Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer sending out automated queries to Google


  • This topic is locked This topic is locked
3 replies to this topic

#1 blaindesforges

blaindesforges

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:11 AM

Posted 10 October 2009 - 12:05 AM

Hi!

I have recently begun getting messages from Google asking me to sign in through a CAPTCHA to prove that I am human since my machine or network is apparently sending out automated queries. I have tried:

NOD32
G Data Antivirus
AntiVir
Malwarebytes
Combofix
Spybot S&D
Ad-Aware

and haven't found anything on either machines. Being at a total loss, I decided to come here and ask for your help. Any ideas what's going on?

Also as a side issue, I used to have Threatfire on my machine and have erased it but it is still apparently there. Any clues on how to get rid of it?

Thanks!


DDS (Ver_09-09-29.01) - NTFSx86
Run by FBLAINADMIN at 0:36:09.40 on 10/10/2009
Internet Explorer: 8.0.6001.18783 BrowserJavaVersion: 1.6.0_16
Microsoft Windows Vista Home Premium 6.0.6001.1.1252.2.1033.18.3069.1824 [GMT -4:00]

AV: ThreatFire *On-access scanning enabled* (Updated) {67B2B9A1-25C8-4057-962D-807958FFC9E3}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: ThreatFire *enabled* (Updated) {79E34F8F-D0AD-48d6-9223-C657C6491F67}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Tall Emu\Online Armor\OAcat.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\AERTSrv.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\system32\conime.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\System32\wpcumi.exe
C:\Windows\OEM05Mon.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DeskPins\DeskPins.exe
C:\Program Files\KeirNet\K9\K9.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\FBLAINADMIN\AppData\Local\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Tall Emu\Online Armor\OAreg.exe
C:\Users\FBLAINADMIN\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.ca/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.2.8.7.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Google Update] "c:\users\fblainadmin\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 1.1.4322; .NET CLR 3.5.30729)" -"http://www.topjeuxflash.com/jeu-flash-action/jeu-action-cone-toss,568_1.html"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [OEM05Mon.exe] c:\windows\OEM05Mon.exe
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [@OnlineArmor GUI] "c:\program files\tall emu\online armor\oaui.exe"
StartupFolder: c:\users\fblain~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe
StartupFolder: c:\users\fblain~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\deskpins.lnk - c:\program files\deskpins\DeskPins.exe
mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223} - c:\program files\bonjour\ExplorerPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
LSP: c:\windows\system32\wpclsp.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
TCP: {476E3E7A-686C-4C36-8B2C-D2D166CE15A6} = 24.200.241.37,24.201.245.77
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
AppInit_DLLs: c:\progra~1\google\google~2\GoogleDesktopNetwork3.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: OA Shell Helper: {4f07da45-8170-4859-9b5f-037ef2970034} - c:\progra~1\tallem~1\online~1\oaevent.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\fblain~1\appdata\roaming\mozilla\firefox\profiles\6mkl3mdu.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\google\update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\users\fblainadmin\appdata\local\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============

R1 bckd;bckd;c:\windows\system32\drivers\bckd.sys [2009-1-13 72992]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2009-10-9 200784]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2009-10-9 24656]
R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-4-29 176128]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-10-9 108289]
R2 bckwfs;Blue Coat K9 Web Protection;c:\program files\blue coat k9 web protection\k9filter.exe [2009-1-13 1078560]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-4-28 161048]
R2 OAcat;Online Armor Helper Service;c:\program files\tall emu\online armor\oacat.exe [2009-10-9 1244360]
R3 OAnet;OnlineArmor Service;c:\windows\system32\drivers\OAnet.sys [2009-10-9 30800]
R3 OEM05Afx;Provides a software interface to control audio effects of OEM005 camera.;c:\windows\system32\drivers\OEM05Afx.sys [2008-8-26 141376]
R3 OEM05Vfx;Creative Camera OEM005 Video VFX Driver;c:\windows\system32\drivers\OEM05Vfx.sys [2008-8-26 7424]
R3 OEM05Vid;Creative Camera OEM005 Driver;c:\windows\system32\drivers\OEM05Vid.sys [2008-8-26 235616]
R3 RLDesignVirtualAudioCableWdm;Live! Cam Virtual;c:\windows\system32\drivers\livecamv.sys [2008-8-26 31616]
R3 rt61x86;RT61 Wireless Driver for Windows Vista;c:\windows\system32\drivers\netr61.sys [2008-11-26 333824]
S2 gupdate1c986f7cc227391;Google Update Service (gupdate1c986f7cc227391);c:\program files\google\update\GoogleUpdate.exe [2009-2-4 133104]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2006-11-2 9216]
S2 SvcOnlineArmor;Online Armor;c:\program files\tall emu\online armor\oasrv.exe [2009-10-9 3184328]
S4 PctrlsInjectService;PctrlsInjectService;c:\program files\paretologic\pgsurfer\injectservice.exe --> c:\program files\paretologic\pgsurfer\InjectService.exe [?]
S4 ThreatFire;ThreatFire;c:\program files\threatfire\tfservice.exe service --> c:\program files\threatfire\TFService.exe service [?]

=============== Created Last 30 ================

2009-10-09 21:13 <DIR> --d----- c:\programdata\Lavasoft
2009-10-09 20:38 <DIR> --d----- c:\programdata\Spybot - Search & Destroy
2009-10-09 20:38 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-10-09 20:38 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
2009-10-09 20:12 <DIR> --d----- c:\users\fblain~1\appdata\roaming\OnlineArmor
2009-10-09 20:12 <DIR> --d----- c:\programdata\OnlineArmor
2009-10-09 20:12 <DIR> --d----- c:\progra~2\OnlineArmor
2009-10-09 20:11 200,784 a------- c:\windows\system32\drivers\OADriver.sys
2009-10-09 20:11 30,800 a------- c:\windows\system32\drivers\OAnet.sys
2009-10-09 20:11 24,656 a------- c:\windows\system32\drivers\OAmon.sys
2009-10-09 20:11 <DIR> --d----- c:\program files\Tall Emu
2009-10-09 20:00 55,656 a------- c:\windows\system32\drivers\avgntflt.sys
2009-10-09 20:00 <DIR> --d----- c:\programdata\Avira
2009-10-09 20:00 <DIR> --d----- c:\program files\Avira
2009-10-09 20:00 <DIR> --d----- c:\progra~2\Avira
2009-10-09 19:37 <DIR> --d----- c:\program files\CCleaner
2009-10-09 19:07 <DIR> --d----- C:\!KillBox
2009-10-09 17:13 <DIR> --dsh--- C:\$RECYCLE.BIN
2009-10-09 17:03 229,888 a------- c:\windows\PEV.exe
2009-10-09 17:03 <DIR> --d----- C:\ComboFix
2009-10-09 16:32 29,992 a------- c:\windows\system32\drivers\GRD.sys
2009-10-09 16:03 53,320 a------- c:\windows\system32\drivers\MiniIcpt.sys
2009-10-09 16:02 27,720 a------- c:\windows\system32\drivers\GDBehave.sys
2009-10-09 16:02 40,904 a------- c:\windows\system32\drivers\gdwfpcd32.sys
2009-10-09 16:01 <DIR> --d----- c:\programdata\G DATA
2009-10-09 16:01 <DIR> --d----- c:\progra~2\G DATA
2009-10-09 16:01 <DIR> --d----- c:\program files\common files\G DATA
2009-10-08 20:46 <DIR> --d----- c:\users\fblain~1\appdata\roaming\Malwarebytes
2009-10-08 20:45 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-08 20:45 19,160 a------- c:\windows\system32\drivers\mbam.sys
2009-10-08 20:45 <DIR> --d----- c:\programdata\Malwarebytes
2009-10-08 20:45 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-10-08 20:45 <DIR> --d----- c:\progra~2\Malwarebytes
2009-09-25 15:10 <DIR> --d----- c:\windows\system32\AGEIA
2009-09-23 22:05 <DIR> --d----- c:\program files\2BrightSparks
2009-09-23 21:39 <DIR> --d----- c:\program files\DeskPins
2009-09-23 14:08 <DIR> --d----- c:\users\fblain~1\appdata\roaming\JAM Software
2009-09-23 14:07 <DIR> --d----- c:\program files\JAM Software
2009-09-23 13:30 48 a------- c:\windows\system32\_1PUTILS.dat
2009-09-23 13:30 <DIR> --d----- c:\program files\Perfect Utilities

==================== Find3M ====================

2009-10-09 20:11 143,360 a------- c:\windows\inf\infstrng.dat
2009-10-09 20:11 51,200 a------- c:\windows\inf\infpub.dat
2009-10-09 15:06 86,016 a------- c:\windows\inf\infstor.dat
2009-08-23 08:07 411,368 a------- c:\windows\system32\deploytk.dll
2009-07-20 09:34 70,936 a------- c:\windows\system32\PhysXLoader.dll
2008-11-21 12:50 13 ----h--- c:\programdata\3113.sys
2008-11-21 12:50 13 ----h--- c:\progra~2\3113.sys
2008-09-18 10:10 61,224 a------- c:\users\fblainadmin\GoToAssistDownloadHelper.exe
2008-08-26 11:40 665,600 a------- c:\windows\inf\drvindex.dat
2008-01-20 22:43 174 a--sh--- c:\program files\desktop.ini
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2008-09-18 06:04 76 ---shr-- c:\windows\CT4CET.bin
2009-06-01 12:46 16,384 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2009-06-01 12:46 32,768 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2009-06-01 12:46 16,384 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat
2009-06-01 12:46 245,760 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat

============= FINISH: 0:36:33.95 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 52,745 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:12:11 PM

Posted 25 October 2009 - 06:10 AM

Hello ,
And :( to the Bleeping Computer Malware Removal Forum
. My name is Elise and I'll be glad to help you with your computer problems.


I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.

You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.
-----------------------------------------------------------
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We need to check for rootkits with RootRepeal
  • Download RootRepeal from the following location and save it to your desktop.
    Direct Download
  • Open Posted Image on your desktop.
  • Click the Posted Image tab.
  • Click the Posted Image button.
  • Check all seven boxes: Posted Image
  • Push Ok
  • Check the box for your main system drive (Usually C:), and press Ok.
  • Allow RootRepeal to run a scan of your system. This may take some time.
  • Once the scan completes, push the Posted Image button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.
-------------------------------------------------------------
Please be patient and I'd be grateful if you would note the following
  • The cleaning process is not instant. DDS logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.
In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply
  • A detailed description of your problems
  • A new DDS log
  • RootRepeal log


Please give me some time to review your logs and take the steps necessary with you to get your machine back in working order clean and free of malware.

Thanks and again sorry for the delay
.
regards, Elise

"Now faith is the substance of things hoped for, the evidence of things not seen."


banner.png

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 blaindesforges

blaindesforges
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:11 AM

Posted 25 October 2009 - 11:48 AM

I think the issue resolved itself. Actually I'm pretty confident the crew up was on Google's side.

Thanks anyway.

#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 52,745 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:12:11 PM

Posted 25 October 2009 - 12:03 PM

Since this issue seems resolved, this topic will now be closed.

If you are the original topic starter and you need this topic re-opened, please send me a PM.

Everyone else, please start a new topic.
regards, Elise

"Now faith is the substance of things hoped for, the evidence of things not seen."


banner.png

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users