We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide
How to remove Trojans from my computer
Comments
-
What happens when you try to?
Download SUPERANTISPYWARE (Make sure you click 'DOWNLOAD LATEST VERSION')
http://www.filehippo.com/download_superantispyware/
UPDATE and PERFORM COMPLETE SCAN
Installed SUPERANTISPYWARE but when I tried to open it a message came up that it had encountered a problem and needed to close. Tried it again in safe mode but the same thing happened.0 -
Have another error message saying you cannot rename COMBOFIX COMBOFIX[1]0
-
Right click it and RENAME and call it 'QWERTY' (Making the full name 'QWERTY.exe')
Try running that:idea:0 -
This is from the Combofix scan.
ComboFix 09-03-31.01 - Fiona 2009-03-31 19:50:25.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.510.290 [GMT 1:00]
Running from: c:\documents and settings\Fiona\Desktop\QWERTY.exe.exe
AV: BitDefender Antivirus *On-access scanning disabled* (Updated)
FW: BitDefender Firewall *disabled*
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Setti
c:\program files\FunWebProducts
c:\program files\FunWebProducts\Shared\00068995.dat
c:\program files\Instant Messenger Names
c:\windows\system32\drivers\UACfrqfoewm.sys
c:\windows\system32\lowsec
c:\windows\system32\lowsec\local.ds
c:\windows\system32\lowsec\user.ds
c:\windows\system32\lowsec\user.ds.lll
c:\windows\system32\sdra64.exe
c:\windows\system32\UACdkhusint.dll
c:\windows\system32\UACijptsrsp.log
c:\windows\system32\uacinit.dll
c:\windows\system32\UACixthwmne.dat
c:\windows\system32\UACpbfwyyge.dll
c:\windows\system32\UACqelrvjyv.dll
c:\windows\system32\UACvextauro.dll
c:\windows\system32\UACvxdkbyrw.dll
c:\windows\system32\UACyfvkmlup.log
c:\windows\system32\UACyqxovubu.log
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
\Service_UACd.sys
((((((((((((((((((((((((( Files Created from 2009-02-28 to 2009-03-31 )))))))))))))))))))))))))))))))
.
2009-03-31 18:38 . 2009-03-31 18:38 <DIR> d
c:\program files\SUPERAntiSpyware
2009-03-31 18:38 . 2009-03-31 18:38 <DIR> d
c:\documents and settings\Fiona\Application Data\SUPERAntiSpyware.com
2009-03-31 18:37 . 2009-03-31 18:37 <DIR> d
c:\program files\Common Files\Wise Installation Wizard
2009-03-31 17:34 . 2009-03-31 17:34 <DIR> d
c:\program files\Malwarebytes' Anti-Malware
2009-03-31 17:34 . 2009-03-31 17:34 <DIR> d
c:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-31 17:34 . 2009-03-26 16:49 38,496 --a
c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-31 17:34 . 2009-03-26 16:49 15,504 --a
c:\windows\system32\drivers\mbam.sys
2009-03-31 15:33 . 2009-03-31 15:33 <DIR> d
c:\program files\Trend Micro
2009-03-30 13:38 . 2009-03-30 13:38 <DIR> d
c:\program files\Common Files\Adobe AIR
2009-03-25 18:48 . 2009-03-28 21:42 753 --a
c:\windows\system32\BDUpdateV1.xml
2009-03-24 21:45 . 2009-03-24 21:45 850 --a
c:\windows\system32\ProductTweaks.xml
2009-03-24 21:45 . 2009-03-24 21:45 385 --a
c:\windows\system32\user_gensett.xml
2009-03-24 21:42 . 2009-03-24 21:42 <DIR> d
c:\documents and settings\Fiona\Application Data\BitDefender
2009-03-24 21:42 . 2009-03-24 21:44 <DIR> d
c:\documents and settings\All Users\Application Data\BitDefender
2009-02-15 15:45 . 2009-02-15 15:45 <DIR> d
c:\program files\U211DVD1
2009-02-03 18:03 . 2009-02-03 18:03 104,328 --a
c:\windows\system32\drivers\bdfndisf.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-31 17:47
d
w c:\documents and settings\Fiona\Application Data\StarOffice8
2009-03-31 17:44 81,984 ----a-w c:\windows\system32\bdod.bin
2009-03-30 12:37
d
w c:\program files\Common Files\Adobe
2009-03-27 20:07
d
w c:\documents and settings\Fiona\Application Data\Skype
2009-03-25 22:15
d
w c:\program files\Common Files\Blizzard Entertainment
2009-03-24 20:42
d
w c:\program files\Common Files\BitDefender
2009-03-24 20:42
d
w c:\program files\BitDefender
2009-03-16 12:32 6,736 --sha-w c:\windows\system32\KGyGaAvL.sys
2009-02-09 10:19 1,846,272 ----a-w c:\windows\system32\win32k.sys
2009-02-09 10:19 1,846,272
w c:\windows\system32\dllcache\win32k.sys
2009-01-16 21:35 3,594,752 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-12-19 09:10 70,656
w c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 09:10 13,824
w c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 05:25 634,024
w c:\windows\system32\dllcache\iexplore.exe
2008-12-19 05:23 161,792
w c:\windows\system32\dllcache\ieakui.dll
2008-12-12 11:18 87,336 ----a-w c:\windows\system32\dns-sd.exe
2008-12-12 11:11 61,440 ----a-w c:\windows\system32\dnssd.dll
2008-12-11 11:57 333,184
w c:\windows\system32\dllcache\srv.sys
2008-12-05 07:12 144,896 ----a-w c:\windows\system32\schannel.dll
2008-12-05 07:12 144,896
w c:\windows\system32\dllcache\schannel.dll
2006-08-13 13:17 88 --sh--r c:\windows\system32\F3A8F1F704.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-05 94208]
"Corel Photo Downloader"="c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe" [2006-02-09 106496]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2007-05-17 180269]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-11-07 111936]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"BDAgent"="c:\program files\BitDefender\BitDefender 2009\bdagent.exe" [2009-01-09 741376]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2009\IEShow.exe" [2008-10-17 69632]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
c:\documents and settings\Fiona\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-09-12 384000]
StarOffice 8.lnk - c:\program files\Sun\StarOffice 8\program\quickstart.exe [2006-01-25 122880]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"!!5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 12:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AOL 9.0 Tray Icon.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\AOL 9.0 Tray Icon.lnk
backup=c:\windows\pss\AOL 9.0 Tray Icon.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^broadband medic.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\broadband medic.lnk
backup=c:\windows\pss\broadband medic.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Google Updater.lnk
backup=c:\windows\pss\Google Updater.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
-ra
2007-01-10 12:06 71216 c:\program files\Common Files\AOL\ACS\AOLDial.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
--a
2006-02-09 23:34 106496 c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
--a
2005-04-05 19:19 77824 c:\windows\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a
2008-11-20 14:20 290088 c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
--a
2003-12-30 10:40 380928 c:\progra~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a
2004-10-13 17:24 1694208 c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a
2007-01-19 12:54 5674352 c:\program files\MSN Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
--a
2005-04-05 19:23 114688 c:\windows\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
--a
2007-06-16 00:15 366400 c:\program files\Picasa2\PicasaMediaDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a
2008-11-04 11:30 413696 c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\REGSHAVE]
2002-02-04 22:32 53248 c:\program files\REGSHAVE\REGSHAVE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
--a
2007-05-11 13:20 23395880 c:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a
2005-11-10 14:03 36975 c:\program files\Java\jre1.5.0_06\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a
2007-05-17 18:17 180269 c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\AOL 9.0\\waol.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys [2008-10-06 82696]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [2008-09-18 111112]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [2009-02-03 104328]
S3 Arrakis3;BitDefender Arrakis Server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
.
Contents of the 'Scheduled Tasks' folder
2009-03-31 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
2009-03-26 c:\windows\Tasks\Back Up.job
- c:\program files\BitDefender\BitDefender Backup\backup.exe []
2009-03-26 c:\windows\Tasks\Backup Files.job
- c:\program files\BitDefender\BitDefender Backup\backup.exe []
2009-03-31 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 12:20]
2008-06-29 c:\windows\Tasks\SpywareBot Scheduled Scan.job
- c:\program files\SpywareBot\SpywareBot.exe []
2008-06-29 c:\windows\Tasks\SpywareBot Scheduled Scan.job
- c:\program files\SpywareBot []
.
- - - - ORPHANS REMOVED - - - -
MSConfigStartUp-SDTray - c:\program files\Spyware Doctor\SDTrayApp.exe
.
Supplementary Scan
.
uStart Page = hxxp://www.google.co.uk/
uInternet Connection Wizard,ShellNext = hxxp://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchURL,(Default) = hxxp://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - [URL]file://c:\windows\Java\classes\xmldso.cab[/URL]
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-31 19:59:58
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
DLLs Loaded Under Running Processes
- - - - - - - > 'winlogon.exe'(1240)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
Completion time: 2009-03-31 20:03:50
ComboFix-quarantined-files.txt 2009-03-31 19:03:15
Pre-Run: 56,849,731,584 bytes free
Post-Run: 57,715,318,784 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
228 --- E O F --- 2009-03-31 17:41:180 -
Can you please try Malwarebytes and SAS again please (In that order):idea:0
-
This is the Malwarebytes scan
ComboFix 09-03-31.01 - Fiona 2009-03-31 19:50:25.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.510.290 [GMT 1:00]
Running from: c:\documents and settings\Fiona\Desktop\QWERTY.exe.exe
AV: BitDefender Antivirus *On-access scanning disabled* (Updated)
FW: BitDefender Firewall *disabled*
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Setti
c:\program files\FunWebProducts
c:\program files\FunWebProducts\Shared\00068995.dat
c:\program files\Instant Messenger Names
c:\windows\system32\drivers\UACfrqfoewm.sys
c:\windows\system32\lowsec
c:\windows\system32\lowsec\local.ds
c:\windows\system32\lowsec\user.ds
c:\windows\system32\lowsec\user.ds.lll
c:\windows\system32\sdra64.exe
c:\windows\system32\UACdkhusint.dll
c:\windows\system32\UACijptsrsp.log
c:\windows\system32\uacinit.dll
c:\windows\system32\UACixthwmne.dat
c:\windows\system32\UACpbfwyyge.dll
c:\windows\system32\UACqelrvjyv.dll
c:\windows\system32\UACvextauro.dll
c:\windows\system32\UACvxdkbyrw.dll
c:\windows\system32\UACyfvkmlup.log
c:\windows\system32\UACyqxovubu.log
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
\Service_UACd.sys
((((((((((((((((((((((((( Files Created from 2009-02-28 to 2009-03-31 )))))))))))))))))))))))))))))))
.
2009-03-31 18:38 . 2009-03-31 18:38 <DIR> d
c:\program files\SUPERAntiSpyware
2009-03-31 18:38 . 2009-03-31 18:38 <DIR> d
c:\documents and settings\Fiona\Application Data\SUPERAntiSpyware.com
2009-03-31 18:37 . 2009-03-31 18:37 <DIR> d
c:\program files\Common Files\Wise Installation Wizard
2009-03-31 17:34 . 2009-03-31 17:34 <DIR> d
c:\program files\Malwarebytes' Anti-Malware
2009-03-31 17:34 . 2009-03-31 17:34 <DIR> d
c:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-31 17:34 . 2009-03-26 16:49 38,496 --a
c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-31 17:34 . 2009-03-26 16:49 15,504 --a
c:\windows\system32\drivers\mbam.sys
2009-03-31 15:33 . 2009-03-31 15:33 <DIR> d
c:\program files\Trend Micro
2009-03-30 13:38 . 2009-03-30 13:38 <DIR> d
c:\program files\Common Files\Adobe AIR
2009-03-25 18:48 . 2009-03-28 21:42 753 --a
c:\windows\system32\BDUpdateV1.xml
2009-03-24 21:45 . 2009-03-24 21:45 850 --a
c:\windows\system32\ProductTweaks.xml
2009-03-24 21:45 . 2009-03-24 21:45 385 --a
c:\windows\system32\user_gensett.xml
2009-03-24 21:42 . 2009-03-24 21:42 <DIR> d
c:\documents and settings\Fiona\Application Data\BitDefender
2009-03-24 21:42 . 2009-03-24 21:44 <DIR> d
c:\documents and settings\All Users\Application Data\BitDefender
2009-02-15 15:45 . 2009-02-15 15:45 <DIR> d
c:\program files\U211DVD1
2009-02-03 18:03 . 2009-02-03 18:03 104,328 --a
c:\windows\system32\drivers\bdfndisf.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-31 17:47
d
w c:\documents and settings\Fiona\Application Data\StarOffice8
2009-03-31 17:44 81,984 ----a-w c:\windows\system32\bdod.bin
2009-03-30 12:37
d
w c:\program files\Common Files\Adobe
2009-03-27 20:07
d
w c:\documents and settings\Fiona\Application Data\Skype
2009-03-25 22:15
d
w c:\program files\Common Files\Blizzard Entertainment
2009-03-24 20:42
d
w c:\program files\Common Files\BitDefender
2009-03-24 20:42
d
w c:\program files\BitDefender
2009-03-16 12:32 6,736 --sha-w c:\windows\system32\KGyGaAvL.sys
2009-02-09 10:19 1,846,272 ----a-w c:\windows\system32\win32k.sys
2009-02-09 10:19 1,846,272
w c:\windows\system32\dllcache\win32k.sys
2009-01-16 21:35 3,594,752 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-12-19 09:10 70,656
w c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 09:10 13,824
w c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 05:25 634,024
w c:\windows\system32\dllcache\iexplore.exe
2008-12-19 05:23 161,792
w c:\windows\system32\dllcache\ieakui.dll
2008-12-12 11:18 87,336 ----a-w c:\windows\system32\dns-sd.exe
2008-12-12 11:11 61,440 ----a-w c:\windows\system32\dnssd.dll
2008-12-11 11:57 333,184
w c:\windows\system32\dllcache\srv.sys
2008-12-05 07:12 144,896 ----a-w c:\windows\system32\schannel.dll
2008-12-05 07:12 144,896
w c:\windows\system32\dllcache\schannel.dll
2006-08-13 13:17 88 --sh--r c:\windows\system32\F3A8F1F704.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-05 94208]
"Corel Photo Downloader"="c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe" [2006-02-09 106496]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2007-05-17 180269]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-11-07 111936]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"BDAgent"="c:\program files\BitDefender\BitDefender 2009\bdagent.exe" [2009-01-09 741376]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2009\IEShow.exe" [2008-10-17 69632]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
c:\documents and settings\Fiona\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-09-12 384000]
StarOffice 8.lnk - c:\program files\Sun\StarOffice 8\program\quickstart.exe [2006-01-25 122880]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"!!5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 12:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AOL 9.0 Tray Icon.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\AOL 9.0 Tray Icon.lnk
backup=c:\windows\pss\AOL 9.0 Tray Icon.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^broadband medic.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\broadband medic.lnk
backup=c:\windows\pss\broadband medic.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Google Updater.lnk
backup=c:\windows\pss\Google Updater.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
-ra
2007-01-10 12:06 71216 c:\program files\Common Files\AOL\ACS\AOLDial.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
--a
2006-02-09 23:34 106496 c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
--a
2005-04-05 19:19 77824 c:\windows\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a
2008-11-20 14:20 290088 c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
--a
2003-12-30 10:40 380928 c:\progra~1\ntl\BROADB~1\SMARTB~1\MotiveSB.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a
2004-10-13 17:24 1694208 c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a
2007-01-19 12:54 5674352 c:\program files\MSN Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
--a
2005-04-05 19:23 114688 c:\windows\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
--a
2007-06-16 00:15 366400 c:\program files\Picasa2\PicasaMediaDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a
2008-11-04 11:30 413696 c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\REGSHAVE]
2002-02-04 22:32 53248 c:\program files\REGSHAVE\REGSHAVE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
--a
2007-05-11 13:20 23395880 c:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a
2005-11-10 14:03 36975 c:\program files\Java\jre1.5.0_06\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a
2007-05-17 18:17 180269 c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\AOL 9.0\\waol.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys [2008-10-06 82696]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [2008-09-18 111112]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [2009-02-03 104328]
S3 Arrakis3;BitDefender Arrakis Server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
.
Contents of the 'Scheduled Tasks' folder
2009-03-31 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
2009-03-26 c:\windows\Tasks\Back Up.job
- c:\program files\BitDefender\BitDefender Backup\backup.exe []
2009-03-26 c:\windows\Tasks\Backup Files.job
- c:\program files\BitDefender\BitDefender Backup\backup.exe []
2009-03-31 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 12:20]
2008-06-29 c:\windows\Tasks\SpywareBot Scheduled Scan.job
- c:\program files\SpywareBot\SpywareBot.exe []
2008-06-29 c:\windows\Tasks\SpywareBot Scheduled Scan.job
- c:\program files\SpywareBot []
.
- - - - ORPHANS REMOVED - - - -
MSConfigStartUp-SDTray - c:\program files\Spyware Doctor\SDTrayApp.exe
.
Supplementary Scan
.
uStart Page = hxxp://www.google.co.uk/
uInternet Connection Wizard,ShellNext = hxxp://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchURL,(Default) = hxxp://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - [URL]file://c:\windows\Java\classes\xmldso.cab[/URL]
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-31 19:59:58
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
DLLs Loaded Under Running Processes
- - - - - - - > 'winlogon.exe'(1240)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
Completion time: 2009-03-31 20:03:50
ComboFix-quarantined-files.txt 2009-03-31 19:03:15
Pre-Run: 56,849,731,584 bytes free
Post-Run: 57,715,318,784 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
228 --- E O F --- 2009-03-31 17:41:180 -
Do I need to do anything with this scan?0
-
erm
thats the COMBOFIX scan
Goto MALWAREBYTES, and LOGS and post the log:idea:0 -
erm
thats the COMBOFIX scan
Goto MALWAREBYTES, and LOGS and post the log
31/03/2009 21:55:35
mbam-log-2009-03-31 (21-55-35).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 144195
Time elapsed: 59 minute(s), 8 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 21
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 3
Files Infected: 22
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a84e835e-1b9c-4fc0-980f-4b2da3c6a2a7} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bf0a1ff4-bbaf-487f-bc85-a24ef8f443a8} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!2d2bee6e-3c9a-4d58-b9ec-458edb28d0f6} (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a84e835e-1b9c-4fc0-980f-4b2da3c6a2a7} (Adware.Comet) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\!!56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\!!56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
C:\Documents and Settings\Fiona\Application Data\SpywareBot (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Fiona\Application Data\SpywareBot\Log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Fiona\Application Data\SpywareBot\Settings (Rogue.SpywareBot) -> Quarantined and deleted successfully.
Files Infected:
C:\Qoobox\Quarantine\C\WINDOWS\system32\UACdkhusint.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\UACpbfwyyge.dll.vir (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\UACqelrvjyv.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\UACvextauro.dll.vir (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\UACvxdkbyrw.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP744\A0143309.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP744\A0143310.dll (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP744\A0143311.dll (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP744\A0143313.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP744\A0143312.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Fiona\Application Data\SpywareBot\Log\log_2007_06_07_13_56_39.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Fiona\Application Data\SpywareBot\Log\log_2007_06_07_13_56_40.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Fiona\Application Data\SpywareBot\Log\log_2007_06_07_13_56_45.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Fiona\Application Data\SpywareBot\Log\log_2007_06_07_14_05_55.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Fiona\Application Data\SpywareBot\Log\log_2007_06_07_14_05_56.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Fiona\Application Data\SpywareBot\Log\log_2007_06_07_14_06_02.log (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Fiona\Application Data\SpywareBot\Settings\CustomScan.stg (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Fiona\Application Data\SpywareBot\Settings\IgnoreList.stg (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Fiona\Application Data\SpywareBot\Settings\ScanInfo.stg (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Fiona\Application Data\SpywareBot\Settings\ScanResults.stg (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Fiona\Application Data\SpywareBot\Settings\SelectedFolders.stg (Rogue.SpywareBot) -> Quarantined and deleted successfully.
C:\Documents and Settings\Fiona\Application Data\SpywareBot\Settings\Settings.stg (Rogue.SpywareBot) -> Quarantined and deleted successfully.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 353.6K Banking & Borrowing
- 254.2K Reduce Debt & Boost Income
- 455.1K Spending & Discounts
- 246.7K Work, Benefits & Business
- 603K Mortgages, Homes & Bills
- 178.1K Life & Family
- 260.7K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards