Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: [1]   Go Down

Author Topic: Cant open programs, google redirect  (Read 4285 times)

0 Members and 1 Guest are viewing this topic.

xpuser232

    Topic Starter


    Newbie

    Cant open programs, google redirect
    « on: August 31, 2009, 10:41:12 AM »
    This infection that i got wasnt allowing me to run and programs, even when i rename start in safe mode or whatever, i was still unable until i ran RSIT.exe, a program that runs hijack this.


    Logfile of random's system information tool 1.06 (written by random/random)
    Run by SAMANTHA at 2009-08-31 10:00:53
    Microsoft Windows XP Professional Service Pack 3
    System drive C: has 62 GB (81%) free of 76 GB
    Total RAM: 503 MB (46% free)


    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1783658810-3162524044-2841929495-1136Core.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1783658810-3162524044-2841929495-1136UA.job
    C:\WINDOWS\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
    C:\WINDOWS\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\Program Files\chocolatecake\SDHelper.dll [2009-01-26 1879896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}]
    ALOT Toolbar - C:\Program Files\alot\bin\alot.dll [2008-09-25 739624]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
    Ask Toolbar BHO - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [2008-05-28 262144]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - Ask Toolbar - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [2008-05-28 262144]
    {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - ALOT Toolbar - C:\Program Files\alot\bin\alot.dll [2008-09-25 739624]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Synchronization Manager"=C:\WINDOWS\system32\mobsync.exe [2004-08-04 143360]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2007-07-10 270648]
    "QuickFinder Scheduler"=C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE [2007-01-03 83568]
    "ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856]
    "ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
    "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
    "OneCareUI"=C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe [2009-07-09 65240]
    "avast!"=C:\PROGRA~1\ALWILS~1\APPREC~1\ashDisp.exe [2009-08-17 81000]
    "MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2004-08-04 158208]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-08-03 419088]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
    "cdloader"=C:\Documents and Settings\samantha\Application Data\mjusbsp\cdloader2.exe [2008-08-22 50520]
    "Google Update"=C:\Documents and Settings\samantha\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-10 133104]
    "Wakoopa"=C:\Program Files\Wakoopa\Wakoopa.exe [2009-03-25 573440]
    "uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2009-08-28 288560]
    "SpybotSD TeaTimer"=C:\Program Files\chocolatecake\TeaTimer.exe [2009-01-26 2144088]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\408809432]
    C:\PROGRA~1\eGames\CRAZYB~1\Register\EGAMES~1.EXE /r C:\PROGRA~1\eGames\CRAZYB~1\Register\EGAMES~1.rpd []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
    C:\WINDOWS\ALCMTR.EXE [2005-04-12 65536]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CID_LNCH]
    C:\WINDOWS\system32\CID6LNCH.EXE [2005-06-22 45056]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
    C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
    C:\WINDOWS\system32\hkcmd.exe [2005-02-08 126976]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
    C:\WINDOWS\system32\igfxtray.exe [2005-02-08 155648]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monopod]
    C:\DOCUME~1\samantha\LOCALS~1\Temp\a.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor]
    C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe /m=0 []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
    C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Plugin]
    rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\qttask.exe [2007-06-29 286720]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
    C:\WINDOWS\RTHDCPL.EXE [2005-04-13 14156800]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Synchronization Manager]
    C:\WINDOWS\system32\mobsync.exe [2004-08-04 143360]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
    C:\Program Files\Unlocker\fluffy.exe [2008-05-02 15872]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
    C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\WINDOWS\system32\igfxsrvc.dll [2005-02-08 348160]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2008-09-06 241704]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c004EFB6]
    C:\WINDOWS\system32\__c004EFB6.dat []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\OneCareMP]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "HonorAutoRunSetting"=
    "NoWelcomeScreen"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "D:\qcSoft.exe"="D:\qcSoft.exe:*:Enabled:QC Testing Software"
    "C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Disabled:LimeWire swarmed installer"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\ComUse\skex\nsdfr.exe"="C:\Program Files\ComUse\skex\nsdfr.exe:*:Enabled:FAX Utility"
    "C:\Documents and Settings\samantha\Application Data\mjusbsp\magicJack.exe"="C:\Documents and Settings\samantha\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\IceChat7\IceChat7.exe"="C:\Program Files\IceChat7\IceChat7.exe:*:Enabled:Internet Relay Chat Client"
    "C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
    "C:\Program Files\ProxyWay\proxyway.exe"="C:\Program Files\ProxyWay\proxyway.exe:*:Enabled:ProxyWay"
    "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
    shell\AutoRun\command - E:\LaunchU3.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{006a51fe-8748-11de-a49d-001320244981}]
    shell\Auto\command - E:\PegeFile.pif
    shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL PegeFile.pif

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f4dd68a0-b823-11dd-84ab-001320244981}]
    shell\AutoRun\command - E:\autorun.exe
    shell\phone\command - E:\autorun.exe


    ======List of files/folders created in the last 1 months======

    2009-08-31 10:00:30 ----D---- C:\rsit
    2009-08-31 09:40:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-08-28 15:56:56 ----A---- C:\Eula.txt
    2009-08-28 15:56:56 ----A---- C:\autorunsc.exe
    2009-08-28 15:56:56 ----A---- C:\autoruns.exe
    2009-08-28 15:42:21 ----D---- C:\Program Files\Panda Security
    2009-08-28 15:25:57 ----A---- C:\HijackThis.exe
    2009-08-28 15:20:27 ----D---- C:\Program Files\chocolatecake
    2009-08-28 14:48:42 ----D---- C:\Documents and Settings\samantha\Application Data\AVG8
    2009-08-28 14:46:48 ----N---- C:\WINDOWS\system32\4.tmp
    2009-08-28 14:46:40 ----N---- C:\WINDOWS\system32\3.tmp
    2009-08-28 14:45:15 ----A---- C:\WINDOWS\system32\aswBoot.exe
    2009-08-28 13:57:32 ----D---- C:\Program Files\Microsoft Windows OneCare Live
    2009-08-28 13:55:57 ----D---- C:\Program Files\Common Files\Symantec Shared
    2009-08-28 13:53:01 ----D---- C:\Program Files\Norton Security Scan
    2009-08-28 13:53:01 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
    2009-08-28 13:53:01 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
    2009-08-28 13:52:55 ----D---- C:\Program Files\NortonInstaller
    2009-08-28 13:52:55 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
    2009-08-28 12:57:57 ----D---- C:\Program Files\ESET
    2009-08-28 12:30:21 ----D---- C:\WINDOWS\BDOSCAN8
    2009-08-28 12:01:46 ----D---- C:\Documents and Settings\All Users\Application Data\F-Secure
    2009-08-28 11:53:38 ----A---- C:\Bug.txt
    2009-08-28 11:53:34 ----A---- C:\WINDOWS\system32\cmd.execf
    2009-08-28 11:49:46 ----HD---- C:\WINDOWS\PIF
    2009-08-28 10:58:34 ----D---- C:\Program Files\Sophos
    2009-08-28 09:44:10 ----A---- C:\WINDOWS\ntbtlog.txt
    2009-08-28 09:40:26 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
    2009-08-28 09:34:24 ----D---- C:\Program Files\uTorrent
    2009-08-28 09:34:21 ----D---- C:\Documents and Settings\samantha\Application Data\uTorrent
    2009-08-28 09:27:03 ----A---- C:\WINDOWS\imsins.BAK
    2009-08-28 09:26:45 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
    2009-08-27 17:07:12 ----D---- C:\Program Files\Alwil Software
    2009-08-27 17:00:02 ----D---- C:\Program Files\SpywareBlaster
    2009-08-27 16:54:22 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2009-08-27 16:53:06 ----D---- C:\Program Files\SUPERAntiSpyware
    2009-08-27 16:53:06 ----D---- C:\Documents and Settings\samantha\Application Data\SUPERAntiSpyware.com
    2009-08-27 16:52:56 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
    2009-08-27 16:50:44 ----SD---- C:\Combo-Fix
    2009-08-27 16:50:40 ----A---- C:\WINDOWS\system32\CF3374.exe
    2009-08-27 16:34:15 ----D---- C:\Program Files\stopzilla
    2009-08-27 16:19:32 ----D---- C:\Program Files\CCleaner
    2009-08-27 16:13:43 ----A---- C:\RootRepeal report 08-27-09 (16-13-43).txt
    2009-08-27 16:12:09 ----D---- C:\Documents and Settings\samantha\Application Data\WinRAR
    2009-08-27 16:12:03 ----D---- C:\Program Files\WinRAR
    2009-08-27 16:03:46 ----D---- C:\Documents and Settings\samantha\Application Data\Malwarebytes
    2009-08-27 15:58:35 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-08-27 13:34:42 ----A---- C:\WINDOWS\system32\UACkukiuhdwdq.dll
    2009-08-27 13:34:36 ----A---- C:\WINDOWS\system32\uacinit.dll
    2009-08-27 13:33:20 ----A---- C:\WINDOWS\msa.exe
    2009-08-27 13:33:19 ----A---- C:\WINDOWS\system32\UACkaataelnrh.dll
    2009-08-27 09:15:30 ----D---- C:\WINDOWS\system32\XPSViewer
    2009-08-27 09:15:26 ----D---- C:\Program Files\MSBuild
    2009-08-27 09:15:19 ----D---- C:\Program Files\Reference Assemblies
    2009-08-27 09:14:35 ----N---- C:\WINDOWS\system32\xpssvcs.dll
    2009-08-27 09:14:35 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
    2009-08-27 09:14:35 ----N---- C:\WINDOWS\system32\prntvpt.dll
    2009-08-27 09:14:34 ----D---- C:\6e6d007417662a5d9b2246f7daecb3
    2009-08-27 09:08:46 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
    2009-08-24 12:34:02 ----D---- C:\Program Files\Wakoopa
    2009-08-13 16:56:21 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
    2009-08-13 16:56:14 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
    2009-08-13 16:56:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
    2009-08-13 16:56:00 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
    2009-08-13 16:55:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
    2009-08-13 16:55:45 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
    2009-08-13 16:55:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
    2009-08-13 16:54:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
    2009-08-11 14:56:02 ----D---- C:\WINDOWS\.jagex_cache_32
    2009-08-07 09:34:33 ----D---- C:\WINDOWS\system32\Adobe
    2009-08-07 09:25:04 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-08-07 09:25:04 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-08-07 09:25:04 ----A---- C:\WINDOWS\system32\java.exe

    ======List of files/folders modified in the last 1 months======

    2009-08-31 10:00:54 ----D---- C:\Program Files\Trend Micro
    2009-08-31 09:56:26 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-08-31 09:40:15 ----D---- C:\WINDOWS\system32\drivers
    2009-08-31 09:40:14 ----RD---- C:\Program Files
    2009-08-31 09:27:16 ----D---- C:\WINDOWS
    2009-08-31 09:21:34 ----D---- C:\Program Files\Mozilla Firefox
    2009-08-31 09:15:54 ----SHD---- C:\WINDOWS\CSC
    2009-08-31 09:09:02 ----D---- C:\WINDOWS\security
    2009-08-31 09:04:07 ----D---- C:\WINDOWS\temp
    2009-08-31 09:02:37 ----D---- C:\WINDOWS\system32\config
    2009-08-31 09:02:34 ----DC---- C:\WINDOWS\system32\dllcache
    2009-08-28 16:50:31 ----HD---- C:\WINDOWS\inf
    2009-08-28 16:38:03 ----A---- C:\WINDOWS\system.ini
    2009-08-28 15:33:33 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2009-08-28 15:22:02 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-08-28 15:08:33 ----RASH---- C:\boot.ini
    2009-08-28 15:08:33 ----A---- C:\WINDOWS\win.ini
    2009-08-28 14:52:17 ----D---- C:\WINDOWS\system32
    2009-08-28 14:30:05 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
    2009-08-28 14:15:14 ----D---- C:\WINDOWS\Minidump
    2009-08-28 14:07:38 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2009-08-28 14:05:43 ----SD---- C:\WINDOWS\system32\Microsoft
    2009-08-28 14:01:58 ----SHD---- C:\WINDOWS\Installer
    2009-08-28 14:01:52 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-08-28 13:55:57 ----D---- C:\Program Files\Common Files
    2009-08-28 13:44:28 ----D---- C:\WINDOWS\Microsoft.NET
    2009-08-28 13:26:40 ----RSD---- C:\WINDOWS\assembly
    2009-08-28 12:30:24 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-08-28 11:50:32 ----D---- C:\Program Files\hijackthis
    2009-08-28 11:22:51 ----D---- C:\Program Files\Unlocker
    2009-08-28 09:43:06 ----D---- C:\Program Files\Spybot - Search & Destroy
    2009-08-27 17:00:05 ----SD---- C:\WINDOWS\Tasks
    2009-08-27 16:21:44 ----D---- C:\WINDOWS\Debug
    2009-08-27 13:34:38 ----SD---- C:\Documents and Settings\samantha\Application Data\Microsoft
    2009-08-27 13:34:22 ----D---- C:\WINDOWS\system32\xircom
    2009-08-27 13:34:22 ----D---- C:\WINDOWS\system32\wins
    2009-08-27 13:34:22 ----D---- C:\WINDOWS\system32\ShellExt
    2009-08-27 13:34:22 ----D---- C:\WINDOWS\system32\scripting
    2009-08-27 13:34:21 ----D---- C:\WINDOWS\system32\inetsrv
    2009-08-27 13:34:21 ----D---- C:\WINDOWS\system32\export
    2009-08-27 13:34:21 ----D---- C:\WINDOWS\system32\en
    2009-08-27 13:34:19 ----D---- C:\WINDOWS\system32\dhcp
    2009-08-27 13:34:18 ----D---- C:\WINDOWS\system32\bits
    2009-08-27 13:34:17 ----D---- C:\WINDOWS\system32\3com_dmi
    2009-08-27 13:34:17 ----D---- C:\WINDOWS\system32\3076
    2009-08-27 13:34:17 ----D---- C:\WINDOWS\system32\2052
    2009-08-27 13:34:17 ----D---- C:\WINDOWS\system32\1054
    2009-08-27 13:34:17 ----D---- C:\WINDOWS\system32\1042
    2009-08-27 13:34
    Logged

    harry 48



      Egghead

    • lay back , relax and chill out
      • Thanked: 129
      • Yes
      • Yes
      • Yes
      • Dribbling Pensioner
    • Certifications: List
    • Experience: Familiar
    • OS: Windows 7
    Re: Cant open programs, google redirect
    « Reply #1 on: August 31, 2009, 01:39:00 PM »
     you should only have one anti-virus in your pc


    http://www.computerhope.com/forum/index.php/topic,46313.0.html


    go to above and complete post the other 2 logs here
    Logged

    Karnac



      Specialist

      Thanked: 211
      Re: Cant open programs, google redirect
      « Reply #2 on: August 31, 2009, 04:26:47 PM »
      If you are still unable to run HJT, take your log and enter it into the process tool.....It will still analyze the log....It will show you the entries you may be able to remove manually to restore your computers function, then you may be able to run the other antispyware programs and cleanup.......If you can run a fresh HJT  scan enter the log into the process tool and follow the directions for cleaning.

      Go here for self help

      http://www.computerhope.com/forum/index.php/topic,81761.0.html

      Logged


      Never argue with a stupid person, they'll drag you down to their level and beat you with experience.

      harry 48



        Egghead

      • lay back , relax and chill out
        • Thanked: 129
        • Yes
        • Yes
        • Yes
        • Dribbling Pensioner
      • Certifications: List
      • Experience: Familiar
      • OS: Windows 7
      Re: Cant open programs, google redirect
      « Reply #3 on: August 31, 2009, 05:06:31 PM »
      your hjt log shows a lot of malware etc; and things that should be removed as karnac said , complete my last post as well
      Logged

      xpuser232

        Topic Starter


        Newbie

        Re: Cant open programs, google redirect
        « Reply #4 on: September 01, 2009, 08:04:53 AM »
        the problem is, i cant run any of those programs, even if i rename them and even if i boot into safe mode. The furthest i've been is a scan for a few seconds and it shuts, turning the what used to be a exe files into an ink file.
        Logged

        onion



          Rookie

          Re: Cant open programs, google redirect
          « Reply #5 on: September 02, 2009, 04:28:40 PM »
          Im not an expert, but this is a hard to fix problem that i had some success with.

          What i had to do is make a new user account (control panel>users>make a new account)   go on that account and run M-bam/HJT and fix everything, after that you should be able to run .exe files on your main account. GL
          Logged
          Pages: [1]   Go Up
          « previous next »