Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Hijack this vd.0.4 shows 1 result 024 - desktop component0:

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Hijack this vd.0.4 shows 1 result 024 - desktop component0:

Unread postby solw » January 21st, 2012, 9:42 am

hijack this shows:
1 result 024 - desktop component0: (no name - (no file) and keeps coming back, should I be worried?
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Sol at 8:22:13 on 2012-01-21
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3455.1366 [GMT -5:00]
.
AV: Norton Business Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Business Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Business Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
c:\program files\idt\v114_ecs_d_6207.2v7_6099.8xp_g2.0v_rc_sdc\wdm\STacSV.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Nuance\dgnsvc.exe
C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\GlidePoint\glidesvc.exe
C:\Program Files\Norton Business Suite\Engine\5.1.0.29\ccSvcHst.exe
C:\Program Files\GlidePoint\glidesvc.exe
C:\Program Files\PortReporter\portreporter.exe
C:\Program Files\ThreatFire\TFService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Norton Business Suite\Engine\5.1.0.29\ccSvcHst.exe
C:\Program Files\Snappy Fax Version 5\sfpagent.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\BillP Studios\Task Catcher\TaskTrap.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Snappy Fax Version 5\SF5.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\AMS Services\TransactNOW\OALaunch.exe
C:\Program Files\Webcetera\EzPDFUploadSetup_Win7x86\EzPDFUploadConsole.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Users\Sol\AppData\Local\AMS Services, Inc\AMS 360\WorkstationCoordinator.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\prevhost.exe
C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton business suite\engine\5.1.0.29\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton business suite\engine\5.1.0.29\ips\IPSBHO.DLL
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton business suite\engine\5.1.0.29\coIEPlg.dll
TB: {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [Snappy Fax Version 5] c:\program files\snappy fax version 5\SF5.exe
uRun: [ISUSPM] c:\programdata\flexnet\connect\11\ISUSPM.exe -scheduler
uRun: [dms] c:\program files\mercury insurance\mercury agent application\MAA40.exe
uRun: [HijackThis startup scan] c:\program files\trend micro\hijackthis\HijackThis.exe /startupscan
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\9dbe996c-a8d6-48f3-8d01-bc09c68acf93.com
mRun: [FJTWAIN Setup] c:\windows\twain_32\fjscan32\FjtwSetup.exe /Reconstruct
mRun: [Snappy Fax Printer virtual printer agent] "c:\program files\snappy fax version 5\sfpagent.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
mRun: [DNS7reminder] "c:\program files\nuance\naturallyspeaking11\ereg\ereg.exe" -r "c:\programdata\nuance\naturallyspeaking11\Ereg.ini
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Task Catcher] c:\program files\billp studios\task catcher\tasktrap.exe
mRun: [ThreatFire] c:\program files\threatfire\TFTray.exe
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [TEAM-UP Download Scheduler] c:\teamup\download\tudlsched.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\users\sol\appdata\roaming\micros~1\windows\startm~1\programs\startup\ezpdfu~1.lnk - c:\windows\installer\{f7abb138-9222-468c-b025-229c14e6686f}\_54D63B019984DCF9C84188.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\transa~1.lnk - c:\program files\ams services\transactnow\OALaunch.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Show RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~1\office12\ONBttnIE.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
Trusted Zone: ams-benefits.com
Trusted Zone: ams-services.com
Trusted Zone: ams-support.com
Trusted Zone: ams360.com
Trusted Zone: ams360.com\www
Trusted Zone: amsservices.com
Trusted Zone: fnicproducer.com\www
Trusted Zone: foragentsonly.com\sbr5
Trusted Zone: foragentsonly.com\www1
Trusted Zone: njcrib.com\www
Trusted Zone: prevailnetwork.com
Trusted Zone: psiauto.com\www
Trusted Zone: silverplume.com\rating
Trusted Zone: standardfunding.com\www
Trusted Zone: transactnow.com\ams
Trusted Zone: travelers.com
Trusted Zone: travelerspc.com
Trusted Zone: vertafore.com
Trusted Zone: AMSSetWrite.com
Trusted Zone: silverplume.com
Trusted Zone: travelers.com
Trusted Zone: travelerspc.com
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net ... plugin.cab
DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} - hxxp://www.psiauto.com/is/root//controls/ScriptX.cab
DPF: {5852F5ED-8BF4-11D4-A245-0080C6F74284} - hxxp://javadl-esd.sun.com/update/1.6.0/ ... s-i586.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/Shar ... /cabsa.cab
DPF: {77DAB859-DDE3-4C49-A86B-FAFEA51039FB} - hxxp://download.connectivesupport.com/t ... USched.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CA9DABAF-EE22-4B29-9C60-91F85E81A894} - hxxps://webfnol.firemansfund.com:446/AI ... leSize.CAB
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXc ... atgpc1.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1 10.1.10.1
TCP: Interfaces\{36A2D3E4-5D4D-4414-8DCF-CB275DF843AC} : DhcpNameServer = 192.168.1.1 10.1.10.1
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0501000.01d\symds.sys [2011-9-15 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0501000.01d\symefa.sys [2011-9-15 744568]
R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2011-11-23 51984]
R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2011-11-23 69392]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\bashdefs\20111223.001\BHDrvx86.sys [2011-11-30 820344]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.0.125\definitions\ipsdefs\20120120.002\IDSvix86.sys [2012-1-21 368248]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0501000.01d\ironx86.sys [2011-9-15 136312]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\n360\0501000.01d\symnets.sys [2011-9-15 299640]
R1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-7-18 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 DragonSvc;Dragon Service;c:\program files\common files\nuance\dgnsvc.exe [2010-7-23 296808]
R2 DymoPnpService;DYMO PnP Service;c:\program files\dymo\dymo label software\DymoPnpService.exe [2011-1-28 32336]
R2 GlidePoint;GlidePoint Touchpad Client;c:\program files\glidepoint\glidesvc.exe [2009-6-4 193832]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-12-30 652872]
R2 N360;Norton Business Suite;c:\program files\norton business suite\engine\5.1.0.29\ccsvchst.exe [2011-9-15 130008]
R2 PortReporter;Port Reporter;c:\program files\portreporter\PortReporter.exe [2011-12-30 90183]
R2 ThreatFire;ThreatFire;c:\program files\threatfire\tfservice.exe service --> c:\program files\threatfire\TFService.exe service [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-1-4 106104]
R3 glidehid;GlidePoint HID Touchpad Minidriver;c:\windows\system32\drivers\glidehid.sys [2009-6-4 60840]
R3 glideps2;GlidePoint PS/2 Touchpad Filter;c:\windows\system32\drivers\glideps2.sys [2009-6-4 25384]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-7 20464]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]
R3 scsiscan;SCSI Scanner Driver;c:\windows\system32\drivers\scsiscan.sys [2009-7-13 14848]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2011-11-23 33552]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2011-2-24 30392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 4238;4238;c:\windows\system32\drivers\4238 [2011-8-3 9072]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 ECSIoDriver_1_1_0_0;ECSIoDriver_1_1_0_0;c:\program files\ecs motherboard utility\eblu\ECSIoDriver.sys [2011-3-29 14528]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-1-20 40776]
S3 netr28u;Linksys USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2010-1-15 841504]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-1 52224]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-1-30 1343400]
S4 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
.
=============== Created Last 30 ================
.
2012-01-20 21:13:02 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-01-10 16:31:10 -------- d-----w- C:\SQLEXPRESS
2012-01-03 13:10:44 182672 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2012-01-02 15:34:48 -------- d-----w- c:\programdata\Symantec
2011-12-30 20:37:29 -------- d-----w- c:\program files\PortReporter
2011-12-30 19:44:12 -------- d-----w- C:\PortQryUI
2011-12-30 19:14:45 -------- d-----w- c:\program files\Microsoft
2011-12-30 19:13:28 -------- d-----w- C:\portrptr
2011-12-30 19:08:45 -------- d-----w- C:\promqryui
2011-12-28 18:08:46 -------- d-----w- c:\program files\GlidePoint
2011-12-27 18:00:50 -------- d-----w- c:\users\sol\appdata\local\Thunderbird
2011-12-26 19:26:45 -------- d-----w- c:\program files\Starfield
2011-12-26 16:34:03 -------- d-----w- c:\windows\system32\%LOCALAPPDATA%
2011-12-22 21:55:00 -------- d-----w- c:\windows\Microsoft Antimalware
2011-12-22 21:54:57 -------- d-----w- c:\windows\Windows Defender Offline
.
==================== Find3M ====================
.
2011-12-10 20:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-24 04:25:27 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-11-19 14:01:00 67072 ----a-w- c:\windows\system32\packager.dll
2011-11-17 21:26:29 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-17 05:41:52 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2011-11-17 05:41:51 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2011-11-17 05:39:24 369352 ----a-w- c:\windows\system32\drivers\cng.sys
2011-11-17 05:38:39 1288472 ----a-w- c:\windows\system32\ntdll.dll
2011-11-17 05:35:02 314880 ----a-w- c:\windows\system32\webio.dll
2011-11-17 05:34:55 15872 ----a-w- c:\windows\system32\sspisrv.dll
2011-11-17 05:34:55 100352 ----a-w- c:\windows\system32\sspicli.dll
2011-11-17 05:34:52 224768 ----a-w- c:\windows\system32\schannel.dll
2011-11-17 05:34:52 22016 ----a-w- c:\windows\system32\secur32.dll
2011-11-17 05:32:51 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2011-11-17 05:29:50 22528 ----a-w- c:\windows\system32\lsass.exe
2011-11-10 16:44:33 110456 ----a-w- c:\users\sol\g2ax_customer_downloadhelper_win32_x86.exe
2011-11-10 10:54:13 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-09 22:45:34 0 ----a-w- c:\windows\system32\usbuvexe.dll
2011-11-09 22:45:34 0 ----a-w- c:\windows\system32\polewget.dll
2011-11-09 22:45:34 0 ----a-w- c:\windows\system32\gifantbl.dll
2011-11-09 22:45:34 0 ----a-w- c:\windows\system32\drivers\bmpostxt.sys
2011-11-09 22:45:34 0 ----a-w- c:\windows\system32\calesvga.exe
2011-11-09 22:45:34 0 ----a-w- c:\windows\system32\bmpostxt.dll
2011-11-08 17:23:50 72080 ----a-w- c:\users\sol\g2mdlhlpx.exe
2011-11-05 04:26:03 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-26 04:47:40 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-26 04:47:40 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-26 04:32:11 514560 ----a-w- c:\windows\system32\qdvd.dll
2011-10-26 04:32:11 1328128 ----a-w- c:\windows\system32\quartz.dll
2011-10-26 04:28:12 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-24 19:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 19:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
.
============= FINISH: 8:24:43.48 ===============
solw
Active Member
 
Posts: 4
Joined: January 20th, 2012, 11:22 am
Advertisement
Register to Remove

Re: Hijack this vd.0.4 shows 1 result 024 - desktop componen

Unread postby Wingman » January 21st, 2012, 9:51 am

Duplicate topic
This topic is a duplicate of the original post...the original topic remains.


This topic has been closed.
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14347
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 292 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware