Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ran combofix for spyware..need help URGENTLY PLEASE


  • This topic is locked This topic is locked
2 replies to this topic

#1 thom999

thom999

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:53 AM

Posted 08 December 2008 - 03:46 PM

ComboFix 08-12-07.01 - Thomas 2008-12-08 15:09:44.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1000 [GMT -5:00]
Running from: c:\documents and settings\Thomas\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Thomas\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\asihss.dll
c:\windows\system32\jcviaewu.ini
c:\windows\system32\jkkkHWPi.dll
c:\windows\system32\jkkLEXOF.dll
c:\windows\system32\kbaxuodt.dll
c:\windows\system32\ssqNGAtU.dll
c:\windows\system32\sysdm.exe
c:\windows\system32\UtAGNqss.ini
c:\windows\system32\UtAGNqss.ini2
c:\windows\system32\uweaivcj.dll_old
c:\windows\system32\wpv741228549885.cpx

.
((((((((((((((((((((((((( Files Created from 2008-11-08 to 2008-12-08 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2025-09-26 03:23 --------- d-----w c:\documents and settings\Thomas\Application Data\Talkback
2025-09-26 03:19 --------- d-----w c:\windows\system32\config\systemprofile\Application Data\Intel
2025-09-26 03:18 0 ---ha-r c:\windows\system32\drivers\IBM_2613_CTO_TP.MRK
2025-09-25 06:40 --------- d-----w c:\program files\Oracle
2025-09-25 06:08 --------- d-----w c:\program files\Microsoft.NET
2025-09-25 06:08 --------- d-----w c:\program files\Microsoft ActiveSync
2025-09-25 05:06 --------- d-----w c:\program files\microsoft frontpage
2008-12-08 20:14 --------- d-----w c:\program files\Symantec AntiVirus
2008-12-08 20:04 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-08 18:42 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2008-12-08 18:41 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-08 17:30 --------- d-----w c:\documents and settings\Thomas\Application Data\U3
2008-12-08 09:09 --------- d-----w c:\program files\OpenOffice.org 2.4
2008-12-08 09:00 --------- d-----w c:\documents and settings\Thomas\Application Data\HPAppData
2008-12-08 08:48 --------- d-----w c:\program files\CCleaner
2008-12-08 08:39 --------- d-----w c:\documents and settings\Thomas\Application Data\OpenOffice.org2
2008-12-05 23:38 --------- d-----w c:\program files\Windows Live Safety Center
2008-12-03 15:23 --------- d-----w c:\documents and settings\Thomas\Application Data\mjusbsp
2008-11-29 11:19 --------- d-----w c:\documents and settings\Thomas\Application Data\vlc
2008-11-29 10:19 --------- d-----w c:\documents and settings\Thomas\Application Data\dvdcss
2008-11-29 10:16 --------- d-----w c:\program files\VideoLAN
2008-11-18 08:26 --------- d-----w c:\documents and settings\Thomas\Application Data\Juniper Networks
2008-11-11 21:43 --------- d-----w c:\program files\Dell_HostCD
2008-11-07 02:49 --------- d-----w c:\program files\DivX
2008-11-04 01:44 --------- d-----w c:\documents and settings\NetworkService\Application Data\Juniper Networks
2008-11-03 17:54 --------- d-----w c:\windows\system32\config\systemprofile\Application Data\Juniper Networks
2008-11-03 17:54 --------- d-----w c:\program files\Juniper Networks
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-14 14:46 --------- d-----w c:\program files\Hewlett-Packard
2003-08-18 15:49 75,776 ----a-w c:\program files\VisioErrormsg.xls
2003-07-31 22:09 33,103 ----a-w c:\program files\Visio11.adm
2003-04-22 13:31 1,384 ----a-w c:\program files\Visio11.sms
.

------- Sigcheck -------

2008-04-13 19:12 4919296 de5daeb60bbade63eb7a405a69ddb9cd c:\windows\explorer.exe
2007-06-13 06:26 1033216 7712df0cdde3a5ac89843e61cd5b3658 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
2007-06-13 05:23 4918784 a4d32bd82c68d8f1407064ad8d2b9ccb c:\windows\$NtServicePackUninstall$\explorer.exe
2004-08-04 07:00 1032192 a0732187050030ae399b241436565e64 c:\windows\$NtUninstallKB938828$\explorer.exe
2008-04-13 19:12 4919296 de5daeb60bbade63eb7a405a69ddb9cd c:\windows\ServicePackFiles\i386\explorer.exe
2008-04-13 19:12 1033728 12896823fb95bfb3dc9b46bcaedc9923 c:\windows\VCP_SAVE\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="c:\progra~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-08-30 4670704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2007-03-09 66176]
"TPKMAPHELPER"="c:\program files\ThinkPad\Utilities\TpKmapAp.exe" [2007-01-09 868352]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2006-02-14 110592]
"PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2006-05-25 151552]
"BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2006-05-25 208896]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2005-04-08 48752]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2005-04-17 85184]
"TP4EX"="tp4ex.exe" [2005-10-17 c:\windows\system32\TP4EX.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
2006-09-06 18:37 34344 c:\program files\Lenovo\HOTKEY\notifyf2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2006-12-14 13:06 28672 c:\program files\Lenovo\HOTKEY\tphklock.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=asihss.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk
backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office OneNote 2003 Quick Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk
backup=c:\windows\pss\Microsoft Office OneNote 2003 Quick Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Thomas^Start Menu^Programs^Startup^OpenOffice.org 2.4.lnk]
path=c:\documents and settings\Thomas\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk
backup=c:\windows\pss\OpenOffice.org 2.4.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\WINDOWS
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\windows\system32
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lphct15j0e9e5

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
--a------ 2004-12-14 01:12 483328 c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cdloader]
--a------ 2008-08-22 07:43 50520 c:\documents and settings\Thomas\Application Data\mjusbsp\cdloader2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2007-10-14 20:17 49152 c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
--a------ 2007-08-22 15:31 80896 c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2006-01-12 15:40 155648 c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 09:50 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-06-10 03:27 144784 c:\program files\Java\jre1.6.0_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-06-14 00:30 185896 c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe"
"SoundMAX"=c:\program files\Analog Devices\SoundMAX\Smax4.exe /tray
"SoundMAXPnP"=c:\program files\Analog Devices\Core\smax4pnp.exe
"SynTPEnh"=c:\program files\Synaptics\SynTP\SynTPEnh.exe
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\SAP\\FrontEnd\\SapGui\\saplogon.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero 7\\Nero Home\\NeroHome.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Documents and Settings\\Thomas\\Application Data\\mjusbsp\\magicJack.exe"=

R1 TPPWRIF;TPPWRIF;c:\windows\system32\drivers\Tppwrif.sys [2007-09-25 4442]
R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [2004-08-04 14336]
R3 EraserUtilDrvI7;EraserUtilDrvI7;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI7.sys [2008-12-07 99376]
S3 dsNcAdpt;Juniper Network Connect Adapter;c:\windows\system32\DRIVERS\dsNcAdpt.sys []
S3 msloop;Microsoft Loopback Adapter Driver;c:\windows\system32\DRIVERS\loop.sys [2025-09-25 4992]
S3 SavRoam;SAVRoam;"c:\program files\Symantec AntiVirus\SavRoam.exe" [2005-04-17 124608]
S4 OracleOraHome81Agent;OracleOraHome81Agent;c:\oracle\ora81\bin\dbsnmp.exe []
S4 OracleOraHome81ClientCache;OracleOraHome81ClientCache;c:\oracle\ora81\BIN\ONRSD.EXE []
S4 OracleOraHome81DataGatherer;OracleOraHome81DataGatherer;c:\oracle\ora81\bin\vppdc.exe []
S4 OracleOraHome81HTTPServer;OracleOraHome81HTTPServer;c:\oracle\ora81\Apache\Apache\Apache.exe []
S4 OracleOraHome81PagingServer;OracleOraHome81PagingServer;c:\oracle\ora81/bin/pagntsrv.exe []
S4 OracleOraHome81TNSListener;OracleOraHome81TNSListener;c:\oracle\ora81\BIN\TNSLSNR []
S4 OracleServiceDRS;OracleServiceDRS;c:\oracle\ora81\bin\ORACLE.EXE DRS []
S4 OracleServiceORCL;OracleServiceORCL;c:\oracle\ora81\bin\ORACLE.EXE ORCL []
S4 SAPDRS_00;SAPDRS_00;d:\usr\sap\DRS\SYS\exe\run\SAPSTARTSRV.EXE pf=d:\usr\sap\DRS\SYS\profile\START_DVEBMGS00_STARR3 []
S4 SAPOSCOL;SAPOSCOL;d:\usr\sap\DRS\SYS\exe\run\SAPOSCOL.EXE service []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2008-12-08 c:\windows\Tasks\PMTask.job
- c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2006-05-25 11:13]

2008-11-29 c:\windows\Tasks\Uniblue SpeedUpMyPC Nag.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe []

2007-09-26 c:\windows\Tasks\Uniblue SpeedUpMyPC.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe []
.
- - - - ORPHANS REMOVED - - - -

BHO-{18AD4709-3BE0-4101-9BE0-9A5EB64CE6EE} - c:\windows\system32\ssqNGAtU.dll
BHO-{5747aa52-4248-41ad-9b21-be2954271e39} - c:\windows\system32\asihss.dll
BHO-{61A9E793-A2CD-465D-8931-0BC2AD4EAE49} - (no file)
HKLM-Run-iconcache - (no file)
MSConfigStartUp-kdidw - (no file)


.
------- Supplementary Scan -------
.
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Send to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
FireFox -: Profile - c:\documents and settings\Thomas\Application Data\Mozilla\Firefox\Profiles\m0js2f5x.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-msgr&p=
FireFox -: prefs.js - STARTUP.HOMEPAGE - www.gmail.com
FF -: plugin - c:\program files\Adobe\Acrobat 7.0\Acrobat\browser\nppdf32.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\NPTURNMED.dll
FF -: plugin - c:\program files\Yahoo!\Shared\npYState.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-08 15:16:09
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\docume~1\Thomas\LOCALS~1\Temp\00023556.exe 1884264 bytes executable

scan completed successfully
hidden files: 1

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\OracleOraHome81PagingServer]
"ImagePath"="c:\oracle\ora81/bin/pagntsrv.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\OracleOraHome81TNSListener]
"ImagePath"="c:\oracle\ora81\BIN\TNSLSNR "
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(992)
c:\windows\system32\Ati2evxx.dll
c:\program files\Lenovo\HOTKEY\tphklock.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Common Files\Symantec Shared\ccSetMgr.exe
c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\program files\ThinkPad\Bluetooth Software\bin\btwdins.exe
c:\program files\Symantec AntiVirus\DefWatch.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Nero\Nero 7\Nero 7\InCD\InCDsrv.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Symantec AntiVirus\Rtvscan.exe
c:\windows\system32\TpKmpSvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Lenovo\HOTKEY\TPONSCR.exe
c:\program files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
c:\program files\Symantec AntiVirus\DoScan.exe
c:\progra~1\Yahoo!\MESSEN~1\Ymsgr_tray.exe
.
**************************************************************************
.
Completion time: 2008-12-08 15:19:21 - machine was rebooted
ComboFix-quarantined-files.txt 2008-12-08 20:19:18

Pre-Run: 34,300,219,392 bytes free
Post-Run: 34,297,970,688 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

263 --- E O F --- 2008-11-13 05:13:38

BC AdBot (Login to Remove)

 


#2 thom999

thom999
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:53 AM

Posted 08 December 2008 - 03:48 PM

I got the above report from combofix following what was discussed in the forums..I really really need your help to get this computer working. Its been affected by at least 3 virus's// (I get three when I run spybot and all the time its the same three. I continue to get popups all the time...need your help..

#3 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:09:53 AM

Posted 08 December 2008 - 03:49 PM

Please note the message text in blue at the top of the Am I infected? What do I do? forum.

ComboFix logs should not to be posted outside the HijackThis forums and then only when requested by a HJT Team member. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

Please create a new topic explaining the nature of your problem in the Am I infected? What do I do? forum. Describe pop-ups and system tray or desktop icons that have appeared. Explain what is "going wrong" with your computer. Note any tools you have used and their respective results.

If needed, we will direct you to our HJT Preparation Guide.

Thank you for using BleepingComputer as your malware removal source.

This topic is now closed. If you have any questions, please PM a Moderator.
The BC Staff

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users