Unable to run Mbam & other protection warez

darknd_heart · 09-29-2009

Can not seem to run Mbam,Seek & Destroy or use Avira. I know there is something wrong because programs are booting and running very slow. Luckily HJT works. I have Runscanner that can give a log aswell if needed. The way it is seeming though I will need "the big guns" as Crush puts it lol.

EDIT:Also,when I use Mbam it does open but when the scan starts it freezes at the same file everytime. The file is "C:\WINDOWS\system32\zipfldr.dll".

darknd_heart · 09-29-2009

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:00:47 AM, on 9/29/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
E:\Ahead\InCD\InCDsrv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
E:\Ahead\InCD\InCD.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
E:\Mozilla Firefox\firefox.exe
E:\RunScanner\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = :0
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] E:\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1191018588671
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1213053181531
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - E:\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe

--
End of file - 4354 bytes

smokeycheech · 09-29-2009

Hello Darknd_heart, welcome back to the forum!

If you feel you may be infected with malware, could you please click the prework link in my signature, follow all instructions then post the requested logs?

This way our security team can assess them for you and assist you in removing any infections.

If you are unable to install/run the software, just post back and one of our security team will be able to help you further

Regards,

Smokeycheech

darknd_heart · 09-30-2009

ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2009/09/29 21:24
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xBAD2C000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF7C03000 Size: 8192 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB810D000 Size: 49152 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\WINDOWS\Fonts\3453645747jggkgkgjkgj.fon
Status: Locked to the Windows API!

Path: C:\WINDOWS\Fonts\ssee1257.fon:SummaryInformation
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Fonts\ssee1257.fon:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
Status: Invisible to the Windows API!

SSDT
-------------------
#: 041 Function Name: NtCreateKey
Status: Hooked by "<unknown>" at address 0xf7c7dcde

#: 053 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0xf7c7dcd4

#: 063 Function Name: NtDeleteKey
Status: Hooked by "<unknown>" at address 0xf7c7dce3

#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "<unknown>" at address 0xf7c7dced

#: 098 Function Name: NtLoadKey
Status: Hooked by "<unknown>" at address 0xf7c7dcf2

#: 122 Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0xf7c7dcc0

#: 128 Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0xf7c7dcc5

#: 193 Function Name: NtReplaceKey
Status: Hooked by "<unknown>" at address 0xf7c7dcfc

#: 204 Function Name: NtRestoreKey
Status: Hooked by "<unknown>" at address 0xf7c7dcf7

#: 247 Function Name: NtSetValueKey
Status: Hooked by "<unknown>" at address 0xf7c7dce8

#: 257 Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0xf7c7dccf

==EOF==

darknd_heart · 09-30-2009

DDS (Ver_09-09-29.01) - NTFSx86
Run by USER at 21:30:35.71 on Tue 09/29/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_14
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.767.388 [GMT -4:00]

AV: AntiVir Desktop *On-access scanning enabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
E:\Ahead\InCD\InCDsrv.exe
svchost.exe
svchost.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
E:\Ahead\InCD\InCD.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
E:\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\USER\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*Yahoo!
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [InCD] e:\ahead\incd\InCD.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1191018588671
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1213053181531
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\user\applic~1\mozilla\firefox\profiles \6kt9e4fz.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - yahoo.com
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=
FF - plugin: e:\quicktime\plugins\npqtplugin.dll
FF - plugin: e:\quicktime\plugins\npqtplugin2.dll
FF - plugin: e:\quicktime\plugins\npqtplugin3.dll
FF - plugin: e:\quicktime\plugins\npqtplugin4.dll
FF - plugin: e:\quicktime\plugins\npqtplugin5.dll
FF - plugin: e:\quicktime\plugins\npqtplugin6.dll
FF - plugin: e:\quicktime\plugins\npqtplugin7.dll
FF - plugin: e:\quicktime\plugins\npqtplugin8.dll
FF - plugin: e:\quicktime\plugins\npqtplugin9.dll
FF - HiddenExtension: Java Console: No Registry Reference - e:\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboo t.sys [2009-9-29 28544]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-9-29 11608]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-9-29 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-9-29 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgn tflt.sys [2009-7-5 55656]
S3 CCCP106;CIF USB Camera (2110A);c:\windows\system32\drivers\cccp106.sys [2009-6-11 227200]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\dr ivers\mbamswissarmy.sys [2009-8-12 38224]

=============== Created Last 30 ================

2009-09-29 09:20 <DIR> --d----- c:\program files\Avira
2009-09-29 09:20 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Avira
2009-09-29 08:57 28,544 a------- c:\windows\system32\drivers\pavboot.sys
2009-09-29 07:40 153,088 -c------ c:\windows\system32\dllcache\triedit.dll
2009-09-28 21:21 1,949 a------- c:\windows\eReg.dat
2009-09-21 15:52 55,627 -------- c:\windows\UNMRW.cfg
2009-09-21 15:52 2,658,304 -------- c:\windows\UNMRW.exe
2009-09-21 15:52 57,879 -------- c:\windows\NuNinst.cfg
2009-09-21 15:52 2,658,304 -------- c:\windows\NuNinst.exe
2009-09-21 15:52 99,200 -------- c:\windows\system32\drivers\InCDfs.sys
2009-09-21 15:52 28,928 -------- c:\windows\system32\drivers\InCDpass.sys
2009-09-21 15:52 8,704 -------- c:\windows\system32\drivers\InCDrec.sys
2009-09-21 15:52 27,776 -------- c:\windows\system32\drivers\InCDrm.sys
2009-09-21 15:52 <DIR> --d----- c:\windows\InCD
2009-09-21 15:50 155,648 a------- c:\windows\system32\NeroCheck.exe
2009-09-21 15:49 192,817 -------- c:\windows\UNNeroVision.cfg
2009-09-21 15:49 2,973,696 -------- c:\windows\UNNeroVision.exe
2009-09-21 13:04 <DIR> --d----- c:\program files\DVD Decrypter
2009-09-16 01:12 <DIR> --d----- c:\program files\7art
2009-09-11 06:15 <DIR> --d----- c:\program files\common files\DivX Shared
2009-09-05 08:58 73,728 a------- c:\windows\system32\javacpl.cpl
2009-09-05 02:12 <DIR> --d----- c:\docume~1\alluse~1\applic~1\WhiteCap (Holiday Edition)
2009-09-05 02:10 <DIR> --d----- c:\program files\Winter Fun Pack 2004 for Windows XP
2009-09-01 23:56 <DIR> --d----- c:\windows\system32\XPSViewer
2009-09-01 23:56 14,048 -------- c:\windows\system32\spmsg2.dll

==================== Find3M ====================

2009-09-21 13:01 47,360 a------- c:\docume~1\user\applic~1\pcouffin.sys
2009-09-21 12:12 47,360 a------- c:\windows\system32\drivers\pcouffin.sys
2009-09-10 14:54 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 14:53 19,160 a------- c:\windows\system32\drivers\mbam.sys
2009-09-05 08:58 410,984 a------- c:\windows\system32\deploytk.dll
2009-08-21 07:29 4,608 a------- c:\windows\system32\w95inf32.dll
2009-08-21 07:29 2,272 a------- c:\windows\system32\w95inf16.dll
2009-08-05 05:01 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-07-29 00:37 119,808 a------- c:\windows\system32\t2embed.dll
2009-07-29 00:37 81,920 a------- c:\windows\system32\fontsub.dll
2009-07-17 15:01 58,880 a------- c:\windows\system32\atl.dll
2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll
2009-07-12 01:58 76,487 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-07-09 03:20 21,840 a------t c:\windows\system32\SIntfNT.dll
2009-07-09 03:20 17,212 a------t c:\windows\system32\SIntf32.dll
2009-07-09 03:20 12,067 a------t c:\windows\system32\SIntf16.dll
2009-07-03 13:09 915,456 -------- c:\windows\system32\wininet.dll

============= FINISH: 21:31:03.95 ===============

darknd_heart · 09-30-2009

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-09-29.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 9/27/2007 8:04:17 PM
System Uptime: 9/29/2009 8:50:56 PM (1 hours ago)

Motherboard: Intel Corporation | | D845GEBV2
Processor: Intel(R) Pentium(R) 4 CPU 2.40GHz | J2E1 | 2400/133mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 19 GiB total, 5.336 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 149 GiB total, 120.149 GiB free.
F: is CDROM (CDFS)

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Microsoft Loopback Adapter
Device ID: ROOT\NET\0000
Manufacturer: Microsoft
Name: Microsoft Loopback Adapter
PNP Device ID: ROOT\NET\0000
Service: msloop

==== System Restore Points ===================

RP1: 9/29/2009 8:18:36 AM - System Checkpoint

==== Installed Programs ======================

Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Shockwave Player 11.5
ATI - Software Uninstall Utility
ATI Display Driver
AutoUpdate
Avira AntiVir Personal - Free Antivirus
Catalyst Control Center Graphics Full Existing
CCleaner (remove only)
CIF USB Camera (2110A)
Critical Update for Windows Media Player 11 (KB959772)
DivX Codec
DivX Version Checker
DVD Decrypter (Remove Only)
Eye Candy 4000
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Intel(R) PRO Network Adapters and Drivers
Intel(R) PROSet
Jasc Paint Shop Pro 9
Java(TM) 6 Update 14
LightScribe 1.4.44.1
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft .NET Framework 3.5
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft® Winter Fun Pack 2004 for Windows® XP
Mozilla Firefox (3.5.3)
MSXML 4.0
Nero Suite
Panda ActiveScan 2.0
QSuite Ver2.1
QuickTime
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
SpywareBlaster 4.2
The Sims File Cop
The Sims Makin' Magic
Update for Windows Internet Explorer 8 (KB972636)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.762
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual C++ 8.0 CRT (x86) WinSXS MSM
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
World of Warcraft
Xenofex 1.0
XML Paper Specification Shared Components Pack 1.0
Yahoo! Messenger

==== Event Viewer Messages From Past Week ========

9/29/2009 9:37:51 AM, error: Service Control Manager [7034] - The Windows Installer service terminated unexpectedly. It has done this 1 time(s).
9/29/2009 8:26:39 AM, error: Service Control Manager [7034] - The Windows Image Acquisition (WIA) service terminated unexpectedly. It has done this 1 time(s).
9/29/2009 7:38:07 AM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s).
9/29/2009 7:32:16 AM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file zipfldr.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 6.0.2900.5512.
9/29/2009 7:22:54 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the PEVSystemStart service to connect.
9/29/2009 7:12:04 AM, error: Service Control Manager [7034] - The IMAPI CD-Burning COM Service service terminated unexpectedly. It has done this 1 time(s).
9/29/2009 2:53:55 AM, error: Service Control Manager [7034] - The InCD Helper service terminated unexpectedly. It has done this 1 time(s).
9/22/2009 5:25:10 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
9/22/2009 5:24:04 PM, error: Service Control Manager [7034] - The Ati HotKey Poller service terminated unexpectedly. It has done this 1 time(s).
9/22/2009 5:23:52 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

==== End Of File ===========================

darknd_heart · 09-30-2009

Results of screen317's Security Check version 0.99.0
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
Avira AntiVir Personal - Free Antivirus
Avira updated!
``````````````````````````````
Anti-malware/Other Utilities Check:
SpywareBlaster 4.2
HijackThis 2.0.2
CCleaner (remove only)
Java(TM) 6 Update 14
Out of date Java installed!
Adobe Flash Player 10
``````````````````````````````
Process Check:
objlist.exe by Laurent
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
``````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

`````````End of Log```````````

09-29-2009	#1
darknd_heart Bronze Member Join Date: Aug 2009 Posts: 38 PC Experience: Some Experience	Unable to run Mbam & other protection warez Can not seem to run Mbam,Seek & Destroy or use Avira. I know there is something wrong because programs are booting and running very slow. Luckily HJT works. I have Runscanner that can give a log aswell if needed. The way it is seeming though I will need "the big guns" as Crush puts it lol. EDIT:Also,when I use Mbam it does open but when the scan starts it freezes at the same file everytime. The file is "C:\WINDOWS\system32\zipfldr.dll". Last edited by darknd_heart; 09-29-2009 at 03:00 PM.

09-29-2009	#2
darknd_heart Bronze Member Join Date: Aug 2009 Posts: 38 PC Experience: Some Experience	Re: Unable to run Mbam & other protection war Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:00:47 AM, on 9/29/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe E:\Ahead\InCD\InCDsrv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE E:\Ahead\InCD\InCD.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe E:\Mozilla Firefox\firefox.exe E:\RunScanner\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = :0 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [InCD] E:\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1191018588671 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1213053181531 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - E:\Ahead\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe -- End of file - 4354 bytes

09-29-2009	#3
smokeycheech Mod Team Leader Join Date: Dec 2005 Location: Skynet HQ (kinda near PCHF bunker) Posts: 2,183 PC Experience: Learning more every day!	Re: Unable to run Mbam & other protection war Hello Darknd_heart, welcome back to the forum! If you feel you may be infected with malware, could you please click the prework link in my signature, follow all instructions then post the requested logs? This way our security team can assess them for you and assist you in removing any infections. If you are unable to install/run the software, just post back and one of our security team will be able to help you further Regards, Smokeycheech __________________ Prework~Speedfan~CCleaner~Rules~CCCP~BSOD *If an elephant never forgets, how come they never win mastermind?*

09-30-2009	#4
darknd_heart Bronze Member Join Date: Aug 2009 Posts: 38 PC Experience: Some Experience	Re: Unable to run Mbam & other protection war ROOTREPEAL (c) AD, 2007-2009 ================================================== Scan Start Time: 2009/09/29 21:24 Program Version: Version 1.3.5.0 Windows Version: Windows XP SP3 ================================================== Drivers ------------------- Name: dump_atapi.sys Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys Address: 0xBAD2C000 Size: 98304 File Visible: No Signed: - Status: - Name: dump_WMILIB.SYS Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS Address: 0xF7C03000 Size: 8192 File Visible: No Signed: - Status: - Name: rootrepeal.sys Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys Address: 0xB810D000 Size: 49152 File Visible: No Signed: - Status: - Hidden/Locked Files ------------------- Path: C:\WINDOWS\Fonts\3453645747jggkgkgjkgj.fon Status: Locked to the Windows API! Path: C:\WINDOWS\Fonts\ssee1257.fon:SummaryInformation Status: Invisible to the Windows API! Path: C:\WINDOWS\Fonts\ssee1257.fon:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} Status: Invisible to the Windows API! SSDT ------------------- #: 041 Function Name: NtCreateKey Status: Hooked by "<unknown>" at address 0xf7c7dcde #: 053 Function Name: NtCreateThread Status: Hooked by "<unknown>" at address 0xf7c7dcd4 #: 063 Function Name: NtDeleteKey Status: Hooked by "<unknown>" at address 0xf7c7dce3 #: 065 Function Name: NtDeleteValueKey Status: Hooked by "<unknown>" at address 0xf7c7dced #: 098 Function Name: NtLoadKey Status: Hooked by "<unknown>" at address 0xf7c7dcf2 #: 122 Function Name: NtOpenProcess Status: Hooked by "<unknown>" at address 0xf7c7dcc0 #: 128 Function Name: NtOpenThread Status: Hooked by "<unknown>" at address 0xf7c7dcc5 #: 193 Function Name: NtReplaceKey Status: Hooked by "<unknown>" at address 0xf7c7dcfc #: 204 Function Name: NtRestoreKey Status: Hooked by "<unknown>" at address 0xf7c7dcf7 #: 247 Function Name: NtSetValueKey Status: Hooked by "<unknown>" at address 0xf7c7dce8 #: 257 Function Name: NtTerminateProcess Status: Hooked by "<unknown>" at address 0xf7c7dccf ==EOF==

09-30-2009	#5
darknd_heart Bronze Member Join Date: Aug 2009 Posts: 38 PC Experience: Some Experience	Re: Unable to run Mbam & other protection war DDS (Ver_09-09-29.01) - NTFSx86 Run by USER at 21:30:35.71 on Tue 09/29/2009 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_14 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.767.388 [GMT -4:00] AV: AntiVir Desktop On-access scanning enabled (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs E:\Ahead\InCD\InCDsrv.exe svchost.exe svchost.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe svchost.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE E:\Ahead\InCD\InCD.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe E:\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\notepad.exe C:\Documents and Settings\USER\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.yahoo.com/ uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*Yahoo! BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [InCD] e:\ahead\incd\InCD.exe mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1191018588671 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1213053181531 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\user\applic~1\mozilla\firefox\profiles \6kt9e4fz.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo! Search FF - prefs.js: browser.startup.homepage - yahoo.com FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p= FF - plugin: e:\quicktime\plugins\npqtplugin.dll FF - plugin: e:\quicktime\plugins\npqtplugin2.dll FF - plugin: e:\quicktime\plugins\npqtplugin3.dll FF - plugin: e:\quicktime\plugins\npqtplugin4.dll FF - plugin: e:\quicktime\plugins\npqtplugin5.dll FF - plugin: e:\quicktime\plugins\npqtplugin6.dll FF - plugin: e:\quicktime\plugins\npqtplugin7.dll FF - plugin: e:\quicktime\plugins\npqtplugin8.dll FF - plugin: e:\quicktime\plugins\npqtplugin9.dll FF - HiddenExtension: Java Console: No Registry Reference - e:\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} ============= SERVICES / DRIVERS =============== R0 pavboot;pavboot;c:\windows\system32\drivers\pavboo t.sys [2009-9-29 28544] R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-9-29 11608] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-9-29 108289] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-9-29 185089] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgn tflt.sys [2009-7-5 55656] S3 CCCP106;CIF USB Camera (2110A);c:\windows\system32\drivers\cccp106.sys [2009-6-11 227200] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\dr ivers\mbamswissarmy.sys [2009-8-12 38224] =============== Created Last 30 ================ 2009-09-29 09:20 <DIR> --d----- c:\program files\Avira 2009-09-29 09:20 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Avira 2009-09-29 08:57 28,544 a------- c:\windows\system32\drivers\pavboot.sys 2009-09-29 07:40 153,088 -c------ c:\windows\system32\dllcache\triedit.dll 2009-09-28 21:21 1,949 a------- c:\windows\eReg.dat 2009-09-21 15:52 55,627 -------- c:\windows\UNMRW.cfg 2009-09-21 15:52 2,658,304 -------- c:\windows\UNMRW.exe 2009-09-21 15:52 57,879 -------- c:\windows\NuNinst.cfg 2009-09-21 15:52 2,658,304 -------- c:\windows\NuNinst.exe 2009-09-21 15:52 99,200 -------- c:\windows\system32\drivers\InCDfs.sys 2009-09-21 15:52 28,928 -------- c:\windows\system32\drivers\InCDpass.sys 2009-09-21 15:52 8,704 -------- c:\windows\system32\drivers\InCDrec.sys 2009-09-21 15:52 27,776 -------- c:\windows\system32\drivers\InCDrm.sys 2009-09-21 15:52 <DIR> --d----- c:\windows\InCD 2009-09-21 15:50 155,648 a------- c:\windows\system32\NeroCheck.exe 2009-09-21 15:49 192,817 -------- c:\windows\UNNeroVision.cfg 2009-09-21 15:49 2,973,696 -------- c:\windows\UNNeroVision.exe 2009-09-21 13:04 <DIR> --d----- c:\program files\DVD Decrypter 2009-09-16 01:12 <DIR> --d----- c:\program files\7art 2009-09-11 06:15 <DIR> --d----- c:\program files\common files\DivX Shared 2009-09-05 08:58 73,728 a------- c:\windows\system32\javacpl.cpl 2009-09-05 02:12 <DIR> --d----- c:\docume~1\alluse~1\applic~1\WhiteCap (Holiday Edition) 2009-09-05 02:10 <DIR> --d----- c:\program files\Winter Fun Pack 2004 for Windows XP 2009-09-01 23:56 <DIR> --d----- c:\windows\system32\XPSViewer 2009-09-01 23:56 14,048 -------- c:\windows\system32\spmsg2.dll ==================== Find3M ==================== 2009-09-21 13:01 47,360 a------- c:\docume~1\user\applic~1\pcouffin.sys 2009-09-21 12:12 47,360 a------- c:\windows\system32\drivers\pcouffin.sys 2009-09-10 14:54 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-10 14:53 19,160 a------- c:\windows\system32\drivers\mbam.sys 2009-09-05 08:58 410,984 a------- c:\windows\system32\deploytk.dll 2009-08-21 07:29 4,608 a------- c:\windows\system32\w95inf32.dll 2009-08-21 07:29 2,272 a------- c:\windows\system32\w95inf16.dll 2009-08-05 05:01 204,800 a------- c:\windows\system32\mswebdvd.dll 2009-07-29 00:37 119,808 a------- c:\windows\system32\t2embed.dll 2009-07-29 00:37 81,920 a------- c:\windows\system32\fontsub.dll 2009-07-17 15:01 58,880 a------- c:\windows\system32\atl.dll 2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll 2009-07-12 01:58 76,487 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat 2009-07-09 03:20 21,840 a------t c:\windows\system32\SIntfNT.dll 2009-07-09 03:20 17,212 a------t c:\windows\system32\SIntf32.dll 2009-07-09 03:20 12,067 a------t c:\windows\system32\SIntf16.dll 2009-07-03 13:09 915,456 -------- c:\windows\system32\wininet.dll ============= FINISH: 21:31:03.95 ===============

Similar discussions...
Thread	Thread Starter	Forum	Replies	Last Post
Fixed: Unable to run mbam or download HJT help!	darknd_heart	[Fixed] Hijackthis! Logs	42	08-18-2009 06:40 PM
Pending: Help, please! Hjt & mbam log	schultzieman	[Pending] HJT Logs	30	06-19-2009 07:23 PM
Pending: mbam log and hjt log	razorbladekiss	[Pending] HJT Logs	20	05-03-2009 05:37 AM
Fixed: MBAM log	BabyLove41	[Fixed] Hijackthis! Logs	80	01-31-2009 05:32 PM
Man Charged in 'warez' Piracy Sentenced to Probati	Newsie	IT News	0	09-27-2008 10:23 AM

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode