Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Board index Malware Removal ForumsInfected? Virus, malware, adware, ransomware, oh my!

Maleware probelm, My HiJackThis log

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.
Topic locked

Re: Maleware probelm, My HiJackThis log

Unread postby reaperofelement » May 26th, 2009, 9:27 pm

Alright Chuck sounds good. Here is the the log's you asked for.

ComboFix 09-05-26.02 - Chris Jablonski 05/26/2009 21:10.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.758 [GMT -4:00]
Running from: d:\documents and settings\Chris Jablonski\Desktop\ComboFix.exe
Command switches used :: d:\documents and settings\Chris Jablonski\Desktop\CFScript.txt
AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

d:\documents and settings\All Users\Application Data\avg8
d:\documents and settings\All Users\Application Data\avg8\Log\avgrs.log
d:\documents and settings\All Users\Application Data\Symantec
d:\documents and settings\All Users\Application Data\Symantec\ErrLogs\{830D8CBD-C668-49e2-A969-C2C2106332E0}203a6540.zip
d:\documents and settings\Chris Jablonski\Application Data\LimeWire
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\certificate\limewire.keystore
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\createtimes.cache
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\downloads.dat
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\fileurns.bak
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\fileurns.cache
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\filters.props
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\gnutella.net
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\installation.props
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\library.dat
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\limewire.props
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\mojito.props
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\promotion\promodb.backup
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\promotion\promodb.data
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\promotion\promodb.properties
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\promotion\promodb.script
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\questions.props
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\responses.cache
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\simpp.xml
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\spam.dat
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\tables.props
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme.lwtp
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\01_star.gif
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\02_star.gif
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\03_star.gif
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\04_star.gif
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\05_star.gif
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\chat.gif
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\forward_dn.gif
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\forward_up.gif
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\kill.gif
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\kill_on.gif
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\pause_dn.gif
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\pause_up.gif
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\play_dn.gif
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\play_up.gif
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\question.gif
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\rewind_dn.gif
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\rewind_up.gif
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\stop_dn.gif
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\stop_up.gif
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\theme.txt
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\version.txt
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\themes\windows_theme\warning.gif
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\ttrees.cache
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\ttroot.cache
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\version.xml
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\versions.props
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\xml\data\audio.sxml2
d:\documents and settings\Chris Jablonski\Application Data\LimeWire\xml\data\video.sxml2
d:\program files\Common Files\Symantec Shared
d:\program files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll
d:\program files\LimeWire
d:\program files\LimeWire\Hows this for a List.m3u
d:\program files\LimeWire\rap stuff chill.m3u
d:\program files\LimeWire\WoW ChiLLin.m3u
d:\program files\LimeWire\WoW, Listen.m3u

.
((((((((((((((((((((((((( Files Created from 2009-04-27 to 2009-05-27 )))))))))))))))))))))))))))))))
.

2009-05-27 01:08 . 2009-05-27 01:10 -------- d-----w d:\program files\Essentials Codec Pack
2009-05-23 22:31 . 2009-05-23 22:31 -------- d-----w d:\program files\Common Files\DivX Shared
2009-05-22 22:36 . 2008-06-19 21:24 28544 ----a-w d:\windows\system32\drivers\pavboot.sys
2009-05-22 22:35 . 2009-05-22 22:35 -------- d-----w d:\program files\Panda Security
2009-05-16 10:22 . 2009-05-16 10:22 -------- d-----w d:\documents and settings\Chris Jablonski\Application Data\Malwarebytes
2009-05-12 20:49 . 2009-05-12 20:49 -------- d-----w D:\rsit
2009-05-11 02:29 . 2009-04-06 19:32 15504 ----a-w d:\windows\system32\drivers\mbam.sys
2009-05-11 02:29 . 2009-04-06 19:32 38496 ----a-w d:\windows\system32\drivers\mbamswissarmy.sys
2009-05-11 02:29 . 2009-05-11 02:29 -------- d-----w d:\program files\Malwarebytes' Anti-Malware
2009-05-11 02:29 . 2009-05-11 02:29 -------- d-----w d:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-09 23:39 . 2009-05-09 23:41 -------- d-----w d:\documents and settings\Chris Jablonski\Application Data\GetRightToGo
2009-05-01 05:03 . 2009-05-01 05:03 201 ----a-w d:\windows\nsreg.dat
2009-04-29 20:55 . 2006-03-03 15:07 143360 ----a-w d:\windows\system32\dunzip32.dll
2009-04-29 20:54 . 2006-07-14 04:10 37800 ----a-w d:\windows\system32\drivers\mfesmfk.sys
2009-04-29 20:54 . 2006-07-14 04:09 31560 ----a-w d:\windows\system32\drivers\mferkdk.sys
2009-04-29 20:54 . 2006-07-14 04:09 33896 ----a-w d:\windows\system32\drivers\mfebopk.sys
2009-04-29 20:54 . 2006-07-14 04:09 161768 ----a-w d:\windows\system32\drivers\mfehidk.sys
2009-04-29 20:54 . 2006-07-08 19:46 84744 ----a-w d:\windows\system32\drivers\mfeavfk.sys
2009-04-29 20:53 . 2006-08-01 17:59 104536 ----a-w d:\windows\system32\drivers\Mpfp.sys
2009-04-29 20:53 . 2009-04-29 20:53 -------- d-----w d:\program files\McAfee.com
2009-04-29 20:53 . 2009-04-29 20:55 -------- d-----w d:\program files\Common Files\McAfee
2009-04-29 20:53 . 2009-04-29 21:08 -------- d-----w d:\program files\McAfee
2009-04-29 20:52 . 2009-04-29 20:56 -------- d-----w d:\documents and settings\All Users\Application Data\McAfee
2009-04-29 02:26 . 2009-04-29 02:26 102800 ----a-w d:\windows\system32\drivers\tmcomm.sys
2009-04-28 11:36 . 2009-04-28 11:36 -------- d-----w d:\program files\Trend Micro

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-26 15:08 . 2008-07-18 04:50 -------- d-----w d:\program files\Warcraft III
2009-05-23 23:10 . 2008-12-09 13:51 -------- d-----w d:\documents and settings\Chris Jablonski\Application Data\uTorrent
2009-05-23 22:32 . 2008-09-30 08:59 -------- d-----w d:\program files\DivX
2009-05-19 23:58 . 2008-07-18 01:46 -------- d-----w d:\program files\World of Warcraft
2009-04-26 12:13 . 2008-07-18 01:55 -------- d-----w d:\program files\Common Files\Blizzard Entertainment
2009-04-22 07:39 . 2009-04-22 07:26 -------- d-----w d:\program files\Garena
2009-04-16 07:01 . 2009-04-16 07:00 -------- d-----w d:\program files\Defraggler
2009-04-16 06:56 . 2008-07-18 05:58 -------- d-----w d:\program files\CCleaner
2009-04-07 00:29 . 2008-09-08 02:40 -------- d-----w d:\documents and settings\All Users\Application Data\Viewpoint
2009-04-07 00:28 . 2009-04-07 00:17 -------- d---a-w d:\documents and settings\All Users\Application Data\TEMP
2009-03-28 20:16 . 2008-11-17 01:39 -------- d-----w d:\program files\DotA Gaming Network
2009-03-20 03:36 . 2008-07-18 04:56 78123 ----a-w d:\windows\War3Unin.dat
.

((((((((((((((((((((((((((((( SnapShot@2009-05-15_19.43.29 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-04 12:00 . 2009-05-15 19:43 40394 d:\windows\system32\perfc009.dat
+ 2004-08-04 12:00 . 2009-05-24 20:12 40394 d:\windows\system32\perfc009.dat
+ 2009-02-24 19:34 . 2009-02-24 19:34 90112 d:\windows\system32\dpl100.dll
- 2004-08-04 12:00 . 2009-05-15 19:43 312172 d:\windows\system32\perfh009.dat
+ 2004-08-04 12:00 . 2009-05-24 20:12 312172 d:\windows\system32\perfh009.dat
- 2008-10-28 22:35 . 2008-10-28 22:35 802816 d:\windows\system32\divx_xx11.dll
+ 2009-02-24 19:34 . 2009-02-24 19:34 802816 d:\windows\system32\divx_xx11.dll
- 2008-10-28 22:36 . 2008-10-28 22:36 823296 d:\windows\system32\divx_xx0c.dll
+ 2009-02-24 19:34 . 2009-02-24 19:34 823296 d:\windows\system32\divx_xx0c.dll
- 2008-10-28 22:35 . 2008-10-28 22:35 815104 d:\windows\system32\divx_xx0a.dll
+ 2009-02-24 19:34 . 2009-02-24 19:34 815104 d:\windows\system32\divx_xx0a.dll
- 2008-10-28 22:36 . 2008-10-28 22:36 823296 d:\windows\system32\divx_xx07.dll
+ 2009-02-24 19:34 . 2009-02-24 19:34 823296 d:\windows\system32\divx_xx07.dll
+ 2009-02-24 19:34 . 2009-02-24 19:34 684032 d:\windows\system32\DivX.dll
- 2008-10-28 22:35 . 2008-10-28 22:35 684032 d:\windows\system32\DivX.dll
+ 2009-04-17 12:59 . 2009-04-17 12:59 128256 d:\windows\Downloaded Program Files\as2stubie.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="d:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="d:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-23 68856]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Start Menu^Programs^Startup^TrayMin600.exe.lnk]
path=d:\documents and settings\All Users\Start Menu\Programs\Startup\TrayMin600.exe.lnk
backup=d:\windows\pss\TrayMin600.exe.lnkCommon Startup

[HKLM\~\startupfolder\D:^Documents and Settings^Chris Jablonski^Start Menu^Programs^Startup^My_AutoWarkey_Script.lnk]
path=d:\documents and settings\Chris Jablonski\Start Menu\Programs\Startup\My_AutoWarkey_Script.lnk
backup=d:\windows\pss\My_AutoWarkey_Script.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3 (0x3)
"rpcapd"=3 (0x3)
"WMPNetworkSvc"=3 (0x3)
"WLSetupSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"MioNet"=2 (0x2)
"Viewpoint Manager Service"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"avg8emc"=2 (0x2)
"avg8wd"=2 (0x2)
"SymAppCore"=2 (0x2)
"Symantec Core LC"=3 (0x3)
"ISPwdSvc"=3 (0x3)
"comHost"=3 (0x3)
"CLTNetCnService"=2 (0x2)
"ccSetMgr"=2 (0x2)
"ccEvtMgr"=2 (0x2)
"MSK80Service"=2 (0x2)
"MPS9"=2 (0x2)
"MpfService"=2 (0x2)
"mcusrmgr"=2 (0x2)
"mctskshd.exe"=2 (0x2)
"McSysmon"=2 (0x2)
"McShield"=2 (0x2)
"McRedirector"=2 (0x2)
"McProxy"=2 (0x2)
"mcpromgr"=2 (0x2)
"McODS"=2 (0x2)
"McNASvc"=2 (0x2)
"mcmispupdmgr"=2 (0x2)
"McLogManagerService"=2 (0x2)
"McAfee HackerWatch Service"=2 (0x2)
"Emproxy"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\World of Warcraft\\Launcher.exe"=
"d:\\Program Files\\Download Manager\\DLM.exe"=
"d:\\Program Files\\Warcraft III\\Frozen Throne.exe"=
"d:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"d:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"d:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"d:\\Program Files\\AIM6\\aim6.exe"=
"d:\\Program Files\\Warcraft III\\pickup.listchecker.exe"=
"d:\\WINDOWS\\system32\\wupdmgr.exe"=
"d:\\Program Files\\World of Warcraft\\BNUpdate.exe"=
"d:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"d:\\Program Files\\World of Warcraft\\WoW-2.4.0.8089-to-2.4.1.8125-enUS-downloader.exe"=
"d:\\Program Files\\World of Warcraft\\WoW-3.0.2.9056-to-3.0.3.9183-enUS-downloader.exe"=
"d:\\Program Files\\World of Warcraft\\Updates\\WoW-3.0.1-to-3.0.2-Update\\Updater.exe"=
"d:\\Program Files\\World of Warcraft\\WoW-BurningCrusade-enUS-Slim-Installer\\Installer.exe"=
"d:\\Program Files\\Adobe\\Acrobat.com\\Acrobat.com.exe"=
"d:\\Program Files\\Common Files\\Blizzard Entertainment\\World of Warcraft Installer\\Installer.exe"=
"d:\\Program Files\\Messenger\\msmsgs.exe"=
"d:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"d:\\Program Files\\World of Warcraft\\WoW-3.0.8.9506-to-3.0.9.9551-enUS-downloader.exe"=
"d:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"d:\\WINDOWS\\system32\\sessmgr.exe"=
"d:\\Program Files\\World of Warcraft\\WoW-3.0.9.9551-to-3.1.0.9767-enUS-downloader.exe"=
"d:\\Program Files\\Garena\\Garena.exe"=
"d:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
"d:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6112:TCP"= 6112:TCP:Blizzard Downloader
"3724:TCP"= 3724:TCP:Blizzard Downloader
"1700:TCP"= 1700:TCP:*:Disabled:MioNet Remote Drive Access
"1641:TCP"= 1641:TCP:*:Disabled:MioNet Remote Drive Verification
"6111:TCP"= 6111:TCP:wc3
"6110:TCP"= 6110:TCP:wc3
"6114:TCP"= 6114:TCP:wc3
"3274:TCP"= 3274:TCP:wow
"8086:TCP"= 8086:TCP:wow
"8087:TCP"= 8087:TCP:wow
"9081:TCP"= 9081:TCP:wow
"9090:TCP"= 9090:TCP:wow
"9097:TCP"= 9097:TCP:wow
"9100:TCP"= 9100:TCP:wow

R0 pavboot;pavboot;d:\windows\system32\drivers\pavboot.sys [5/22/2009 6:36 PM 28544]
R3 HSFHWATI;HSFHWATI;d:\windows\system32\drivers\HSFHWATI.sys [8/22/2005 6:06 PM 231424]
R3 phc600;USB PC Camera (phc600);d:\windows\system32\drivers\phc600.sys [11/19/2008 1:43 AM 440064]
S3 NPF;NetGroup Packet Filter Driver;d:\windows\system32\drivers\npf.sys [11/6/2007 4:22 PM 34064]
S4 Viewpoint Manager Service;Viewpoint Manager Service;"d:\program files\Viewpoint\Common\ViewpointService.exe" --> d:\program files\Viewpoint\Common\ViewpointService.exe [?]
.
Contents of the 'Scheduled Tasks' folder

2009-05-15 d:\windows\Tasks\McDefragTask.job
- d:\windows\system32\defrag.exe [2004-08-04 00:12]

2009-05-01 d:\windows\Tasks\McQcTask.job
- d:\program files\mcafee\mqc\QcConsol.exe [2009-04-29 20:01]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.watch-movies-links.net/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - d:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-26 21:13
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-796845957-2111687655-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(748)
d:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(840)
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
d:\windows\system32\ati2evxx.exe
d:\windows\system32\ati2evxx.exe
.
**************************************************************************
.
Completion time: 2009-05-27 21:15 - machine was rebooted
ComboFix-quarantined-files.txt 2009-05-27 01:15
ComboFix2.txt 2009-05-24 19:54
ComboFix3.txt 2009-05-22 22:21
ComboFix4.txt 2009-05-22 22:07
ComboFix5.txt 2009-05-27 01:08
D:\DeQuarantine.txt

Pre-Run: 38,367,293,440 bytes free
Post-Run: 38,309,031,936 bytes free

Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
299 --- E O F --- 2008-11-18 21:25






Dequarantine Log.


D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\audxlib.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\audxlib.dll ( 741376 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\andreas_78er.matrix.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\andreas_78er.matrix.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\andreas_doppelte_99er.matrix.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\andreas_doppelte_99er.matrix.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\andreas_einfache_99er.matrix.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\andreas_einfache_99er.matrix.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\Bulletproof's Heavy Compression Matrix.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\Bulletproof's Heavy Compression Matrix.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\Bulletproof's High Quality Matrix.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\Bulletproof's High Quality Matrix.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\CG-Animation Matrix.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\CG-Animation Matrix.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\eqm_autogk_sharp.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\eqm_autogk_sharp.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\eqm_avc_hr.cfg.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\eqm_avc_hr.cfg ( 910 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\eqm_v1.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\eqm_v1.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\eqm_v3ehr.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\eqm_v3ehr.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\eqm_v3hr.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\eqm_v3hr.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\eqm_v3lr.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\eqm_v3lr.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\eqm_v3uhr_rev2.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\eqm_v3uhr_rev2.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\eqm_v3ulr_rev3.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\eqm_v3ulr_rev3.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\hvs-best-picture.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\hvs-best-picture.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\hvs-better-picture.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\hvs-better-picture.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\hvs-good-picture.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\hvs-good-picture.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\Low Bitrate Matrix.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\Low Bitrate Matrix.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\MPEG.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\MPEG.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\pvcd.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\pvcd.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\q_matrix.cfg.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\q_matrix.cfg ( 2697 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\q_matrix_def.cfg.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\q_matrix_def.cfg ( 1244 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\q_matrix2.cfg.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\q_matrix2.cfg ( 1244 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\Soulhunters V3.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\Soulhunters V3.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\Soulhunters V5.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\Soulhunters V5.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\Standard.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\Standard.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\Ultimate Matrix.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\Ultimate Matrix.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\Ultra Low Bitrate Matrix.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\Ultra Low Bitrate Matrix.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\custom matrices\Very Low Bitrate Matrix.xcm.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\custom matrices\Very Low Bitrate Matrix.xcm ( 128 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\ff_kernelDeint.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\ff_kernelDeint.dll ( 683520 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\ff_liba52.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\ff_liba52.dll ( 142848 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\ff_libdts.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\ff_libdts.dll ( 257024 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\ff_libfaad2.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\ff_libfaad2.dll ( 485888 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\ff_libmad.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\ff_libmad.dll ( 178688 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\ff_realaac.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\ff_realaac.dll ( 153600 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\ff_samplerate.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\ff_samplerate.dll ( 183296 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\ff_theora.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\ff_theora.dll ( 239247 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\ff_tremor.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\ff_tremor.dll ( 146944 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\ff_unrar.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\ff_unrar.dll ( 113152 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\ff_vfw.dll.manifest.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\ff_vfw.dll.manifest ( 547 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\ff_vfw.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\ff_vfw.dll ( 57344 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\ff_wmv9.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\ff_wmv9.dll ( 93184 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\ff_x264.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\ff_x264.dll ( 884237 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\ffavisynth.avsi.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\ffavisynth.avsi ( 39 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\ffavisynth.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\ffavisynth.dll ( 53760 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\ffdshow.ax.manifest.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\ffdshow.ax.manifest ( 547 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\ffdshow.ax.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\ffdshow.ax ( 2625536 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\ffvdub.vdf.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\ffvdub.vdf ( 96768 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\FLT_ffdshow.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\FLT_ffdshow.dll ( 53760 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1026.bg.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1026.bg ( 82598 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1028.tc.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1028.tc ( 22148 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1029.cz.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1029.cz ( 99356 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1031.de.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1031.de ( 78406 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1033.en.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1033.en ( 9 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1034.es.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1034.es ( 115322 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1035.fi.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1035.fi ( 69860 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1036.fr.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1036.fr ( 114950 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1038.hu.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1038.hu ( 10636 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1040.it.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1040.it ( 85420 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1041.ja.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1041.ja ( 94746 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1045.pl.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1045.pl ( 130524 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1046.br.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1046.br ( 11084 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1049.ru.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1049.ru ( 62196 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1051.sk.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1051.sk ( 70960 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1053.se.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.1053.se ( 9802 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.2052.sc.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\languages\ffdshow.2052.sc ( 67828 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\libavcodec.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\libavcodec.dll ( 4338246 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\libmpeg2_ff.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\libmpeg2_ff.dll ( 145609 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\libmplayer.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\libmplayer.dll ( 560802 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\msvcr71.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\msvcr71.dll ( 348160 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\openIE.js.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\openIE.js ( 1708 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\TomsMoComp_ff.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\TomsMoComp_ff.dll ( 238080 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\FFDShow\xvidcore.dll.vir -> D:\Program Files\Essentials Codec Pack\FFDShow\xvidcore.dll ( 791742 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Gabset\FLVSplitter.ax.vir -> D:\Program Files\Essentials Codec Pack\Gabset\FLVSplitter.ax ( 344064 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Gabset\Mpeg2DecFilter.ax.vir -> D:\Program Files\Essentials Codec Pack\Gabset\Mpeg2DecFilter.ax ( 446464 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Gabset\VSFilter.dll.vir -> D:\Program Files\Essentials Codec Pack\Gabset\VSFilter.dll ( 1019904 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Haali\avi.dll.vir -> D:\Program Files\Essentials Codec Pack\Haali\avi.dll ( 108032 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Haali\avs.dll.vir -> D:\Program Files\Essentials Codec Pack\Haali\avs.dll ( 97280 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Haali\avss.dll.vir -> D:\Program Files\Essentials Codec Pack\Haali\avss.dll ( 102400 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Haali\cue2xml.js.vir -> D:\Program Files\Essentials Codec Pack\Haali\cue2xml.js ( 4835 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Haali\dsmux.exe.vir -> D:\Program Files\Essentials Codec Pack\Haali\dsmux.exe ( 103424 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Haali\dxr.dll.vir -> D:\Program Files\Essentials Codec Pack\Haali\dxr.dll ( 245248 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Haali\gdsmux.exe.vir -> D:\Program Files\Essentials Codec Pack\Haali\gdsmux.exe ( 335872 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Haali\license.txt.vir -> D:\Program Files\Essentials Codec Pack\Haali\license.txt ( 1187 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Haali\mkunicode.dll.vir -> D:\Program Files\Essentials Codec Pack\Haali\mkunicode.dll ( 23552 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Haali\mkv2vfr.exe.vir -> D:\Program Files\Essentials Codec Pack\Haali\mkv2vfr.exe ( 135168 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Haali\mkx.dll.vir -> D:\Program Files\Essentials Codec Pack\Haali\mkx.dll ( 148992 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Haali\mkzlib.dll.vir -> D:\Program Files\Essentials Codec Pack\Haali\mkzlib.dll ( 79360 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Haali\mmfinfo.dll.vir -> D:\Program Files\Essentials Codec Pack\Haali\mmfinfo.dll ( 159744 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Haali\mp4.dll.vir -> D:\Program Files\Essentials Codec Pack\Haali\mp4.dll ( 141312 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Haali\ogm.dll.vir -> D:\Program Files\Essentials Codec Pack\Haali\ogm.dll ( 120832 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Haali\splitter.ax.vir -> D:\Program Files\Essentials Codec Pack\Haali\splitter.ax ( 536576 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Haali\ts.dll.vir -> D:\Program Files\Essentials Codec Pack\Haali\ts.dll ( 163840 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\MediaRepair.exe.vir -> D:\Program Files\Essentials Codec Pack\MediaRepair.exe ( 65536 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\mplayerc.exe.vir -> D:\Program Files\Essentials Codec Pack\mplayerc.exe ( 6402048 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\uninst.exe.vir -> D:\Program Files\Essentials Codec Pack\uninst.exe ( 66266 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\WavPack\license.txt.vir -> D:\Program Files\Essentials Codec Pack\WavPack\license.txt ( 1583 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\WavPack\WavPackDSDecoder.ax.vir -> D:\Program Files\Essentials Codec Pack\WavPack\WavPackDSDecoder.ax ( 147456 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\WavPack\WavPackDSSplitter.ax.vir -> D:\Program Files\Essentials Codec Pack\WavPack\WavPackDSSplitter.ax ( 81920 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\WECPUpdate.exe.vir -> D:\Program Files\Essentials Codec Pack\WECPUpdate.exe ( 196608 bytes )
D:\Qoobox\Quarantine\D\Program Files\Essentials Codec Pack\Windows Essentials Media Codec Pack.url.vir -> D:\Program Files\Essentials Codec Pack\Windows Essentials Media Codec Pack.url ( 52 bytes )



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:19:07 PM, on 5/26/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\explorer.exe
D:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.watch-movies-links.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - d:\program files\mcafee\virusscan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - D:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - D:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - D:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - D:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/ ... .6.108.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/re ... NPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 6342352765
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9072450140
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - D:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - D:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

--
End of file - 5538 bytes
reaperofelement
Regular Member
 
Posts: 28
Joined: April 28th, 2009, 9:38 pm
Top
Advertisement
Register to Remove

Re: Maleware probelm, My HiJackThis log

Unread postby flashh4 » May 29th, 2009, 9:39 am

Hi reaperofelement, log is looking real good.

Now Go to Start-Settings-Control Panel, click on Add remove Programs. If any of the following programs are listed there, click on the program to highlight it, and click on remove. Then close the Control Panel.

    Java(TM) 6 Update 11
    Java(TM) 6 Update 7


Take extra care in answering questions posed by any Uninstaller. Some questions may be worded to deceive you into Keeping the program.

Download the latest version of Java Runtime Environment(JRE), and install it to your computer.
It is the 1st one on the page, called Java Runtime Environment (JRE) 6 Update 13
Select Windows, multi-language, and check to agree to the license.
Download it, choose save, and save it to your desktop.
Then doubleclick it, and it will install the newest version of Java for you to use.





NEXT



:Remove bad HijackThis entries:
  • Run HijackThis
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):

      O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

  • Close all open windows and browsers/email, etc...
  • Click on the "Fix Checked" button
  • When completed, close the application.

Post a new HJT log.
Let me know how its running.

Thanks
Chuck
User avatar
flashh4
Regular Member
 
Posts: 2276
Joined: June 7th, 2005, 8:36 pm
Location: wyoming
Top

Re: Maleware probelm, My HiJackThis log

Unread postby reaperofelement » May 30th, 2009, 4:56 am

Alright Chuck got it done. Does seem better cause when I used to goto myspace it'd pop up an add everytime doesn't do it anymore like before I had the problem. Havent checked out searching stuff up thru google but I will. Anywho here is the log, thanks for all your help so far Chuck.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:52:44 AM, on 5/30/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\svchost.exe
D:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\WINDOWS\system32\msiexec.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.watch-movies-links.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - d:\program files\mcafee\virusscan\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - D:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - D:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - D:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - D:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/ ... .6.108.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/re ... NPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 6342352765
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9072450140
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - D:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - D:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

--
End of file - 5526 bytes
reaperofelement
Regular Member
 
Posts: 28
Joined: April 28th, 2009, 9:38 pm
Top

Re: Maleware probelm, My HiJackThis log

Unread postby reaperofelement » May 31st, 2009, 7:06 am

Hey Chuck, so for some reason I still can't goto windows update website. Its like when I type it in the goggle toolbar and search it, it brings the websites so I click on it and it brings me back to the original google page. When I tried yahoo, it just wouldn't do anything. Is that maleware or something I have set in my settings. Cause I used to beable to goto windows update.
reaperofelement
Regular Member
 
Posts: 28
Joined: April 28th, 2009, 9:38 pm
Top

Re: Maleware probelm, My HiJackThis log

Unread postby flashh4 » May 31st, 2009, 3:34 pm

Hi reaperofelement, are you using a router or similar device ?? If so, it sounds like either your router got corrupted or the infection corrupted the DSL or Cable modem. Lets try resetting which ever you are using.
Try unplugging it and waiting a few minutes then plug it back in.
Let me know if that helps.

Chuck
User avatar
flashh4
Regular Member
 
Posts: 2276
Joined: June 7th, 2005, 8:36 pm
Location: wyoming
Top

Re: Maleware probelm, My HiJackThis log

Unread postby reaperofelement » June 1st, 2009, 11:08 am

Alright Chuck, I'm using a router which is hooked up to a modem. I know you knew that lol but I said it. So I unplugged both for about 5 minutes or more, plugged back in does the same thing. Either brings me back to original google page but in the url it says the microsoft updates . com thing and the other just gives a google error searching it. Its wierd it never used to do that either before, well atleast since I've had this stuff on my computer.
reaperofelement
Regular Member
 
Posts: 28
Joined: April 28th, 2009, 9:38 pm
Top

Re: Maleware probelm, My HiJackThis log

Unread postby flashh4 » June 3rd, 2009, 8:29 pm

Hi reaperofelement, i will have another fix coming your way shortly, hopefully this will get your problem fixed.

Chuck
User avatar
flashh4
Regular Member
 
Posts: 2276
Joined: June 7th, 2005, 8:36 pm
Location: wyoming
Top

Re: Maleware probelm, My HiJackThis log

Unread postby flashh4 » June 4th, 2009, 9:17 am

Hi reaperofelement, lets see if your "Host File may have become corrupted.

Download HostsXpert and unzip it to your computer, somewhere where you can find it.

*Double click on HostsXpert.exe
*Click on Make Hosts Writable? upper right corner (if available)
*Click on Restore MS Hosts File to restore your Hosts file to its default condition
*Click on Make ReadOnly to secure it against further infection.
*Exit the programme.
Visit the http://www.funkytoad.com/ for more information.


Next i need you to run a command prompt.

Start-->Run, type in CMD to bring up command prompt.
At the C: prompt, type in ipconfig /release and hit enter.
(type)ipconfig /renew and hit enter.

After that, Reboot.

Let me know if this helps.

Chuck
User avatar
flashh4
Regular Member
 
Posts: 2276
Joined: June 7th, 2005, 8:36 pm
Location: wyoming
Top

Re: Maleware probelm, My HiJackThis log

Unread postby flashh4 » June 7th, 2009, 9:41 am

Hi reaperofelement, are you still in need of assistance. We are close to resolving this topic. Please respond before it gets closed.

Thanks
Chuck
User avatar
flashh4
Regular Member
 
Posts: 2276
Joined: June 7th, 2005, 8:36 pm
Location: wyoming
Top

Re: Maleware probelm, My HiJackThis log

Unread postby reaperofelement » June 7th, 2009, 3:38 pm

Hey Chuck, yeah sorry I didn't respond sooner. I was out of town, but alright I did what you said tried bringing up windows update again, still does the same thing. But yeah sorry again, talk to you soon Chuck.
reaperofelement
Regular Member
 
Posts: 28
Joined: April 28th, 2009, 9:38 pm
Top

Re: Maleware probelm, My HiJackThis log

Unread postby flashh4 » June 7th, 2009, 7:44 pm

Hi reaperofelement, ok lets try this. See if you can get to Windows Updates web site via the Start menu.

Go to Start ---> All Programs ---> then select Windows Updates

If this did not work or you had problems let me know what happened.
Also you might want to uninstall the Google Tool Bar for IE.

Try this and get back to me, with any details.

Chuck
User avatar
flashh4
Regular Member
 
Posts: 2276
Joined: June 7th, 2005, 8:36 pm
Location: wyoming
Top

Re: Maleware probelm, My HiJackThis log

Unread postby reaperofelement » June 9th, 2009, 9:55 am

Alright Chuck I got rid of the Google toobar, I tried from the start-all programs-windows update. Same thing brought me to google website but it shows in the www. part the windows update type in. Also I have another one called Microsoft Update aisde from Windows Update. The Microsoft one brings google error page up though. Like this,
Google Error


Not Found
The requested URL /microsoftupdate was not found on this server.

But the Windows Update one brings me right to the google website, and google is not my home page website either.
reaperofelement
Regular Member
 
Posts: 28
Joined: April 28th, 2009, 9:38 pm
Top

Re: Maleware probelm, My HiJackThis log

Unread postby flashh4 » June 10th, 2009, 8:26 pm

Hi reaperofelement, The problems you are still experiencing are not coming from malware as all of your latest logs have come back clean.
When I am faced with this type of problem I go to these sites below. I have asked for help there myself and they have always been able to solve my problems.

Tech support guy


and

what the tech


So as I said above, your logs are showing clean so now you get my all clean speech I hope you can resolve your other problem with the links that I provided.

.............................

Time for some housekeeping
  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK
  • Image
The above procedure will reset your System Restore and clear out the backups and quarantines created during the course of this fix.

......................................

Since you already have Malwarebytes' installed i would keep this valuable tool. I run mine a few times a week to check my computer for anything it may have picked up.
You can continue to manually update and use MBAM as an on demand scanner.
There is also an upgrade to the paid version.
Instructions on use:
Click/open Malwarebytes' on your desk top, click the Update tab, click the box check for updates, use the option "perform quick scan".
# When the scan is complete, click OK, then Show Results to view the results.
# Make sure that everything is checked, and click Remove Selected


======================

Congratulation you are clean !!! :cheers:

Here are some suggestions to help you stay clean.

  • Update your AntiVirus Software and keep your other programs up-to-date
    Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
    You can use one of these sites to check if any updates are needed for your pc.
    Secunia Software Inspector
    F-secure Health Check

  • Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://update.microsoft.com/windowsupda ... ankspage=5 regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

  • Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.

    A tutorial on installing & using this product can be found here:

    Using SpywareBlaster to protect your computer from Spyware and Malware

  • Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
Follow this list and your potential for being infected again will reduce dramatically.

Here are some additional utilities that will enhance your safety


Stand Up and Be Counted ---> Malware Complaints <--- where you can make difference!

The site offers people who have been (or are) victims of malware the opportunity to document their story and, in that way, launch a complaint against the malware and the makers of the malware.

Happy surfing and stay clean

Let me know if you have read this and if no other problems we can archive this topic.


Thanks
Chuck
User avatar
flashh4
Regular Member
 
Posts: 2276
Joined: June 7th, 2005, 8:36 pm
Location: wyoming
Top

Re: Maleware probelm, My HiJackThis log

Unread postby flashh4 » June 14th, 2009, 10:36 am

Hi reaperofelement, it would be nice to know you have read my recommendations and that this topic will close in 1 more day.

Thanks
Chuck
User avatar
flashh4
Regular Member
 
Posts: 2276
Joined: June 7th, 2005, 8:36 pm
Location: wyoming
Top

Re: Maleware probelm, My HiJackThis log

Unread postby silver » June 16th, 2009, 8:55 pm

This topic is now closed
We are pleased to have been of assistance in getting you clean.

If you have been helped and wish to donate with the costs of this volunteer site, you can do so using this link
Donations For Malware Removal
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7
Top
Advertisement
Register to Remove
Previous
Topic locked
  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 203 guests

The teamDelete all board cookiesAll times are UTC - 5 hours [ DST ]

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware

Board index