Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cryp Tap-2


  • Please log in to reply
1 reply to this topic

#1 ll_orz

ll_orz

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:10:22 PM

Posted 12 April 2008 - 05:48 AM

Please HElp ! My explore is missing. :thumbsup:
I've been scaned and found the infected file "jkkJYooo.dll" out but i cannot kill it.
Here is the HijackThis and Kaspersky report.
the virus is VunDo




Deckard's System Scanner v20071014.68
Run by Administrator on 2008-04-12 18:35:41
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Administrator.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:39:48, on 12/4/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\ATKKBService.exe
D:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\ctfmon.exe
D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
D:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
D:\Program Files\Analog Devices\Core\smax4pnp.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
D:\Program Files\Windows Media Player\WMPNSCFG.exe
D:\Program Files\Java\jre1.5.0_03\bin\jucheck.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
D:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
D:\Program Files\UPHClean\uphclean.exe
D:\Program Files\Trend Micro\BM\TMBMSRV.exe
D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
D:\PROGRA~1\Trend Micro\Internet Security\TmPfw.exe
D:\Program Files\Trend Micro\Internet Security\TmProxy.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\WINDOWS\system32\conime.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Documents and Settings\Administrator\My Documents\dss.exe
D:\PROGRA~1\Trend Micro\HijackThis\Administrator.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {24F06550-65E3-4D1C-8CFE-839C296B5530} - D:\Program Files\READ6.0\eREAD6.0\IEeREAD.dll
O2 - BHO: AddTask Class - {6A19C29D-ED45-4483-8999-9F939C8161F2} - D:\Program Files\READ6.0\eREAD6.0\WebHook.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live 登入小幫手 - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: (no name) - {B82F29E4-8368-4B14-9C00-5138C0D94034} - D:\WINDOWS\system32\hgGwWMDv.dll
O2 - BHO: (no name) - {E02E277B-E1CB-431B-98F4-67EDE24B3C97} - D:\WINDOWS\system32\jkkJYooo.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [WinRAR] D:\WINDOWS\system32\head2.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] "D:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [TTPlayer] D:\WINDOWS\system32\head2.exe
O4 - HKLM\..\Run: [SoundMAXPnP] D:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "D:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Internet Explorer] D:\WINDOWS\system32\head2.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [Foxy] D:\WINDOWS\system32\head2.exe
O4 - HKLM\..\Run: [coolpro2] D:\WINDOWS\system32\head2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKCU\..\Run: [WMPNSCFG] D:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [WintelUpdate] C:\jfcjr.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] ctfmon.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &使用BitComet下載本頁視訊 - res://D:\Documents and Settings\Administrator\桌面\BitComet_0.89\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Foxy 下載 - res://D:\Program Files\Foxy\Foxy.exe/download.htm
O8 - Extra context menu item: Foxy 搜尋 - res://D:\Program Files\Foxy\Foxy.exe/search.htm
O8 - Extra context menu item: 使用 FlashGet 下載 - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用BitComet下載全部連結 - res://D:\Documents and Settings\Administrator\桌面\BitComet_0.89\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: 使用BitComet下載連結(&:blink: - res://D:\Documents and Settings\Administrator\桌面\BitComet_0.89\BitComet.exe/AddLink.htm
O8 - Extra context menu item: 全部使用 FlashGet 下載 - D:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 匯出至 Microsoft Excel(&X) - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {3AC7F64E-6154-47B0-82B5-764ED4077F77} (DataStorage Class) - http://txn02.hkjc.com/BetSlip/object/eWinCtl.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jin...indows-i586.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/in...l/installer.exe
O20 - Winlogon Notify: hgGwWMDv - D:\WINDOWS\SYSTEM32\hgGwWMDv.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - D:\WINDOWS\ATKKBService.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - D:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LPTRDC server (LPTRDCsrv) - Unknown owner - D:\WINDOWS\ctfmon.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - D:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - D:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - D:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - D:\PROGRA~1\Trend Micro\Internet Security\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - D:\Program Files\Trend Micro\Internet Security\TmProxy.exe
O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - D:\WINDOWS\SYSTEM32\VundoFixSVC.exe

--
End of file - 8125 bytes

-- Files created between 2008-03-12 and 2008-04-12 -----------------------------

2008-04-12 17:56:29 0 d-------- D:\WINDOWS\LastGood
2008-04-12 17:50:07 0 dr-h----- D:\Documents and Settings\Administrator\Recent
2008-04-12 17:20:06 0 d-------- D:\Documents and Settings\Administrator\Application Data\Malwarebytes
2008-04-12 17:19:45 0 d-------- D:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-12 17:19:44 0 d-------- D:\Program Files\Malwarebytes' Anti-Malware
2008-04-12 16:29:23 24576 --a------ D:\WINDOWS\system32\VundoFixSVC.exe <Not Verified; Atribune.org; Vundofix Service>
2008-04-12 15:26:45 0 d-------- D:\Documents and Settings\Administrator\.housecall6.6
2008-04-12 15:26:33 0 d-------- D:\WINDOWS\Sun
2008-04-12 15:26:33 0 d-------- D:\Documents and Settings\Administrator\Application Data\Sun
2008-04-12 15:25:29 0 d-------- D:\Program Files\Java
2008-04-12 15:25:21 0 d-------- D:\Program Files\Common Files\Java
2008-04-12 14:49:20 0 d-------- D:\WINDOWS\CSC
2008-04-12 14:38:40 0 d-------- D:\WINDOWS\pss
2008-04-12 12:43:53 0 d-------- D:\Documents and Settings\All Users\Application Data\Trend Micro
2008-04-12 12:43:37 0 d-------- D:\Program Files\Trend Micro
2008-04-12 02:44:17 0 d-------- D:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-04-12 02:44:14 0 d-------- D:\WINDOWS\system32\Kaspersky Lab
2008-04-12 02:03:34 203194 --ahs---- D:\WINDOWS\system32\oooYJkkj.ini2
2008-04-12 02:03:19 273408 -r-hs---- D:\WINDOWS\system32\jkkJYooo.dll
2008-04-12 01:58:37 44224 --a------ D:\WINDOWS\ctfmon.exe
2008-04-12 01:58:15 38400 -r-hs---- D:\WINDOWS\system32\hgGwWMDv.dll
2008-04-11 17:54:53 0 d-------- D:\Program Files\Activision
2008-04-11 17:06:23 0 d--hs---- D:\WINDOWS\ftpcache
2008-04-10 07:47:51 0 d-------- D:\Documents and Settings\All Users\Application Data\Adobe
2008-04-10 07:47:49 0 d-------- D:\Program Files\Common Files\Adobe
2008-04-05 12:47:26 0 d-------- D:\Documents and Settings\Mo\Application Data\Identities
2008-04-05 12:47:10 0 d-------- D:\Documents and Settings\Mo\桌面
2008-04-05 12:47:10 0 d--h----- D:\Documents and Settings\Mo\Templates
2008-04-05 12:47:10 0 dr-h----- D:\Documents and Settings\Mo\SendTo
2008-04-05 12:47:10 0 dr-h----- D:\Documents and Settings\Mo\Recent
2008-04-05 12:47:10 0 d--h----- D:\Documents and Settings\Mo\PrintHood
2008-04-05 12:47:10 786432 --ah----- D:\Documents and Settings\Mo\NTUSER.DAT
2008-04-05 12:47:10 0 d--h----- D:\Documents and Settings\Mo\NetHood
2008-04-05 12:47:10 0 dr------- D:\Documents and Settings\Mo\My Documents
2008-04-05 12:47:10 0 d--h----- D:\Documents and Settings\Mo\Local Settings
2008-04-05 12:47:10 0 dr------- D:\Documents and Settings\Mo\Favorites
2008-04-05 12:47:10 0 d--hs---- D:\Documents and Settings\Mo\Cookies
2008-04-05 12:47:10 0 dr-h----- D:\Documents and Settings\Mo\Application Data
2008-04-05 12:47:10 0 d---s---- D:\Documents and Settings\Mo\Application Data\Microsoft
2008-04-05 12:47:10 0 dr------- D:\Documents and Settings\Mo\「開始」功能表
2008-04-04 22:12:19 20480 --a------ D:\WINDOWS\system32\mssockkr.dll
2008-03-28 01:50:08 0 d-------- D:\Documents and Settings\Administrator\Application Data\IDMComp
2008-03-26 23:33:05 0 d-------- D:\Documents and Settings\Administrator\Application Data\Command & Conquer 3 Kane's Wrath
2008-03-26 16:45:51 0 d-------- D:\Documents and Settings\Administrator\Application Data\Command & Conquer 3 Tiberium Wars


-- Find3M Report ---------------------------------------------------------------

2008-04-12 15:25:21 0 d-------- D:\Program Files\Common Files
2008-04-11 17:22:20 0 d--h----- D:\Program Files\InstallShield Installation Information
2008-04-10 20:29:44 0 d-------- D:\Documents and Settings\Administrator\Application Data\Adobe
2008-04-10 16:02:20 0 d-a------ D:\Program Files\vLan
2008-04-04 22:12:19 7902 --a----c- D:\WINDOWS\system32\wwnt.dll
2008-04-03 00:26:10 0 d-------- D:\Program Files\Messenger Plus! Live
2008-03-27 00:42:25 0 d-------- D:\Program Files\TTPlayer
2008-03-24 07:13:17 130992 --a----c- D:\WINDOWS\system32\prfh0404.dat
2008-03-24 07:13:17 43068 --a----c- D:\WINDOWS\system32\prfc0404.dat
2008-03-03 00:29:42 0 d-------- D:\Program Files\FlashGet
2008-02-25 13:41:38 0 d-------- D:\Program Files\Windows Media Connect 2
2008-02-25 12:33:32 0 d--hs--c- D:\Program Files\Common Files\WindowsLiveInstaller
2008-02-25 12:33:25 0 d-------- D:\Program Files\Windows Live
2008-02-17 00:40:46 0 d-------- D:\Program Files\The KMPlayer
2008-02-15 22:03:27 0 d-------- D:\Program Files\Virtools


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{24F06550-65E3-4D1C-8CFE-839C296B5530}]
28/06/2007 17:25 57344 --a--c--- D:\Program Files\READ6.0\eREAD6.0\IEeREAD.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6A19C29D-ED45-4483-8999-9F939C8161F2}]
29/06/2007 14:03 77824 --a--c--- D:\Program Files\READ6.0\eREAD6.0\WebHook.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B82F29E4-8368-4B14-9C00-5138C0D94034}]
12/04/2008 01:58 38400 -r-hs---- D:\WINDOWS\system32\hgGwWMDv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E02E277B-E1CB-431B-98F4-67EDE24B3C97}]
12/04/2008 02:03 273408 -r-hs---- D:\WINDOWS\system32\jkkJYooo.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinRAR"="D:\WINDOWS\system32\head2.exe" []
"UfSeAgnt.exe"="D:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" [10/03/2008 19:02]
"TTPlayer"="D:\WINDOWS\system32\head2.exe" []
"SoundMAXPnP"="D:\Program Files\Analog Devices\Core\smax4pnp.exe" [21/07/2006 05:04]
"SoundMAX"="D:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [13/07/2006 08:12]
"NvMediaCenter"="D:\WINDOWS\system32\NvMcTray.dll" [13/02/2006 21:05]
"NvCplDaemon"="D:\WINDOWS\system32\NvCpl.dll" [13/02/2006 21:05]
"Internet Explorer"="D:\WINDOWS\system32\head2.exe" []
"IMJPMIG8.1"="D:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [14/12/2006 20:00]
"Foxy"="D:\WINDOWS\system32\head2.exe" []
"coolpro2"="D:\WINDOWS\system32\head2.exe" []
"Adobe Reader Speed Launcher"="D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 22:16]
"SunJavaUpdateSched"="D:\Program Files\Java\jre1.5.0_03\bin\jusched.exe" [13/04/2005 03:48]
"SunJavaUpdateSched"="D:\Program Files\Java\jre1.5.0_03\bin\jusched.exe" [13/04/2005 03:48]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="D:\Program Files\Windows Media Player\WMPNSCFG.exe" [02/11/2006 23:09]
"WintelUpdate"="C:\jfcjr.exe" []
"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [14/12/2006 20:00]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"RunStartupScriptSync"=0 (0x0)
"SynchronousMachineGroupPolicy"=0 (0x0)
"SynchronousUserGroupPolicy"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableLockWorkstation"=1 (0x1)
"NoDispAppearancePage"=0 (0x0)
"NoColorChoice"=0 (0x0)
"NoDispBackgroundPage"=0 (0x0)
"NoDispCPL"=0 (0x0)
"NoDispSettingsPage"=0 (0x0)
"NoDispScrSavPage"=0 (0x0)
"NoVisualStyleChoice"=0 (0x0)
"NoSizeChoice"=0 (0x0)
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSharedDocuments"=1 (0x1)
"NoRemoteRecursiveEvents"=1 (0x1)
"NoStrCmpLogical"=1 (0x1)
"NoClose"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ClearRecentDocsOnExit"=1 (0x1)
"NoRecentDocsMenu"=1 (0x1)
"NoSMBalloonTip"=1 (0x1)
"NoSaveSettings"=0 (0x0)
"NoRecentDocsHistory"=1 (0x1)
"NoLowDiskSpaceChecks"=1 (0x1)
"MemCheckBoxInRunDlg"=0 (0x0)
"NoClose"=0 (0x0)
"NoAutoTrayNotify"=0 (0x0)
"NoResolveTrack"=0 (0x0)
"NoResolveSearch"=1 (0x1)
"LinkResolveIgnoreLinkInfo"=1 (0x1)
"NoStartBanner"=01000000
"NoWelcomeScreen"=1 (0x1)
"NoRecentDocsNetHood"=1 (0x1)
"NoDesktopCleanupWizard"=1 (0x1)
"NoSharedDocuments"=1 (0x1)
"NoThemesTab"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B82F29E4-8368-4B14-9C00-5138C0D94034}"= D:\WINDOWS\system32\hgGwWMDv.dll [12/04/2008 01:58 38400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hgGwWMDv]
hgGwWMDv.dll 12/04/2008 01:58 38400 D:\WINDOWS\system32\hgGwWMDv.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 D:\WINDOWS\system32\jkkJYooo




-- End of Deckard's System Scanner: finished at 2008-04-12 18:40:50 ------------

Attached Files


Edited by ll_orz, 12 April 2008 - 06:20 AM.


BC AdBot (Login to Remove)

 


m

#2 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:03:22 PM

Posted 23 April 2008 - 06:17 AM

Sorry for the delay. If you are still having problems please post a brand new HijackThis log as a reply to this topic. Before posting the log, please make sure you follow all the steps found in this topic:

Preparation Guide For Use Before Posting A Hijackthis Log

Please also post the problems you are having.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users