Bluetooth USB Filter Driver;c:\windows\system32\drivers\Si670m.sys [2008-8-18 13312]

S4 BrYNSvc;BrYNSvc;c:\program files\browny02\BrYNSvc.exe [2010-12-15 245760]

S4 Spsebionpvws;Spsebionpvws; [x]

.

=============== Created Last 30 ================

.

2011-06-15 18:58:25 105472 -c----w- c:\windows\system32\dllcache\mup.sys

2011-06-15 18:58:14 852480 -c----w- c:\windows\system32\dllcache\vgx.dll

2011-06-14 00:07:05 -------- d-----w- c:\documents and settings\nick e. nixon\application data\Avira

2011-06-12 23:36:30 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2011-06-12 23:36:29 -------- d-----w- c:\program files\Avira

2011-06-12 23:36:29 -------- d-----w- c:\documents and settings\all users\application data\Avira

2011-06-06 17:55:30 183696 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll

2011-06-06 17:55:30 183696 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll

.

==================== Find3M ====================

.

2011-06-15 17:19:29 73728 ----a-w- c:\windows\system32\javacpl.cpl

2011-06-15 17:19:28 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-05-29 14:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-29 14:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-17 00:20:51 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-05-02 15:31:52 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-04-25 14:47:19 81920 ----a-w- c:\windows\system32\ieencode.dll

2011-04-25 14:47:19 667136 ----a-w- c:\windows\system32\wininet.dll

2011-04-25 14:47:19 61952 ----a-w- c:\windows\system32\tdc.ocx

2011-04-25 12:56:44 369664 ----a-w- c:\windows\system32\html.iec

2011-04-21 13:37:43 105472 ----a-w- c:\windows\system32\drivers\mup.sys

2011-03-28 19:58:13 5872 ----a-w- C:\NanoRepository.bin

.

============= FINISH: 17:28:33.59 ===============

MBAM Log. Don't know why the date is wrong.

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 5451

Windows 5.1.2600 Service Pack 3

Internet Explorer 6.0.2900.5512

1/3/2011 9:26:00 PM

mbam-log-2011-01-03 (21-26-00).txt

Scan type: Quick scan

Objects scanned: 155131

Time elapsed: 7 minute(s), 54 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 3

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-06-03.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume2

Install Date: 7/26/2002 10:54:52 PM

System Uptime: 6/15/2011 5:08:24 PM (24 hours ago)

.

Motherboard: Intel Corporation | | D845PT

Processor: Intel® Pentium® 4 CPU 1.70GHz | J1E1 | 1695/100mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 74 GiB total, 15.154 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 279 GiB total, 2.292 GiB free.

F: is FIXED (NTFS) - 1397 GiB total, 725.055 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}

Description: Microsoft PS/2 Mouse

Device ID: ACPI\PNP0F03\4&268D196D&0

Manufacturer: Microsoft

Name: Microsoft PS/2 Mouse

PNP Device ID: ACPI\PNP0F03\4&268D196D&0

Service: i8042prt

.

==== System Restore Points ===================

.

RP199: 3/18/2011 9:27:58 AM - System Checkpoint

RP200: 3/19/2011 11:20:11 AM - System Checkpoint

RP201: 3/20/2011 1:05:52 PM - System Checkpoint

RP202: 3/21/2011 2:00:21 PM - System Checkpoint

RP203: 3/22/2011 7:55:56 PM - System Checkpoint

RP204: 3/23/2011 8:16:09 PM - System Checkpoint

RP205: 3/24/2011 9:17:14 PM - System Checkpoint

RP206: 3/25/2011 10:16:10 PM - System Checkpoint

RP207: 3/26/2011 11:16:10 PM - System Checkpoint

RP208: 3/28/2011 12:13:03 AM - System Checkpoint

RP209: 3/28/2011 10:27:14 AM - After divx mess

RP210: 3/28/2011 12:52:49 PM - Software Distribution Service 3.0

RP211: 3/29/2011 5:47:51 PM - System Checkpoint

RP212: 3/30/2011 6:30:18 PM - System Checkpoint

RP213: 3/31/2011 8:27:09 PM - System Checkpoint

RP214: 4/1/2011 9:04:18 PM - System Checkpoint

RP215: 4/2/2011 9:17:19 PM - System Checkpoint

RP216: 4/3/2011 10:04:17 PM - System Checkpoint

RP217: 4/4/2011 10:05:30 PM - System Checkpoint

RP218: 4/5/2011 11:04:20 PM - System Checkpoint

RP219: 4/6/2011 11:17:20 PM - System Checkpoint

RP220: 4/8/2011 12:04:28 AM - System Checkpoint

RP221: 4/9/2011 12:17:25 AM - System Checkpoint

RP222: 4/10/2011 1:04:25 AM - System Checkpoint

RP223: 4/11/2011 1:44:48 AM - System Checkpoint

RP224: 4/11/2011 5:38:39 AM - before flash

RP225: 4/12/2011 6:36:02 AM - System Checkpoint

RP226: 4/13/2011 12:49:06 AM - updates

RP227: 4/13/2011 1:13:50 AM - Software Distribution Service 3.0

RP228: 4/14/2011 1:27:52 AM - System Checkpoint

RP229: 4/15/2011 2:27:51 AM - System Checkpoint

RP230: 4/16/2011 3:27:58 AM - System Checkpoint

RP231: 4/17/2011 4:27:52 AM - System Checkpoint

RP232: 4/18/2011 5:27:52 AM - System Checkpoint

RP233: 4/19/2011 7:26:36 AM - System Checkpoint

RP234: 4/20/2011 9:26:57 AM - System Checkpoint

RP235: 4/21/2011 12:25:59 PM - System Checkpoint

RP236: 4/22/2011 12:27:58 PM - System Checkpoint

RP237: 4/23/2011 2:08:43 PM - System Checkpoint

RP238: 4/24/2011 3:49:39 PM - System Checkpoint

RP239: 4/25/2011 6:41:50 PM - System Checkpoint

RP240: 4/26/2011 7:19:01 PM - System Checkpoint

RP241: 4/27/2011 6:25:27 AM - Software Distribution Service 3.0

RP242: 4/28/2011 6:28:04 AM - System Checkpoint

RP243: 4/29/2011 7:28:00 AM - System Checkpoint

RP244: 4/30/2011 8:28:05 AM - System Checkpoint

RP245: 5/1/2011 3:28:58 PM - System Checkpoint

RP246: 5/2/2011 7:49:00 PM - dir x

RP247: 5/2/2011 7:50:01 PM - dir x 2

RP248: 5/3/2011 8:28:05 PM - System Checkpoint

RP249: 5/4/2011 9:28:07 PM - System Checkpoint

RP250: 5/5/2011 10:27:03 PM - System Checkpoint

RP251: 5/6/2011 11:27:03 PM - System Checkpoint

RP252: 5/7/2011 11:44:12 PM - System Checkpoint

RP253: 5/8/2011 11:53:16 PM - System Checkpoint

RP254: 5/10/2011 12:53:17 AM - System Checkpoint

RP255: 5/11/2011 1:42:31 AM - System Checkpoint

RP256: 5/11/2011 6:36:24 AM - Software Distribution Service 3.0

RP257: 5/12/2011 6:42:23 AM - System Checkpoint

RP258: 5/13/2011 6:47:22 AM - System Checkpoint

RP259: 5/14/2011 7:30:16 AM - System Checkpoint

RP260: 5/15/2011 8:30:17 AM - System Checkpoint

RP261: 5/16/2011 9:56:59 AM - System Checkpoint

RP262: 5/17/2011 9:59:13 AM - System Checkpoint

RP263: 5/18/2011 10:58:09 AM - System Checkpoint

RP264: 5/19/2011 5:49:39 PM - System Checkpoint

RP265: 5/20/2011 7:11:58 PM - System Checkpoint

RP266: 5/21/2011 7:58:25 PM - System Checkpoint

RP267: 5/22/2011 8:59:16 PM - System Checkpoint

RP268: 5/23/2011 9:59:24 PM - System Checkpoint

RP269: 5/24/2011 10:12:57 PM - System Checkpoint

RP270: 5/25/2011 10:39:22 PM - System Checkpoint

RP271: 5/27/2011 12:21:02 AM - System Checkpoint

RP272: 5/28/2011 12:58:21 AM - System Checkpoint

RP273: 5/29/2011 1:58:25 AM - System Checkpoint

RP274: 5/30/2011 8:58:45 AM - System Checkpoint

RP275: 5/31/2011 2:46:22 PM - System Checkpoint

RP276: 6/1/2011 5:57:38 PM - System Checkpoint

RP277: 6/2/2011 6:58:24 PM - System Checkpoint

RP278: 6/3/2011 7:57:24 PM - System Checkpoint

RP279: 6/4/2011 8:57:23 PM - System Checkpoint

RP280: 6/5/2011 9:06:23 PM - System Checkpoint

RP281: 6/6/2011 10:06:22 PM - System Checkpoint

RP282: 6/7/2011 10:07:27 PM - System Checkpoint

RP283: 6/12/2011 7:19:24 PM - System Checkpoint

RP284: 6/13/2011 7:28:59 PM - Restore Operation

RP285: 6/14/2011 11:20:16 PM - System Checkpoint

RP286: 6/15/2011 12:18:15 PM - Removed Java 6 Update 20

RP287: 6/15/2011 12:25:57 PM - Removed Java 6 Update 2

RP288: 6/15/2011 2:02:32 PM - Software Distribution Service 3.0

RP289: 6/15/2011 2:42:17 PM - Removed Java 2 Runtime Environment, SE v1.4.2_03

RP290: 6/15/2011 3:02:05 PM - Removed Adobe Reader 9.

.

==== Installed Programs ======================

.

attach.zip

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please see:

HijackThis Forum Policy

We will not be party to obvious use of key gens, cracks, warez or other illegal means of downloading software, music, videos ect. This means no P2P evidence will be supported. Logs that show these in them, will given the option to remove the P2P items. Keygens, cracks, warez and similar will have the thread closed period. It's theft and against the law.

This goes for uTorrent and anything else you have installed.

Link to post
Share on other sites

  • 3 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.