can I delete System Security from XP system

Page 1 of 3 1, 2, 3  Next

View previous topic View next topic Go down

can I delete System Security from XP system

Post by headache for System Secur on Sat Jun 13, 2009 4:14 am

my windows XP SP2 was installed System Security when I visited a youtube site. I lost control to my computer & I can't open any program. By the way, my XP is protected by antivirus software CA. They showed a lot of things. Warning me a lot. I can not use my computer even though I restarted it. So I registered System Security & paid by credit card. Then my computer is back. I can change its settings & forbide it start with windows. But I got other problem.

1. when I start my computer, it always shows me MEMCHECK.EXE as problem before I login to my account.

2. After I login, it seems everything looks fine. But I can't print anything from Outlook express, word, excel, etc. My printer always printed blank paper. Just one time, I printed 2 pages of excel file. the first page is blank & second page is OK. I tried to switch to Aministrator account, printing is work. By the way, my account is also admi privilege.

3. my computer is connected to company server. So I can check our software to check our stock or some info. Before system security invade, it works properly. But now, it still works & would closed suddenly. Just several minutes. But I don't have similar problem with IE or Excel, etc.

I called system security & cancelled it. They said I can delete it from [You must be registered and logged in to see this link.] & there is a file wscleaner.exe. I can use it to unistall system security. But I used it & it loaded system security to system & nothing happened. so they told me I had to wait for 2 business days.

please let me know if I have to wait for that tow days. Or I can use your suggested software to remove it thoroughly. Can I get my printing & our software working properly? Thanks for help.

I use my personal computer to post this. So some info I said is not so exactly as I saw today. Just want you know what happend & what's my present problem. Hope you can help me out? Thanks

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

one more question

Post by headache for System Secur on Sat Jun 13, 2009 4:32 am

can I install your suggeted software to my laptop. it is installed win2000 & protected by Kaspersky 6.0.2.671? Is it could be a guard for preventing malware or spyware? Thanks

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by Belahzur on Sat Jun 13, 2009 1:21 pm

Don't phone them ever again, or use anything they give you, it's all fake.

Please download Ice Sword from [You must be registered and logged in to see this link.]

  1. Download the zip to your desktop and extract it.
  2. Open the Ice Sword folder and then launch IceSword.exe.
  3. Then look in the left hand bottom of the program and press "Registry"
  4. When the registry list opens, drag the line between the two windows so you can see which registry hive you need.
  5. Next, open the HKEY_LOCAL_MACHINE, and navigate to the following key:

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

  6. Now look in the right side pane for two run values that are just random numbers.
  7. Once you have found the value(s), right click it and press "Delete"
  8. Okay the prompt and close IceSword.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

I will come back

Post by headache for System Secur on Sat Jun 13, 2009 2:53 pm

thank you very much. I will follow your instruction on Monday & come back to you. I extract ice sword zip file & found another zip file "cooperator" here. Do I ave unzip is as well? Anyway, I tried icesword.exe on my personal computer & it works. Hope it could help my working computer.

By the way, I want to delete this fake from XP thoroughly. Do you think smitfraudfix would be helpful?

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by Belahzur on Sat Jun 13, 2009 3:52 pm

No, you don't need to unzip the copperator.
Smitfraudfix does target this, but useless, because it would be blocked right now.

IceSword is the only tool that I have found that isn't found by the malware yet.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

ice sword

Post by headache for System Secur on Mon Jun 15, 2009 2:12 pm

I did it as your instruction. But I did not find any random numbers there. When I start ice sword, it shows me as follows

IOComplete request was hooked (=>847a3baa), restore now.

I press OK & icesword is began. at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run, shows me as follows.

(Default) REG_SZ (value not set)
AdminWorks Tray REG_SZ "C:\Acer\LANScope Agent\awtray.exe"
Alcmtr REG_SZ ALCMTR.EXE
IMEKRMIG6.1 REG_SZ C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
IMJPMIG8.1 REG_SZ "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
installnet.exe REG_SZ "C:\Acer\LANScope Agent\Installnet.exe" "C:\Acer\LANScope Agent\
MSPY2002 REG_SZ C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
net REG_SZ "C:\WINDOWS\system32\net.net"
PHIME2002A REG_SZ C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
PHIME2002ASync REG_SZ C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
Realtime Monitor REG_SZ "C:\Program Files\CA\eTrustITM\realmon.exe" -s
RemoteControl REG_SZ "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
RTHDCPL REG_SZ RTHDCPL.EXE
SiSPower REG_SZ Rundll32.exe SiSPower.dll,ModeAgent
SunJavaUpdateSched REG_SZ C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run, there's sub-dir here & name is Optionalcomponents. He also has three sub-dir including IMAIL, MAPI, MSFS as follows.

IMAIL (DEFAULT)
INSTALLED 1 (IT IS DATA)
MAPI (DEFAULT)
INSTALLED 1 (IT IS DATA)
NOCHANGE 1 (IT IS DATA)
MSFS (DEFAULT)
INSTALLED 1 (IT IS DATA)

I even tried smitfraudfix. But it could be not in Safe Mold. Please let me what I can do now? Thanks

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by Belahzur on Mon Jun 15, 2009 2:39 pm

Hello.
Use IceSword again, go to the same Run key, and delete the "net" value, this one:

net REG_SZ "C:\WINDOWS\system32\net.net"

To delete, highlight "net" and right click, select delete.

Please download the current version of HijackThis from [You must be registered and logged in to see this link.]

  • Double click and run the installer.
  • It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  • After installing, you should get the user agreement, press accept and Hijack This will run.
  • Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

HJT

Post by headache for System Secur on Mon Jun 15, 2009 3:09 pm

I already deleted net.net from registry. But I can not start HJTinstall. What can I do? Thanks

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by Belahzur on Mon Jun 15, 2009 3:28 pm

Can you try renaming the installer?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Mon Jun 15, 2009 3:41 pm

I could rename it. But it could not be started & installed. What's name I have to use?

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Mon Jun 15, 2009 3:45 pm

it's already installed. please check following

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:44:45 AM, on 6/15/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\LANScope Agent\awServ.exe
C:\Program Files\CA\SharedComponents\iTechnology\igateway.exe
C:\Program Files\CA\eTrustITM\InoRpc.exe
C:\Program Files\CA\eTrustITM\InoRT.exe
C:\Program Files\CA\eTrustITM\InoTask.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Acer\LANScope Agent\awtray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\CA\eTrustITM\realmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Acer\LANScope Agent\LockKM.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [You must be registered and logged in to see this link.]
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [installnet.exe] "C:\Acer\LANScope Agent\Installnet.exe" "C:\Acer\LANScope Agent\
O4 - HKLM\..\Run: [AdminWorks Tray] "C:\Acer\LANScope Agent\awtray.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Realtime Monitor] "C:\Program Files\CA\eTrustITM\realmon.exe" -s
O4 - HKCU\..\Run: [EPSON Stylus CX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAA.EXE /FU "C:\DOCUME~1\USER1\LOCALS~1\Temp\E_SC.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [net] "C:\WINDOWS\system32\net.net"
O4 - Startup: Outlook Express.lnk = C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [You must be registered and logged in to see this link.]
O17 - HKLM\System\CCS\Services\Tcpip\..\{BCED07BB-62BB-4239-B92A-9380A4066C90}: NameServer = 204.50.251.17,201.107.254.9
O17 - HKLM\System\CCS\Services\Tcpip\..\{CFA6B775-0E90-4FFF-BC04-A6B99288DB53}: NameServer = 204.50.251.17,201.107.254.9
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AdminWorks Agent X6 (AWService) - OSA Technologies Inc., An Avocent Company - C:\Acer\LANScope Agent\awServ.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iTechnology iGateway 4.2 (iGateway) - CA, Inc. - C:\Program Files\CA\SharedComponents\iTechnology\igateway.exe
O23 - Service: eTrust ITM RPC Service (InoRPC) - CA - C:\Program Files\CA\eTrustITM\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Service (InoRT) - CA - C:\Program Files\CA\eTrustITM\InoRT.exe
O23 - Service: eTrust ITM Job Service (InoTask) - CA - C:\Program Files\CA\eTrustITM\InoTask.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

--
End of file - 6545 bytes

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by Belahzur on Mon Jun 15, 2009 4:00 pm

Hello.

  • Open HijackThis
  • Choose "Do a system scan only"
  • Check the boxes in front of these lines:


    O4 - HKCU\..\Run: [net] "C:\WINDOWS\system32\net.net"


  • Press "Fix Checked"
  • Close Hijack This.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Mon Jun 15, 2009 4:36 pm

Hijack is already fixed -04. I installed Malwarebytes' Anti-Malware as well. System is restarted but Malwarebytes' Anti-Malware can not be started. What can I do next?

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by Belahzur on Mon Jun 15, 2009 4:51 pm

Hello.

  • Download combofix from here
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See [You must be registered and logged in to see this link.] for how to disable your AV. (Symantec)?
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Mon Jun 15, 2009 5:09 pm

when I try to download, I get this

While trying to retrieve the URL: [You must be registered and logged in to see this link.]
The content is blocked due to the following condition: The item you have requested is infected by a virus. It will not be downloaded.
Report: Pua.Hideexec
Your cache administrator is: [You must be registered and logged in to see this link.]

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Mon Jun 15, 2009 5:21 pm

I CAN'T DOWNLOAD IT

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Mon Jun 15, 2009 5:25 pm

COULD YOU SEND ME BY E-MAIL. PLEASE CHECK MY E-MAIL ADDRESS IN YOUR SYSTEM. I DON'T WANT TO PUBLISH HERE

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by Belahzur on Mon Jun 15, 2009 5:34 pm

Is this a work machine or something like that?
Combofix isn't infected, just some of the parts that makes up Combofix are designed to stop processes, etc from running.

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
[You must be registered and logged in to see this link.]


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Mon Jun 15, 2009 5:50 pm

yes, I can't download it to this computer. Could you send it to me by e-mail? Thanks

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by Belahzur on Mon Jun 15, 2009 5:56 pm

I'm not admin, so I don't have access to the admin panel, if you want it by email, you'll need to PM me your email you want me to send it to.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Mon Jun 15, 2009 6:06 pm

Email removed.

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by Belahzur on Mon Jun 15, 2009 6:17 pm

Sent you it.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Mon Jun 15, 2009 6:27 pm

please let me know if you e-mail it to me. thanks

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Mon Jun 15, 2009 6:32 pm

i got your e-mail. but it's only a link there & no zip file in attachement. could you resend. thanks

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Mon Jun 15, 2009 6:35 pm

when I try to download from your link, it still shows me VIRU warning & stop downloading

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Mon Jun 15, 2009 6:37 pm

please send your zip file to me in attachment of your e-mail. thanks

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

smitfraudfix

Post by headache for System Secur on Mon Jun 15, 2009 7:31 pm

I can start my system to safe mode & run smitfraudfix. I got the follwoing report. Please let me know if it might be work. Thanks

SmitFraudFix v2.422

Scan done at 15:09:40.31, Mon 06/15/2009
Run from C:\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

Killing process


hosts


127.0.0.1 localhost

VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


Generic Renos Fix

GenericRenosFix by S!Ri


Deleting infected files


IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



Agent.OMZ.Fix

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


RK


DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{BCED07BB-62BB-4239-B92A-9380A4066C90}: NameServer=204.50.251.17,201.107.254.9
HKLM\SYSTEM\CCS\Services\Tcpip\..\{CFA6B775-0E90-4FFF-BC04-A6B99288DB53}: NameServer=204.50.251.17,201.107.254.9
HKLM\SYSTEM\CS1\Services\Tcpip\..\{BCED07BB-62BB-4239-B92A-9380A4066C90}: NameServer=204.50.251.17,201.107.254.9
HKLM\SYSTEM\CS1\Services\Tcpip\..\{CFA6B775-0E90-4FFF-BC04-A6B99288DB53}: NameServer=204.50.251.17,201.107.254.9
HKLM\SYSTEM\CS3\Services\Tcpip\..\{BCED07BB-62BB-4239-B92A-9380A4066C90}: NameServer=204.50.251.17,201.107.254.9
HKLM\SYSTEM\CS3\Services\Tcpip\..\{CFA6B775-0E90-4FFF-BC04-A6B99288DB53}: NameServer=204.50.251.17,201.107.254.9


Deleting Temp Files


Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

"System"=""


RK.2



Registry Cleaning

Registry Cleaning done.

SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


End

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Mon Jun 15, 2009 7:37 pm

I don't believe my sytem is cleaned. I still fond error report when I logon. MEMCHECK.exe has problem with ....

I can logon to google.ca main page But no checking results displayed

i still can't print

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by Belahzur on Mon Jun 15, 2009 7:42 pm

I can't do it as attachment, takes too long to upload via hotmail.
Can you use another machine to download it on, then transfer it via USB?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Mon Jun 15, 2009 7:48 pm

I have to download by my laptop tonight & see you tomorrow morning. thank you very much for your great help. by the way, does smitfraudfix fix my system or just waste time. thanks for comments

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Mon Jun 15, 2009 7:58 pm

If I logon as administator, I can start Malwarebytes' Anti-Malware. I always logon to my account 9admin previlige) Do you think we can do there?

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by Belahzur on Mon Jun 15, 2009 9:09 pm

I dunno, the other account might not be infected.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Mon Jun 15, 2009 10:55 pm

I tried to start Malwarebytes' Anti-Malware in Adminstyrator account but it's not work. It just can be run at safe mode. So I didn't run it on my infected computer.

I already downloaded combo-fix to my USB & moved to infected machine tomorrow. Could you let me know if any softwares might be download now. Just in case, if I might use them tomorrow. Thanks.

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by Belahzur on Tue Jun 16, 2009 12:01 am

Depends if Combofix will run or not.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

combofix

Post by headache for System Secur on Tue Jun 16, 2009 12:03 am

I tried to run Combofix at my laptop. But it's really strange that he did not mention or try to install Windows Recovery Console. In report, it shows Windows Recovery Console is not installed in my laptop. On the other hand, it deleted my FLASHGET from my system. I'm sure my laptop is clean & flashget work properly. Please see the following report.

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Tue Jun 16, 2009 12:05 am

ComboFix 09-06-15.04 - Jiang Luo 06/15/2009 19:09.1 - FAT32x86
Microsoft Windows 2000 Professional 5.0.2195.4.936.86.1033.18.255.101 [GMT -4:00]
执行位置: d:\documents and settings\Jiang Luo\Desktop\Combo-Fix.exe

注意 - 这台电脑没有安装恢复控制台 !!
.

((((((((((((((((((((((((((((((((((((((( 被删除的档案 )))))))))))))))))))))))))))))))))))))))))))))))))
.

d:\documents and settings\All Users\Application Data\FlashGetBHO
d:\documents and settings\Jiang Luo\Application Data\BITS
d:\program files\FlashGet Network
d:\program files\FlashGet Network\Flashget\modules\SearchTop\AdvPage\clink\images\172714cb7c5038ca3e402c8309afe3119b332a760d6326_lepo.jpg
d:\program files\FlashGet Network\Flashget\ad\0323DF98_69E1_D551_936D_854746192388.gif
d:\program files\FlashGet Network\Flashget\ad\03390171_7E01_CEF9_FAB1_05FB5C0CF600.gif
d:\program files\FlashGet Network\Flashget\ad\04CFD3F9_42D8_DA31_54CF_38D25AEB9037.swf
d:\program files\FlashGet Network\Flashget\ad\05E2F124_C8EC_E263_2C37_3C83E045C005.swf
d:\program files\FlashGet Network\Flashget\ad\0D2E97DF_2FC1_1693_CD12_7AA8F611FB44.swf
d:\program files\FlashGet Network\Flashget\ad\0E8E8A29_B8DF_35ED_0FA6_A5C8ED51D2D8.swf
d:\program files\FlashGet Network\Flashget\ad\1364A53F_BD82_E7C5_2129_2DA8255A7C42.swf
d:\program files\FlashGet Network\Flashget\ad\146A2E68_B465_00F8_7618_633C4EFC4388.gif
d:\program files\FlashGet Network\Flashget\ad\1474143B_4581_1F70_E258_697E850AEE7A.swf
d:\program files\FlashGet Network\Flashget\ad\1A06BCB1_BBE2_058C_EA89_EF255C7E3DD5.swf
d:\program files\FlashGet Network\Flashget\ad\1B87F2ED_1C9B_BE75_8B50_E744273F6BE1.swf
d:\program files\FlashGet Network\Flashget\ad\1BC98F6C_E308_2723_269C_DA2ED04D8D05.gif
d:\program files\FlashGet Network\Flashget\ad\200807240950.gif
d:\program files\FlashGet Network\Flashget\ad\200807241128.gif
d:\program files\FlashGet Network\Flashget\ad\200808040855.gif
d:\program files\FlashGet Network\Flashget\ad\200808051053.gif
d:\program files\FlashGet Network\Flashget\ad\2008080510531.gif
d:\program files\FlashGet Network\Flashget\ad\200808070935.gif
d:\program files\FlashGet Network\Flashget\ad\200808080901.gif
d:\program files\FlashGet Network\Flashget\ad\200808130844.gif
d:\program files\FlashGet Network\Flashget\ad\2008081308441.gif
d:\program files\FlashGet Network\Flashget\ad\200808130845.gif
d:\program files\FlashGet Network\Flashget\ad\2008081308451.gif
d:\program files\FlashGet Network\Flashget\ad\2008081508301.swf
d:\program files\FlashGet Network\Flashget\ad\2008081508302.swf
d:\program files\FlashGet Network\Flashget\ad\200808181044.gif
d:\program files\FlashGet Network\Flashget\ad\2008081810441.gif
d:\program files\FlashGet Network\Flashget\ad\2008081810442.gif
d:\program files\FlashGet Network\Flashget\ad\200808181154.gif
d:\program files\FlashGet Network\Flashget\ad\200808211109.swf
d:\program files\FlashGet Network\Flashget\ad\2008082111091.swf
d:\program files\FlashGet Network\Flashget\ad\2008082111092.swf
d:\program files\FlashGet Network\Flashget\ad\2008082111093.swf
d:\program files\FlashGet Network\Flashget\ad\200808211510.gif
d:\program files\FlashGet Network\Flashget\ad\20080822929.swf
d:\program files\FlashGet Network\Flashget\ad\200808229291.swf
d:\program files\FlashGet Network\Flashget\ad\200808229292.swf
d:\program files\FlashGet Network\Flashget\ad\200808229293.swf
d:\program files\FlashGet Network\Flashget\ad\200808230845.swf
d:\program files\FlashGet Network\Flashget\ad\2008082308451.swf
d:\program files\FlashGet Network\Flashget\ad\2008082308452.swf
d:\program files\FlashGet Network\Flashget\ad\2008082308453.swf
d:\program files\FlashGet Network\Flashget\ad\200808241030.swf
d:\program files\FlashGet Network\Flashget\ad\2008082410301.swf
d:\program files\FlashGet Network\Flashget\ad\2008082410302.swf
d:\program files\FlashGet Network\Flashget\ad\2008082410303.swf
d:\program files\FlashGet Network\Flashget\ad\200808251748.gif
d:\program files\FlashGet Network\Flashget\ad\200808311132.gif
d:\program files\FlashGet Network\Flashget\ad\200809121857.swf
d:\program files\FlashGet Network\Flashget\ad\200809131912.gif
d:\program files\FlashGet Network\Flashget\ad\200809170928.swf
d:\program files\FlashGet Network\Flashget\ad\200809170929.gif
d:\program files\FlashGet Network\Flashget\ad\200809181028.swf
d:\program files\FlashGet Network\Flashget\ad\200809191740.gif
d:\program files\FlashGet Network\Flashget\ad\200809240936.swf
d:\program files\FlashGet Network\Flashget\ad\200809240937.swf
d:\program files\FlashGet Network\Flashget\ad\200809251018.gif

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Tue Jun 16, 2009 12:05 am

d:\program files\FlashGet Network\Flashget\ad\20846260_5B13_E0A5_E80E_9C33953993E2.swf
d:\program files\FlashGet Network\Flashget\ad\22A8320D_8CF6_35C3_2242_1B99DB60F4F2.swf
d:\program files\FlashGet Network\Flashget\ad\22BD8120_4DCF_B403_B8FD_F06106603664.swf
d:\program files\FlashGet Network\Flashget\ad\2336858E_911F_AD35_439D_E9A827578EC7.gif
d:\program files\FlashGet Network\Flashget\ad\242A3EBA_6FCE_07D1_770B_8AD3B5902C0B.gif
d:\program files\FlashGet Network\Flashget\ad\2D4DCADC_6DBE_7823_3495_01EA9F324447.gif
d:\program files\FlashGet Network\Flashget\ad\2F6FAEAA_93C2_7912_22F2_F48C6001FA55.gif
d:\program files\FlashGet Network\Flashget\ad\31593673_D51A_1C3F_6DFC_EE560D148AB6.gif
d:\program files\FlashGet Network\Flashget\ad\34A16B67_7786_1952_5C74_788A008CEC05.swf
d:\program files\FlashGet Network\Flashget\ad\36C464D7_102C_302F_5EE5_9B4D43BA72C7.gif
d:\program files\FlashGet Network\Flashget\ad\3CB075EF_7330_4846_B53B_F64991B142BF.swf
d:\program files\FlashGet Network\Flashget\ad\4267BD03_6965_4155_EC68_6C6029AFBE93.swf
d:\program files\FlashGet Network\Flashget\ad\457527C0_58F8_D464_2585_A9F22C8015CE.gif
d:\program files\FlashGet Network\Flashget\ad\4820D781_F480_EC49_F3EA_EA927E0263F3.gif
d:\program files\FlashGet Network\Flashget\ad\4C4DC7B0_DE42_88B3_7AAF_CCF4B1A8921D.swf
d:\program files\FlashGet Network\Flashget\ad\50000061922.swf
d:\program files\FlashGet Network\Flashget\ad\50000062088.swf
d:\program files\FlashGet Network\Flashget\ad\50000062157.gif
d:\program files\FlashGet Network\Flashget\ad\50000062317.swf
d:\program files\FlashGet Network\Flashget\ad\50000062379.swf
d:\program files\FlashGet Network\Flashget\ad\50000062425.gif
d:\program files\FlashGet Network\Flashget\ad\50000062570.gif
d:\program files\FlashGet Network\Flashget\ad\50000062592.swf
d:\program files\FlashGet Network\Flashget\ad\50000062601.swf
d:\program files\FlashGet Network\Flashget\ad\50000062655.swf
d:\program files\FlashGet Network\Flashget\ad\50000062656.gif
d:\program files\FlashGet Network\Flashget\ad\50000062688.swf
d:\program files\FlashGet Network\Flashget\ad\50000062702.swf
d:\program files\FlashGet Network\Flashget\ad\50000062737.swf
d:\program files\FlashGet Network\Flashget\ad\50000062742.gif
d:\program files\FlashGet Network\Flashget\ad\50000062786.gif
d:\program files\FlashGet Network\Flashget\ad\50000062809.swf
d:\program files\FlashGet Network\Flashget\ad\50000062862.gif
d:\program files\FlashGet Network\Flashget\ad\50000062863.gif
d:\program files\FlashGet Network\Flashget\ad\50000062917.swf
d:\program files\FlashGet Network\Flashget\ad\50000062982.gif
d:\program files\FlashGet Network\Flashget\ad\50000063160.swf
d:\program files\FlashGet Network\Flashget\ad\50000063303.gif
d:\program files\FlashGet Network\Flashget\ad\50000063304.gif
d:\program files\FlashGet Network\Flashget\ad\50000063384.swf
d:\program files\FlashGet Network\Flashget\ad\50000063625.swf
d:\program files\FlashGet Network\Flashget\ad\50000063629.swf
d:\program files\FlashGet Network\Flashget\ad\50000063785.swf
d:\program files\FlashGet Network\Flashget\ad\50000063917.swf
d:\program files\FlashGet Network\Flashget\ad\50000063951.swf
d:\program files\FlashGet Network\Flashget\ad\50000063975.gif
d:\program files\FlashGet Network\Flashget\ad\50000064058.swf
d:\program files\FlashGet Network\Flashget\ad\50000064125.swf
d:\program files\FlashGet Network\Flashget\ad\5000006592.gif
d:\program files\FlashGet Network\Flashget\ad\5000129113.gif
d:\program files\FlashGet Network\Flashget\ad\50001291844.gif
d:\program files\FlashGet Network\Flashget\ad\50001292346.gif
d:\program files\FlashGet Network\Flashget\ad\50001292560.gif
d:\program files\FlashGet Network\Flashget\ad\50001292657.gif
d:\program files\FlashGet Network\Flashget\ad\50001292771.gif
d:\program files\FlashGet Network\Flashget\ad\50001292803.gif
d:\program files\FlashGet Network\Flashget\ad\50001292983.gif
d:\program files\FlashGet Network\Flashget\ad\50001293456.gif
d:\program files\FlashGet Network\Flashget\ad\50001293694.gif
d:\program files\FlashGet Network\Flashget\ad\50001293695.gif
d:\program files\FlashGet Network\Flashget\ad\50001293696.gif
d:\program files\FlashGet Network\Flashget\ad\50001293697.gif
d:\program files\FlashGet Network\Flashget\ad\50001293745.gif
d:\program files\FlashGet Network\Flashget\ad\50001293942.gif
d:\program files\FlashGet Network\Flashget\ad\50001293955.gif
d:\program files\FlashGet Network\Flashget\ad\50001293961.swf

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Tue Jun 16, 2009 12:06 am

d:\program files\FlashGet Network\Flashget\ad\50001294069.gif
d:\program files\FlashGet Network\Flashget\ad\501832FC_5317_55F8_E480_EA59D381E883.swf
d:\program files\FlashGet Network\Flashget\ad\538043B0_CE62_72E4_D1E7_874DB3DC8901.swf
d:\program files\FlashGet Network\Flashget\ad\5542B5AE_F9F9_EAD2_EDD1_107379ABF770.swf
d:\program files\FlashGet Network\Flashget\ad\5554CA8A_2EB5_064F_9A63_1CF18C96DDFA.swf
d:\program files\FlashGet Network\Flashget\ad\5835D76C_23FF_4CC4_AF05_80ED739C2161.gif
d:\program files\FlashGet Network\Flashget\ad\5EAC9C6D_4326_1260_5BAA_1E2780E729A2.gif
d:\program files\FlashGet Network\Flashget\ad\66C2A2C1_86C0_3A31_CAF3_4BF348F32E07.swf
d:\program files\FlashGet Network\Flashget\ad\69F43E4F_29C6_8663_9658_2ED178A3D617.swf
d:\program files\FlashGet Network\Flashget\ad\6D6D40A7_C44C_60E4_3B71_D200B56693FF.gif
d:\program files\FlashGet Network\Flashget\ad\6DC35A98_9314_8FB0_18C6_3BAAEBCEFAA7.swf
d:\program files\FlashGet Network\Flashget\ad\6F1380B8_0897_19EE_7376_AFAB1F47F1AD.swf
d:\program files\FlashGet Network\Flashget\ad\6FA3D3E0_B367_E231_6C1C_E8FF4605B933.gif
d:\program files\FlashGet Network\Flashget\ad\7061F9C5_7DF0_9FB7_75C7_75B28D3C5810.gif
d:\program files\FlashGet Network\Flashget\ad\70FEC190_CEA9_140C_5EC9_857331473B4B.swf
d:\program files\FlashGet Network\Flashget\ad\73AA0FFB_7EC0_031D_BBEC_3339E6B98CE4.swf
d:\program files\FlashGet Network\Flashget\ad\7706AFB7_D6E0_1D12_488D_8A6D0135DB67.gif
d:\program files\FlashGet Network\Flashget\ad\7B13B0D4_331B_A93A_AD50_A7CF667CC4BB.gif
d:\program files\FlashGet Network\Flashget\ad\7C3F383E_7416_3FE8_7C8B_4EE4950E37D5.swf
d:\program files\FlashGet Network\Flashget\ad\7F313A0D_8C57_B558_BE79_222D18140B7D.swf
d:\program files\FlashGet Network\Flashget\ad\831975B1_741E_3898_88CF_F64867ECC2EB.swf
d:\program files\FlashGet Network\Flashget\ad\833681EB_37EE_9CD0_DDD1_5D0D36163510.swf
d:\program files\FlashGet Network\Flashget\ad\86036C0A_1C07_83A4_131A_4AFDD02478AC.gif
d:\program files\FlashGet Network\Flashget\ad\89574E1E_829C_DE05_2B6C_A1C752FFF080.gif
d:\program files\FlashGet Network\Flashget\ad\8963EBFA_3635_2382_2AF9_4F22E277384A.gif
d:\program files\FlashGet Network\Flashget\ad\8986318F_3CDE_7A4D_D489_0E8F902709A6.swf
d:\program files\FlashGet Network\Flashget\ad\898D3983_ABEB_67D5_8DB4_9237DC79CEE3.gif
d:\program files\FlashGet Network\Flashget\ad\8A548CB8_2E4A_4191_4531_DCCD60B09EE6.swf
d:\program files\FlashGet Network\Flashget\ad\8A663EE9_EC1F_E04E_1F09_C07EFE0BE242.swf
d:\program files\FlashGet Network\Flashget\ad\8D62D01F_B54D_534A_C3D3_1599A6A1A26C.gif
d:\program files\FlashGet Network\Flashget\ad\913B5E56_8164_7BEB_6A28_BB2D7DF7AA3E.swf
d:\program files\FlashGet Network\Flashget\ad\91FA6A11_127A_C53B_CE8B_5A90759CFFC7.gif
d:\program files\FlashGet Network\Flashget\ad\964B4074_8097_6DFA_2CB1_627A1457A9FC.gif
d:\program files\FlashGet Network\Flashget\ad\97C891A0_D57D_C9CC_2F88_E821A4D344E0.gif
d:\program files\FlashGet Network\Flashget\ad\9CFF3FF4_1B3A_AB95_091A_FA94E63F4D90.swf
d:\program files\FlashGet Network\Flashget\ad\A135F06A_2D48_1E8A_1F29_2F5F1983FC01.swf
d:\program files\FlashGet Network\Flashget\ad\A255C152_A3BD_406A_AAC6_EB6BC732BD43.gif
d:\program files\FlashGet Network\Flashget\ad\A41EA215_EBE8_2578_53D5_802FD51E206D.swf
d:\program files\FlashGet Network\Flashget\ad\AA50ED4A_D6F4_5BAC_339F_580F2DF44CEF.swf
d:\program files\FlashGet Network\Flashget\ad\ADF2D26C_4DA9_2A3F_E67F_8FDD36285FA0.swf
d:\program files\FlashGet Network\Flashget\ad\B2DFC600_CDF3_11C2_C52F_300485E5C6AF.gif
d:\program files\FlashGet Network\Flashget\ad\B3774052_58EF_A691_31D2_D925AC0BA008.swf
d:\program files\FlashGet Network\Flashget\ad\B6ACD6FC_6682_EC6E_D00E_444C3B667FBC.swf
d:\program files\FlashGet Network\Flashget\ad\B73AA20E_5F97_E01C_08BD_A61EFCFE9C14.gif
d:\program files\FlashGet Network\Flashget\ad\BA3777F7_2671_58CA_4DAC_045BAF406597.swf
d:\program files\FlashGet Network\Flashget\ad\BB1820EF_64F8_07EC_F7A3_ED45D0BBF5B0.swf
d:\program files\FlashGet Network\Flashget\ad\BD98394A_0C48_0056_6E03_CA3C53C2DA6F.gif
d:\program files\FlashGet Network\Flashget\ad\C55E01D2_CDE0_F2E9_7322_DCFFD6F6AF10.swf
d:\program files\FlashGet Network\Flashget\ad\C8903A9B_8DD5_44D4_CBE0_86C17A98642D.gif
d:\program files\FlashGet Network\Flashget\ad\CA8ECB7E_841B_C07B_9F63_6803D0027ECB.gif
d:\program files\FlashGet Network\Flashget\ad\CEE48FF2_3817_D736_4026_793BEC55B5B5.swf
d:\program files\FlashGet Network\Flashget\ad\CF693F64_6FCE_82A4_70EB_E4A2C2123CFC.swf
d:\program files\FlashGet Network\Flashget\ad\D57D374D_6C54_CD90_2EAF_84B4FB2119A4.swf
d:\program files\FlashGet Network\Flashget\ad\D61FAC7B_6CCC_AC9B_0C14_ACA4E80E1D33.swf
d:\program files\FlashGet Network\Flashget\ad\DC6DA701_6A4D_4213_C7DE_74E1399F1103.swf
d:\program files\FlashGet Network\Flashget\ad\DF2EDC8D_6BCC_024B_B763_51AA68E76D78.swf
d:\program files\FlashGet Network\Flashget\ad\E2609D59_1FEE_7A5C_1EC6_563AD9D25E72.gif
d:\program files\FlashGet Network\Flashget\ad\E2EC1A10_E2D1_03AC_09E0_721BCDC5A266.swf
d:\program files\FlashGet Network\Flashget\ad\E4EB3CC8_B286_30E0_6FFD_BE8D9183B777.gif
d:\program files\FlashGet Network\Flashget\ad\EBBA3C82_9642_170F_1ADF_198EA99BDD93.swf
d:\program files\FlashGet Network\Flashget\ad\F207C270_E58F_496D_9487_03A8821FFC79.swf
d:\program files\FlashGet Network\Flashget\ad\F5A8BE2A_D474_BAC8_B27E_FDF2D5EAA56A.gif
d:\program files\FlashGet Network\Flashget\ad\F747DBDC_D50B_95DF_47F8_8E2EE2DAA52B.swf
d:\program files\FlashGet Network\Flashget\ad\FD912214_62C6_D5FD_29AE_B44BF5DB613A.swf
d:\program files\FlashGet Network\Flashget\ad\fgspini.ini
d:\program files\FlashGet Network\Flashget\ad\flshgett.gif
d:\program files\FlashGet Network\Flashget\ad\hanghai09270940.swf
d:\program files\FlashGet Network\Flashget\ad\hengheng09261021.gif
d:\program files\FlashGet Network\Flashget\ad\juren09261018.swf
d:\program files\FlashGet Network\Flashget\ad\kklady09261857.swf
d:\program files\FlashGet Network\Flashget\ad\kunlun10091029.swf
d:\program files\FlashGet Network\Flashget\ad\langmanzy10101023.swf
d:\program files\FlashGet Network\Flashget\ad\lmzy10131353.swf
d:\program files\FlashGet Network\Flashget\ad\moshen10091030.swf
d:\program files\FlashGet Network\Flashget\ad\moshen10101426.swf

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Tue Jun 16, 2009 12:06 am

d:\program files\FlashGet Network\Flashget\ad\puma09261020.swf
d:\program files\FlashGet Network\Flashget\ad\puma10101025.swf
d:\program files\FlashGet Network\Flashget\ad\ruixing10131033.swf
d:\program files\FlashGet Network\Flashget\ad\yingxiongdao10081026.swf
d:\program files\FlashGet Network\Flashget\ad\youxibu10101029.gif
d:\program files\FlashGet Network\Flashget\ad\zhifubao10071007.swf
d:\program files\FlashGet Network\Flashget\ad\zhifubao10131036.swf
d:\program files\FlashGet Network\Flashget\ADFileHelper.dll
d:\program files\FlashGet Network\Flashget\ADInfo\12ADEF6F_886C_7711_8E37_947C12F25807.swf
d:\program files\FlashGet Network\Flashget\ADInfo\15699B93_9C3D_B766_0477_2CAE924508C3.swf
d:\program files\FlashGet Network\Flashget\ADInfo\15808A48_F1E5_5056_E7BC_060162164C57.swf
d:\program files\FlashGet Network\Flashget\ADInfo\20081224103109_267.swf
d:\program files\FlashGet Network\Flashget\ADInfo\263AE346_0760_A875_2897_602B86983850.swf
d:\program files\FlashGet Network\Flashget\ADInfo\279BC4F1_50A0_4D71_EE6F_790B7ADD101C.swf
d:\program files\FlashGet Network\Flashget\ADInfo\3879FD85_A2BB_9209_F87B_D14DD92A1C7C.BMP
d:\program files\FlashGet Network\Flashget\ADInfo\3C54269E_6177_036A_5B2E_8E955B95B4C4.swf
d:\program files\FlashGet Network\Flashget\ADInfo\401CD40B_2A53_345C_9AFB_4865FA8C73D7.swf
d:\program files\FlashGet Network\Flashget\ADInfo\4B4C9826_C36D_03B0_D714_90411101DB2A.swf
d:\program files\FlashGet Network\Flashget\ADInfo\513DFA08_CD09_CE1E_8D59_2479FA41DA32.bmp
d:\program files\FlashGet Network\Flashget\ADInfo\51524FCB_4566_860C_BD91_BBE0F20A8654.swf
d:\program files\FlashGet Network\Flashget\ADInfo\62349F19_8E97_815C_A42D_E40FC2A9A75C.swf
d:\program files\FlashGet Network\Flashget\ADInfo\6238D628_481A_574F_CD6A_CEF2DA9F206A.swf
d:\program files\FlashGet Network\Flashget\ADInfo\6AD3F3D1_6AFB_0FCB_8F7C_67344B9770F9.swf
d:\program files\FlashGet Network\Flashget\ADInfo\7432DB69_13A2_5FEE_55DB_59F60D7A0762.swf
d:\program files\FlashGet Network\Flashget\ADInfo\7E20E965_A980_7CCE_F6F8_6CDC03E0DA04.swf
d:\program files\FlashGet Network\Flashget\ADInfo\7E682B82_7913_51B4_AB4D_360AD2608A60.swf
d:\program files\FlashGet Network\Flashget\ADInfo\86E498A1_B65F_056F_9A9E_E0DAA7FEE807.swf
d:\program files\FlashGet Network\Flashget\ADInfo\984D1415_6475_C9B0_CAEF_4456A9CBF4ED.swf
d:\program files\FlashGet Network\Flashget\ADInfo\9A90F075_AE3B_B9DF_E1CA_538A6379894E.swf
d:\program files\FlashGet Network\Flashget\ADInfo\ADInfo.ini
d:\program files\FlashGet Network\Flashget\ADInfo\B0A0C398_0A04_0B8E_B6DD_0098ABD46402.swf
d:\program files\FlashGet Network\Flashget\ADInfo\BC1F24BB_29A1_BAB9_9F92_57377F959BE4.swf
d:\program files\FlashGet Network\Flashget\ADInfo\C1D8FAB5_6A1D_EC1E_7629_0B715D22CE66.swf
d:\program files\FlashGet Network\Flashget\ADInfo\CC9393C3_C7B9_8EFB_7E60_3F73EFDF1A7E.swf
d:\program files\FlashGet Network\Flashget\ADInfo\CCBBF0F7_15DE_CCC4_7420_549A75706B3C.swf
d:\program files\FlashGet Network\Flashget\ADInfo\D314DB1B_931C_BB69_B58D_A8F766499854.swf
d:\program files\FlashGet Network\Flashget\ADInfo\DCC1A5F4_5230_0169_EB81_91622D286974.swf
d:\program files\FlashGet Network\Flashget\ADInfo\E02F300E_0A92_940D_2FC7_73EF42A572B0.swf
d:\program files\FlashGet Network\Flashget\ADInfo\E60D88C6_9EE6_40C4_09D1_CEC166329047.bmp
d:\program files\FlashGet Network\Flashget\ADInfo\E9866F91_1676_8831_9E51_10F03F7C5DF8.swf
d:\program files\FlashGet Network\Flashget\ADInfo\F006CE98_218B_C713_B6EB_97F36030863A.swf
d:\program files\FlashGet Network\Flashget\ADInfo\FCAE53AA_75D2_B5A1_DA4B_3FF14BE8E912.swf
d:\program files\FlashGet Network\Flashget\adns.dll
d:\program files\FlashGet Network\Flashget\Bhocfg.ini
d:\program files\FlashGet Network\Flashget\BHOHelper.exe
d:\program files\FlashGet Network\Flashget\btcore.dll
d:\program files\FlashGet Network\Flashget\btcoreu.dll
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\48a4e7a7.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\48a4ea9e.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\48a4eba2.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\48a4f5bb.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\48a7b25b.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\48a7b2ea.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\48acc2f0.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\48af8342.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\48b0d90d.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\48b60b1a.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\48ec3b64.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\48f2c221.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\48f2c5f8.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\49029919.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\49029ac3.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\49029b0a.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\49029b98.torrent

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Tue Jun 16, 2009 12:07 am

d:\program files\FlashGet Network\Flashget\BtTorrentTemp\4902a03f.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\490d252b.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\490d26a2.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\490d2a56.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\491ce7f0.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\491ceb0a.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\491ceb2f.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\491ceb5b.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\491e58f7.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\491e5d5f.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\491ef5d2.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\492622f0.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\492796a5.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\492f43e8.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\492f4600.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\492f5a61.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\492f5cd5.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\4932184b.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\4932d957.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\4935ff64.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\4935ffda.torrent
d:\program files\FlashGet Network\Flashget\BtTorrentTemp\4a2c7451.torrent
d:\program files\FlashGet Network\Flashget\btwrap.dll
d:\program files\FlashGet Network\Flashget\BugReport.dll
d:\program files\FlashGet Network\Flashget\BugReport.exe
d:\program files\FlashGet Network\Flashget\cd1.ico
d:\program files\FlashGet Network\Flashget\core_stat.dll
d:\program files\FlashGet Network\Flashget\corestat.dll
d:\program files\FlashGet Network\Flashget\dbghelp.dll
d:\program files\FlashGet Network\Flashget\dbtrans_verbose.log
d:\program files\FlashGet Network\Flashget\DBTransC.exe
d:\program files\FlashGet Network\Flashget\ed2kwrap.dll
d:\program files\FlashGet Network\Flashget\explorerbar.dll
d:\program files\FlashGet Network\Flashget\FgExplorer.exe
d:\program files\FlashGet Network\Flashget\fgoption.ini
d:\program files\FlashGet Network\Flashget\flashget.exe
d:\program files\FlashGet Network\Flashget\FlashGetBHO.dll
d:\program files\FlashGet Network\Flashget\FlvDetector.exe
d:\program files\FlashGet Network\Flashget\Flvdetector.htm
d:\program files\FlashGet Network\Flashget\FlvDetector.ini
d:\program files\FlashGet Network\Flashget\game.ico
d:\program files\FlashGet Network\Flashget\GetAllUrl.htm
d:\program files\FlashGet Network\Flashget\GetUrl.htm
d:\program files\FlashGet Network\Flashget\gt.exe
d:\program files\FlashGet Network\Flashget\hashgen.dll
d:\program files\FlashGet Network\Flashget\Help\LICENSE.TXT
d:\program files\FlashGet Network\Flashget\Help\Readme.txt
d:\program files\FlashGet Network\Flashget\Help\WHATSNEW.TXT
d:\program files\FlashGet Network\Flashget\InmediaInfo.ini
d:\program files\FlashGet Network\Flashget\JCCHS.INI
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\AddBatchLinksDlg.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\AddBTTask.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\AddEMTask.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\AddHpFpLink.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\AddLinksDlg.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\AddLinksDlgEx.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\AddLinksModern.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\BrowserPlugins.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\BTOption.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\CategoryView.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\ComfirmWhenExitDialog.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\CommonDlg.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\ConfirmInvalidLinks.ini

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Tue Jun 16, 2009 12:07 am

d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\ContextMenu.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\DefaultDownloadsDialog.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\DeleteFilesDialog.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\DetailStatus.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\EMOption.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\EMServers.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\ExplorerPane.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\ExtensionRuleDlg.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\FG2SearchTopPlugin.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\FileListCtrl.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\FileRemovedDialog.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\FindTaskDialog.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\FlashgetAbout.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\FlashGetDlg.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\FSUStatusBar.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\GarageLoginDialog.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\GarageView.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\HotResource.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\HpFpOption.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\Info.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\IntegrityCheck.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\LogsOutput.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\MACReader.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\MainMenu.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\MainToolbar.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\MonitorOption.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\NormalOption.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\NotifyOption.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\Option.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\P4PPluginMain.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\ProxySetting.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\SearchBar.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\Security.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\SecurityOption.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\SecurityScan.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\SecurityToolbar.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\Shutdown.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\StatusBar.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\TaskDefOption.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\TaskListView.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\UserListCtrl.ini
d:\program files\FlashGet Network\Flashget\Langs\FGXL_CHS\XpEnhance.ini
d:\program files\FlashGet Network\Flashget\LiveQuery.exe
d:\program files\FlashGet Network\Flashget\LiveSupport.exe
d:\program files\FlashGet Network\Flashget\LiveUpdate\203\LiveSupport.zip
d:\program files\FlashGet Network\Flashget\LiveUpdate\FlashGet\2_46\fgun_1301.exe
d:\program files\FlashGet Network\Flashget\LiveUpdate\FlashGet\2_46\fgun_1301.zip
d:\program files\FlashGet Network\Flashget\LiveUpdate\UpdateGet.dat
d:\program files\FlashGet Network\Flashget\modules\ComHelper\ComHelper.dll
d:\program files\FlashGet Network\Flashget\modules\ComHelper\Info.ini
d:\program files\FlashGet Network\Flashget\modules\garage\garage.dll
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\0.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\1.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\10.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\11.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\12.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\13.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\14.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\15.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\16.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\17.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\18.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\19.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\2.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\20.bmp

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Tue Jun 16, 2009 12:07 am

d:\program files\FlashGet Network\Flashget\modules\garage\Headers\21.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\3.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\4.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\5.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\6.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\7.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\8.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\9.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Headers\nologin.bmp
d:\program files\FlashGet Network\Flashget\modules\garage\Info.ini
d:\program files\FlashGet Network\Flashget\modules\SearchTop\AdvPage\clink\720_630.html
d:\program files\FlashGet Network\Flashget\modules\SearchTop\AdvPage\clink\c_24.css
d:\program files\FlashGet Network\Flashget\modules\SearchTop\AdvPage\clink\images\00_23_fore.jpg
d:\program files\FlashGet Network\Flashget\modules\SearchTop\AdvPage\clink\images\01_12_fore.jpg
d:\program files\FlashGet Network\Flashget\modules\SearchTop\AdvPage\clink\images\040802_woti.jpg
d:\program files\FlashGet Network\Flashget\modules\SearchTop\AdvPage\clink\images\040803_woti.jpg
d:\program files\FlashGet Network\Flashget\modules\SearchTop\AdvPage\clink\images\2009061214032897332138.jpg
d:\program files\FlashGet Network\Flashget\modules\SearchTop\AdvPage\clink\images\204637_huse.jpg
d:\program files\FlashGet Network\Flashget\modules\SearchTop\AdvPage\clink\images\2246532_lepo.jpg
d:\program files\FlashGet Network\Flashget\modules\SearchTop\AdvPage\clink\images\33211614_huse.jpg
d:\program files\FlashGet Network\Flashget\modules\SearchTop\AdvPage\clink\images\395888_lepo.jpg
d:\program files\FlashGet Network\Flashget\modules\SearchTop\AdvPage\clink\images\415_lepo.jpg
d:\program files\FlashGet Network\Flashget\modules\SearchTop\AdvPage\clink\images\689a43c_huse.jpg
d:\program files\FlashGet Network\Flashget\modules\SearchTop\AdvPage\clink\images\8fd71_KML_huse.jpg
d:\program files\FlashGet Network\Flashget\modules\SearchTop\AdvPage\clink\images\c_24.css
d:\program files\FlashGet Network\Flashget\modules\SearchTop\AdvPage\clink\images\Noname_2_fesa.jpg
d:\program files\FlashGet Network\Flashget\modules\SearchTop\AdvPage\clink\images\you_gopa.jpg
d:\program files\FlashGet Network\Flashget\modules\SearchTop\AdvPage\Files.zip
d:\program files\FlashGet Network\Flashget\modules\SearchTop\AdvPage\loading.html
d:\program files\FlashGet Network\Flashget\modules\SearchTop\Info.ini
d:\program files\FlashGet Network\Flashget\modules\SearchTop\Resource.ini
d:\program files\FlashGet Network\Flashget\modules\SearchTop\Resource\iexplorer.bmp
d:\program files\FlashGet Network\Flashget\modules\SearchTop\Resource\resource.bmp
d:\program files\FlashGet Network\Flashget\modules\SearchTop\Resource\resource.xml
d:\program files\FlashGet Network\Flashget\modules\SearchTop\Resource\search.bmp
d:\program files\FlashGet Network\Flashget\modules\SearchTop\Resource\subscribe.bmp
d:\program files\FlashGet Network\Flashget\modules\SearchTop\Resource\Thumbs.db
d:\program files\FlashGet Network\Flashget\modules\SearchTop\SearchTop.dll
d:\program files\FlashGet Network\Flashget\modules\Security\FunctionalRepair.bmp
d:\program files\FlashGet Network\Flashget\modules\Security\Info.ini
d:\program files\FlashGet Network\Flashget\modules\Security\Scanning.bmp
d:\program files\FlashGet Network\Flashget\modules\Security\Security.bmp
d:\program files\FlashGet Network\Flashget\modules\Security\SECURITY.dll
d:\program files\FlashGet Network\Flashget\modules\Security\Security.xml
d:\program files\FlashGet Network\Flashget\modules\Security\SystemFix.bmp
d:\program files\FlashGet Network\Flashget\modules\SnapShot\Info.ini
d:\program files\FlashGet Network\Flashget\modules\SnapShot\SamplerCli.dll
d:\program files\FlashGet Network\Flashget\modules\SnapShot\SnapShot.dll
d:\program files\FlashGet Network\Flashget\modules\SoBar\Info.ini
d:\program files\FlashGet Network\Flashget\modules\SoBar\SoBar.dll
d:\program files\FlashGet Network\Flashget\P2PCfg.ini
d:\program files\FlashGet Network\Flashget\P2PCore.dll
d:\program files\FlashGet Network\Flashget\P2PLive.dll
d:\program files\FlashGet Network\Flashget\p2pprot.dll
d:\program files\FlashGet Network\Flashget\P2SCore.dll
d:\program files\FlashGet Network\Flashget\P2SLive.dll
d:\program files\FlashGet Network\Flashget\p2snetio.dll
d:\program files\FlashGet Network\Flashget\p2spmgr.dll
d:\program files\FlashGet Network\Flashget\p2spmgr.ini
d:\program files\FlashGet Network\Flashget\p2sprot.dll
d:\program files\FlashGet Network\Flashget\p2spwrap.dll
d:\program files\FlashGet Network\Flashget\P4PClientInfo.ini
d:\program files\FlashGet Network\Flashget\p4spmgr.ini
d:\program files\FlashGet Network\Flashget\perf.ini
d:\program files\FlashGet Network\Flashget\Profiles\config.dat
d:\program files\FlashGet Network\Flashget\Profiles\tasks.dat
d:\program files\FlashGet Network\Flashget\pstat.dat
d:\program files\FlashGet Network\Flashget\pup.dat
d:\program files\FlashGet Network\Flashget\Skins\close_default.bmp
d:\program files\FlashGet Network\Flashget\Skins\close_press.bmp
d:\program files\FlashGet Network\Flashget\Skins\close_select.bmp
d:\program files\FlashGet Network\Flashget\Skins\max_default.bmp
d:\program files\FlashGet Network\Flashget\Skins\max_press.bmp
d:\program files\FlashGet Network\Flashget\Skins\max_select.bmp
d:\program files\FlashGet Network\Flashget\Skins\min_default.bmp
d:\program files\FlashGet Network\Flashget\Skins\min_press.bmp
d:\program files\FlashGet Network\Flashget\Skins\min_select.bmp
d:\program files\FlashGet Network\Flashget\Skins\notify.wav
d:\program files\FlashGet Network\Flashget\Skins\notify_board.bmp
d:\program files\FlashGet Network\Flashget\Skins\notify_icon.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\BrowserBarCT\Back.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\BrowserBarCT\Backward.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\BrowserBarCT\BrowserBarCT.xml
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\BrowserBarCT\FlashgetResource.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\BrowserBarCT\Forward.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\BrowserBarCT\Home.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\BrowserBarDisableCT\Backward.bmp

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Tue Jun 16, 2009 12:08 am

d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\BrowserBarDisableCT\BrowserBarDisableCT.xml
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\BrowserBarDisableCT\Forward.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\BrowserBarDisableCT\Home.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\BrowserBarDisableCT\Resource.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\CategoryTreeCT\Available.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\CategoryTreeCT\CategoryTreeCT.xml
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\CategoryTreeCT\Downloaded.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\CategoryTreeCT\Downloading.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\CategoryTreeCT\Favorite.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\CategoryTreeCT\Flashget.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\CategoryTreeCT\Release.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\CategoryTreeCT\Rubbish.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\CategoryTreeCT\Search.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\ExpBar\Expbar.xml
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\ExpBar\garage.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\ExpBar\resource.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\ExpBar\transfer.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\GlobalOptionCT\BT.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\GlobalOptionCT\EM.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\GlobalOptionCT\GlobalOptionCT.xml
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\GlobalOptionCT\HpFp.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\GlobalOptionCT\Monitor.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\GlobalOptionCT\Normal.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\GlobalOptionCT\Notify.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\GlobalOptionCT\Proxy.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\GlobalOptionCT\TaskDef.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\Info.ini
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainMenuCT\About.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainMenuCT\DeleteTask.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainMenuCT\folder.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainMenuCT\MainMenuCT.xml
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainMenuCT\MoveDownTask.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainMenuCT\MoveUpTask.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainMenuCT\NewTask.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainMenuCT\open.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainMenuCT\Option.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainMenuCT\PauseTask.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainMenuCT\Resource.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainMenuCT\StartTask.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainMenuCT\TaskProperties.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarCT\About.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarCT\DeleteTask.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarCT\Folder.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarCT\MainToolbarCT.xml
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarCT\NewTask.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarCT\Open.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarCT\Option.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarCT\PauseTask.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarCT\Resource.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarCT\StartTask.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarCT\TaskProperties.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarDisableCT\About.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarDisableCT\DeleteTask.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarDisableCT\Folder.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarDisableCT\MainToolbarDisableCT.xml
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarDisableCT\NewTask.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarDisableCT\Open.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarDisableCT\Option.bmp

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Tue Jun 16, 2009 12:08 am

d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarDisableCT\PauseTask.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarDisableCT\Resource.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarDisableCT\StartTask.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\MainToolbarDisableCT\TaskProperties.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\Monitor\InfoBkg.Bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\Monitor\MonitorBkg.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\OutpuLogCT\Down.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\OutpuLogCT\Error.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\OutpuLogCT\Normal.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\OutpuLogCT\OutpuLogCT.xml
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\OutpuLogCT\Up.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\SobarIconCT\All.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\SobarIconCT\Book.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\SobarIconCT\Bt.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\SobarIconCT\Game.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\SobarIconCT\Movie.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\SobarIconCT\Music.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\SobarIconCT\Phone.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\SobarIconCT\Picture.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\SobarIconCT\SobarIconCT.xml
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\SobarIconCT\Software.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\TaskListCT\Error.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\TaskListCT\hashing.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\TaskListCT\OK.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\TaskListCT\Pause.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\TaskListCT\Pin.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\TaskListCT\rename.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\TaskListCT\Schedule.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\TaskListCT\Start.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\TaskListCT\TaskListCT.xml
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\TaskListCT\Upload.bmp
d:\program files\FlashGet Network\Flashget\Skins\ShadowGrayBlue\TaskListCT\Wait.bmp
d:\program files\FlashGet Network\Flashget\StatInfo.ini
d:\program files\FlashGet Network\Flashget\storage.dll
d:\program files\FlashGet Network\Flashget\SysOpt.exe
d:\program files\FlashGet Network\Flashget\Temp\setup.exe
d:\program files\FlashGet Network\Flashget\transaction.log
d:\program files\FlashGet Network\Flashget\uninst.exe
d:\program files\FlashGet Network\Flashget\UpdateHelper.dll
d:\program files\FlashGet Network\Flashget\welcomepage.bmp
d:\program files\FlashGet Network\Flashget\WelcomePage.exe
d:\program files\FlashGet Network\Flashget\welcomepage.ini
d:\program files\FlashGet Network\Flashget\zlib.dll
d:\winnt\system32\admshare.dat
d:\winnt\Web\default.htt

.
((((((((((((((((((((((((( 2009-05-15 至 2009-06-15 的新的档案 )))))))))))))))))))))))))))))))

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Tue Jun 16, 2009 12:09 am

.

2009-06-15 23:30 . 2009-06-15 23:30 16384 ----a-w- d:\winnt\system32\Perflib_Perfdata_244.dat
2009-06-13 14:59 . 2009-06-13 14:59 -------- d-----w- d:\documents and settings\Jiang Luo\Application Data\Malwarebytes
2009-06-13 14:57 . 2009-05-26 17:20 40160 ----a-w- d:\winnt\system32\drivers\mbamswissarmy.sys
2009-06-13 14:57 . 2009-06-13 14:57 -------- d-----w- d:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-13 14:57 . 2009-05-26 17:19 18456 ----a-w- d:\winnt\system32\drivers\mbam.sys
2009-06-13 14:57 . 2009-06-13 14:57 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2009-06-10 22:47 . 2005-07-13 04:22 138000 ----a-w- d:\winnt\system32\dllcache\faxui.dll
2009-06-09 21:33 . 2009-06-09 21:33 152576 ----a-w- d:\documents and settings\Jiang Luo\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
2009-05-30 21:07 . 2009-05-30 21:07 -------- d-----w- d:\temp\mp3

.
(((((((((((((((((((((((((((((((((((((((( 在三个月内被修改的档案 ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-15 23:29 . 2008-08-03 00:30 78880 --sha-w- d:\winnt\system32\drivers\fidbox2.dat
2009-06-15 23:29 . 2008-08-03 00:30 67796 --sha-w- d:\winnt\system32\drivers\fidbox.idx
2009-06-15 23:29 . 2008-08-03 00:30 4519456 --sha-w- d:\winnt\system32\drivers\fidbox.dat
2009-06-15 23:29 . 2008-08-03 00:30 11600 --sha-w- d:\winnt\system32\drivers\fidbox2.idx
2009-06-15 22:57 . 2009-01-28 01:34 776 ----a-w- d:\winnt\system32\secustat.dat
2009-06-15 22:48 . 2009-01-28 01:34 3821 ----a-w- d:\winnt\system32\secushr.dat
2009-06-14 22:58 . 2009-04-25 12:10 664 ----a-w- d:\winnt\system32\d3d9caps.dat
2009-05-22 12:09 . 2008-08-03 00:30 105395 ----a-w- d:\winnt\system32\drivers\klin.dat
2009-05-22 12:09 . 2008-08-03 00:30 94643 ----a-w- d:\winnt\system32\drivers\klick.dat
2009-05-21 15:33 . 2009-01-05 00:04 410984 ----a-w- d:\winnt\system32\deploytk.dll
2009-05-09 19:38 . 2009-05-09 19:38 -------- d-----w- d:\program files\PPStream
2009-05-07 06:41 . 1980-01-01 04:00 263440 ----a-w- d:\winnt\system32\LOCALSPL.DLL
2009-05-05 19:54 . 2009-05-05 19:54 -------- d-----w- d:\documents and settings\All Users\Application Data\CCTV
2009-04-28 23:44 . 2009-04-28 23:44 4512 ----a-w- d:\winnt\unins001.dat
2009-04-28 23:44 . 2009-04-28 23:44 685322 ----a-w- d:\winnt\unins001.exe
2009-04-27 11:31 . 2008-11-05 11:25 31048 ----a-w- d:\documents and settings\Jiang Luo\Application Data\QQ\59B848686BA6270269CE15953350482D\SafeBase\selfupdate.exe
2009-04-26 08:56 . 2009-01-28 01:43 42984 ----a-w- d:\documents and settings\Jiang Luo\Application Data\CCTV\tv\cctvupdateinstall.dll
2009-04-24 09:54 . 1980-01-01 04:00 95504 ----a-w- d:\winnt\system32\WIN32SPL.DLL
2009-04-22 13:38 . 2009-04-22 13:38 437008 ----a-w- d:\winnt\system32\rpcrt4.dll
2009-04-21 19:15 . 2009-04-21 19:15 576512 ----a-w- d:\winnt\system32\WININET.DLL
2009-04-17 05:04 . 1980-01-01 04:00 1645072 ----a-w- d:\winnt\system32\WIN32K.SYS
2009-04-02 11:29 . 2009-04-02 11:29 152576 ----a-w- d:\documents and settings\Jiang Luo\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-03-18 11:35 . 2009-03-18 11:35 152576 ----a-w- d:\documents and settings\Jiang Luo\Application Data\Sun\Java\jre1.6.0_12\lzma.dll
2008-08-02 23:31 . 2008-08-02 23:31 21952 ---h--w- d:\program files\folder.htt
2008-09-19 20:55 . 2008-09-19 20:55 548864 ----a-w- d:\program files\mozilla firefox\plugins\msvcp80.dll
2008-09-19 20:55 . 2008-09-19 20:55 626688 ----a-w- d:\program files\mozilla firefox\plugins\msvcr80.dll
2008-09-19 20:55 . 2008-09-19 20:55 479232 ----a-w- d:\program files\mozilla firefox\plugins\msvcm80.dll
2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w- d:\program files\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w- d:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( 重要登入点 ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*注意* 空白与合法缺省登录将不会被显示
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PPS Accelerator"="d:\program files\PPStream\ppsap.exe" [2008-12-11 210296]
"internat.exe"="internat.exe" - d:\winnt\system32\internat.exe [1999-12-07 20752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"tsnp2std"="d:\winnt\tsnp2std.exe" [2006-01-06 110592]
"snp2std"="d:\winnt\vsnp2std.exe" [2006-01-06 344064]
"IMSCMIG40W"="d:\progra~1\COMMON~1\MICROS~1\IME\IMSC40W\IMSCMIG.EXE" [2003-12-05 24576]
"OODefragTray"="d:\winnt\system32\oodtray.exe" [2008-11-03 2540800]
"TkBellExe"="d:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-08-04 185896]
"QuickTime Task"="d:\program files\QuickTime\qttask.exe" [2007-04-27 282624]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-05-21 148888]
"TrackPointSrv"="tp4serv.exe" - d:\winnt\system32\tp4serv.exe [2002-12-03 87552]
"Synchronization Manager"="mobsync.exe" - d:\winnt\system32\mobsync.exe [2003-06-19 111376]
"TP4EX"="tp4ex.exe" - d:\winnt\system32\TP4EX.exe [2002-09-04 53248]
"WinFaxAppPortStarter"="wfxsnt40.exe" - d:\winnt\system32\WFXSNT40.EXE [2000-09-29 43008]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"internat.exe"="internat.exe" - d:\winnt\system32\internat.exe [1999-12-07 20752]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"^SetupICWDesktop"="d:\program files\Internet Explorer\Connection Wizard\icwconn1.exe" [2003-06-19 186640]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{A213B520-C6C2-11d0-AF9D-008029E1027E}"= "d:\program files\WinFax\WfxSeh32.Dll" [1998-07-27 38400]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKLM\~\startupfolder\D:^Documents and Settings^Jiang Luo^Start Menu^Programs^Startup^腾讯QQ.lnk]
path=d:\documents and settings\Jiang Luo\Start Menu\Programs\Startup\腾讯QQ.lnk
backup=d:\winnt\pss\腾讯QQ.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wfxsvc"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

R1 nbmkmd;nbmkmd;d:\winnt\system32\drivers\Nbmkmd.sys [8/02/08 8:06 PM 4512]
R2 DMIProxy;DMIProxy;d:\winnt\system32\drivers\Dmiproxy.sys [8/02/08 8:06 PM 36680]
R3 neo20xx;neo20xx;d:\winnt\system32\drivers\neo20xx.sys [8/02/08 7:19 PM 39888]
R3 solo;ESS Solo Audio Driver (WDM);d:\winnt\system32\drivers\solo.sys [4/11/07 12:04 PM 73281]
R3 Tp4Track;IBM PS/2 TrackPoint Driver;d:\winnt\system32\drivers\tp4track.sys [4/11/07 12:04 PM 14064]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - IPNAT
*NewlyCreated* - RASAUTO
*NewlyCreated* - SHAREDACCESS
.
.
------- 而外的扫描 -------
.
uStart Page = about:blank
IE: Append to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - d:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - d:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: 使用快车(Flas&hGet)下载 - d:\program files\FlashGet Network\Flashget\GetUrl.htm
IE: 使用快车(Flash&Get)下载全部链接 - d:\program files\FlashGet Network\Flashget\GetAllUrl.htm
IE: 使用快车(FlashGet)下载该网页FLV - d:\program files\FlashGet Network\Flashget\FlvDetector.htm
IE: 添加到QQ表情 - d:\program files\Tencent\QQ\AddEmotion.htm
IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
LSP: %SystemRoot%\system32\msafd.dll
DPF: {43E839C5-E10F-443A-BC1F-F09CFD2ABC77} - [You must be registered and logged in to see this link.]
DPF: {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} - [You must be registered and logged in to see this link.]
DPF: {F3E92562-1B4D-4BFA-B2D4-E9BCABE3B6A3} - [You must be registered and logged in to see this link.]
DPF: {F3E92562-1B4D-4BFA-B2D4-E9BCABE3B7A3} - [You must be registered and logged in to see this link.]
FF - ProfilePath -
.
.
------- 文件类型 -------
.
chm.file="hh.exe" %1
txtfile=d:\winnt\notepad.exe %1
.

**************************************************************************

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Tue Jun 16, 2009 12:09 am

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-06-15 19:32
Windows 5.0.2195 Service Pack 4 FAT NTAPI

扫描被隐藏的进程 。。。

扫描被隐藏的启动组 。。。

扫描被隐藏的文件 。。。

扫描完成
被隐藏的档案: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-854245398-2147029411-1343024091-1000\Software\Microsoft\Internet Explorer\MenuExt\鹠燫0RQ*Q*h埮`]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@="d:\\Program Files\\Tencent\\QQ\\AddEmotion.htm"
"contexts"=dword:00000002

[HKEY_USERS\S-1-5-21-854245398-2147029411-1343024091-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Q*Q*8nb]
"Order"=hex:08,00,00,00,02,00,00,00,be,00,00,00,01,00,00,00,02,00,00,00,54,00,
00,00,00,00,00,00,45,00,00,00,41,75,67,4d,01,00,00,00,01,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\褢鰐卙孾teHr.*M*y*N*S*H*a*n*d*l*e*r*\Clsid]
@="{E8CFC029-8420-4EAE-ADEF-915BDC77E1DC}"
.
--------------------- 运行进程下的动态链接库 ---------------------

- - - - - - - > 'winlogon.exe'(244)
d:\winnt\system32\klogon.dll
d:\winnt\system32\wzcdlg.dll
d:\winnt\system32\WZCSAPI.DLL

- - - - - - - > 'explorer.exe'(1568)
d:\winnt\AppPatch\AcLayers.DLL
d:\winnt\system32\SHDOCVW.DLL
d:\program files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scrchpg.dll
.
完成时间: 2009-06-15 19:44 - 电脑已重新启动
ComboFix-quarantined-files.txt 2009-06-15 23:44

Pre-Run: 3,359,555,584 bytes free
Post-Run: 3,358,982,144 bytes free

749 --- E O F --- 2009-06-11 01:50

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Tue Jun 16, 2009 12:11 am

sorry, it's very long report. As you saw, my regular program was deleted. I really worry COMBOFIX might ruin my working computer as well. Do you have another software what we can use instead but more safe?

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Tue Jun 16, 2009 12:14 am

Even I don't dare to try it on my working computer. it would be serious problem if my system is destroyed.

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by Belahzur on Tue Jun 16, 2009 12:23 am

Submit a file for analysis.

  1. Please visit this website: [You must be registered and logged in to see this link.]
  2. Press the "Browse" button and locate the following file in bold:
    C:\WINDOWS\system32\drivers\Nbmkmd.sys
  3. Press the "Submit File button to submit the file for analysis.
  4. Allow it to be scanned, it could take a few minutes depending on server load.
  5. Copy and paste the result back here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: can I delete System Security from XP system

Post by headache for System Secur on Tue Jun 16, 2009 12:29 am

combofix damaged my Add/Remove programs. I can't load it from control panel

headache for System Secur
Intermediate
Intermediate

Status :
Online
Offline

Posts : 101
Joined : 2009-06-13
OS : xp

View user profile

Back to top Go down

Page 1 of 3 1, 2, 3  Next

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum