Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

HELP:my IE & Firefox hijacked, tried many things but in vain

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

HELP:my IE & Firefox hijacked, tried many things but in vain

Unread postby rogkwong » December 5th, 2010, 10:48 am

Could anyone be kind to help ...
Both my IE and Firefox were hijacked by a china website named "www.detian.net" which is redirected from a site "www.83032.com" on every browser startup.

I have tried the followings but all in vain :
a) Reinstalled IE 8 and Firefox 3.6
b) Use Registry Cleaner & Registry Booster to clear obsolete items
c) Deactivate & Activate again the SYSTEM RESTORE function under My Computer|Properties
d) Clean all Caches, Histories, Cookies and TEMP files
e) Empty the Trashbin

One salient phenomenon is found - whenever the browser starts up, all the Shortcuts on Windows Desktop and Taskbar turn to UPPER CASE CHARACTERS.
Does it mean something hide with the taskbar setup?

I'm very afraid the Hijack will make leakage of my personal info on my computer and I don't want to reinstall everything (incl the Windows).
Most Grateful if anyone could give me some hints to resolve this.

Below is the HijackThis Log :

======================================
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:38:28, on 5/12/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\PSIService.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Documents and Settings\Administrator\Application Data\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.11.9.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\IPSBHO.DLL
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\CyberLink\MediaShow5\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\MediaShow5" UpdateWithCreateOnce "Software\CyberLink\MediaShow\5.0"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [HotSwap! Applet] "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.063\X86\HotSwap!.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [HijackThis startup scan] C:\Program Files\Trend Micro\HijackThis\HijackThis.exe /startupscan
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_02] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Srchasst" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_02] rundll32 advpack.dll,DelNodeRunDLL32 "C:\WINDOWS\Srchasst" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_07] cmd.exe /c md "%SystemRoot%\System32\dllcache" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_08] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_09] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_10] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'NETWORK SERVICE')
O8 - Extra context menu item: &使用BitComet下載 - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &使用BitComet下載全部連結 - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O8 - Extra context menu item: 匯出至 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 網頁: [簡體] 顯示 - res://C:\Program Files\ALiBaBar\ALiBaBar.dll/RT_HTML/PageToSim
O8 - Extra context menu item: 網頁: [繁體] 顯示 - res://C:\Program Files\ALiBaBar\ALiBaBar.dll/RT_HTML/PageToTrad
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: 建立行動最愛... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.11.9.dll/206 (file missing)
O9 - Extra button: 顯示或隱藏「HP Smart Web Printing」 - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall 線上掃毒) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecure.com/framework/control/en-US/activex/TmHcmsX.CAB
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - https://webts-la2.oaktreecap.com/CitrixSessionInit/ICAWEB/en/ica32/wficat.cab
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.ca.com/us/securityadvisor/pestscan/pestscan.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - http://support.seagate.com/support/disc/asp/tools/en/bin/npseatools.cab
O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour ?叭 (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod ?叭 (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Tencent Software Update Service (TSUSVC) - Tencent - C:\Program Files\Tencent\QQSoftMgr\1.0.375.203\TencentUpdateSvc.exe

--
End of file - 11708 bytes
rogkwong
Active Member
 
Posts: 7
Joined: December 4th, 2010, 6:17 am
Advertisement
Register to Remove

Re: HELP:my IE & Firefox hijacked, tried many things but in

Unread postby MWR 3 day Mod » December 9th, 2010, 3:04 am

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am

Re: HELP:my IE & Firefox hijacked, tried many things but in

Unread postby deltalima » December 9th, 2010, 4:35 pm

Checking your log - back soon.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: HELP:my IE & Firefox hijacked, tried many things but in

Unread postby deltalima » December 9th, 2010, 4:50 pm

Hi rogkwong,

Welcome to the forum.

My nickname is deltalima and I will be helping you with your malware issue.

The logs can take some time to research, so please be patient with me.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.


Please note the following:
  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

Uninstall List
  • Open HijackThis.
  • Look under System tools.
  • Click on the Open Uninstall Manager... button.
  • Click on the Save list... button.
  • It will prompt you to save. Save this log in a convenient location. By default it's named uninstall_list.txt.
  • Notepad will open. Please copy and paste the contents of this log in your next reply.

CKScanner

  • Please download CKScanner from here to your Desktop.
  • Make sure that CKScanner.exe is on the your Desktop before running the application!
  • Double-click on CKScanner.exe and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved
  • Double-click on the CKFiles.txt icon on your Desktop and copy/paste the contents in your next reply.

Next

  • Please download this tool from Microsoft.
  • Double click on MGADiag.exe to run it.
  • Click Continue.
  • The program will run. It takes a while to finish the diagnosis, please be patient.
  • Once done, click on Copy.
  • Open Notepad and paste the contents in the window.
  • Save this file and copy/paste it in your next reply.

Please let me know if the computer is used for home or for business use.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: HELP:my IE & Firefox hijacked, tried many things but in

Unread postby rogkwong » December 11th, 2010, 5:00 am

Million Thanks Deltalima,

I act herewith according to your advice :

(1) Uninstall List from HijackThis : (for some programs bearing chinese characters, I have tried to translated them into English Translation)

32 Bit HP CIO Components Installer
ABBYY FineReader 6.0 Sprint
Acrobat.com
Adobe Acrobat 9.4.1 - CPSID_83708
Adobe Acrobat Pro 9 - ChineseT
Adobe Acrobat Pro 9 - ChineseT
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop Lightroom
Adobe Reader 9.4.1
Adobe Reader for Pocket PC 2.0
Advanced Audio FX Engine
Ai Suite
Air Video Server 2.4.3
ALiBaBar
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoImpression 6
Ask Toolbar
ASUS WiFi-AP Solo
AsusUpdate
Audio Notes
AVer MediaCenter
AVerMedia A850 USB DMB-TH 1.0.0.11
AVerTV
AviSynth 2.5
Aztech HomeplugAV with Simple Connect
Babylon
BadCopy Pro
BitComet 1.24
Bonjour
Bookworm for Pocket PC
Boris Graffiti
BUFFALO TurboUSB for FLASH/HDD
BUFFALO TurboUSB for FLASH/HDD
CamStudio
Canon Camera Access Library
Canon DIGITAL CAMERA Solution Disk Software Guide
Canon MOV Decoder
Canon MOV Encoder
Canon MovieEdit Task for ZoomBrowser EX
Canon Personal Printing Guide
Canon PowerShot SX30 IS Camera User Guide
Canon Utilities CameraWindow DC 8
Canon Utilities CameraWindow Launcher
Canon Utilities Movie Uploader for YouTube
Canon Utilities MyCamera
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Capture NX 2
Chinese Traditional Fonts Support For Adobe Reader 9
Compatibility Pack for the 2007 Office system
Corel Paint Shop Pro Photo X2
Corel Snapfire
CorelDRAW Graphics Suite X4
CorelDRAW Graphics Suite X4 - Capture
CorelDRAW Graphics Suite X4 - Content
CorelDRAW Graphics Suite X4 - Draw
CorelDRAW Graphics Suite X4 - Filters
CorelDRAW Graphics Suite X4 - FontNav
CorelDRAW Graphics SUite X4 - ICA
CorelDRAW Graphics Suite X4 - IPM
CorelDRAW Graphics Suite X4 - Lang EN
CorelDRAW Graphics Suite X4 - PP
CorelDRAW Graphics Suite X4 - VBA
CorelDRAW(R) Graphics Suite X4
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
Creative Live! Cam Center
Creative Live! Cam Doodling
Creative Live! Cam FX Creator
Creative Live! Cam Manager
Creative Live! Cam Optia AF Driver (1.03.01.0822)
Creative Live! Cam Optia AF User Guide (Trad.Chinese Version)
Creative Media Toolbox
Creative MediaSource DVD-Audio Player
Creative Photo Calendar
Creative Photo Manager
Creative System Information
Creative Audio Control Panel
Creative Control Starter
Crystal Reports 2008
Crystal Reports 2008 Chinese Traditional Language Pack
CyberLink MediaShow
CyberLink MediaShow
CyberLink PhotoNow
CyberLink PowerDirector
CyberLink PowerDVD8
DFX 8 for Windows Media Player
Diskeeper Professional Premier Edition
Documents To Go Desktop for iPhone
Easy CD-DA Extractor 9.1.1
Easy DVD Copy
Eee Storage 1.1.15.197
EPSON Attach To Email
EPSON Copy Utility 3
EPSON Event Manager
EPSON File Manager
EPSON PERFECTION V200 PHOTO Manual
EPSON Scan
EPSON Scan Assistant
eReg
Exif Editor 3.0
Flash Slideshow Maker 2.43
Flickr Uploadr 2.5.0.15
FLV Player 2.0 (build 25)
Free Video Flip and Rotate version 1.8
Fuji Xerox DocuWorks 6.1 Trial Version
Ghost Recon Advanced Warfighter
Google Apps Sync(TM) for Microsoft Outlook?2.0.522.1201
Google Earth
Google Earth Plug-in
Google Talk (remove only)
Google Talk Plugin
Google Update Helper
HD Tune Pro 3.10
Helicon NoiseFilter Free
High Definition Audio Driver Package - KB888111
HiJackThis
HomePlug AV
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB909394)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
HotPixels Eliminator for Digital Cameras 1.0
HP Customer Participation Program 12.0
HP Image Transfer v.1.9.8
HP Imaging Device Functions 12.0
HP Photosmart C309a All-In-One Driver Software 12.0 Rel .5
HP Photosmart Essential 3.5
HP Photosmart Premier Software 6.0
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
IDU TH-OCR 2002 Pre-Professional Version
ImageXtender
iMap CityExplorer
iPAQ WebReg
IrfanView (remove only)
iTunes
Japanese Fonts Support For Adobe Reader 9
Java 2 Runtime Environment, SE v1.4.2_13
Java(TM) 6 Update 22
Java(TM) SE Runtime Environment 6 Update 1
JRAID
K-Lite Mega Codec Pack 6.0.0
LiveABC Picto-dictionary -21 Century Situational English Dictionary
Logitech Desktop Messenger
Logitech SetPoint 6.15
Magic Bullet Looks Studio
MailNavigator v.1.11
Marvell Miniport Driver
MediaInfo 0.7.7.6
MediaLife
MetaFrame Presentation Server Web Client for Win32
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Chinese (Traditional) Lang. Pack
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 2.0 Language Pack - Traditional Chinese
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft ActiveSync
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office OneNote 2003
Microsoft Office Outlook Connector
Microsoft Office Professional Edition 2003
Microsoft Office Project Professional 2003
Microsoft Office Visio Professional 2003
Microsoft Silverlight
Microsoft Speech Recognition Engine 4.0 (English)
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Windows Application Compatibility Database
Microsoft WinUsb 1.0
MINITAB 14
Mozilla Firefox (3.6.12)
MP3 Remix Player Standalone
MP3Cutter 2.81
Mp3tag v2.46a
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
muvee autoProducer 4.1
Mz Ultimate Tweaker v5.6.1
nEO iMAGING version 1.0.1
Nero 8 Ultra Edition HD
neroxml
Nikon Message Center
Nikon RAW Codec
Nikon Transfer
Norton 360
NTI Shadow for ReadyNAS
NVIDIA Drivers
OCR Software by I.R.I.S. 12.0
OGA Notifier 2.0.0048.0
Orb
Par 3 Golf for Windows Mobile
PC Connectivity Solution
PC Probe II
PHM Registry Editor
piaip AppLocale
Picture Control Utility
Pinnacle Instant DVD Recorder
Pinnacle Studio 12
Pinnacle Studio 12 Ultimate Plugins
Pinnacle 視訊驅動程式
proDAD Heroglyph 2.5
proDAD Vitascene 1.0
PTHDict v1.0
QQSoftware Manager1.0 Beta3
QQLive
QuickTime
RAIDar 4.01c1-p1
RaySource 2.1.10.8366
ReadyNAS Photos
RealPlayer
Resco Explorer
Retrospect 6.5
RM Converter 4.12
SAMSUNG Mobile Composite Device Software
Samsung Mobile Modem Device Software
SAMSUNG Mobile Modem Driver Set
SAMSUNG Mobile Modem V2 Software
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
SAMSUNG SYMBIAN USB Download Driver
SAMSUNG USB Mobile Device Software
SamsungConnectivityCableDriver
Seagate SeaTools English Online
SeaTools for Windows
Shop for HP Supplies
SightSpeed (remove only)
Slide
SmartSound Quicktracks Plugin
SnagIt 8
Sony Ericsson Media Manager 1.2
Sony Ericsson PC Suite 4.010.00
Sound Blaster X-Fi
SoundMAX
Spb Backup
SPB Japanese Cards
SPB Korean Cards
Spb Mobile Shell
Spb Phone Suite
Spb Pocket Plus
SPB Traveler
staticial 1.5
The KMPlayer (remove only)
TVersity Codec Pack 1.2
TVersity Media Server 1.6 Beta
Ulead COOL 360 1.0
Ulead Photo Explorer 8.6
Ulead PhotoImpact 12
Uniblue RegistryBooster
Uniblue SystemTweaker
Uninstall 1.0.0.1
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Vicsoft UI Tweaker
Videora iPhone 4 Converter 6
ViewNX
ViewSonic Monitor Drivers
WD Align - Powered by Acronis
Windows Imaging Component
Windows Internet Explorer 8
Windows Internet Explorer 8 Security Update (KB982381)
Windows Live Sync
Windows Live Toolbar Summary Detector (Windows Live Toolbar)
Windows Live Toolbar Expansion (Windows Live Toolbar)
Windows Media Encoder Security Update (KB954156)
Windows Media Encoder Security Update (KB979332)
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 10 Hotfix - KB894476
Windows Media Player 11
Windows Media Player 11
Windows Media Player 11 Hotfix (KB939683)
Windows Media Player 11 Security Update (KB954154)
Windows Media Player 9 Series Winter Fun Pack
Windows Media Player Security Update (KB952069)
Windows Media Player Security Update (KB954155)
Windows Media Player Security Update (KB968816)
Windows Media Player Security Update (KB973540)
Windows Media Player Security Update (KB978695)
Windows Media Codec 9 Series
Windows Media Codec 9 Series
Windows MobileR Device Manual
Windows XP Hotfix (KB914440)
Windows XP Hotfix (KB942288-v3)
Windows XP Hotfix (KB952287)
Windows XP Hotfix (KB961118)
Windows XP Hotfix (KB970653-v3)
Windows XP Hotfix (KB981793)
Windows XP Security Update (KB2229593)
Windows XP Security Update (KB920213)
Windows XP Security Update (KB922819)
Windows XP Security Update (KB923191)
Windows XP Security Update (KB923414)
Windows XP Security Update (KB923561)
Windows XP Security Update (KB923980)
Windows XP Security Update (KB924191)
Windows XP Security Update (KB924270)
Windows XP Security Update (KB938464-v2)
Windows XP Security Update (KB941569)
Windows XP Security Update (KB950762)
Windows XP Security Update (KB950974)
Windows XP Security Update (KB951066)
Windows XP Security Update (KB951376-v2)
Windows XP Security Update (KB951748)
Windows XP Security Update (KB952004)
Windows XP Security Update (KB952954)
Windows XP Security Update (KB954600)
Windows XP Security Update (KB955069)
Windows XP Security Update (KB956572)
Windows XP Security Update (KB956802)
Windows XP Security Update (KB956803)
Windows XP Security Update (KB956844)
Windows XP Security Update (KB957097)
Windows XP Security Update (KB958470)
Windows XP Security Update (KB958644)
Windows XP Security Update (KB958687)
Windows XP Security Update (KB958869)
Windows XP Security Update (KB959426)
Windows XP Security Update (KB960225)
Windows XP Security Update (KB960803)
Windows XP Security Update (KB960859)
Windows XP Security Update (KB961371-v2)
Windows XP Security Update (KB961501)
Windows XP Security Update (KB968537)
Windows XP Security Update (KB969059)
Windows XP Security Update (KB970238)
Windows XP Security Update (KB970430)
Windows XP Security Update (KB971032)
Windows XP Security Update (KB971468)
Windows XP Security Update (KB971557)
Windows XP Security Update (KB971633)
Windows XP Security Update (KB971657)
Windows XP Security Update (KB971961)
Windows XP Security Update (KB972270)
Windows XP Security Update (KB973346)
Windows XP Security Update (KB973354)
Windows XP Security Update (KB973507)
Windows XP Security Update (KB973869)
Windows XP Security Update (KB973904)
Windows XP Security Update (KB974112)
Windows XP Security Update (KB974318)
Windows XP Security Update (KB974392)
Windows XP Security Update (KB974571)
Windows XP Security Update (KB975025)
Windows XP Security Update (KB975467)
Windows XP Security Update (KB975560)
Windows XP Security Update (KB975561)
Windows XP Security Update (KB975562)
Windows XP Security Update (KB975713)
Windows XP Security Update (KB977816)
Windows XP Security Update (KB977914)
Windows XP Security Update (KB978037)
Windows XP Security Update (KB978338)
Windows XP Security Update (KB978542)
Windows XP Security Update (KB978601)
Windows XP Security Update (KB978706)
Windows XP Security Update (KB979482)
Windows XP Security Update (KB979559)
Windows XP Security Update (KB979683)
Windows XP Security Update (KB980195)
Windows XP Security Update (KB980218)
Windows XP Security Update (KB980232)
Windows XP Security Update (KB981349)
Windows XP Update (KB896256)
Windows XP Update (KB904942)
Windows XP Update (KB925720)
Windows XP Update (KB932823-v3)
Windows XP Update (KB955759)
Windows XP Update (KB961503)
Windows XP Update (KB967715)
Windows XP Update (KB968389)
Windows XP Update (KB971737)
Windows XP Update (KB973687)
Windows XP Update (KB973815)
Windows Driver Pack - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)
Windows Driver Pack - Nokia pccsmcfd (10/12/2007 6.85.4.0)
Windows Optimizer
WinRAR archiver
WM Downloader 2.9.1.100 2007.03.24
Wondershare DVD Video Converter (Build 4.1.0.1)
Wondershare Super Video Converter (Build 4.1.0.1)
Wondershare Video Converter (Build 4.1.0.1)
XnView 1.93.6
xplorer?lite 32 bit
Yahoo! Toolbar
YouTube Downloader App 2.03
Zoner Photo Studio 11
Audio Player 5.0.1
PenPower Writing Software
Symbol Wizard
Volume Panel
Ultimate Codec 2008 New Version
Intelligent Functional List (Windows Live Toolbar)
Format Factory 2.50
Smart Reminder Viewer (Windows Live Toolbar)
Sakura Japanese Input IME
rogkwong
Active Member
 
Posts: 7
Joined: December 4th, 2010, 6:17 am

Re: HELP:my IE & Firefox hijacked, tried many things but in

Unread postby rogkwong » December 11th, 2010, 5:15 am

This is step (2) of the savelist from CKScanner :

CKScanner - Additional Security Risks - These are not necessarily bad
c:\documents and settings\administrator\favorites\computer\download\cracks keygenerators.url
c:\documents and settings\administrator\favorites\day2day\serial crack site.url
c:\documents and settings\administrator\favorites\day2day\download\serial crack site.url
c:\documents and settings\administrator\favorites\download\old\cracks keygenerators.url
c:\documents and settings\administrator\my documents\1_my documents\pocket pc\crack daisyarm.rar
c:\documents and settings\administrator\my documents\1_my documents\pocket pc\games\37_77529_95539_pxdxa.astraware bejeweled2-arm-cracked.zip
c:\documents and settings\administrator\my documents\1_my documents\pocket pc\games\50f39d_pxdxa.bejeweled-arm.valentine.cracked.rar
c:\documents and settings\administrator\my documents\1_my documents\pocket pc\games\bejeweled crack.rar
c:\documents and settings\administrator\my documents\1_my documents\pocket pc\games\par 72 golf crack.rar
c:\documents and settings\administrator\my documents\1_my documents\pocket pc\games\crack\bejeweled-arm.exe
c:\documents and settings\administrator\my documents\1_my documents\pocket pc\games\crack\bookworm-arm.exe
c:\documents and settings\administrator\my documents\1_my documents\pocket pc\games\crack\bookworm-mips.exe
c:\documents and settings\administrator\my documents\1_my documents\pocket pc\games\crack\bookworm-sh3.exe
c:\documents and settings\administrator\my documents\1_my documents\pocket pc\maspware_handnotes18\keygen [maspware handnotes 1.8].exe
c:\documents and settings\administrator\my documents\1_my documents\pocket pc\ppc\keygen for mahjong puzzle.exe
c:\documents and settings\administrator\my documents\1_my documents\pocket pc\ppc\mapking ppc\9_720_74131_pxdxa.rescoexplorer2005 v5.42\keygen4rescoexplorer5.40.exe
c:\documents and settings\administrator\my documents\1_my documents\pocket pc\ppc\thememanager\keygen.exe
c:\documents and settings\administrator\my documents\1_my documents\pocket pc\samsung i8000\age of empires gold crack pwd - only on discusshk. uploaded by hung..rar
c:\documents and settings\administrator\my documents\1_my documents\pocket pc\samsung i8000\pocket genius\crack_code.exe
c:\documents and settings\administrator\my documents\my completed downloads\hd.tune.pro.v3.10.winall.cracked-crd.rar
c:\documents and settings\administrator\my documents\my completed downloads\minitab.v14.13crack.rar
c:\documents and settings\administrator\my documents\my completed downloads\nikon.capture.nx.v1.3.0.crack.only-lama.rar
c:\documents and settings\administrator\my documents\my completed downloads\rmvb converter keygen.exe
c:\documents and settings\administrator\my documents\my completed downloads\[minitab].minitab.14.crack.zip
c:\documents and settings\administrator\my documents\my completed downloads\adobe creative suite 4 master collection\adobe_creative_suite_4_master_collection_keygen_serial_by_chattc-fenopy.com.torrent
c:\documents and settings\administrator\my documents\my completed downloads\diskeeper\diskeeper pro premier build 701 crack\dk-patch.exe
c:\documents and settings\administrator\my documents\my completed downloads\diskeeper\diskeeper pro premier build 701 crack\license.dal
c:\documents and settings\administrator\my documents\my completed downloads\diskeeper\diskeeper pro premier build 701 crack\read_me.txt
c:\documents and settings\administrator\my documents\my completed downloads\nero premium reloaded v7.9.6.0 complete\nero 7.9.6.0 fff keygen\keygen.exe
c:\documents and settings\administrator\my documents\my completed downloads\nikon capture nx crack\nikon.capture.nx.v1.3.0.crack.only-lama.rar
c:\documents and settings\administrator\my documents\my completed downloads\nikon capture nx crack\nikon_capture_nx_13_cr.rar
c:\documents and settings\administrator\desktop\my games\psp upgrade\psp programs\sony psp media manager 1.0\crack\pmm10k.dll
c:\documents and settings\administrator\desktopp\my games\psp upgrade\psp programs\sony psp media manager 1.0\crack\sfs4rw.dll
c:\documents and settings\all users\documents\download\cracks keygenerators.url
c:\documents and settings\all users\documents\good references\serial crack site.url
c:\program files\corel\coreldraw graphics suite x4\custom data\bumpmap\cracks.cpt
c:\program files\corel\coreldraw graphics suite x4\custom data\canvas\cracks2c.pcx
c:\program files\corel\coreldraw graphics suite x4\custom data\tiles\cracks2m.cpt
c:\program files\nikon\capture nx 2\crack\facade.dll
c:\program files\total.video.converter.v3.20\e.m.total.video.converter.v3.14\crack\tvc.exe
c:\program files\total.video.converter.v3.20\e.m.total.video.converter.v3.14\crack\使用?明-readme.txt
c:\program files\wondershare\photo story platinum\decorations\effects\firecracker.swf
scanner sequence 3.ZZ.11
----- EOF -----
rogkwong
Active Member
 
Posts: 7
Joined: December 4th, 2010, 6:17 am

Re: HELP:my IE & Firefox hijacked, tried many things but in

Unread postby rogkwong » December 11th, 2010, 5:17 am

This is the last step of text file from MGA Diag :

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-6BKXT-M8JJ6-RPXGJ
Windows Product Key Hash: 5nTiWPHCccmBwT7jn+WSWXJC39g=
Windows Product ID: 55274-640-1464517-23028
Windows Product ID Type: 1
Windows License Type: Volume
Windows OS version: 5.1.2600.2.00010100.2.0.pro
ID: {AE41F788-B8A4-4985-AAAB-2592E0AD0F4F}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.9.40.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80004005
File Exists: Yes
Version: 1.9.40.0
WgaTray.exe Signed By: N/A, hr = 0x80004005
WgaLogon.dll Signed By: Microsoft

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 114 Blocked VLK 2
Microsoft Office Professional Edition 2003 - 114 Blocked VLK 2
Microsoft Office Project Professional 2003 - 100 Genuine
Microsoft Office Visio Professional 2003 - 100 Genuine
Microsoft Office OneNote 2003 - 100 Genuine
OGA Version: Registered, 2.0.48.0
Signed By: N/A, hr = 0x80004005
Office Diagnostics: 025D1FF3-230-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{AE41F788-B8A4-4985-AAAB-2592E0AD0F4F}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.2.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-RPXGJ</PKey><PID>55274-640-1464517-23028</PID><PIDType>1</PIDType><SID>S-1-5-21-117609710-2052111302-839522115</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>System Product Name</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>1101 </Version><SMBIOSVersion major="2" minor="4"/><Date>20070309000000.000000+000</Date></BIOS><HWID>3222347701846E7B</HWID><UserLCID>0C04</UserLCID><SystemLCID>0404</SystemLCID><TimeZone>中國標準時間(GMT+08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.9.40.0"/><File Name="WgaLogon.dll" Version="1.9.40.0"/></GANotification></MachineData><Software><Office><Result>114</Result><Products><Product GUID="{90110404-6000-11D3-8CFE-0150048383C9}"><LegitResult>114</LegitResult><Name>Microsoft Office Professional Edition 2003</Name><Ver>11</Ver><Val>59D1605114E3500</Val><Hash>vfZmaSmFPIYrLWTcZSZErUQg+Fo=</Hash><Pid>73944-640-0000106-57057</Pid><PidType>14</PidType></Product><Product GUID="{903B0409-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office Project Professional 2003</Name><Ver>11</Ver><Val>5EA9C3672EB0500</Val><Hash>GZD+9sfb5ecL3RxyV4F75a86u2M=</Hash><Pid>72077-640-0000106-55960</Pid><PidType>14</PidType></Product><Product GUID="{90510404-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office Visio Professional 2003</Name><Ver>11</Ver><Val>5EA9C3672EB0500</Val><Hash>GZD+9sfb5ecL3RxyV4F75a86u2M=</Hash><Pid>73815-640-0000106-55475</Pid><PidType>14</PidType></Product><Product GUID="{90A10404-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office OneNote 2003</Name><Ver>11</Ver><Val>5EA9C3672EB0500</Val><Hash>GZD+9sfb5ecL3RxyV4F75a86u2M=</Hash><Pid>72999-640-0000106-55134</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="11" Result="114"/><App Id="16" Version="11" Result="114"/><App Id="18" Version="11" Result="114"/><App Id="19" Version="11" Result="114"/><App Id="1A" Version="11" Result="114"/><App Id="1B" Version="11" Result="114"/><App Id="3B" Version="11" Result="100"/><App Id="44" Version="11" Result="114"/><App Id="51" Version="11" Result="100"/><App Id="A1" Version="11" Result="100"/></Applications></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 13470:ASUSTeK Computer Inc|14BFE:GENUINE C&C INC|10D47:MPC Computers
Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005

OEM Activation 2.0 Data-->
N/A
rogkwong
Active Member
 
Posts: 7
Joined: December 4th, 2010, 6:17 am

Re: HELP:my IE & Firefox hijacked, tried many things but in

Unread postby rogkwong » December 11th, 2010, 5:18 am

Answering your last question : my computer is used for home only.

Sincerely looking forward to your further advice.
rogkwong
Active Member
 
Posts: 7
Joined: December 4th, 2010, 6:17 am

Re: HELP:my IE & Firefox hijacked, tried many things but in

Unread postby deltalima » December 11th, 2010, 6:13 am

We are not able to help with computers using cracked software.

Please see here

Please remove ALL software that you do not own a license for and let me know if you wish to continue.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: HELP:my IE & Firefox hijacked, tried many things but in

Unread postby Cypher » December 14th, 2010, 8:41 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 45 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware