Recommended for You:
Fix up your PC Fast

TuneUp Utilities 2012 takes out the trash: Get back long lost disk space and performance in a snap – Free Download!






You are not connected. Please login or register

SecuraGeek Forums » Malware/Threat Removal » WhiteSmoke Translator removal fail

View previous topic View next topic Go down  Message [Page 1 of 1]

1 WhiteSmoke Translator removal fail on Mon Feb 07, 2011 9:42 pm

sebastian122


Member
Member
Hi everyone! Here's my log:

MySystem-Search


MSS v1.7


Basic System Information

Username: Valued Customer - Date: 02/07/2011 - Time: 21:30:35

Microsoft Windows XP [Version 5.1.2600]
Processor type: x86 Family 6 Model 23 Stepping 6, GenuineIntel
Total processors: 2
Computer Name: PATTIE
Logon Server: \\PATTIE


CD Emulation Drivers running?

Nero found!


Peer-to-Peer applications?



Security Tools Check

Malwarebytes' Anti-Malware


File associations

.exe=exefile
.scr=scrfile
.pif=piffile


That being said, I have WhiteSmoke Translator on my laptop and when I try to uninstall it via the control panel, I am asked to load a disc I don't own. I've run Malwarebytes and Exterminate It! (about a dozen times!) and am open to any and all suggestions.

2 Re: WhiteSmoke Translator removal fail on Mon Feb 07, 2011 9:47 pm

sebastian122


Member
Member

3 Re: WhiteSmoke Translator removal fail on Mon Feb 07, 2011 10:12 pm

sebastian122


Member
Member

4 Re: WhiteSmoke Translator removal fail on Mon Feb 07, 2011 10:13 pm

sebastian122


Member
Member

5 Re: WhiteSmoke Translator removal fail on Mon Feb 07, 2011 10:13 pm

sebastian122


Member
Member
Open to all suggestions!!

6 Re: WhiteSmoke Translator removal fail on Tue Feb 08, 2011 12:06 am

DragonMaster Jay


Site Owner
Site Owner
Did you do the steps in the correct order?


..........................................................
DragonMaster Jay
Administrative Director SecuraGeek Association
Advanced Malware Analysts Group Owner


Kaspersky E-Store Kaspersky Anti-Virus 2012: Click Here

Contribute/donate to our site

7 Re: WhiteSmoke Translator removal fail on Wed Feb 09, 2011 6:19 pm

sebastian122


Member
Member
I certainly thought I did. But I'm willing to try again! I'll report back. ^__^

8 Re: WhiteSmoke Translator removal fail on Wed Feb 09, 2011 7:44 pm

sebastian122


Member
Member
ComboFix 11-02-09.02 - Valued Customer 02/09/2011 19:37:36.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2409 [GMT -5:00]
Running from: c:\documents and settings\Valued Customer\My Documents\Downloads\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.

((((((((((((((((((((((((( Files Created from 2011-01-10 to 2011-02-10 )))))))))))))))))))))))))))))))
.

2011-02-08 01:18 . 2011-02-08 01:53 -------- d-----w- c:\windows\SxsCaPendDel
2011-01-15 01:19 . 2011-01-15 01:19 -------- d-----w- c:\documents and settings\Valued Customer\Local Settings\Application Data\DFH
2011-01-15 01:17 . 2011-01-15 01:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia
2011-01-15 01:17 . 2011-01-15 01:17 -------- d-----w- c:\program files\Yahoo! Games
2011-01-14 02:32 . 2011-01-14 02:32 1409 ----a-w- c:\windows\QTFont.for

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-21 14:44 . 2008-04-14 12:00 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2008-04-14 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10 . 2008-04-14 12:00 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34 . 2008-04-14 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:09 . 2010-12-12 18:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-20 23:08 . 2008-04-14 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:08 . 2008-04-14 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-12-20 23:08 . 2008-04-14 12:00 1830912 ------w- c:\windows\system32\inetcpl.cpl
2010-12-20 23:08 . 2008-04-14 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2010-12-20 23:08 . 2010-12-12 18:46 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-20 17:26 . 2008-04-14 12:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55 . 2008-04-14 12:00 389120 ----a-w- c:\windows\system32\html.iec
2010-12-09 15:15 . 2008-04-14 12:00 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 14:30 . 2008-04-14 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-12-09 13:42 . 2008-04-14 12:00 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 13:07 . 2008-04-14 00:01 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-11-18 18:12 . 2009-02-12 15:09 81920 ----a-w- c:\windows\system32\isign32.dll
.

((((((((((((((((((((((((((((( SnapShot@2011-02-08_01.11.32 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-02-10 00:12 . 2011-02-10 00:12 16384 c:\windows\temp\Perflib_Perfdata_2f0.dat
+ 2009-03-28 17:55 . 2010-07-05 13:15 17272 c:\windows\system32\spmsg.dll
- 2009-03-28 17:55 . 2010-02-22 14:23 17272 c:\windows\system32\spmsg.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 44544 c:\windows\system32\pngfilt.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 44544 c:\windows\system32\pngfilt.dll
+ 2008-04-14 12:00 . 2011-02-10 00:17 72248 c:\windows\system32\perfc009.dat
- 2008-04-14 12:00 . 2011-02-08 00:40 72248 c:\windows\system32\perfc009.dat
- 2007-08-13 23:54 . 2010-11-06 00:34 52224 c:\windows\system32\msfeedsbs.dll
+ 2007-08-13 23:54 . 2010-12-20 23:08 52224 c:\windows\system32\msfeedsbs.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 27648 c:\windows\system32\jsproxy.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 27648 c:\windows\system32\jsproxy.dll
- 2007-08-13 23:39 . 2010-11-03 12:24 13824 c:\windows\system32\ieudinit.exe
+ 2007-08-13 23:39 . 2010-12-20 12:54 13824 c:\windows\system32\ieudinit.exe
- 2008-04-14 12:00 . 2010-11-06 00:34 44544 c:\windows\system32\iernonce.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 44544 c:\windows\system32\iernonce.dll
- 2008-04-14 12:00 . 2010-11-03 12:24 70656 c:\windows\system32\ie4uinit.exe
+ 2008-04-14 12:00 . 2010-12-20 12:54 70656 c:\windows\system32\ie4uinit.exe
- 2007-08-13 23:36 . 2010-11-06 00:34 63488 c:\windows\system32\icardie.dll
+ 2007-08-13 23:36 . 2010-12-20 23:08 63488 c:\windows\system32\icardie.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2009-02-12 23:00 . 2010-12-20 23:08 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2009-02-12 23:00 . 2010-11-06 00:34 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-02-12 23:00 . 2010-12-20 12:54 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2009-02-12 23:00 . 2010-11-03 12:24 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2008-04-14 12:00 . 2010-11-06 00:34 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 44544 c:\windows\system32\dllcache\iernonce.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2008-04-14 12:00 . 2010-12-20 12:54 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2008-04-14 12:00 . 2010-11-03 12:24 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2009-02-12 23:00 . 2010-11-06 00:34 63488 c:\windows\system32\dllcache\icardie.dll
+ 2009-02-12 23:00 . 2010-12-20 23:08 63488 c:\windows\system32\dllcache\icardie.dll
+ 2008-04-14 12:00 . 2010-12-09 14:30 33280 c:\windows\system32\dllcache\csrsrv.dll
- 2008-04-14 12:00 . 2009-12-14 07:08 33280 c:\windows\system32\dllcache\csrsrv.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 17408 c:\windows\system32\dllcache\corpol.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 17408 c:\windows\system32\dllcache\corpol.dll
- 2009-02-12 15:17 . 2011-02-06 22:30 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2011-02-09 14:07 . 2011-02-09 23:45 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-02-12 15:17 . 2011-02-09 23:45 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-02-12 15:17 . 2011-02-06 22:30 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-02-09 14:07 . 2011-02-09 23:45 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2010-12-12 23:59 . 2011-02-06 22:30 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2011-02-09 23:28 . 2010-11-06 00:34 44544 c:\windows\ie7updates\KB2482017-IE7\pngfilt.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 52224 c:\windows\ie7updates\KB2482017-IE7\msfeedsbs.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 27648 c:\windows\ie7updates\KB2482017-IE7\jsproxy.dll
+ 2011-02-09 23:28 . 2010-11-03 12:24 13824 c:\windows\ie7updates\KB2482017-IE7\ieudinit.exe
+ 2011-02-09 23:28 . 2010-11-06 00:34 44544 c:\windows\ie7updates\KB2482017-IE7\iernonce.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 78336 c:\windows\ie7updates\KB2482017-IE7\ieencode.dll
+ 2011-02-09 23:28 . 2010-11-03 12:24 70656 c:\windows\ie7updates\KB2482017-IE7\ie4uinit.exe
+ 2011-02-09 23:28 . 2010-11-06 00:34 63488 c:\windows\ie7updates\KB2482017-IE7\icardie.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 17408 c:\windows\ie7updates\KB2482017-IE7\corpol.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 233472 c:\windows\system32\webcheck.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 233472 c:\windows\system32\webcheck.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 105984 c:\windows\system32\url.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 105984 c:\windows\system32\url.dll
- 2008-04-14 12:00 . 2011-02-08 00:40 444156 c:\windows\system32\perfh009.dat
+ 2008-04-14 12:00 . 2011-02-10 00:17 444156 c:\windows\system32\perfh009.dat
+ 2008-04-14 12:00 . 2010-12-20 23:08 102912 c:\windows\system32\occache.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 102912 c:\windows\system32\occache.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 671232 c:\windows\system32\mstime.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 671232 c:\windows\system32\mstime.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 193024 c:\windows\system32\msrating.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 193024 c:\windows\system32\msrating.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 478208 c:\windows\system32\mshtmled.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 478208 c:\windows\system32\mshtmled.dll
+ 2007-08-13 23:54 . 2010-12-20 23:08 468480 c:\windows\system32\msfeeds.dll
- 2007-08-13 23:54 . 2010-11-06 00:34 468480 c:\windows\system32\msfeeds.dll
+ 2007-08-13 23:34 . 2010-12-20 23:08 268288 c:\windows\system32\iertutil.dll
- 2007-08-13 23:34 . 2010-11-06 00:34 268288 c:\windows\system32\iertutil.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 192512 c:\windows\system32\iepeers.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 192512 c:\windows\system32\iepeers.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 384512 c:\windows\system32\iedkcs32.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 384512 c:\windows\system32\iedkcs32.dll
- 2007-07-11 17:27 . 2010-09-09 13:38 380928 c:\windows\system32\ieapfltr.dll
+ 2007-07-11 17:27 . 2010-12-20 23:08 380928 c:\windows\system32\ieapfltr.dll
+ 2008-04-14 12:00 . 2010-12-20 11:23 161792 c:\windows\system32\ieakui.dll
- 2008-04-14 12:00 . 2010-10-18 11:06 161792 c:\windows\system32\ieakui.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 230400 c:\windows\system32\ieaksie.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 230400 c:\windows\system32\ieaksie.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 153088 c:\windows\system32\ieakeng.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 153088 c:\windows\system32\ieakeng.dll
+ 2009-02-12 09:55 . 2011-02-10 00:02 377824 c:\windows\system32\FNTCACHE.DAT
- 2009-02-12 09:55 . 2010-12-16 16:04 377824 c:\windows\system32\FNTCACHE.DAT
+ 2008-04-14 12:00 . 2010-12-20 23:08 133120 c:\windows\system32\extmgr.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 133120 c:\windows\system32\extmgr.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 214528 c:\windows\system32\dxtrans.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 214528 c:\windows\system32\dxtrans.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 347136 c:\windows\system32\dxtmsft.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 347136 c:\windows\system32\dxtmsft.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 832512 c:\windows\system32\dllcache\wininet.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 832512 c:\windows\system32\dllcache\wininet.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 233472 c:\windows\system32\dllcache\webcheck.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 233472 c:\windows\system32\dllcache\webcheck.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 105984 c:\windows\system32\dllcache\url.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 105984 c:\windows\system32\dllcache\url.dll
+ 2008-04-14 12:00 . 2011-01-21 14:44 439296 c:\windows\system32\dllcache\shimgvw.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 102912 c:\windows\system32\dllcache\occache.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 102912 c:\windows\system32\dllcache\occache.dll
+ 2008-04-14 12:00 . 2010-12-09 15:15 718336 c:\windows\system32\dllcache\ntdll.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 671232 c:\windows\system32\dllcache\mstime.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 671232 c:\windows\system32\dllcache\mstime.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 193024 c:\windows\system32\dllcache\msrating.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 193024 c:\windows\system32\dllcache\msrating.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 478208 c:\windows\system32\dllcache\mshtmled.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 478208 c:\windows\system32\dllcache\mshtmled.dll
- 2009-02-12 23:00 . 2010-11-06 00:34 468480 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-02-12 23:00 . 2010-12-20 23:08 468480 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-04-14 12:00 . 2010-12-20 17:26 730112 c:\windows\system32\dllcache\lsasrv.dll
- 2008-04-14 12:00 . 2009-06-25 08:25 730112 c:\windows\system32\dllcache\lsasrv.dll
- 2008-04-14 12:00 . 2009-06-25 08:25 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2008-04-14 12:00 . 2010-12-22 12:34 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2009-02-12 15:09 . 2010-12-20 11:25 634648 c:\windows\system32\dllcache\iexplore.exe
- 2009-02-12 15:09 . 2010-10-18 11:07 634648 c:\windows\system32\dllcache\iexplore.exe
- 2009-02-12 23:00 . 2010-11-06 00:34 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2009-02-12 23:00 . 2010-12-20 23:08 268288 c:\windows\system32\dllcache\iertutil.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 192512 c:\windows\system32\dllcache\iepeers.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 192512 c:\windows\system32\dllcache\iepeers.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 384512 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 384512 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-02-12 23:00 . 2010-12-20 23:08 380928 c:\windows\system32\dllcache\ieapfltr.dll
- 2009-02-12 23:00 . 2010-09-09 13:38 380928 c:\windows\system32\dllcache\ieapfltr.dll
- 2008-04-14 12:00 . 2010-10-18 11:06 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2008-04-14 12:00 . 2010-12-20 11:23 161792 c:\windows\system32\dllcache\ieakui.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 133120 c:\windows\system32\dllcache\extmgr.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 133120 c:\windows\system32\dllcache\extmgr.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 347136 c:\windows\system32\dllcache\dxtmsft.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-04-14 12:00 . 2011-01-07 14:09 290048 c:\windows\system32\dllcache\atmfd.dll
- 2008-04-14 12:00 . 2010-10-28 13:13 290048 c:\windows\system32\dllcache\atmfd.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 124928 c:\windows\system32\dllcache\advpack.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 124928 c:\windows\system32\dllcache\advpack.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 124928 c:\windows\system32\advpack.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 124928 c:\windows\system32\advpack.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 832512 c:\windows\ie7updates\KB2482017-IE7\wininet.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 233472 c:\windows\ie7updates\KB2482017-IE7\webcheck.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 105984 c:\windows\ie7updates\KB2482017-IE7\url.dll
+ 2011-02-09 23:28 . 2010-07-05 13:16 382840 c:\windows\ie7updates\KB2482017-IE7\spuninst\updspapi.dll
+ 2011-02-09 23:28 . 2010-07-05 13:15 231288 c:\windows\ie7updates\KB2482017-IE7\spuninst\spuninst.exe
+ 2011-02-09 23:28 . 2010-11-06 00:34 102912 c:\windows\ie7updates\KB2482017-IE7\occache.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 671232 c:\windows\ie7updates\KB2482017-IE7\mstime.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 193024 c:\windows\ie7updates\KB2482017-IE7\msrating.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 478208 c:\windows\ie7updates\KB2482017-IE7\mshtmled.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 468480 c:\windows\ie7updates\KB2482017-IE7\msfeeds.dll
+ 2011-02-09 23:28 . 2010-10-18 11:07 634648 c:\windows\ie7updates\KB2482017-IE7\iexplore.exe
+ 2011-02-09 23:28 . 2010-11-06 00:34 268288 c:\windows\ie7updates\KB2482017-IE7\iertutil.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 192512 c:\windows\ie7updates\KB2482017-IE7\iepeers.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 384512 c:\windows\ie7updates\KB2482017-IE7\iedkcs32.dll
+ 2011-02-09 23:28 . 2010-09-09 13:38 380928 c:\windows\ie7updates\KB2482017-IE7\ieapfltr.dll
+ 2011-02-09 23:28 . 2010-10-18 11:06 161792 c:\windows\ie7updates\KB2482017-IE7\ieakui.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 230400 c:\windows\ie7updates\KB2482017-IE7\ieaksie.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 153088 c:\windows\ie7updates\KB2482017-IE7\ieakeng.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 133120 c:\windows\ie7updates\KB2482017-IE7\extmgr.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 214528 c:\windows\ie7updates\KB2482017-IE7\dxtrans.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 347136 c:\windows\ie7updates\KB2482017-IE7\dxtmsft.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 124928 c:\windows\ie7updates\KB2482017-IE7\advpack.dll
+ 2011-02-10 00:02 . 2011-02-10 00:02 532480 c:\windows\ERDNT\AutoBackup\2-9-2011\Users\00000002\UsrClass.dat
+ 2011-02-10 00:02 . 2005-10-20 17:02 163328 c:\windows\ERDNT\AutoBackup\2-9-2011\ERDNT.EXE
+ 2011-02-08 17:29 . 2011-02-08 17:29 532480 c:\windows\ERDNT\AutoBackup\2-8-2011\Users\00000002\UsrClass.dat
+ 2011-02-08 17:29 . 2005-10-20 17:02 163328 c:\windows\ERDNT\AutoBackup\2-8-2011\ERDNT.EXE
+ 2011-02-08 01:54 . 2011-02-08 01:54 532480 c:\windows\ERDNT\AutoBackup\2-7-2011\Users\00000002\UsrClass.dat
+ 2011-02-08 01:54 . 2005-10-20 17:02 163328 c:\windows\ERDNT\AutoBackup\2-7-2011\ERDNT.EXE
+ 2011-02-08 01:50 . 2011-02-08 01:50 532480 c:\windows\ERDNT\2-7-2011\Users\00000002\UsrClass.dat
+ 2011-02-08 01:50 . 2005-10-20 17:02 163328 c:\windows\ERDNT\2-7-2011\ERDNT.EXE
- 2008-04-14 12:00 . 2010-11-06 00:34 1168384 c:\windows\system32\urlmon.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 1168384 c:\windows\system32\urlmon.dll
+ 2008-04-14 12:00 . 2011-01-21 14:44 8462336 c:\windows\system32\shell32.dll
- 2008-04-14 12:00 . 2010-07-27 06:30 8462336 c:\windows\system32\shell32.dll
+ 2008-04-14 12:00 . 2010-12-20 23:08 3606528 c:\windows\system32\mshtml.dll
+ 2007-08-13 23:54 . 2010-12-20 23:08 6075904 c:\windows\system32\ieframe.dll
- 2007-08-13 23:54 . 2010-11-06 00:34 6075904 c:\windows\system32\ieframe.dll
+ 2008-04-14 12:00 . 2010-12-31 13:10 1854976 c:\windows\system32\dllcache\win32k.sys
+ 2008-04-14 12:00 . 2010-12-20 23:08 1168384 c:\windows\system32\dllcache\urlmon.dll
- 2008-04-14 12:00 . 2010-11-06 00:34 1168384 c:\windows\system32\dllcache\urlmon.dll
- 2008-04-14 12:00 . 2010-07-27 06:30 8462336 c:\windows\system32\dllcache\shell32.dll
+ 2008-04-14 12:00 . 2011-01-21 14:44 8462336 c:\windows\system32\dllcache\shell32.dll
+ 2009-02-12 22:12 . 2010-12-09 13:38 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-02-12 22:12 . 2010-12-09 13:07 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-02-12 22:12 . 2010-12-09 13:07 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-02-12 22:12 . 2010-12-09 13:42 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-04-14 12:00 . 2010-12-20 23:08 3606528 c:\windows\system32\dllcache\mshtml.dll
+ 2009-02-12 23:00 . 2010-12-20 23:08 6075904 c:\windows\system32\dllcache\ieframe.dll
- 2009-02-12 23:00 . 2010-11-06 00:34 6075904 c:\windows\system32\dllcache\ieframe.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 1168384 c:\windows\ie7updates\KB2482017-IE7\urlmon.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 3604480 c:\windows\ie7updates\KB2482017-IE7\mshtml.dll
+ 2011-02-09 23:28 . 2010-11-06 00:34 6075904 c:\windows\ie7updates\KB2482017-IE7\ieframe.dll
+ 2011-02-10 00:02 . 2011-02-10 00:02 6651904 c:\windows\ERDNT\AutoBackup\2-9-2011\Users\00000001\NTUSER.DAT
+ 2011-02-08 17:29 . 2011-02-08 17:29 6651904 c:\windows\ERDNT\AutoBackup\2-8-2011\Users\00000001\NTUSER.DAT
+ 2011-02-08 01:54 . 2011-02-08 01:54 6651904 c:\windows\ERDNT\AutoBackup\2-7-2011\Users\00000001\NTUSER.DAT
+ 2011-02-08 01:50 . 2011-02-08 01:50 6651904 c:\windows\ERDNT\2-7-2011\Users\00000001\NTUSER.DAT
+ 2009-02-12 22:12 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-02-12 22:12 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-12 22:12 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-02-12 22:12 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-02-10 03:49 . 2011-02-09 23:28 37443528 c:\windows\system32\MRT.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-30 13594624]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb12.exe" [2004-06-26 172032]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-12-11 286720]
"Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2008-09-30 485208]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-09-30 1193848]
"TkBellExe"="c:\my download files\update\realsched.exe" [2010-12-26 274608]

c:\documents and settings\Valued Customer\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\my download files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-3-1 113664]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-14 241664]
HP Image Zone Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-5-14 53248]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2008-06-19 21:20 57344 ----a-w- c:\windows\ALCMTR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-27 23:03 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2008-01-24 17:32 2289664 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 19:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-01-30 14:12 13594624 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2009-01-30 14:12 1657376 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-12-11 15:56 286720 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2008-10-09 19:54 17021440 ----a-w- c:\windows\RTHDCPL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
2007-10-26 08:49 671744 ----a-r- c:\program files\Motorola\SMSERIAL\sm56hlpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\microsoft frontpage\\bin\\fpexplor.exe"=
"c:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe"=

R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [4/27/2010 11:55 AM 84072]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [1/30/2010 5:18 PM 88176]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [4/27/2010 11:55 AM 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [4/27/2010 11:55 AM 271480]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfefire.exe [4/27/2010 11:56 AM 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [4/27/2010 11:55 AM 141792]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [4/27/2010 11:55 AM 55840]
R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2/12/2009 12:26 PM 54784]
R3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\drivers\enecirhid.sys [2/12/2009 12:26 PM 11264]
R3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\drivers\enecirhidma.sys [2/12/2009 12:26 PM 5632]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [5/30/2008 7:17 PM 93968]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [4/27/2010 11:55 AM 313288]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [4/27/2010 11:55 AM 88544]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [9/6/2008 4:20 AM 45344]
R4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [12/12/2010 1:46 PM 38224]
S2 gupdate1cad4e1198c6c66;Google Update Service (gupdate1cad4e1198c6c66);c:\program files\Google\Update\GoogleUpdate.exe [4/5/2010 11:57 AM 133104]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [4/27/2010 11:55 AM 88544]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [4/27/2010 11:55 AM 84264]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - MBAMSWISSARMY
*Deregistered* - mfeavfk01

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-01-24 17:30 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2011-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-05 16:57]

2011-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-05 16:57]

2011-02-10 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-926492609-1801674531-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 16:33]

2011-02-09 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-926492609-1801674531-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 16:33]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://s1.travian.com/dorf1.php
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-09 19:41
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1715567821-926492609-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2868)
c:\windows\system32\WININET.dll
c:\progra~1\mcafee\SITEAD~1\saHook.dll
c:\windows\system32\IEFRAME.dll
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-02-09 19:43:11
ComboFix-quarantined-files.txt 2011-02-10 00:43
ComboFix2.txt 2011-02-08 01:12
ComboFix3.txt 2010-12-12 18:41

Pre-Run: 167,466,295,296 bytes free
Post-Run: 167,438,589,952 bytes free

- - End Of File - - B6D7F82A4E2510561A30C60FBBD94D5B

9 Re: WhiteSmoke Translator removal fail on Wed Feb 09, 2011 9:43 pm

sebastian122


Member
Member
Okay, it seems to have gone.

YIPPEE and thank you all for the help and support.

And now a question... is there a way to protect against getting it again?

10 deleting/uninstalling whitesmoke on Thu Feb 10, 2011 6:43 pm

Morgan


New Member
I have been experiencing the same problem with this whitesmoke program - when I try to uninstall it I get an error message reading:
"error launching checklockedwsfiles"

what does this mean? can anyone please help me permanently unistall whitesmoke?

Ad Bot

View previous topic View next topic Back to top  Message [Page 1 of 1]

SecuraGeek Forums » Malware/Threat Removal » WhiteSmoke Translator removal fail

Permissions in this forum:
You cannot reply to topics in this forum