Ridding Malware for super slow computer

Discussion in 'Malware Help (A Specialist Will Reply)' started by bwierzbicki, Feb 24, 2013.

  1. bwierzbicki

    bwierzbicki Private E-2

    Hello to the fine folks at MG
    I've been going through the process of malware removal and am now uploading my logs looking for some advice.
    Things were detected in a MBam, Rogue Killer and Hitman Pro
     

    Attached Files:

    bwierzbicki, Feb 24, 2013
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    If you do not use Windows Messenger Run this Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

    http://img805.imageshack.us/img805/9659/rktigzy.gif Fix items using RogueKiller.

    Double-click RogueKiller.exe to run. (Vista/7 right-click and select Run as Administrator)
    When it opens, press the Scan button
    Now click the Registry tab and locate these 3 detections:
    • [RUN][SUSP PATH] HKUS\.DEFAULT[...]\Run : Elemocalolacihi (rundll32.exe "C:\WINDOWS\dselobox.dll",Startup) [x] -> FOUND
    • [RUN][SUSP PATH] HKUS\S-1-5-18[...]\Run : Elemocalolacihi (rundll32.exe "C:\WINDOWS\dselobox.dll",Startup) [x] -> FOUND
    • [Services][ROGUE ST] HKLM\[...]\ControlSet001\Services\77318676 (C:\WINDOWS\system32\drivers\18008631.sys) -> FOUND

    Place a checkmark each of these items, leave the others unchecked.
    Now press the Delete button.
    When it is finished, there will be a log on your desktop called: RKreport[2].txt
    Attach RKreport[2].txt to your next message. (How to attach)
    Reboot the machine.


    Delete these:
    C:\Documents and Settings\Michelle\Local Settings\Application Data\yyxgialyi
    C:\WINDOWS\dselobox.dll
    C:\WINDOWS\system32\drivers\18008631.sys

    Follow the instructions in the below link from step 7, (do not rerun roguekiller though apart from dising shortcuts)

    STEP 7 : Restore your shortcuts and remove any left over malicious registry keys

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it. (Right click and run as admin if using Vista or Windows7) Then attach the new C:\MGlogs.zip file that will be created by running this.

    Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now!
     
    Kestrel13!, Feb 25, 2013
    #2
  3. bwierzbicki

    bwierzbicki Private E-2

    I ran Rogue Killer and accidentally hit delete and it deleted more items than the 3 you recommended. I missed the checkboxes and thought I needed to highlight then hit delete, and when i did, they all got deleted.

    Nothing was found in Malwarebytes or HitMan Pro.
    I didn't go all the way with the SMART drive thing because my icons weren't missing and mydesktop wasn't affected. I think I"m ok now

    Thanks for all the help
     

    Attached Files:

    bwierzbicki, Feb 26, 2013
    #3
  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    All these still need copying back to their original folders.

    Code:
    The C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp folder exists                                                                              
Show all files in C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp                 
                                                                          
d-----w                 0 2013-02-25 00:13:57  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1
d-----w                 0 2013-02-25 00:13:57  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\2
d-----w                 0 2011-06-23 23:27:03  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\4
----a-w             1,020 2010-09-03 22:53:18  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\HP Solution Center.lnk
d-----w                 0 2013-02-25 00:13:57  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs
----a-w             1,607 2008-04-25 21:29:41  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Set Program Access and Defaults.LNK
----a-w               398 2008-04-25 21:29:41  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Windows Catalog.LNK
----a-w             1,507 2008-04-25 21:29:41  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Windows Update.LNK
d-----w                 0 2013-02-25 00:13:57  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories
----a-w               742 2008-10-28 23:19:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Acrobat.com.lnk
d-----w                 0 2013-02-25 00:13:57  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Administrative Tools
----a-w             2,347 2011-06-03 14:37:15  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Adobe Reader 9.lnk
d-----w                 0 2011-06-23 23:26:58  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Assurant Health
d-----w                 0 2011-06-23 23:26:58  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Broadcom
d-----w                 0 2011-06-23 23:26:58  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Catalyst Control Center
d-----w                 0 2013-02-25 00:13:57  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\CCleaner
----a-w             1,812 2010-10-01 17:36:21  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Cisco Connect.lnk
d-----w                 0 2011-06-23 23:26:58  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Dell QuickSet
d-----w                 0 2011-06-23 23:26:58  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Dell Support Center
d-----w                 0 2011-06-23 23:26:59  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Dell Wireless
d-----w                 0 2013-02-25 00:13:57  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Games
d-----w                 0 2011-06-23 23:26:59  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Golden Rule Products
d-----w                 0 2011-06-23 23:26:59  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Google Desktop
d-----w                 0 2011-06-23 23:27:00  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP
d-----w                 0 2011-06-23 23:27:00  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\I.R.I.S.  Applications
----a-w               731 2010-08-28 00:20:34  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\I.R.I.S. OCR Registration.lnk
----a-w               721 2010-12-16 17:47:19  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\LogMeIn.lnk
d-----w                 0 2011-06-23 23:27:01  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Keyboard
d-----w                 0 2011-06-23 23:27:01  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Mouse
d-----w                 0 2011-06-23 23:27:01  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office
d-----w                 0 2011-06-23 23:27:01  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Modem Diagnostic Tool
d-----w                 0 2011-06-23 23:27:01  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Mozilla Firefox
----a-w             1,986 2008-04-25 21:26:49  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\MSN.LNK
d-----w                 0 2011-06-23 23:27:01  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\NetWaiting
d-----w                 0 2011-06-23 23:27:02  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Norton Security Scan
----a-w             1,719 2008-10-28 23:19:35  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\PowerDVD DX.lnk
d-----w                 0 2011-06-23 23:27:02  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Registry Mechanic
----a-w             1,900 2011-06-02 16:15:49  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Simplifying LTC.lnk
d-----w                 0 2013-02-25 00:13:57  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Startup
d-----w                 0 2011-06-23 23:27:02  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Trend Micro Internet Security
----a-w               609 2008-04-25 21:27:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Windows Messenger.LNK
----a-w               786 2008-04-25 21:28:12  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Windows Movie Maker.LNK
d-----w                 0 2013-02-25 00:13:57  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\Accessibility
----a-w             1,498 2008-04-25 21:27:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\Calculator.LNK
d-----w                 0 2013-02-25 00:13:57  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\Communications
d-----w                 0 2013-02-25 00:13:57  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\Entertainment
----a-w             1,515 2008-04-25 21:27:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\Paint.LNK
----a-w             1,585 2008-04-25 21:27:41  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\Remote Desktop Connection.LNK
----a-w               712 2010-08-30 14:09:47  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\Scanner and Camera Wizard.lnk
d-----w                 0 2013-02-25 00:13:57  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\System Tools
----a-w               879 2008-04-25 21:27:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\WordPad.LNK
----a-w             1,520 2008-04-25 21:27:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\Accessibility\Accessibility Wizard.LNK
d-----w                 0 2013-02-25 00:13:57  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\Communications\Fax
----a-w               786 2008-04-25 21:27:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\Communications\HyperTerminal.LNK
----a-w             1,757 2008-04-25 21:25:58  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\Communications\Network Connections.LNK
----a-w             1,640 2008-04-25 21:28:01  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\Communications\Network Setup Wizard.LNK
----a-w             1,646 2008-04-25 21:25:58  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\Communications\New Connection Wizard.LNK
----a-w             1,700 2008-04-25 21:29:41  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\Communications\Wireless Network Setup Wizard.LNK
----a-w             1,605 2008-04-25 21:26:46  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\Communications\Fax\Fax Console.LNK
----a-w             1,710 2008-04-25 21:26:46  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\Communications\Fax\Fax Cover Page Editor.LNK
----a-w             1,593 2008-04-25 21:26:46  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\Communications\Fax\Send a Fax....LNK
----a-w             1,528 2008-04-25 21:27:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\Entertainment\Sound Recorder.LNK
----a-w             1,528 2008-04-25 21:27:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\Entertainment\Volume Control.LNK
----a-w             1,534 2008-12-05 21:53:39  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\System Tools\Backup.LNK
----a-w             1,521 2008-04-25 21:27:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\System Tools\Character Map.LNK
----a-w             1,532 2008-04-25 21:28:08  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\System Tools\Disk Cleanup.LNK
----a-w             1,572 2008-04-25 21:28:05  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\System Tools\Disk Defragmenter.LNK
----a-w             1,591 2008-04-25 21:29:41  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\System Tools\Files and Settings Transfer Wizard.LNK
----a-w             1,753 2008-04-25 21:28:08  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\System Tools\Scheduled Tasks.LNK
----a-w             1,583 2008-04-25 21:29:41  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\System Tools\Security Center.LNK
----a-w             1,070 2008-04-25 21:28:05  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\System Tools\System Information.LNK
----a-w             1,616 2008-04-25 21:28:07  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Accessories\System Tools\System Restore.LNK
----a-w             1,582 2008-04-25 21:26:58  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Administrative Tools\Component Services.LNK
----a-w             1,602 2008-04-25 21:29:41  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Administrative Tools\Computer Management.LNK
----a-w             1,596 2008-04-25 21:29:41  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Administrative Tools\Data Sources (ODBC).LNK
----a-w             1,594 2009-09-23 20:47:58  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Administrative Tools\Event Viewer.LNK
----a-w             1,590 2008-04-25 21:29:41  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Administrative Tools\Local Security Policy.LNK
----a-w             1,107 2008-04-25 21:34:51  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Configuration.LNK
----a-w             1,158 2008-04-25 21:34:51  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Wizards.LNK
----a-w             1,591 2008-04-25 21:29:41  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Administrative Tools\Performance.LNK
----a-w             1,604 2010-07-19 03:27:33  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Administrative Tools\Services.LNK
----a-w               883 2010-07-22 22:27:40  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Assurant Health\Individual Medical v3.6-TIC.lnk
----a-w               984 2010-07-22 22:27:40  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Assurant Health\install.rtf.lnk
----a-w             1,703 2008-10-28 23:14:39  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Broadcom\Broadcom Advanced Control Suite 2.lnk
d-----w                 0 2011-06-23 23:26:58  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Catalyst Control Center\Advanced
----a-w             1,839 2008-10-28 23:15:21  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Catalyst Control Center\Catalyst Control Center.lnk
----a-w             1,899 2008-10-28 23:15:21  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Catalyst Control Center\Help.lnk
----a-w             1,859 2008-10-28 23:15:21  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Catalyst Control Center\Advanced\Catalyst Control Center - Advanced.lnk
----a-w             1,889 2008-10-28 23:15:21  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Catalyst Control Center\Advanced\Catalyst Control Center - Basic.lnk
----a-w             1,853 2008-10-28 23:15:21  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Catalyst Control Center\Advanced\Restart Runtime.lnk
----a-w               696 2010-11-10 21:43:27  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\CCleaner\CCleaner.lnk
----a-w               507 2010-11-10 21:43:27  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\CCleaner\Uninstall CCleaner.lnk
----a-w               527 2008-10-28 23:14:46  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Dell QuickSet\QuickSet.lnk
----a-w             2,156 2008-10-28 23:18:26  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Dell Support Center\About Dell Support Center.lnk
----a-w             2,050 2008-10-28 23:18:26  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Dell Support Center\Dell Support Center Alerts.lnk
----a-w             2,066 2008-10-28 23:18:26  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Dell Support Center\Dell Support Center User Settings.lnk
----a-w             1,956 2008-10-28 23:18:26  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Dell Support Center\Dell Support Center.lnk
----a-w             1,728 2010-07-19 01:41:06  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Dell Wireless\Dell Wireless WLAN Card Readme.lnk
----a-w             1,692 2010-07-19 01:41:06  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Dell Wireless\Dell Wireless WLAN Card Utility.lnk
----a-w             1,522 2008-04-25 21:27:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Games\Freecell.LNK
----a-w             1,520 2008-04-25 21:27:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Games\Hearts.LNK
----a-w               915 2008-10-29 05:07:52  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Games\Internet Backgammon.LNK
----a-w               915 2008-10-29 05:07:52  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Games\Internet Checkers.LNK
----a-w               915 2008-10-29 05:07:52  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Games\Internet Hearts.LNK
----a-w               915 2008-10-29 05:07:52  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Games\Internet Reversi.LNK
----a-w               915 2008-10-29 05:07:52  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Games\Internet Spades.LNK
----a-w             1,515 2008-04-25 21:27:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Games\Minesweeper.LNK
----a-w               885 2008-04-25 21:27:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Games\Pinball.LNK
----a-w             1,491 2008-04-25 21:27:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Games\Solitaire.LNK
----a-w             1,504 2008-11-21 20:54:37  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Games\Spider Solitaire.LNK
----a-w             1,868 2010-08-23 15:17:52  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Golden Rule Products\Standard FACT 13.4.lnk
----a-w               983 2010-06-30 14:05:41  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Google Desktop\Google Desktop Options.lnk
----a-w               975 2010-06-30 14:05:41  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Google Desktop\Google Desktop Sidebar.lnk
----a-w               957 2010-06-30 14:05:41  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Google Desktop\Google Desktop.lnk
----a-w             1,856 2010-06-30 14:05:41  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Google Desktop\Uninstall Google Desktop.lnk
d-----w                 0 2011-06-23 23:27:00  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\HP Color LaserJet CM1312 MFP Series
----a-w             1,837 2010-08-28 00:19:11  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\HP Document Manager.lnk
d-----w                 0 2011-06-23 23:27:00  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\HP Smart Web Printing
----a-w             1,032 2010-09-03 22:53:18  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\HP Solution Center.lnk
----a-w             1,830 2010-08-28 00:25:45  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\HP Update.lnk
d-----w                 0 2011-06-23 23:27:00  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\Officejet Pro 8500 A909a Series
----a-w             1,730 2010-08-28 00:21:32  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\Shop for HP Supplies.lnk
----a-w               865 2009-09-23 21:28:14  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\HP Color LaserJet CM1312 MFP Series\HP Fax Setup Wizard.lnk
----a-w               770 2009-09-23 21:30:34  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\HP Color LaserJet CM1312 MFP Series\HP ToolboxFX.lnk
----a-w             2,250 2009-09-23 21:29:44  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\HP Color LaserJet CM1312 MFP Series\Optimizing Print Quality (video).lnk
----a-w               800 2009-09-23 21:28:29  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\HP Color LaserJet CM1312 MFP Series\Scan.lnk
----a-w             1,861 2009-09-23 21:30:52  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\HP Color LaserJet CM1312 MFP Series\Send Fax.lnk
----a-w             1,141 2009-09-23 21:29:00  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\HP Color LaserJet CM1312 MFP Series\Uninstall.lnk
----a-w             1,153 2009-09-23 21:29:00  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\HP Color LaserJet CM1312 MFP Series\User Guide.lnk
----a-w             2,098 2010-08-28 00:26:06  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\HP Smart Web Printing\HP Smart Web Printing Help.lnk
----a-w             1,074 2010-08-28 00:27:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\Officejet Pro 8500 A909a Series\Add A Device.lnk
----a-w               703 2010-08-28 00:27:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\Officejet Pro 8500 A909a Series\Help.lnk
----a-w               856 2010-08-28 00:27:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\Officejet Pro 8500 A909a Series\Product Registration.lnk
----a-w             1,118 2010-08-28 00:27:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\Officejet Pro 8500 A909a Series\Product Support Website.lnk
----a-w               845 2010-08-28 00:27:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\Officejet Pro 8500 A909a Series\Readme.lnk
----a-w             1,199 2010-08-28 00:27:20  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\HP\Officejet Pro 8500 A909a Series\Uninstall.lnk
d-----w                 0 2011-06-23 23:27:00  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\I.R.I.S.  Applications\Readiris Pro 11
----a-w               780 2009-09-23 22:07:01  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\I.R.I.S.  Applications\Readiris Pro 11\I.R.I.S. on the Internet.lnk
----a-w               760 2009-09-23 22:07:01  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\I.R.I.S.  Applications\Readiris Pro 11\Reading Asian documents.lnk
----a-w               790 2009-09-23 22:07:01  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\I.R.I.S.  Applications\Readiris Pro 11\Readiris Pro 11.lnk
----a-w               779 2009-09-23 22:07:01  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\I.R.I.S.  Applications\Readiris Pro 11\User's Manual.lnk
----a-w             1,931 2008-11-12 23:51:07  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Keyboard\Check for Updates.lnk
----a-w             1,971 2008-11-12 23:51:07  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Keyboard\Keyboard Healthy Computing Guide.lnk
----a-w             2,075 2008-11-12 23:51:07  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Keyboard\Keyboard Help.lnk
----a-w             1,915 2008-11-12 23:51:07  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Keyboard\Microsoft Keyboard.lnk
----a-w             1,904 2008-11-12 23:52:17  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Mouse\Check for Updates.lnk
----a-w             1,878 2008-11-12 23:52:17  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Mouse\Microsoft Mouse.lnk
----a-w             1,942 2008-11-12 23:52:18  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Mouse\Mouse Healthy Computing Guide.lnk
----a-w             2,028 2008-11-12 23:52:17  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Mouse\Mouse Help.lnk
----a-w             2,044 2008-11-12 22:43:48  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Microsoft Office Excel 2003.lnk
----a-w             2,060 2008-11-12 22:43:48  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Microsoft Office Outlook 2003.lnk
----a-w             2,495 2008-11-21 22:39:50  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Microsoft Office PowerPoint 2003.lnk
d-----w                 0 2011-06-23 23:27:01  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Microsoft Office Tools
----a-w             2,509 2008-11-21 22:39:47  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Microsoft Office Word 2003.lnk
----a-w             2,022 2008-11-12 22:43:48  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Microsoft Office Tools\Digital Certificate for VBA Projects.lnk
----a-w             1,988 2008-11-12 22:43:48  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk
----a-w             1,902 2008-11-12 22:43:48  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2003 Language Settings.lnk
----a-w             1,908 2008-11-12 22:43:48  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2003 Save My Settings Wizard.lnk
----a-w             1,876 2008-11-12 22:43:48  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Application Recovery.lnk
----a-w             2,140 2008-11-12 22:43:48  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Document Imaging.lnk
----a-w             2,142 2008-11-12 22:43:48  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Document Scanning.lnk
----a-w             1,964 2008-11-12 22:43:48  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk
----a-w             2,006 2008-10-28 23:16:30  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Modem Diagnostic Tool\Modem Diagnostic Tool.lnk
----a-w             1,638 2010-07-19 01:15:55  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Mozilla Firefox\Mozilla Firefox (Safe Mode).lnk
----a-w             1,616 2010-07-19 01:15:55  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Mozilla Firefox\Mozilla Firefox.lnk
----a-w             1,606 2008-10-28 23:16:35  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\NetWaiting\NetWaiting.lnk
----a-w             1,177 2011-01-17 22:15:00  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Norton Security Scan\Norton Security Scan.lnk
----a-w             1,150 2011-06-23 21:41:59  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Norton Security Scan\Uninstall Norton Security Scan.lnk
----a-w             1,647 2011-02-02 20:06:33  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Registry Mechanic\Home Page.lnk
----a-w               851 2011-02-02 20:06:32  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Registry Mechanic\Registry Mechanic Quick Start Guide.lnk
----a-w               800 2011-02-02 20:06:32  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Registry Mechanic\Registry Mechanic.lnk
----a-w               755 2011-02-02 20:06:32  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Registry Mechanic\Uninstall Registry Mechanic.lnk
----a-w             1,565 2010-07-16 13:16:44  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Startup\Digital Line Detect.lnk
----a-w             1,810 2010-08-28 00:13:58  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Startup\HP Digital Imaging Monitor.lnk
----a-w               861 2008-11-12 22:59:53  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Trend Micro Internet Security\Trend Micro Internet Security Help.lnk
----a-w               871 2008-11-12 22:59:53  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Trend Micro Internet Security\Trend Micro Internet Security ReadMe.lnk
----a-w               903 2008-11-12 22:59:53  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Trend Micro Internet Security\Trend Micro Internet Security.lnk
----a-w               958 2008-11-12 22:59:53  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Trend Micro Internet Security\Trend Micro Support Diagnostic Toolkit.lnk
----a-w               859 2008-11-12 22:59:53  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\1\Programs\Trend Micro Internet Security\Uninstall Trend Micro Internet Security.lnk
----a-w               817 2010-07-19 13:19:50  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\2\Launch Internet Explorer Browser.lnk
----a-w               794 2008-11-12 22:49:10  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\2\Launch Microsoft Office Outlook.lnk
----a-w             1,622 2010-07-19 01:15:55  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\2\Mozilla Firefox.lnk
----a-w               802 2009-10-30 20:22:23  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\2\Windows Media Player.lnk
----a-w             1,731 2011-06-03 14:37:15  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\4\Adobe Reader 9.lnk
----a-w               684 2010-11-10 21:43:27  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\4\CCleaner.lnk
----a-w             1,962 2008-10-28 23:18:26  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\4\Dell Support Center.lnk
----a-w               945 2008-10-28 23:17:32  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\4\Google Desktop.lnk
----a-w             1,020 2010-09-03 22:53:18  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\4\HP Solution Center.lnk
----a-w             1,901 2008-11-12 23:51:07  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\4\Microsoft Keyboard.lnk
----a-w             1,870 2008-11-12 23:52:17  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\4\Microsoft Mouse.lnk
----a-w             1,604 2010-07-19 01:15:55  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\4\Mozilla Firefox.lnk
----a-w             1,165 2011-01-17 22:15:00  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\4\Norton Security Scan.lnk
----a-w             1,437 2005-02-03 20:25:23  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\4\Owner's Manual.lnk
----a-w               772 2009-09-23 22:07:01  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\4\Readiris Pro 11.lnk
----a-w               740 2011-02-02 20:06:33  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\4\Registry Mechanic.lnk
----a-w             1,932 2010-08-28 00:21:32  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\4\Shop for HP Supplies.lnk
----a-w             2,337 2011-06-08 22:40:30  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\4\Simplifying LTC.lnk
----a-w               580 2010-11-23 16:22:39  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\4\STM Rapid Rater.lnk
----a-w               871 2010-07-22 22:27:40  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\4\Time Individual Medical v3.6.lnk
----a-w               801 2008-11-12 22:59:53  C:\Documents and Settings\Michelle\Local Settings\TEMP\smtmp\4\Trend Micro Internet Security.lnk
     
    Kestrel13!, Feb 26, 2013
    #4
  5. bwierzbicki

    bwierzbicki Private E-2

    I'm all done w/your recommendations Kestrel13.
    Machine is running like a champ.
    Thanks for all your help.
     
    bwierzbicki, Mar 4, 2013
    #5
  6. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Glad to hear all is running well. :)

    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Press and hold the Windows key http://forums.majorgeeks.com/chaslang/images/Windows_Logo_key.gif and then press the letter R on your keyboard. This opens the Run dialog box.
      • Copy and paste the below into the Run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /uninstall
        • Notes: The space between the combofix" and the /uninstall, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
    3. Go back to step 4 of the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
    4. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
    5. If running Vista or Win 7, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    6. Goto the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    7. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others) and running MGclean.bat did not remove, you can delete these files now.
    8. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures pointed to by step 6 of the READ ME
        for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.
    10. After doing the above, you should work thru the below link:
     
    Kestrel13!, Mar 4, 2013
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds