Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help! I Have The Blue Screen Of Death.


  • This topic is locked This topic is locked
4 replies to this topic

#1 maniac_kidda

maniac_kidda

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 12 June 2008 - 04:21 AM

I have XP and when my destop appears it shows a blue background and sayz: Warning! Spyware detected on your computer! Install an antivirus or spyware remover to clean your computer. I also get a yellow baloon with a (!) in it and a red pop up that say my comp has been infected. This problem seems kinda familiar from the looks of other Topics and not to forget to mention ive had it before but i jus reinstalled windows last time So someone please help.



HijackThis and Deckard's System Scanner log are as follows:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:01:48, on 6/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\iftuyszv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Cole\lsass.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\iftuyszv.exe,
O3 - Toolbar: Yahoo! uC - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [LSA Shellu] C:\Documents and Settings\Cole\lsass.exe
O4 - HKLM\..\Run: [BMb7265701] Rundll32.exe "C:\WINDOWS\system32\qpfhfxwh.dll",s
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1188.exe 61A847B5BBF72813339330466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [VnrPack16] "C:\Program Files\VnrPack\VnrPack16.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Csvnro] C:\Program Files\Csvnro\Csvnro.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: MsSecurity Updated (MsSecurity1.209.4) - Unknown owner - C:\WINDOWS\444.470.exe (file missing)

--
End of file - 3054 bytes






Deckard's System Scanner v20071014.68
Run by Cole on 2008-06-12 00:55:47
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
45: 2008-06-12 05:56:24 UTC - RP66 - Deckard's System Scanner Restore Point
44: 2008-06-12 04:40:57 UTC - RP65 - Removed Apple Software Update
43: 2008-06-12 04:39:09 UTC - RP64 - Removed Apple Software Update
42: 2008-06-12 04:23:06 UTC - RP63 - Removed Apple Mobile Device Support
41: 2008-06-12 00:43:28 UTC - RP62 - System Checkpoint


-- First Restore Point --
1: 2008-06-10 10:59:21 UTC - RP22 - Software Distribution Service 3.0


Backed up registry hives.
Performed disk cleanup.

Percentage of Memory in Use: 87% (more than 75%).
Total Physical Memory: 255 MiB (512 MiB recommended).


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-06-12 01:01:13
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHA\command.exe
C:\WINDOWS\444.470
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\jqwnw64q.exe
C:\Documents and Settings\Cole\lsass.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\mrofinu1188.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Vcsron\Vcsron.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\WINDOWS\system32\lcntrkdm.exe
C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Cole\My Documents\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\iftuyszv.exe,
O2 - BHO: (no name) - {00110011-4b0b-44d5-9718-90c88817369b} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: (no name) - {086ae192-23a6-48d6-96ec-715f53797e85} - (no file)
O2 - BHO: (no name) - {0A10DDE9-DDAC-41CD-A851-49E64C8CA9DF} - C:\WINDOWS\system32\hgGvsqqr.dll
O2 - BHO: (no name) - {150fa160-130d-451f-b863-b655061432ba} - (no file)
O2 - BHO: (no name) - {17da0c9e-4a27-4ac5-bb75-5d24b8cdb972} - (no file)
O2 - BHO: {bfefe967-a130-e9eb-5eb4-925eb73bbf91} - {19fbb37b-e529-4be5-be9e-031a769efefb} - C:\WINDOWS\system32\ianopavj.dll
O2 - BHO: (no name) - {1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1} - (no file)
O2 - BHO: (no name) - {1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2} - (no file)
O2 - BHO: (no name) - {2d38a51a-23c9-48a1-a33c-48675aa2b494} - (no file)
O2 - BHO: (no name) - {2e9caff6-30c7-4208-8807-e79d4ec6f806} - (no file)
O2 - BHO: (no name) - {467faeb2-5f5b-4c81-bae0-2a4752ca7f4e} - (no file)
O2 - BHO: (no name) - {5321e378-ffad-4999-8c62-03ca8155f0b3} - (no file)
O2 - BHO: (no name) - {587dbf2d-9145-4c9e-92c2-1f953da73773} - (no file)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {6cc1c91a-ae8b-4373-a5b4-28ba1851e39a} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {79369d5c-2903-4b7a-ade2-d5e0dee14d24} - (no file)
O2 - BHO: (no name) - {799a370d-5993-4887-9df7-0a4756a77d00} - (no file)
O2 - BHO: BeSideit IE Helper - {83C35173-E029-42f1-9692-0341EE379A0D} - C:\Program Files\QdrDrive\QdrDrive16.dll (file missing)
O2 - BHO: (no name) - {84A46358-4001-4E42-A966-A3CAC5F91716} - C:\WINDOWS\system32\jkkHXnoo.dll
O2 - BHO: (no name) - {98dbbf16-ca43-4c33-be80-99e6694468a4} - (no file)
O2 - BHO: (no name) - {a55581dc-2cdb-4089-8878-71a080b22342} - (no file)
O2 - BHO: (no name) - {b847676d-72ac-4393-bfff-43a1eb979352} - (no file)
O2 - BHO: (no name) - {bc97b254-b2b9-4d40-971d-78e0978f5f26} - (no file)
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765721306} - (no file)
O2 - BHO: (no name) - {e2ddf680-9905-4dee-8c64-0a5de7fe133c} - (no file)
O2 - BHO: (no name) - {e3eebbe8-9cab-4c76-b26a-747e25ebb4c6} - (no file)
O2 - BHO: (no name) - {e7afff2a-1b57-49c7-bf6b-e5123394c970} - (no file)
O2 - BHO: (no name) - {fcaddc14-bd46-408a-9842-cdbe1c6d37eb} - (no file)
O2 - BHO: (no name) - {fd9bc004-8331-4457-b830-4759ff704c22} - (no file)
O2 - BHO: (no name) - {ff1bf4c7-4e08-4a28-a43f-9d60a9f7a880} - (no file)
O3 - Toolbar: Yahoo! uC - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [{56-64-43-32-DW}] C:\windows\system32\jqwnw64q.exe DWramFF
O4 - HKLM\..\Run: [LSA Shellu] C:\Documents and Settings\Cole\lsass.exe
O4 - HKLM\..\Run: [b415649d] rundll32.exe "C:\WINDOWS\system32\cseopvjs.dll",b
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\lcntrkdm.exe DWramFF
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1188.exe 61A847B5BBF72813339330466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKLM\..\Run: [BMb7265701] Rundll32.exe "C:\WINDOWS\system32\qpfhfxwh.dll",s
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [VnrPack16] "C:\Program Files\VnrPack\VnrPack16.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Csvnro] C:\Program Files\Csvnro\Csvnro.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableTaskMgr=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableTaskMgr=1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll
O20 - Winlogon Notify: jkkHXnoo - C:\WINDOWS\system32\jkkHXnoo.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\eHA\command.exe
O23 - Service: MsSecurity Updated (MsSecurity1.209.4) - Unknown owner - C:\WINDOWS\444.470


--
End of file - 7591 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 modemm - c:\windows\system32\drivers\modemm.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 cmdService (Command Service) - c:\windows\eha\command.exe
R2 MsSecurity1.209.4 (MsSecurity Updated) - c:\windows\444.470 service


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {D45B1C18-C8FA-11D1-9F77-0000F805F530}
Description: NT Apm/Legacy Interface Node
Device ID: ROOT\NTAPM\0000
Manufacturer: Microsoft
Name: NT Apm/Legacy Interface Node
PNP Device ID: ROOT\NTAPM\0000
Service: NtApm


-- Scheduled Tasks -------------------------------------------------------------

2008-06-11 23:40:42 284 --a----c- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-05-12 and 2008-06-12 -----------------------------

2008-06-11 23:43:04 0 d-------- C:\Program Files\Csvnro
2008-06-11 23:02:22 19200 --a----c- C:\WINDOWS\iexplorer.exe
2008-06-11 22:47:15 28928 --a----c- C:\WINDOWS\y.exe
2008-06-11 22:47:03 23040 --a----c- C:\WINDOWS\xplugin.dll
2008-06-11 22:46:59 10240 --a----c- C:\WINDOWS\x.exe
2008-06-11 22:46:58 8960 --a----c- C:\WINDOWS\winmgnt.exe
2008-06-11 22:46:56 17408 --a----c- C:\WINDOWS\window.exe
2008-06-11 22:46:52 30464 --a----c- C:\WINDOWS\winajbm.dll
2008-06-11 22:46:40 24832 --a----c- C:\WINDOWS\win64.exe
2008-06-11 22:46:33 26112 --a----c- C:\WINDOWS\win32e.exe
2008-06-11 22:46:24 25344 --a----c- C:\WINDOWS\waol.exe
2008-06-11 22:46:15 20224 --a----c- C:\WINDOWS\users32.exe
2008-06-11 22:46:08 23040 --a----c- C:\WINDOWS\time.exe
2008-06-11 22:46:01 25344 --a----c- C:\WINDOWS\systemcritical.exe
2008-06-11 22:45:50 22016 --a----c- C:\WINDOWS\systeem.exe
2008-06-11 22:45:46 20736 --a----c- C:\WINDOWS\olehelp.exe
2008-06-11 22:45:43 17920 --a----c- C:\WINDOWS\notepad32.exe
2008-06-11 22:45:40 31232 --a----c- C:\WINDOWS\mtwirl32.dll
2008-06-11 22:45:22 16640 --a----c- C:\WINDOWS\loader.exe
2008-06-11 22:45:13 14080 --a----c- C:\WINDOWS\cpan.dll
2008-06-11 22:45:12 18688 --a----c- C:\WINDOWS\clrssn.exe
2008-06-11 22:45:10 21248 --a----c- C:\WINDOWS\avpcc.dll
2008-06-11 22:45:00 32512 --a----c- C:\WINDOWS\accesss.exe
2008-06-11 22:04:37 1530 --a----c- C:\WINDOWS\system32\tmp.reg
2008-06-11 22:02:41 687592 --a----c- C:\WINDOWS\system32\atmtd.dll
2008-06-11 22:01:38 1989 --a----c- C:\WINDOWS\uninstall_nmon.vbs
2008-06-11 22:01:38 0 d-------- C:\Program Files\Network Monitor
2008-06-11 22:01:14 111616 --a------ C:\WINDOWS\system32\ianopavj.dll
2008-06-11 21:59:04 25600 --a----c- C:\WINDOWS\system32\WS2Fix.exe
2008-06-11 21:59:04 289144 --a----c- C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-06-11 21:59:04 86528 --a----c- C:\WINDOWS\system32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix>
2008-06-11 21:59:04 288417 --a----c- C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-06-11 21:59:04 53248 --a----c- C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
2008-06-11 21:59:04 82944 --a----c- C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-06-11 21:59:04 51200 --a----c- C:\WINDOWS\system32\dumphive.exe
2008-06-11 21:59:04 82944 --a----c- C:\WINDOWS\system32\404Fix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-06-11 21:57:40 95232 --a------ C:\WINDOWS\system32\cseopvjs.dll
2008-06-11 21:57:09 0 d-------- C:\Program Files\GetModule
2008-06-11 21:56:06 0 d-------- C:\Program Files\GetPack
2008-06-11 21:56:04 106496 --a------ C:\WINDOWS\system32\qpfhfxwh.dll
2008-06-11 13:39:50 127578 --a----c- C:\WINDOWS\system32\tsuninst.exe
2008-06-11 13:35:01 0 d-------- C:\Documents and Settings\Cole\Application Data\W?nSxS
2008-06-11 13:29:23 0 d------c- C:\WINDOWS\system32\netrax18
2008-06-11 13:29:02 64512 --a----c- C:\WINDOWS\system32\yayaBQIc.dll
2008-06-11 05:24:59 0 d-------- C:\Program Files\Spcron
2008-06-11 05:24:13 0 d-------- C:\Program Files\Temporary
2008-06-11 05:19:04 0 d-------- C:\Program Files\JavaCore
2008-06-11 05:18:58 0 d-------- C:\Program Files\InetGet2
2008-06-11 05:14:20 41984 --a----c- C:\WINDOWS\mrofinu1188.exe
2008-06-11 05:13:15 64512 --a----c- C:\WINDOWS\system32\mlJYsqoP.dll
2008-06-10 23:10:00 347 --ahs--c- C:\WINDOWS\system32\GiPooUtv.ini2
2008-06-10 23:08:34 275456 --a----c- C:\WINDOWS\system32\vtUooPiG.dll
2008-06-10 22:03:01 24320 --a----c- C:\WINDOWS\msupdate.exe
2008-06-10 22:02:55 12800 --a----c- C:\WINDOWS\mssys.exe
2008-06-10 20:49:25 862 --a----c- C:\WINDOWS\system32\winpfz33.sys
2008-06-10 20:45:49 403794 --a----c- C:\WINDOWS\469.exe
2008-06-10 20:45:46 266607 --a----c- C:\WINDOWS\ISMSetup Venora3 (aid=3 smiley).exe
2008-06-10 19:34:58 0 d-------- C:\Program Files\Lavasoft
2008-06-10 19:34:48 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2008-06-10 19:30:24 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-10 18:44:31 96256 --a------ C:\WINDOWS\system32\nhcyowji.dll
2008-06-10 18:42:49 31488 --a----c- C:\WINDOWS\svcinit.exe
2008-06-10 18:42:44 21760 --a----c- C:\WINDOWS\svchost32.exe
2008-06-10 18:42:42 12544 --a----c- C:\WINDOWS\sistem.exe
2008-06-10 18:42:41 32256 --a----c- C:\WINDOWS\searchword.dll
2008-06-10 18:42:33 17920 --a----c- C:\WINDOWS\rundll16.exe
2008-06-10 18:42:31 14592 --a----c- C:\WINDOWS\quicken.exe
2008-06-10 18:42:31 25856 --a----c- C:\WINDOWS\qttasks.exe
2008-06-10 18:42:24 20224 --a----c- C:\WINDOWS\mswsc20.dll
2008-06-10 18:42:22 25088 --a----c- C:\WINDOWS\mswsc10.dll
2008-06-10 18:42:04 11264 --a----c- C:\WINDOWS\msspi.dll
2008-06-10 18:42:02 11008 --a----c- C:\WINDOWS\msconfd.dll
2008-06-10 18:41:55 25344 --a----c- C:\WINDOWS\internet.exe
2008-06-10 18:41:49 30720 --a----c- C:\WINDOWS\inetinf.exe
2008-06-10 18:41:38 10496 --a----c- C:\WINDOWS\iedll.exe
2008-06-10 18:41:37 29184 --a----c- C:\WINDOWS\helpcvs.exe
2008-06-10 18:41:32 111616 --a------ C:\WINDOWS\system32\ivbhlpnr.dll
2008-06-10 18:41:29 25856 --a----c- C:\WINDOWS\gfmnaaa.dll
2008-06-10 18:41:26 22016 --a----c- C:\WINDOWS\funny.exe
2008-06-10 18:41:24 25088 --a----c- C:\WINDOWS\funniest.exe
2008-06-10 18:41:21 30464 --a----c- C:\WINDOWS\explorer32.exe
2008-06-10 18:41:17 16640 --a----c- C:\WINDOWS\explore.exe
2008-06-10 18:41:16 26368 --a----c- C:\WINDOWS\editpad.exe
2008-06-10 18:41:11 10752 --a----c- C:\WINDOWS\dnsrelay.dll
2008-06-10 18:41:11 16128 --a----c- C:\WINDOWS\directx32.exe
2008-06-10 18:41:10 30976 --a----c- C:\WINDOWS\ctrlpan.dll
2008-06-10 18:41:04 14336 --a----c- C:\WINDOWS\ctfmon32.exe
2008-06-10 18:40:58 298311 --a----c- C:\WINDOWS\system32\gside.exe
2008-06-10 18:40:24 106496 --a------ C:\WINDOWS\system32\jsqgdprk.dll
2008-06-10 18:40:23 49178 --a----c- C:\WINDOWS\system32\jqwnw64q.exe <Not Verified; ; Browser Driver>
2008-06-10 18:40:21 86528 ---hs---- C:\Documents and Settings\Cole\lsass.exe
2008-06-10 18:33:24 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2008-06-10 17:39:11 0 d-------- C:\Program Files\Enigma Software Group
2008-06-10 15:03:44 0 d-------- C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Mozilla
2008-06-10 12:57:38 0 d-------- C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Sun
2008-06-10 05:59:45 1572864 --a------ C:\Documents and Settings\Cole\ntuser.dat
2008-06-10 05:59:44 1343488 --a------ C:\Documents and Settings\xp\ntuser.dat
2008-06-10 05:59:10 733119 --ahs--c- C:\WINDOWS\system32\rqqsvGgh.ini2
2008-06-10 05:58:59 280576 --a----c- C:\WINDOWS\system32\hgGvsqqr.dll
2008-06-10 05:55:56 0 d-------- C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Macromedia
2008-06-10 05:55:53 0 d-------- C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Adobe
2008-06-10 05:55:16 0 d-------- C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Yahoo!
2008-06-10 05:55:04 0 dr------- C:\Documents and Settings\LocalService.NT AUTHORITY\Favorites
2008-06-10 05:54:54 4 --a----c- C:\WINDOWS\system32\hljwugsf.bin
2008-06-10 05:54:51 200768 --a----c- C:\WINDOWS\system32\lcntrkdm.exe
2008-06-10 05:54:42 0 d-------- C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\NetMon
2008-06-10 05:54:39 87513 --a----c- C:\WINDOWS\system32\iftuyszv.exe <Not Verified; Microsoft; XML Media>
2008-06-10 05:54:39 87513 --a----c- C:\WINDOWS\lfn.exe <Not Verified; Microsoft; XML Media>
2008-06-10 05:54:36 0 d--hs--c- C:\WINDOWS\eHA
2008-06-10 05:54:33 401972 --a----c- C:\WINDOWS\system32\g22.exe
2008-06-10 05:54:23 49168 --a----c- C:\WINDOWS\system32\rwwnw64d.exe <Not Verified; ; Browser Driver>
2008-06-10 05:54:23 86528 ---hs---- C:\Documents and Settings\xp\lsass.exe
2008-06-10 05:54:16 86144 -------c- C:\WINDOWS\system32\drivers\modemm.sys
2008-06-10 05:54:12 0 d------c- C:\WINDOWS\system32\tor
2008-06-10 05:54:12 0 d------c- C:\WINDOWS\system32\SGI
2008-06-10 05:54:12 0 d------c- C:\WINDOWS\system32\hrc1
2008-06-10 05:54:12 0 d------c- C:\WINDOWS\system32\GTK
2008-06-10 05:54:12 0 d------c- C:\WINDOWS\system32\bLM
2008-06-10 05:54:03 0 d------c- C:\WINDOWS\system32\netrax05
2008-06-10 05:54:03 0 d------c- C:\Temp
2008-06-10 05:53:55 64512 --a----c- C:\WINDOWS\system32\jkkHXnoo.dll
2008-06-09 14:20:44 0 d------c- C:\WINDOWS\system32\Adobe
2008-06-09 14:19:59 681 --a----c- C:\WINDOWS\mozver.dat
2008-06-02 14:30:30 105984 --a----c- C:\WINDOWS\b152.exe
2008-05-29 10:31:06 0 d-------- C:\Documents and Settings\Cole\Application Data\DivX
2008-05-29 10:25:07 0 d-------- C:\Program Files\DivX
2008-05-28 06:02:06 74240 --a----c- C:\WINDOWS\b156.exe
2008-05-26 23:07:19 0 d-------- C:\Documents and Settings\Cole\Application Data\Apple Computer
2008-05-24 09:41:59 0 d-------- C:\Documents and Settings\Cole\Application Data\Sun
2008-05-23 21:50:02 0 d------c- C:\WINDOWS\system32\appmgmt
2008-05-22 05:58:42 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-05-18 15:57:03 0 d-------- C:\Documents and Settings\xp\Application Data\LimeWire
2008-05-16 23:32:27 89184 -------c- C:\WINDOWS\system32\drivers\imagedrv.sys <Not Verified; Ahead Software AG and its licensors; NERO IMAGEDRIVE>
2008-05-16 23:31:38 38912 --a----c- C:\WINDOWS\system32\picn20.dll <Not Verified; Pegasus Imaging Corp.; PEGASUS>
2008-05-16 23:31:26 544768 --a----c- C:\WINDOWS\system32\imagx5.dll <Not Verified; Pegasus Software, LLC; ImagXpress>
2008-05-16 23:31:26 569344 --a----c- C:\WINDOWS\system32\imagr5.dll <Not Verified; Pegasus Software,LLC; ImagXpress>
2008-05-16 23:31:13 0 d-------- C:\Program Files\Common Files\Ahead
2008-05-16 23:31:11 155648 --a----c- C:\WINDOWS\system32\NeroCheck.exe <Not Verified; Ahead Software Gmbh; Ahead Software Gmbh NeroCheck>
2008-05-16 23:31:02 0 d-------- C:\Program Files\Ahead
2008-05-16 09:30:36 231424 --a----c- C:\WINDOWS\b148.exe
2008-05-15 18:37:26 0 d--h----- C:\Documents and Settings\Cole\Application Data\yahoo!
2008-05-15 13:28:40 0 d-------- C:\Documents and Settings\Cole\Application Data\LimeWire
2008-05-15 13:25:00 0 d-------- C:\Program Files\LimeWire
2008-05-15 12:38:48 0 d-------- C:\Documents and Settings\Cole\Application Data\Macromedia
2008-05-15 12:38:48 0 d-------- C:\Documents and Settings\Cole\Application Data\Adobe
2008-05-15 12:37:23 0 d-------- C:\Documents and Settings\Cole\Application Data\Mozilla
2008-05-15 12:21:53 0 d-------- C:\Documents and Settings\Cole\Application Data\Identities
2008-05-15 12:21:21 0 dr------- C:\Documents and Settings\Cole\Favorites
2008-05-15 12:21:21 0 d-------- C:\Documents and Settings\Cole\Desktop
2008-05-15 12:21:21 0 d--hs---- C:\Documents and Settings\Cole\Cookies
2008-05-15 12:21:21 0 d--h----- C:\Documents and Settings\Cole\Application Data
2008-05-15 12:21:20 0 d--h----- C:\Documents and Settings\Cole\Templates
2008-05-15 12:21:20 0 dr------- C:\Documents and Settings\Cole\Start Menu
2008-05-15 12:21:20 0 dr-h----- C:\Documents and Settings\Cole\SendTo
2008-05-15 12:21:20 0 dr-h----- C:\Documents and Settings\Cole\Recent
2008-05-15 12:21:20 0 d--h----- C:\Documents and Settings\Cole\PrintHood
2008-05-15 12:21:20 0 d--h----- C:\Documents and Settings\Cole\NetHood
2008-05-15 12:21:20 0 dr------- C:\Documents and Settings\Cole\My Documents
2008-05-15 12:21:20 0 d--h----- C:\Documents and Settings\Cole\Local Settings
2008-05-15 11:58:37 0 d-------- C:\Program Files\Windows Media Connect 2
2008-05-15 11:55:49 0 d------c- C:\WINDOWS\system32\LogFiles
2008-05-15 11:55:49 0 d------c- C:\WINDOWS\system32\drivers\UMDF
2008-05-13 05:57:22 0 d------c- C:\WINDOWS\Sun
2008-05-13 05:57:22 0 d-------- C:\Documents and Settings\xp\Application Data\Sun
2008-05-13 01:53:17 0 d------c- C:\WINDOWS\network diagnostic
2008-05-12 20:53:16 3596288 --a----c- C:\WINDOWS\system32\qt-dx331.dll
2008-05-12 20:50:16 196608 --a----c- C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-05-12 20:50:16 81920 --a----c- C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-05-12 20:50:08 802816 --a----c- C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-05-12 20:50:08 823296 --a----c- C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX>
2008-05-12 20:50:08 831488 --a----c- C:\WINDOWS\system32\divx_xx0a.dll
2008-05-12 20:50:08 823296 --a----c- C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX>
2008-05-12 20:50:06 682496 --a----c- C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX>
2008-05-12 20:49:02 12288 --a----c- C:\WINDOWS\system32\DivXWMPExtType.dll
2008-05-12 14:28:52 0 d-------- C:\Documents and Settings\xp\Application Data\Apple Computer
2008-05-12 14:25:28 1636 --a----c- C:\WINDOWS\system32\d3d9caps.dat
2008-05-12 14:21:41 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2008-05-12 08:43:38 68096 --a----c- C:\WINDOWS\b155.exe
2008-05-12 06:05:44 0 d------c- C:\WINDOWS\system32\PreInstall
2008-05-12 04:57:13 0 d--h---c- C:\WINDOWS\$hf_mig$
2008-05-12 04:54:55 0 d-------- C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu
2008-05-12 04:51:39 0 d------c- C:\WINDOWS\Prefetch


-- Find3M Report ---------------------------------------------------------------

2008-06-11 23:35:14 0 d-------- C:\Program Files\Common Files
2008-06-11 14:38:58 0 d-------- C:\Program Files\Common Files\fmzu
2008-06-11 14:32:38 0 d-------- C:\Documents and Settings\Cole\Application Data\W?nSxS
2008-06-10 20:30:43 0 d-------- C:\Program Files\Plus!
2008-06-10 20:30:42 0 d-------- C:\Program Files\MSWorks
2008-06-10 20:30:42 0 d-------- C:\Program Files\Microsoft Works
2008-06-10 20:30:42 0 d-------- C:\Program Files\Accessories
2008-05-13 05:52:21 0 d-------- C:\Program Files\Java
2008-05-12 20:31:52 0 d-------- C:\Program Files\Messenger
2008-05-12 14:22:56 0 d-------- C:\Program Files\QuickTime
2008-05-11 07:50:53 0 d-------- C:\Program Files\Movie Maker
2008-05-11 07:41:55 0 d-------- C:\Program Files\Windows NT
2008-05-09 10:19:14 0 d--h----- C:\Program Files\WindowsUpdate
2008-05-09 10:15:55 0 --a----c- C:\WINDOWS\nsreg.dat
2008-05-07 11:06:18 21640 --a----c- C:\WINDOWS\system32\emptyregdb.dat
2008-05-07 11:05:17 0 d-------- C:\Program Files\Online Services
2008-05-07 10:17:52 0 d-------- C:\Program Files\Google
2008-05-07 10:14:47 0 d-------- C:\Program Files\DefenderPro
2008-05-07 05:45:32 62 --ahs---- C:\Documents and Settings\Cole\Application Data\desktop.ini
2008-04-14 10:08:18 46592 --a----c- C:\WINDOWS\b157.exe
2008-04-12 07:00:18 0 d-------- C:\Program Files\OBD2 TekLink


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00110011-4b0b-44d5-9718-90c88817369b}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{086ae192-23a6-48d6-96ec-715f53797e85}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0A10DDE9-DDAC-41CD-A851-49E64C8CA9DF}]
06/10/2008 05:59 280576 --a--c--- C:\WINDOWS\system32\hgGvsqqr.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{150fa160-130d-451f-b863-b655061432ba}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{17da0c9e-4a27-4ac5-bb75-5d24b8cdb972}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{19fbb37b-e529-4be5-be9e-031a769efefb}]
06/11/2008 22:01 111616 --a------ C:\WINDOWS\system32\ianopavj.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2d38a51a-23c9-48a1-a33c-48675aa2b494}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2e9caff6-30c7-4208-8807-e79d4ec6f806}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{467faeb2-5f5b-4c81-bae0-2a4752ca7f4e}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5321e378-ffad-4999-8c62-03ca8155f0b3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{587dbf2d-9145-4c9e-92c2-1f953da73773}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6cc1c91a-ae8b-4373-a5b4-28ba1851e39a}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{79369d5c-2903-4b7a-ade2-d5e0dee14d24}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{799a370d-5993-4887-9df7-0a4756a77d00}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83C35173-E029-42f1-9692-0341EE379A0D}]
C:\Program Files\QdrDrive\QdrDrive16.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{84A46358-4001-4E42-A966-A3CAC5F91716}]
06/10/2008 05:53 64512 --a--c--- C:\WINDOWS\system32\jkkHXnoo.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{98dbbf16-ca43-4c33-be80-99e6694468a4}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a55581dc-2cdb-4089-8878-71a080b22342}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b847676d-72ac-4393-bfff-43a1eb979352}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bc97b254-b2b9-4d40-971d-78e0978f5f26}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765721306}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e2ddf680-9905-4dee-8c64-0a5de7fe133c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e3eebbe8-9cab-4c76-b26a-747e25ebb4c6}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e7afff2a-1b57-49c7-bf6b-e5123394c970}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fd9bc004-8331-4457-b830-4759ff704c22}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ff1bf4c7-4e08-4a28-a43f-9d60a9f7a880}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [03/28/2008 23:37]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/13/2003 02:49]
"{56-64-43-32-DW}"="C:\windows\system32\jqwnw64q.exe" [06/10/2008 18:40]
"LSA Shellu"="C:\Documents and Settings\Cole\lsass.exe" [06/10/2008 05:54]
"b415649d"="C:\WINDOWS\system32\cseopvjs.dll" [06/11/2008 21:57]
"ExploreUpdSched"="C:\WINDOWS\system32\lcntrkdm.exe" [06/10/2008 05:54]
"runner1"="C:\WINDOWS\mrofinu1188.exe" [06/11/2008 13:29]
"BMb7265701"="C:\WINDOWS\system32\qpfhfxwh.dll" [06/11/2008 21:56]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [08/30/2007 17:43]
"VnrPack16"="C:\Program Files\VnrPack\VnrPack16.exe" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 02:56]
"Csvnro"="C:\Program Files\Csvnro\Csvnro.exe" [06/11/2008 13:28]

C:\Documents and Settings\Cole\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe [5/2/2008 5:38:08 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{84A46358-4001-4E42-A966-A3CAC5F91716}"= C:\WINDOWS\system32\jkkHXnoo.dll [06/10/2008 05:53 64512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\iftuyszv.exe,"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkHXnoo]
jkkHXnoo.dll 06/10/2008 05:53 64512 C:\WINDOWS\system32\jkkHXnoo.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\hgGvsqqr

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"




-- End of Deckard's System Scanner: finished at 2008-06-12 01:07:01 ------------

Edited by maniac_kidda, 12 June 2008 - 12:53 PM.


BC AdBot (Login to Remove)

 


#2 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:01:02 PM

Posted 12 June 2008 - 03:39 PM

Hey maniac_kidda,

The last two times you posted on here asking for help you abandoned those threads without some much as a thank you to those who gave up their time to help you. You have a horribly infected computer right now, but it seems like it would be a waste of my time to help you.

Am I wrong?
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#3 maniac_kidda

maniac_kidda
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 13 June 2008 - 04:23 PM

No Cuz every time i asked of help i never git it untill i have fixed the problem myself for example this problem and this site is where people turn when they have problems which i did and same with those other times i posted but never got the help i need until i fixed the problem myself so dont hate cuz i do unederstand what you mean and i do appreciate everyones generosity and help that is received by you techs. So forgive me for being ignorant and not ending my posts.

#4 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:01:02 PM

Posted 14 June 2008 - 10:45 AM

Everyone that helps on this site is doing so as a volunteer. It does take considerable time to analyze these logs now and then put together the fixes. When we spend the time doing this and then don't even get a response back, it doesn't come across as ignorant. It comes across as ungrateful. It's very frustrating and many extremely bright individuals are no longer active on these types of forums because of that very reason. I don't say this to be mean, but just so that you have a better understanding of what's going on at the other end of the posts that you read.

That being said, everyone deserves another chance. So let's get started. :thumbsup:



Please download ComboFix and save it to your desktop.
Prior to running Combofix.exe you should disable your antivirus program and disconnect from the internet.

Double click combofix.exe and follow the prompts.
When it's done running it will produce a log for you. Please post that log in your next reply.

Important Note - Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#5 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:01:02 PM

Posted 26 June 2008 - 11:50 AM

Unfortunately there has been no response. :thumbsup:
This thread will now be closed.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users