GeekPolice
Welcome to GeekPolice.net!

From "wow" to "whoa" - we're teaching practical technology and helping others with tech support. Join our family here!

You are viewing the forum as a "Guest" which doesn't give you member privileges to ask questions or post comments.

Take 30 seconds to register or log in below and unlock the limitations of this website to discover new computer knowledge!

Spyware Guard 2008

View previous topic View next topic Go down

Solved Spyware Guard 2008

Post by sacsid on Fri Dec 12, 2008 2:04 pm

I have the Spyware Guard 2008. I tried to install the Malwarebytes' Anti-Malware which was recommended here[You must be registered and logged in to see this link.] but the installler will not run.

Thank you in advance for any help.

Here is my Hijack This log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:56:04 AM, on 12/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\XiMeta\NetDisk\LDServ.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\XiMeta\NetDisk\Admin.exe
C:\Program Files\My Book\WD Backup\uBBMonitor.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\My Documents\Hijack(GP)This.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [You must be registered and logged in to see this link.]
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\twext.exe,
O2 - BHO: C:\WINDOWS\system32\jsdf8j3dgf.dll - {C5BF49A2-94F3-42BD-F434-3604812C897D} - C:\WINDOWS\system32\jsdf8j3dgf.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O3 - Toolbar: (no name) - {144A6B24-0EBC-4D89-BF09-A06A718E57B5} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [AdobeVersionCue] C:\Program Files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Hquxevoyoxa] rundll32.exe "C:\WINDOWS\Qranirakipejoxir.dll",e
O4 - HKLM\..\Run: [Nhagebevaxiti] rundll32.exe "C:\WINDOWS\ugodonotudokawas.dll",e
O4 - HKLM\..\Run: [spywareguard] C:\Program Files\Spyware Guard 2008\spywareguard.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Device Detector 2.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: NetDisk Administrator.lnk = C:\Program Files\XiMeta\NetDisk\Admin.exe
O4 - Global Startup: WD Backup Monitor.lnk = C:\Program Files\My Book\WD Backup\uBBMonitor.exe
O8 - Extra context menu item: &Yahoo! Search - [You must be registered and logged in to see this link.] Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O8 - Extra context menu item: Yahoo! &Dictionary - [You must be registered and logged in to see this link.] Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - [You must be registered and logged in to see this link.] Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - [You must be registered and logged in to see this link.] Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Web Snapshot - {954A224B-F501-4911-A8BF-6709A048FD77} - C:\Program Files\Gadwin Systems\WebSnapshot\WebSnapshot.dll (HKCU)
O9 - Extra 'Tools' menuitem: Web Snapshot - {954A224B-F501-4911-A8BF-6709A048FD77} - C:\Program Files\Gadwin Systems\WebSnapshot\WebSnapshot.dll (HKCU)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - [You must be registered and logged in to see this link.]
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - [You must be registered and logged in to see this link.]
O21 - SSODL: InternetConnection - {E721C615-66C0-42D6-984C-7A63C0E28BDD} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\hjjlhyjzug.dll
O21 - SSODL: ieModule - {C1821D17-873A-4400-A326-8BF9CE148D0A} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll
O22 - SharedTaskScheduler: euphuize - {da75fab1-136e-4ead-834d-0e04fbd6edc1} - (no file)
O22 - SharedTaskScheduler: mcb7uehuj3n8weuhejsw - {C5BF49A2-94F3-42BD-F434-3604812C897D} - C:\WINDOWS\system32\jsdf8j3dgf.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: LanScsi Helper Service (LanScsiHelper) - XIMETA, Inc. - C:\Program Files\XiMeta\NetDisk\LDServ.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Sansa Updater Service (SansaService) - Unknown owner - C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
O23 - Service: SNMP Trap Service (SNMPTRAP) - Unknown owner - C:\WINDOWS\system32\snmptrap.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 11213 bytes

sacsid
Novice
Novice

Status :
Online
Offline

Posts : 7
Joined : 2008-12-12
OS : Windows XP SP2
Points : 29130
# Likes : 0

View user profile

Back to top Go down

Solved Uninstall log

Post by sacsid on Fri Dec 12, 2008 2:08 pm

Here is the uninstall log:

Ad-Aware SE Personal
Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat 6.0.1 Professional
Adobe Acrobat and Reader 6.0.3 Update
Adobe Acrobat and Reader 6.0.4 Update
Adobe Acrobat and Reader 6.0.5 Update
Adobe Acrobat and Reader 6.0.6 Update
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Creative Suite
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe PageMaker Plug-in Pack
Adobe Reader 8.1.1
Adobe Reader 8.1.2
Adobe SVG Viewer 3.0
Advanced Outlook Express Repair v1.5
Apple Software Update
ATI Control Panel
ATI Display Driver
Audacity 1.2.6
AVG Free Edition
Broadcom Gigabit Integrated Controller
CapTrue
CCleaner (remove only)
CDisplay 1.8
Compatibility Pack for the 2007 Office system
DVDx
eMule
Exact Audio Copy 0.99pb3
Express Burn
FLAC Installer 1.1.2a (remove only)
Gadwin Web Snapshot
Harry's Filters 3
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Intel(R) 537EP V9x DF PCI Modem
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
LogMeIn
LuraDocument PDF Compressor Desktop 4.2.0328
Magic Video Converter Trial Version (English) 8.0.2.18
Mail Recovery for Outlook Express
Malwarebytes' Anti-Malware
MediaMonkey 3.0
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Standard
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 6.0
mkw Audio Compression Toolkit
MonoCalendar 0.7.2
Movavi Video Converter 6
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Nero 7 Ultra Edition
Nero PhotoShow Express
NetDisk 2.3.1
OE-Mail Recovery 1.7
Olympus DSS Player 2002
Outlook Express Backup V6.5
PC Inspector smart recovery
PDFCreator
Plugin Commander Light 1.60
Plugin Galaxy DEMO 1.50
PowerArchiver 2006 v9.51
QuickTime
RealPlayer
Repair Tool for Outlook Express v.1.6.4
Rhapsody Player Engine
Sansa Updater
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
SnagIt 7
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
SoundMAX
Spelling Dictionaries Support For Adobe Reader 8
Spybot - Search & Destroy
Spybot - Search & Destroy 1.4
Spyware Guard 2008
Stat Crew Software - Control Panel
Switch Uninstall
Symantec Technical Support Web Controls
TAS Golf
TasFonts
Ulead CD & DVD PictureShow 4
Ulead Photo Explorer 8.5
Ulead VideoStudio 8.0 SE Basic
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
WavePad Uninstall
WD Backup
WD Diagnostics
WD Firewire HID Driver
Web Album Generator 1.8.2
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Service Pack 3
Xerox Support Centre
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger

sacsid
Novice
Novice

Status :
Online
Offline

Posts : 7
Joined : 2008-12-12
OS : Windows XP SP2
Points : 29130
# Likes : 0

View user profile

Back to top Go down

Solved Re: Spyware Guard 2008

Post by Belahzur on Fri Dec 12, 2008 5:18 pm


  • Download combofix from here, use the top links - [You must be registered and logged in to see this link.]
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245039
# Likes : 1

View user profile

Back to top Go down

Solved Re: Spyware Guard 2008

Post by sacsid on Fri Dec 12, 2008 5:36 pm

ComboFix 08-12-11.06 - Owner 2008-12-12 12:25:00.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.574 [GMT -5:00]
Running from: c:\documents and settings\Owner\My Documents\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\moduleie.dll
c:\documents and settings\All Users\Application Data\svhost.exe
c:\documents and settings\NetworkService\Application Data\twain_32
c:\documents and settings\NetworkService\Application Data\twain_32\user.ds
c:\windows\Readme.txt
c:\windows\system32\TDSSwgqt.dat
c:\windows\system32\winscenter.exe
G:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_TDSSSERV.SYS
-------\Service_TDSSserv.sys


((((((((((((((((((((((((( Files Created from 2008-11-12 to 2008-12-12 )))))))))))))))))))))))))))))))
.

2008-12-12 11:49 . 2008-12-12 11:49 410,984 --a------ c:\windows\system32\deploytk.dll
2008-12-12 03:02 . 2008-12-12 03:02 118 --a------ c:\windows\system32\MRT.INI
2008-12-12 03:00 . 2008-12-12 03:02 1,393 --a------ c:\windows\imsins.BAK
2008-12-11 15:30 . 2008-12-11 15:30 d-------- C:\Spyware Guard 2008
2008-12-10 12:30 . 2008-12-10 12:34 d-------- C:\Movavi files
2008-12-10 11:51 . 2008-12-10 11:51 d-------- c:\documents and settings\All Users\Application Data\Movavi Video Converter 6
2008-12-10 11:48 . 2008-10-07 00:16 d-------- c:\program files\Movavi Video Converter 6
2008-12-10 11:47 . 2008-12-10 11:47 54,156 --ah----- c:\windows\QTFont.qfn
2008-12-10 11:47 . 2008-12-10 11:47 1,409 --a------ c:\windows\QTFont.for
2008-12-10 11:39 . 2008-12-10 11:39 141,312 --a------ c:\windows\ugodonotudokawas.dll
2008-12-10 11:28 . 2008-12-10 11:28 d-------- c:\program files\Magic Video Converter
2008-12-10 11:28 . 2004-05-26 21:37 719,872 --a------ c:\windows\system32\devil.dll
2008-12-10 11:28 . 2003-03-19 11:03 544,768 --a------ c:\windows\system32\msvcr71d.dll
2008-12-10 11:28 . 2006-09-16 19:44 314,368 --a------ c:\windows\system32\avisynth.dll
2008-12-10 11:27 . 2008-12-10 11:27 62,976 --a------ C:\hlmbqjx.exe
2008-12-10 11:27 . 2008-12-10 11:27 37,376 --a------ c:\windows\Qranirakipejoxir.dll
2008-12-10 11:27 . 2008-12-10 11:27 37,376 --a------ C:\mvasd.exe
2008-12-10 11:27 . 2008-12-10 11:27 2 --a------ C:\-800434012
2008-12-10 11:16 . 2008-12-10 11:16 d-------- c:\documents and settings\Owner\Application Data\AVS4YOU
2008-12-10 11:16 . 2008-12-10 11:16 d-------- c:\documents and settings\All Users\Application Data\AVS4YOU
2008-12-10 11:15 . 2008-12-10 11:26 d-------- c:\program files\Common Files\AVSMedia
2008-12-10 11:15 . 2008-12-10 11:26 d-------- c:\program files\AVS4YOU
2008-12-10 11:15 . 2007-02-27 18:36 1,700,352 --a------ c:\windows\system32\GdiPlus.dll
2008-12-10 11:15 . 2007-02-27 18:36 974,848 --a------ c:\windows\system32\mfc70.dll
2008-12-10 11:15 . 2007-02-27 18:36 487,424 --a------ c:\windows\system32\msvcp70.dll
2008-12-10 11:15 . 2007-02-27 18:36 24,576 --a------ c:\windows\system32\msxml3a.dll
2008-12-05 10:14 . 2008-12-05 10:14 d-------- c:\program files\Convar
2008-12-05 10:14 . 2003-07-18 13:58 516,784 -ra------ c:\windows\system32\XceedCry.dll
2008-12-05 10:14 . 2002-02-28 09:46 217,088 --a------ c:\windows\system32\DartSock.dll
2008-12-05 10:14 . 2002-02-21 10:12 118,784 --a------ c:\windows\system32\DartWeb.dll
2008-12-05 10:14 . 1998-06-18 00:00 89,360 --a------ c:\windows\system32\VB5DB.DLL
2008-12-05 10:14 . 1998-06-13 22:53 44,544 --a------ c:\windows\system32\Gif89.dll
2008-12-05 10:14 . 2002-04-12 13:19 28,672 --a------ c:\windows\system32\DartWeb.oca
2008-11-13 12:04 . 2008-11-13 12:04 d-------- c:\documents and settings\All Users\Application Data\Ahead
2008-11-12 14:42 . 2008-09-04 12:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-12 14:42 . 2008-10-24 06:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-12 16:49 --------- d-----w c:\program files\Java
2008-12-12 16:43 --------- d-----w c:\documents and settings\All Users\Application Data\avg7
2008-12-12 14:15 --------- d-----w c:\program files\eMule
2008-12-12 08:08 --------- d-----w c:\program files\LogMeIn
2008-12-12 08:07 --------- d-----w c:\documents and settings\Owner\Application Data\uTorrent
2008-12-11 20:54 --------- d-----w c:\documents and settings\Owner\Application Data\AdobeUM
2008-12-10 16:45 --------- d-----w c:\documents and settings\Owner\Application Data\AVG7
2008-12-10 16:31 --------- d-----w c:\program files\Total Video Converter
2008-12-05 15:14 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-29 17:59 --------- d--h--w c:\documents and settings\Owner\Application Data\FVSTemp
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-20 12:06 87,352 ----a-w c:\windows\system32\LMIinit.dll
2008-10-20 12:06 83,288 ----a-w c:\windows\system32\LMIRfsClientNP.dll
2008-10-20 12:06 47,640 ----a-w c:\windows\system32\drivers\LMIRfsDriver.sys
2008-10-20 12:06 28,984 ----a-w c:\windows\system32\LMIport.dll
2008-10-20 12:06 23,736 ----a-w c:\windows\system32\lmimirr.dll
2008-10-20 12:06 10,040 ----a-w c:\windows\system32\lmimirr2.dll
2008-10-16 20:40 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-16 20:38 826,368 ----a-w c:\windows\system32\wininet.dll
2008-10-16 19:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 19:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 19:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 19:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 19:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 19:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 19:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 19:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-15 20:16 --------- d-----w c:\program files\CVision
2008-10-15 20:01 --------- d-----w c:\program files\LuraTech
2008-10-15 19:50 --------- d-----w c:\documents and settings\Owner\Application Data\Nitro PDF
2008-10-15 19:49 --------- d-----w c:\documents and settings\All Users\Application Data\Nitro PDF
2008-10-13 22:19 --------- d-----w c:\program files\Applications
2008-10-13 22:13 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2008-10-13 22:13 --------- d-----w c:\documents and settings\Owner\Application Data\Malwarebytes
2008-10-13 22:13 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2008-10-13 22:09 --------- d-----w c:\program files\Common Files\Download Manager
2008-10-13 22:05 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-10-13 21:51 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-10-13 21:47 --------- d-----w c:\program files\TeaTimer (Spybot - Search & Destroy)
2008-10-13 21:47 --------- d-----w c:\program files\SDHelper (Spybot - Search & Destroy)
2008-10-13 21:41 --------- d-----w c:\program files\Last.fm
2008-10-13 21:41 --------- d-----w c:\documents and settings\All Users\Application Data\Last.fm
2008-10-03 10:02 247,326 ----a-w c:\windows\system32\strmdll.dll
2008-09-30 21:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-29 18:33 227,664 ----a-w c:\documents and settings\Owner\Application Data\GDIPFONTCACHEV1.DAT
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-07-24 14:44 66,360 ----a-w c:\documents and settings\Owner\g2ax_customer_downloadhelper_win32_x86.exe
2008-09-10 13:15 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008091020080911\index.dat
.

sacsid
Novice
Novice

Status :
Online
Offline

Posts : 7
Joined : 2008-12-12
OS : Windows XP SP2
Points : 29130
# Likes : 0

View user profile

Back to top Go down

Solved Re: Spyware Guard 2008

Post by sacsid on Fri Dec 12, 2008 5:37 pm

Too big for one post, so here is the second part of the log



((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2007-03-01 4670968]
"PhotoShow Deluxe Media Manager"="c:\progra~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe" [2005-02-25 212992]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-11-10 94208]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 1832272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"AVG7_CC"="c:\progra~1\Grisoft\AVGFRE~1\avgcc.exe" [2008-10-17 590848]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2003-08-06 114741]
"StorageGuard"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-02-13 155648]
"AdobeVersionCue"="c:\program files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe" [2004-03-25 1732608]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2007-04-17 63048]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2006-10-23 40048]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-03-14 185896]
"Hquxevoyoxa"="c:\windows\Qranirakipejoxir.dll" [2008-12-10 37376]
"Nhagebevaxiti"="c:\windows\ugodonotudokawas.dll" [2008-12-10 141312]
"WD Button Manager"="WDBtnMgr.exe" [2007-09-06 c:\windows\system32\WDBtnMgr.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="c:\progra~1\Grisoft\AVGFRE~1\avgw.exe" [2007-10-25 219136]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - c:\program files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe [2003-10-23 217194]
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-03-27 110592]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2007-05-11 738968]
Device Detector 2.lnk - c:\program files\Olympus\DeviceDetector\DevDtct2.exe [2007-07-30 94208]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
Microsoft Works Calendar Reminders.lnk - c:\program files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe [2000-07-10 24633]
NetDisk Administrator.lnk - c:\program files\XiMeta\NetDisk\Admin.exe [2004-01-14 131167]
WD Backup Monitor.lnk - c:\program files\My Book\WD Backup\uBBMonitor.exe [2007-09-06 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-10-20 07:06 87352 c:\windows\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"vidc.dvsd"= pdvcodec.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Grisoft\\AVG Free\\avginet.exe"=
"c:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe"=
"c:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe"=
"c:\\Program Files\\Grisoft\\AVG Free\\avgemc.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Documents and Settings\\Owner\\My Documents\\utorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R2 LanScsiHelper;LanScsi Helper Service;"c:\program files\XiMeta\NetDisk\LDServ.exe" [2004-01-14 94305]
R2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys [2007-04-17 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\c:\windows\system32\drivers\LMIRfsDriver.sys [2007-09-07 47640]
R2 lpx;LPX Protocol;c:\windows\system32\DRIVERS\lpx.sys [2004-01-14 108032]
R3 lanscsibus;LANSCSI Bus Driver for NetDisk;c:\windows\system32\DRIVERS\lanscsibus.sys [2004-01-14 30336]
S3 Tfssvdfacesm;Tfssvdfacesm; []
S3 Wdnsasiodd;Wdnsasiodd; []
S4 LMIRfsClientNP;LMIRfsClientNP; []
.
Contents of the 'Scheduled Tasks' folder

2008-12-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-01-10 14:42]
.
- - - - ORPHANS REMOVED - - - -

Toolbar-{144A6B24-0EBC-4D89-BF09-A06A718E57B5} - (no file)
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
WebBrowser-{144A6B24-0EBC-4D89-BF09-A06A718E57B5} - (no file)
HKLM-Run-NWEReboot - (no file)


.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
IE: &Yahoo! Search - [You must be registered and logged in to see this link.] files\Yahoo!\Common/ycsrch.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Yahoo! &Dictionary - [You must be registered and logged in to see this link.] files\Yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - [You must be registered and logged in to see this link.] files\Yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - [You must be registered and logged in to see this link.] files\Yahoo!\Common/ycsms.htm

O16 -: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243}
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2008-12-12 12:28:00
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(616)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Java\jre6\bin\jusched.exe
c:\progra~1\Grisoft\AVGFRE~1\avgamsvr.exe
c:\progra~1\Grisoft\AVGFRE~1\avgupsvc.exe
c:\progra~1\Grisoft\AVGFRE~1\avgemc.exe
c:\windows\system32\rundll32.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\LogMeIn\x86\ramaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\LogMeIn\x86\LMIGuardian.exe
c:\program files\SanDisk\Sansa Updater\SansaSvr.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2008-12-12 12:32:35 - machine was rebooted
ComboFix-quarantined-files.txt 2008-12-12 17:32:32

Pre-Run: 20,877,180,928 bytes free
Post-Run: 20,817,047,552 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

241 --- E O F --- 2008-12-12 08:03:04

sacsid
Novice
Novice

Status :
Online
Offline

Posts : 7
Joined : 2008-12-12
OS : Windows XP SP2
Points : 29130
# Likes : 0

View user profile

Back to top Go down

Solved Re: Spyware Guard 2008

Post by Belahzur on Fri Dec 12, 2008 6:02 pm

Now open a new notepad file.
Input this into the notepad file:

File::
c:\windows\Qranirakipejoxir.dll
C:\hlmbqjx.exe
C:\mvasd.exe
c:\windows\ugodonotudokawas.dll

Folder::
C:\Spyware Guard 2008

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Hquxevoyoxa"=-
"Nhagebevaxiti"=-

Save this as CFScript.txt, save it to your desktop also.
Then drag and drop CFScript.txt into combofix as seen below:


This will open combofix.exe again, agree to it's terms and allow it to run, it may want to reboot after it's done. Post the resulting log back here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245039
# Likes : 1

View user profile

Back to top Go down

Solved Re: Spyware Guard 2008

Post by sacsid on Fri Dec 12, 2008 6:18 pm

Here is the new log.
Quick question - I have Spybot-SD Resident and it keeps popping up about the registry changes. Are these good changes that Combo fix is making? I hit deny, just to be safe. Should I disable it?


ComboFix 08-12-11.06 - Owner 2008-12-12 13:06:44.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.546 [GMT -5:00]
Running from: c:\documents and settings\Owner\My Documents\ComboFix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFscript.txt
* Created a new restore point

FILE ::
C:\hlmbqjx.exe
C:\mvasd.exe
c:\windows\Qranirakipejoxir.dll
c:\windows\ugodonotudokawas.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\hlmbqjx.exe
C:\mvasd.exe
C:\Spyware Guard 2008
c:\spyware guard 2008\Spyware Guard 2008.lnk
c:\spyware guard 2008\Uninstall.lnk
c:\windows\Qranirakipejoxir.dll
c:\windows\ugodonotudokawas.dll

.
((((((((((((((((((((((((( Files Created from 2008-11-12 to 2008-12-12 )))))))))))))))))))))))))))))))
.

2008-12-12 11:49 . 2008-12-12 11:49 410,984 --a------ c:\windows\system32\deploytk.dll
2008-12-12 03:02 . 2008-12-12 03:02 118 --a------ c:\windows\system32\MRT.INI
2008-12-12 03:00 . 2008-12-12 03:02 1,393 --a------ c:\windows\imsins.BAK
2008-12-10 12:30 . 2008-12-10 12:34 d-------- C:\Movavi files
2008-12-10 11:51 . 2008-12-10 11:51 d-------- c:\documents and settings\All Users\Application Data\Movavi Video Converter 6
2008-12-10 11:48 . 2008-10-07 00:16 d-------- c:\program files\Movavi Video Converter 6
2008-12-10 11:47 . 2008-12-10 11:47 54,156 --ah----- c:\windows\QTFont.qfn
2008-12-10 11:47 . 2008-12-10 11:47 1,409 --a------ c:\windows\QTFont.for
2008-12-10 11:28 . 2008-12-10 11:28 d-------- c:\program files\Magic Video Converter
2008-12-10 11:28 . 2004-05-26 21:37 719,872 --a------ c:\windows\system32\devil.dll
2008-12-10 11:28 . 2003-03-19 11:03 544,768 --a------ c:\windows\system32\msvcr71d.dll
2008-12-10 11:28 . 2006-09-16 19:44 314,368 --a------ c:\windows\system32\avisynth.dll
2008-12-10 11:27 . 2008-12-10 11:27 2 --a------ C:\-800434012
2008-12-10 11:16 . 2008-12-10 11:16 d-------- c:\documents and settings\Owner\Application Data\AVS4YOU
2008-12-10 11:16 . 2008-12-10 11:16 d-------- c:\documents and settings\All Users\Application Data\AVS4YOU
2008-12-10 11:15 . 2008-12-10 11:26 d-------- c:\program files\Common Files\AVSMedia
2008-12-10 11:15 . 2008-12-10 11:26 d-------- c:\program files\AVS4YOU
2008-12-10 11:15 . 2007-02-27 18:36 1,700,352 --a------ c:\windows\system32\GdiPlus.dll
2008-12-10 11:15 . 2007-02-27 18:36 974,848 --a------ c:\windows\system32\mfc70.dll
2008-12-10 11:15 . 2007-02-27 18:36 487,424 --a------ c:\windows\system32\msvcp70.dll
2008-12-10 11:15 . 2007-02-27 18:36 24,576 --a------ c:\windows\system32\msxml3a.dll
2008-12-05 10:14 . 2008-12-05 10:14 d-------- c:\program files\Convar
2008-12-05 10:14 . 2003-07-18 13:58 516,784 -ra------ c:\windows\system32\XceedCry.dll
2008-12-05 10:14 . 2002-02-28 09:46 217,088 --a------ c:\windows\system32\DartSock.dll
2008-12-05 10:14 . 2002-02-21 10:12 118,784 --a------ c:\windows\system32\DartWeb.dll
2008-12-05 10:14 . 1998-06-18 00:00 89,360 --a------ c:\windows\system32\VB5DB.DLL
2008-12-05 10:14 . 1998-06-13 22:53 44,544 --a------ c:\windows\system32\Gif89.dll
2008-12-05 10:14 . 2002-04-12 13:19 28,672 --a------ c:\windows\system32\DartWeb.oca
2008-11-13 12:04 . 2008-11-13 12:04 d-------- c:\documents and settings\All Users\Application Data\Ahead
2008-11-12 14:42 . 2008-09-04 12:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-12 14:42 . 2008-10-24 06:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-12 16:49 --------- d-----w c:\program files\Java
2008-12-12 16:43 --------- d-----w c:\documents and settings\All Users\Application Data\avg7
2008-12-12 14:15 --------- d-----w c:\program files\eMule
2008-12-12 08:08 --------- d-----w c:\program files\LogMeIn
2008-12-12 08:07 --------- d-----w c:\documents and settings\Owner\Application Data\uTorrent
2008-12-11 20:54 --------- d-----w c:\documents and settings\Owner\Application Data\AdobeUM
2008-12-10 16:45 --------- d-----w c:\documents and settings\Owner\Application Data\AVG7
2008-12-10 16:31 --------- d-----w c:\program files\Total Video Converter
2008-12-05 15:14 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-29 17:59 --------- d--h--w c:\documents and settings\Owner\Application Data\FVSTemp
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-20 12:06 47,640 ----a-w c:\windows\system32\drivers\LMIRfsDriver.sys
2008-10-16 20:40 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-15 20:16 --------- d-----w c:\program files\CVision
2008-10-15 20:01 --------- d-----w c:\program files\LuraTech
2008-10-15 19:50 --------- d-----w c:\documents and settings\Owner\Application Data\Nitro PDF
2008-10-15 19:49 --------- d-----w c:\documents and settings\All Users\Application Data\Nitro PDF
2008-10-13 22:19 --------- d-----w c:\program files\Applications
2008-10-13 22:13 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2008-10-13 22:13 --------- d-----w c:\documents and settings\Owner\Application Data\Malwarebytes
2008-10-13 22:13 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2008-10-13 22:09 --------- d-----w c:\program files\Common Files\Download Manager
2008-10-13 22:05 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-10-13 21:51 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-10-13 21:47 --------- d-----w c:\program files\TeaTimer (Spybot - Search & Destroy)
2008-10-13 21:47 --------- d-----w c:\program files\SDHelper (Spybot - Search & Destroy)
2008-10-13 21:41 --------- d-----w c:\program files\Last.fm
2008-10-13 21:41 --------- d-----w c:\documents and settings\All Users\Application Data\Last.fm
2008-09-29 18:33 227,664 ----a-w c:\documents and settings\Owner\Application Data\GDIPFONTCACHEV1.DAT
2008-07-24 14:44 66,360 ----a-w c:\documents and settings\Owner\g2ax_customer_downloadhelper_win32_x86.exe
2008-09-10 13:15 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008091020080911\index.dat
.

((((((((((((((((((((((((((((( [You must be registered and logged in to see this link.] )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-12-12 18:10:36 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_668.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2007-03-01 4670968]
"PhotoShow Deluxe Media Manager"="c:\progra~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe" [2005-02-25 212992]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-11-10 94208]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 1832272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"AVG7_CC"="c:\progra~1\Grisoft\AVGFRE~1\avgcc.exe" [2008-10-17 590848]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2003-08-06 114741]
"StorageGuard"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-02-13 155648]
"AdobeVersionCue"="c:\program files\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe" [2004-03-25 1732608]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2007-04-17 63048]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2006-10-23 40048]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-03-14 185896]
"WD Button Manager"="WDBtnMgr.exe" [2007-09-06 c:\windows\system32\WDBtnMgr.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="c:\progra~1\Grisoft\AVGFRE~1\avgw.exe" [2007-10-25 219136]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - c:\program files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe [2003-10-23 217194]
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-03-27 110592]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2007-05-11 738968]
Device Detector 2.lnk - c:\program files\Olympus\DeviceDetector\DevDtct2.exe [2007-07-30 94208]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
Microsoft Works Calendar Reminders.lnk - c:\program files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe [2000-07-10 24633]
NetDisk Administrator.lnk - c:\program files\XiMeta\NetDisk\Admin.exe [2004-01-14 131167]
WD Backup Monitor.lnk - c:\program files\My Book\WD Backup\uBBMonitor.exe [2007-09-06 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-10-20 07:06 87352 c:\windows\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"vidc.dvsd"= pdvcodec.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Grisoft\\AVG Free\\avginet.exe"=
"c:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe"=
"c:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe"=
"c:\\Program Files\\Grisoft\\AVG Free\\avgemc.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Documents and Settings\\Owner\\My Documents\\utorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R2 LanScsiHelper;LanScsi Helper Service;"c:\program files\XiMeta\NetDisk\LDServ.exe" [2004-01-14 94305]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\c:\windows\system32\drivers\LMIRfsDriver.sys [2007-09-07 47640]
R2 lpx;LPX Protocol;c:\windows\system32\DRIVERS\lpx.sys [2004-01-14 108032]
R3 lanscsibus;LANSCSI Bus Driver for NetDisk;c:\windows\system32\DRIVERS\lanscsibus.sys [2004-01-14 30336]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys [2007-04-17 12856]
S3 Tfssvdfacesm;Tfssvdfacesm; []
S3 Wdnsasiodd;Wdnsasiodd; []
S4 LMIRfsClientNP;LMIRfsClientNP; []
.
Contents of the 'Scheduled Tasks' folder

2008-12-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-01-10 14:42]
.
- - - - ORPHANS REMOVED - - - -

Toolbar-{144A6B24-0EBC-4D89-BF09-A06A718E57B5} - (no file)
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
WebBrowser-{144A6B24-0EBC-4D89-BF09-A06A718E57B5} - (no file)
HKLM-Run-Hquxevoyoxa - c:\windows\Qranirakipejoxir.dll
HKLM-Run-Nhagebevaxiti - c:\windows\ugodonotudokawas.dll


.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
IE: &Yahoo! Search - [You must be registered and logged in to see this link.] files\Yahoo!\Common/ycsrch.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Yahoo! &Dictionary - [You must be registered and logged in to see this link.] files\Yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - [You must be registered and logged in to see this link.] files\Yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - [You must be registered and logged in to see this link.] files\Yahoo!\Common/ycsms.htm
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2008-12-12 13:10:52
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(592)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\progra~1\Grisoft\AVGFRE~1\avgamsvr.exe
c:\progra~1\Grisoft\AVGFRE~1\avgupsvc.exe
c:\progra~1\Grisoft\AVGFRE~1\avgemc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\SanDisk\Sansa Updater\SansaSvr.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2008-12-12 13:15:29 - machine was rebooted
ComboFix-quarantined-files.txt 2008-12-12 18:15:26
ComboFix2.txt 2008-12-12 17:32:36

Pre-Run: 20,803,764,224 bytes free
Post-Run: 20,794,654,720 bytes free

210 --- E O F --- 2008-12-12 08:03:04

sacsid
Novice
Novice

Status :
Online
Offline

Posts : 7
Joined : 2008-12-12
OS : Windows XP SP2
Points : 29130
# Likes : 0

View user profile

Back to top Go down

Solved Re: Spyware Guard 2008

Post by Belahzur on Fri Dec 12, 2008 6:22 pm

Hello.
Looks good now, what problems remain?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245039
# Likes : 1

View user profile

Back to top Go down

Solved Re: Spyware Guard 2008

Post by sacsid on Fri Dec 12, 2008 6:23 pm

Everything seems good. Thank you very much for your help

sacsid
Novice
Novice

Status :
Online
Offline

Posts : 7
Joined : 2008-12-12
OS : Windows XP SP2
Points : 29130
# Likes : 0

View user profile

Back to top Go down

Solved Re: Spyware Guard 2008

Post by Belahzur on Fri Dec 12, 2008 6:25 pm

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Updating Java:

  • Download the latest version of [You must be registered and logged in to see this link.].
  • Select the first option where it says "Java SE Runtime Environment (JRE) 6 Update 11".
  • Click the "Download" button to the right.
  • In the Window that opens, select your platform and language, check the "agree" box, and click Continue.
  • Click on the link to download Windows Offline Installation and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add or Remove Programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
    - Examples of older versions in Add or Remove Programs:
    - Java 2 Runtime Environment, SE v1.4.2
    - J2SE Runtime Environment 5.0
    - J2SE Runtime Environment 5.0 Update 2
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u11-windows-i586-p.exe that you downloaded to install the newest version.
Please make sure the new version of Java is installed before you run JavaRa.

Please download JavaRa from [You must be registered and logged in to see this link.]

  • First, unzip it.
  • Then run JavaRa.
  • Select English from the drop down menu and press Select.
  • This will open JavaRa.
  • Press Remove older versions
  • Press yes to the prompt.
  • It will make a log file of what it's removed.
  • Copy and paste the log back here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245039
# Likes : 1

View user profile

Back to top Go down

Solved Re: Spyware Guard 2008

Post by sacsid on Fri Dec 12, 2008 6:47 pm

Here is the log you requested. Thanks for the tip on the Java.

JavaRa 1.11 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Fri Dec 12 13:46:26 2008

Found and removed: C:\Program Files\Java\jre1.6.0_01

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_01\

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

------------------------------------

Finished reporting.

sacsid
Novice
Novice

Status :
Online
Offline

Posts : 7
Joined : 2008-12-12
OS : Windows XP SP2
Points : 29130
# Likes : 0

View user profile

Back to top Go down

Solved Re: Spyware Guard 2008

Post by Doctor Inferno on Thu Jan 15, 2009 8:31 am

Since this issue is resolved, this topic is closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

Everyone else, please open a new topic for your questions.


Please be a GeekPolice fan on [You must be registered and logged in to see this link.]



Have we helped you? [You must be registered and logged in to see this link.] | Doctor by day, ninja by night.

Doctor Inferno
Administrator
Administrator

Status :
Online
Offline

Posts : 12017
Joined : 2007-12-26
Gender : Male
OS : Windows 7 Home Premium and Ultimate X64
Points : 104574
# Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum