Need Lots Of Help Please

Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

BleepingComputer.com > Security > HijackThis Logs and Virus/Trojan/Spyware/Malware Removal

Forum Guidelines

Read this topic before posting a log.

DO NOT post a ComboFix log unless requested to.

Only members of the HijackThis Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.

When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.

Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.

Need Lots Of Help Please

Options

pcdome View Member Profile	Jul 3 2006, 11:13 PM Post #1
Member Group: Members Posts: 39 Joined: 3-July 06 Member No.: 74,474	Hello, I'm far from being an expert, and I've tried to ask some of my more knowlegeable friends but I'm not getting anywhere with them. My original problem was that I have a BF Ghost (is that correct) running on my computer called conime.exe. I found a way to get rid of it on this forum once before but stupidly I closed that page without saving it as a favorite. Anyhow, I'm glad I did lose that page because I have found several other problems thanks to your pinned topic on what I have to do before posting an HJT log. Now, I don't know how to fix those problems either, and I haven't noticed them come up in my HJT log, so I'm going to type those problems in first and then list my HJT log. (I will title each new problem in red and italicized. Please don't think I'm rude, I just thought it easier that way. Okay? Thanks. I'm sorry that this is going to be such a long post. First Problem: This is the report from the Trend Micro page, after cleaning: Detected grayware/spyware Note: Complete removal of the grayware listed below failed! If you require general hints and tips to solve the problem please click here. (My personal side note: I tried this and was told they have no solution for this problem. Back to Trend Micro report.) Grayware specific information is available from the relevant grayware section. TSPY_CLICKER.CP 1 infections There is no more information available for this grayware/spyware... General information about this type of grayware/spyware. Some of this grayware/spyware could not be removed automatically! Click here to receive instructions on how to remove this infection manually. (My personal side note: I tried this and received a message box that says: There is currently no information available on how to remove this malware/grayware manually. Please contact HouseCall Support (via the "Support" link) and describe your problem. (My personal side note: I'll do this, if the problem can't be solved here.)) Cleanup Options (radio button) Clean all detected infections automatically (My personal side note: This doesn't work.) (radio button) Select an individual action for each detected infection (Checkbox with no logo above) Checked (Checkbox with broom above) Checking Not Allowed (Checkbox with a red "x"a above) Can be checked (Reason box) The current platform does not support cleanup (Files infected by this grayware/spyware) Files infected by this grayware/spyware Second Problem: From Stinger: Scan initiated on Tue Jul 04 01:33:40 2006 C:\Documents and Settings\Robb\MyDocuments\h0ya\CDmage.exe Found the W32/Pate.dam virus !!! C:\Documents and Settings\Robb\MyDocuments\h0ya\CDmage.exe could not be repaired. Number of Clean Files: 239106 Number of infected Files: 1 Third Problem: ZoneLabs ZoneAlarm Firewall Download According to the File Download Box the whole file is finished but the File Download box won't stop downloading and close the dialog box. I have it set to automatically close when finished but it won't close, I only have an option to cancel. I also don't see the file in my save location. Actually, I just recevied a message box that said the operation timed out. Anyhow, I don't know if this is a problem for this forum or not, but I thought I would tell you, just in case. Fourth & Last Problem: (at least that I'm aware of ) This is my original problem conime.exe Here is my HJT log: Logfile of HijackThis v1.99.1 Scan saved at 1:10:44 PM, on 7/4/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\System32\RUNDLL32.EXE C:\Program Files\SIGMA\TV\sigmatv.exe C:\Program Files\Sigma\common\SMBM.EXE C:\WINDOWS\SnoopFreeUI.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\WINDOWS\System32\rundll32.exe C:\CFusionMX7\runtime\bin\jrunsvc.exe C:\CFusionMX7\verity\k2\_nti40\bin\k2admin.exe C:\CFusionMX7\runtime\bin\jrun.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\SnoopFreeSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\CFusionMX7\verity\k2\_nti40\bin\k2server.exe C:\CFusionMX7\verity\k2\_nti40\bin\k2index.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\System32\conime.exe C:\Program Files\HijackThis\HijackThis.exe R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ADSpider] C:\Program Files\ADSPider\ADSpider.exe /start O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [TV_Path] C:\Program Files\SIGMA\TV\sigmatv.exe /t O4 - HKLM\..\Run: [SMBM] C:\Program Files\Sigma\common\SMBM.EXE /D O4 - HKLM\..\Run: [SnoopFreeUI] SnoopFreeUI.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\RunOnce: [NAVNT 2005Seq] C:\DOCUME~1\Robb\LOCALS~1\Temp\LUProdRg.exe /f:C:\DOCUME~1\Robb\LOCALS~1\Temp\2005LU~1.INI /s:SPW_Set_Sequence O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: 799BB2EC-572A-42A9-84AD-112806F4F551 - O16 - DPF: DCD7F1D9-8E57-45F8-8C0C-4400CD84C8BF - O16 - DPF: {091CDD73-1401-4643-9B9C-65B091C88685} (MyLinker Control) - http://kherald.contents.mylinker.co.kr/module/MyLinker.cab O16 - DPF: {18D63578-EA2F-4A59-A49A-7F62E6B3DF3E} (ImP3 Control) - http://activexdown.paran.com/paranactivex/data/ImP3.cab O16 - DPF: {240F0899-15BB-49AE-B820-62CEB9116C0F} (SkyCom Control) - http://www.skylove.com/connect/skycom.cab O16 - DPF: {247D3068-ABDA-4A56-A48A-112183AC08B5} (GK_YH_Launcher Control) - http://kr.wbgames.yahoo.com/GK_YH_Launcher.cab O16 - DPF: {27E4B2A9-D554-40DE-B6CD-F11E9B44FBD0} (SimFileControl Control) - http://simfile.chol.com/down/SimFileControl.cab O16 - DPF: {286A75C3-11FB-4FB4-AC4A-4DD1B0750050} (INISAFEWeb6 V6 Class) - http://www.hanabank.com/plugin/INIS60.cab O16 - DPF: {2882C368-D508-11D4-A2AB-000102598CE4} (LProtect Control) - http://www.livecall.co.kr/pds/module/livecall.cab O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - http://file.nx.com/activex/public_new/nxpm.cab O16 - DPF: {36F46B1E-11B7-4221-B4F7-F1FC9687E7F6} (MBox Control) - http://kr.music.yahoo.com/m_box/component/mbox.cab O16 - DPF: {3E59D482-6ABF-4560-A0C7-F90ACC0DC6BC} (MOHAAStarterX Control) - http://www.mohonline.co.kr/up/cab/MOHAAStarterX.cab O16 - DPF: {4A55BA7E-0379-4DB5-BDEF-70454A548AB2} (AgentReal Control) - http://kr.baduk.yahoo.com/cab/YahooBaduk.cab O16 - DPF: {4B48CEDD-EB09-4FD3-AA22-5BDE98EDEF90} (EZXSActiveX Control) - http://www.buykorea.org/buykorea/front/ezx...ezxsactivex.cab O16 - DPF: {4BF107D8-CFB8-4BC8-B54D-375CA564A33B} (EAJamDn Control) - http://www.mohonline.co.kr/up/cab/EADownloader.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by101fd.bay101.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {52A5D8F2-7C23-42AB-B6BF-5E7840CB1F27} (BxPopHandler Control) - http://www.netian.com/lib/BxPopHandler.cab O16 - DPF: {5CBED04F-42E6-4BEC-A087-C20012B6308B} (SCLiveUp Class) - http://www.metlife.co.kr/cs/scCab/scLiveUp.cab O16 - DPF: {6359EFB8-A988-4572-976B-3BA42C3A6177} (PMViewerX Control) - http://www.wholsee.com/Web/Scripts/Common/Map/PMapX.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1106110171734 O16 - DPF: {6FE760D3-7851-4879-8838-62D9881D7177} (IniMasHandler Class) - http://emailimg.sktelecom.com/inimas/autoc...niMasPlugin.cab O16 - DPF: {70EE0AA4-5A3A-4052-8FFA-2EEDA43F7942} (Innotive Cibrowser Control 1.1) - http://www.myipq.com/hosting/cibrowser/cib...r_1_1_1_119.cab O16 - DPF: {799BB2EC-572A-42A9-84AD-112806F4F551} (Imweb Control) - http://activexdown.paran.com/paranactivex/data/imweb.cab O16 - DPF: {79C871A6-F9C8-44DA-B2C9-CD9438D9642C} (EZXSInstaller Control) - http://www.buykorea.org/buykorea/front/ezx...xsinstaller.cab O16 - DPF: {7E9FDB80-5316-11D4-B02C-00C04F0CD404} (XecureWeb 4.0 Client Control) - http://download.softforum.co.kr/Published/.../xw_install.cab O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.vrboard.co.kr/bin/cortvrml.cab O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanmail.net/cab9/dmcc2.cab O16 - DPF: {93F79C47-F414-4EEE-95C5-A0F0ACE59A0E} (ALDx Class) - http://www.altools.co.kr/ALDX.cab O16 - DPF: {97745861-F1A6-45B2-8AD1-0C17334550E6} (YahooCabinet Control) - http://img.yahoo.co.kr/ycabinet/cab/YahooCabinet.cab O16 - DPF: {9BDBC41E-C335-4263-83C0-ECE78EE28A33} (SysMonOCX Control) - http://ahnlabdownload.nefficient.co.kr/plu...yfirewall20.cab O16 - DPF: {9DD4E0E8-2CED-4064-BF11-DDB2196CEC40} (SOLWeB4SIB Class) - http://www.solomonbank.com/cab/SOLWeB4SIB.cab O16 - DPF: {A099920B-630C-426B-91EC-737685CEEE17} (AxCrossCert Class) - http://www.solomonbank.com/cab/AxCrossCert_2.5.0.1.cab O16 - DPF: {A671DC03-71D0-4CF0-895C-7D4A248FC1F1} (skcbgmset Class) - http://cyimg7.cyworld.nate.com/cymusic/package/skcbgmset.cab O16 - DPF: {B0A75875-3622-48BA-B5FF-45AD77AC2D0E} (BankPayEFTCtrl Control) - http://download.auction.co.kr/activexpay/BankPayEFT.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {C044CD87-DFB0-4130-A5E4-49361106FBC8} (HanSetupCtrl1008 Class) - http://cdn.hangame.com/hangame/hansetup/HanSetup1008.cab O16 - DPF: {D572CD64-9310-4712-8FFC-A4F9DC9D4AC1} (QbicUpdate Control) - http://qbic.hanafos.com/component/QbicUpdate.CAB O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://update.nprotect.net/nprotect/keb/check_new/npkcx.cab O16 - DPF: {D95F5F60-5BB7-4655-BACE-FC5371EFC3E0} (Npx2 Control) - http://update.nprotect.net/nprotect/keb/check_new/npx2.cab O16 - DPF: {D96D2F74-0B74-47D2-964F-B67E9F69F1CD} (CongnamulMap4Asp Control) - http://asp.congnamul.com/AspActiveX/CongnamulMap4Asp_V23.cab O16 - DPF: {D9701E87-A34D-11D4-BE29-000102598CE4} (VrUpdate Control) - http://download.hauri.net/Kor/online_up/vrupdate.cab O16 - DPF: {DA76E8AE-2E7F-49A8-B5F2-D1C4FF70ECD5} (SamsungMap Control) - http://mapsvc.samsung.co.kr/ActiveX/SamsungMap_V25.cab O16 - DPF: {DCD7F1D9-8E57-45F8-8C0C-4400CD84C8BF} (Imhtml Control) - http://activexdown.paran.com/paranactivex/data/imhtml.cab O16 - DPF: {DDE6FED7-88AB-405B-9D77-FD4CDA8B9EB5} (Qbic Control) - http://qbic.hanafos.com/component/Qbic.CAB O16 - DPF: {E0BF7A2B-2F7C-497A-B50F-292D3F317965} (CongnamulMap Control) - http://www.congnamul.com/ActiveX/Release/C...amulMap_V17.cab O16 - DPF: {E40DEFEA-9133-4374-BB1B-E138DEFFF247} (SOLWeBLiveUpdate Class) - http://www.solomonbank.com/cab/SOLWeBLiveUpdate.cab O16 - DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} (KvpIspCtlD Control) - https://www.vpay.co.kr/kvpfiles/KVPISPCTLD.cab O16 - DPF: {F1F07506-6CB4-44AC-8615-66D1234EFD05} - http://image.shinhan.com/initech/plugin/ve...NISafeWeb50.cab O20 - Winlogon Notify: asnt3 - C:\WINDOWS\SYSTEM32\AsntDll.dll O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: ColdFusion MX 7 Application Server - Macromedia Inc. - C:\CFusionMX7\runtime\bin\jrunsvc.exe O23 - Service: ColdFusion MX 7 Search Server - Unknown owner - C:\CFusionMX7\verity\k2\_nti40\bin\k2admin.exe" -cfg "C:\CFusionMX7\verity\k2\common\verity.cfg" -ntstart 1 (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\System32\npkcsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Snoop Free Service (SnoopFreeSvc) - Unknown owner - C:\WINDOWS\System32\SnoopFreeSvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe Thank you so much for your help. This post has been edited by pcdome: Jul 3 2006, 11:15 PM

Posts in this topic

pcdome Need Lots Of Help Please Jul 3 2006, 11:13 PM

Whisperer Hi pcdome and welcome to the[b] Bleeping Computer ... Jul 9 2006, 02:16 PM

pcdome Hi Whisperer, Thanks for your help. Just to let y... Jul 10 2006, 06:37 PM

Whisperer Back again, I want to classify the [b]conime.exe e... Jul 11 2006, 05:06 AM

pcdome Hey Whisperer, Alright as I said before I don... Jul 12 2006, 07:46 AM

Whisperer Hi pcdome, Thanks for the file information, I am... Jul 12 2006, 03:56 PM

pcdome Alright Whisperer, I've done everything you s... Jul 13 2006, 10:03 AM

Whisperer Hi pcdome, Norton could be pulling that file from... Jul 15 2006, 06:53 AM

pcdome Hi Whisperer, Okay I'm posting a new HJT log,... Jul 17 2006, 06:48 AM

Whisperer Thanks for the log, looking a it now. Looking forw... Jul 17 2006, 07:54 AM

pcdome Hi Whisperer, It looks like I just missed you. ... Jul 17 2006, 09:11 AM

Whisperer Hi pcdome Ewido proved its worth again by finding... Jul 18 2006, 11:41 AM

pcdome Hi Whisperer, I don't have the time right now... Jul 18 2006, 06:02 PM

pcdome Hello again, My a.m. classes have been cancelled.... Jul 18 2006, 08:32 PM

pcdome Good news! Trend Micro did not find the Tspy_... Jul 18 2006, 09:24 PM

Whisperer Forget the Java, I was working two different logs,... Jul 19 2006, 03:13 AM

pcdome Hi Whisperer, Thanks for the firewall info. Her... Jul 19 2006, 07:30 AM

Whisperer Back again, You are looking good so we will do a ... Jul 20 2006, 02:46 AM

pcdome Hi Whisperer, Sorry for the long delay in replyin... Jul 24 2006, 07:08 PM

Whisperer Hi pcdome, You have a couple of not so nice O16... Jul 28 2006, 03:52 AM

pcdome Hi Whisperer, Thanks again for all of your help. ... Jul 29 2006, 11:12 PM

Whisperer Hi Pcdome, On the face of it, it might be another... Jul 30 2006, 03:01 AM

pcdome Hi Whisperer, Here are the logs you requested. I ... Aug 1 2006, 09:09 AM

Whisperer Pcdome, Your log is effectively clean. There are ... Aug 2 2006, 05:48 AM

Whisperer Hi pcdome, I have not heard from you for over a w... Aug 11 2006, 06:22 AM

pcdome Hi Whisperer, Sorry I've been so busy & t... Aug 14 2006, 07:09 PM

Whisperer Hi pcdome, Thanks for the response, I will look a... Aug 17 2006, 01:58 PM

pcdome Hi Whisperer, You posted 3 questions in your last... Aug 17 2006, 05:34 PM

pcdome Hi Whisperer, I have done as you instructed, how... Aug 21 2006, 08:11 PM

Whisperer Hi pcdome, Apologies for the delay but you slippe... Aug 24 2006, 02:45 AM

pcdome Hi Whisperer, Okay Qoofix did not find anything h... Aug 28 2006, 02:53 AM

Whisperer Hi pcdome, I am well and thank you for the enquir... Aug 29 2006, 02:59 AM

pcdome Hi Whisperer, I'm sorry for such a long delay... Sep 6 2006, 11:26 PM

Whisperer Thanks for the update, there is so much unknown ma... Sep 7 2006, 05:39 AM

Whisperer Hi pcdome, Any progress as yet? GT :thumbup2: Sep 17 2006, 09:50 AM

pcdome Sorry I just moved apartments and was without the ... Sep 18 2006, 05:36 PM

pcdome Phew! I'm finally getting to upload these ... Sep 20 2006, 08:18 AM

pcdome Hi Whisperer, It looks like we are both on at the... Sep 20 2006, 09:06 AM

Whisperer Hi pcdome, Thanks for all of the information, the... Sep 21 2006, 11:46 AM

pcdome Okay Whisperer, I'm hoping that my computer ... Sep 23 2006, 07:00 PM

Whisperer Hi pcdome, Worry not; time at my age is unimporta... Sep 24 2006, 03:23 PM

pcdome Hi Whisperer, The files ksvhtcgidsler.exe & h... Sep 29 2006, 02:52 AM

Whisperer Thanks a lot for the latest, If you could not fi... Sep 29 2006, 04:31 AM

Whisperer Hi pcdome, Please post the answers to the above w... Sep 29 2006, 02:15 PM

pcdome Hi Whisperer, Here are the files that I found usi... Sep 29 2006, 06:38 PM

pcdome Hi Whisperer, I'm going to post up my HJT Uni... Sep 30 2006, 07:08 PM

pcdome Alrighty, I've finished the scans. Only one no... Sep 30 2006, 08:43 PM

pcdome Sorry I ran out of space for posting so I had to s... Sep 30 2006, 08:50 PM

pcdome Gmer1 Cont'd: 820F2E40 Device \Driv... Sep 30 2006, 08:52 PM

pcdome Gmer1 Cont'd2: 8217B400 Device \Drive... Sep 30 2006, 08:53 PM

pcdome Gmer2: GMER 1.0.11.11390 - http://www.gmer.net Au... Sep 30 2006, 08:54 PM

Whisperer Hi pcdome, Hopefully before you disappear for a f... Oct 2 2006, 03:30 AM

pcdome I haven't left yet, so that's good. It... Oct 2 2006, 07:45 PM

Whisperer Hi pcdome, The scans reveal a couple of items tha... Oct 4 2006, 01:17 PM

Whisperer Hi pcdome, Any updates please? GT :thumbup2: Oct 13 2006, 03:18 AM

pcdome Hi Whisperer, I'm so sorry. I told you about... Oct 14 2006, 03:14 AM

Whisperer I shall start badgering you again on the 24th... Oct 14 2006, 06:03 AM

pcdome Alright Whisperer, Thanks for your blessing, and ... Oct 22 2006, 06:23 AM

Whisperer Can I have an updated HijackThis log please. GT ... Oct 25 2006, 01:13 PM

pcdome Here's my latest HJT Whisperer: Logfile of Hi... Oct 27 2006, 03:23 AM

Whisperer Thank you for the HJT I note that the 'Person... Oct 27 2006, 05:41 AM

pcdome As far as I can tell it doesn't have a firewal... Oct 28 2006, 08:37 PM

pcdome I don't want to be a pest, but just curious if... Nov 2 2006, 07:35 AM

Whisperer I had prepared a response BUT had forgotten to pos... Nov 2 2006, 10:17 AM

Whisperer Hi pcdome, There is no greater significance to GT... Nov 2 2006, 10:35 AM

pcdome Hi Whisperer, Here is the Kaspersky Log. I'm ... Nov 8 2006, 08:31 AM

pcdome HJT Log: Logfile of HijackThis v1.99.1 Scan saved... Nov 8 2006, 08:36 AM

Whisperer Hi pcdome, Thanks for the logs, Kaspersky has thr... Nov 9 2006, 04:43 AM

pcdome Disregard this post, I think I have fixed my probl... Nov 10 2006, 08:33 PM

Whisperer I am assuming that your problems are now fixed as ... Dec 3 2006, 04:42 PM

illukka as the problem here seems to be resolved this topi... Dec 5 2006, 03:35 PM

« Next Oldest · HijackThis Logs and Virus/Trojan/Spyware/Malware Removal · Next Newest »

2 User(s) are reading this topic (2 Guests and 0 Anonymous Users)

0 Members:

Display Mode: Switch to: Standard · Switch to: Linear+ · Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Lo-Fi Version

Time is now: 22nd November 2009 - 12:35 AM

Advertise \| About Us \| Terms of Use \| Privacy Policy \| Contact Us \| Site Map \| Chat \| Tutorials \| Uninstall List
Discussion Forums \| The Computer Glossary \| Resources \| RSS Feeds \| Startups \| The File Database \| Virus Removal Guides