Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spyware Guard 2008


  • Please log in to reply
2 replies to this topic

#1 rmacleod21

rmacleod21

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 23 December 2008 - 08:09 PM

I have attempted to download Malwarebytes' Anti-Malware and Super AntiSpyware but the SpywareGuard has hijacked my broswers and either lauches itself or sends me off to a random site. I am using another computer to communicate to any Spyware removal sites including this one. I downloaded the programs and copied them over using a memory stick but they don't install correctly. The Malwarebytes stops in the middle and the Anti-Spyware immediately returns with "has encountered a problem and needs to close". I have tried to remove it manually but it keeps coming back. The system is also telling me that I have corrupt files etc. I tried doing things in safe mode and also went back to the upgrade DVD but the Spyware Guard has a good grip on things.

Thanks for any help you can give me.
Rob

DDS (Version 1.1.0) - NTFSx86
Run by Rob at 19:47:18.40 on Tue 12/23/2008
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_05
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.511 [GMT -5:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated)
FW: McAfee Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\DRIVERS\PRINTER\540\StatMon.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\V CAST Music Manager\MEMonitor.exe
C:\Program Files\Dell Network Assistant\hnm_svc.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\VirusScan\McShield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
\\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Rob\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.dell4me.com/myway
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: AOLTBSearch Class: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - c:\program files\aol\aol toolbar 2.0\aoltb.dll
uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: c:\windows\system32\efcYsQge.dll
BHO: c:\windows\system32\wkugtj.dll
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\3.1.807.1746\swg.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: AIM Search: {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - c:\program files\aim toolbar\AIMBar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
TB: Easy-WebPrint: {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - c:\program files\canon\easy-webprint\Toolband.dll
TB: AOL Toolbar: {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 2.0\aoltb.dll
TB: &Google: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uRun: [updateMgr] c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe AcRdB7_0_9
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Uniblue RegistryBooster 2] c:\program files\uniblue\registrybooster 2\RegistryBooster.exe /S
uRun: [AdobeUpdater] c:\program files\common files\adobe\updater5\AdobeUpdater.exe
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe"
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_05\bin\jusched.exe"
mRun: [OpwareSE2] "c:\program files\scansoft\omnipagese2.0\OpwareSE2.exe"
mRun: [mmtask] c:\program files\musicmatch\musicmatch jukebox\mmtask.exe
mRun: [MediaFace Integration] c:\program files\fellowes\mediaface 4.2\SetHook.exe
mRun: [mcagent_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [IAAnotif] c:\program files\intel\intel application accelerator\iaanotif.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [DellStatusMonitor] "c:\drivers\printer\540\StatMon.exe"
mRun: [CTSysVol] c:\program files\creative\sbaudigy2zs\surround mixer\CTSysVol.exe /r
mRun: [CTHelper] CTHELPER.EXE
mRun: [CTDVDDET] "c:\program files\creative\sbaudigy2zs\dvdaudio\CTDVDDET.EXE"
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [spywareguard] c:\program files\spyware guard 2008\spywareguard.exe
mRun: [107070aa] rundll32.exe "c:\windows\system32\arlrttev.dll",b
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\rob\startm~1\programs\startup\memoni~1.lnk - c:\program files\v cast music manager\MEMonitor.exe
StartupFolder: c:\documents and settings\rob\start menu\programs\startup\PowerReg Scheduler V3.exe
StartupFolder: c:\documents and settings\rob\start menu\programs\startup\PowerReg Scheduler.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-us\local\search.html
IE: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNzeb053YYUS_ZN
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Resource.dll/RC_Print.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 2.0\aoltb.dll
IE: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - {4C171D40-8277-11D5-AD55-00010333D0AD} - c:\program files\yahoo!\companion\modules\messmod4\v6\yhexbmes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: efcCrppM - efcCrppM.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL wkugtj.dll
SSODL: ieModule - {1C35E6DB-D748-451F-9D76-1770524EF3FB} - c:\documents and settings\all users\application data\microsoft\internet explorer\dlls\ieModule.dll
SSODL: InternetConnection - {F4156065-2578-4998-B5DA-3394F9EA9609} - c:\documents and settings\all users\application data\microsoft\internet explorer\dlls\pgctzykgel.dll
LSA: Authentication Packages = msv1_0 c:\windows\system32\efcYsQge

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\rob\applic~1\mozilla\firefox\profiles\ssrrhqxy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\program files\gametap\bin\release\npgametaptool.dll
FF - plugin: c:\program files\ign\download manager\npfpdlm.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nppopcaploader.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npsnapfish.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\virtools\3d life player\npvirtools.dll

============= SERVICES / DRIVERS ===============

R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2007-4-15 201320]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe []
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\mcafee\siteadvisor\McSACore.exe" [2008-9-28 206096]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2007-8-13 359248]
R2 McShield;McAfee Real-time Scanner;c:\program files\mcafee\virusscan\McShield.exe [2007-4-15 144704]
R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [2004-8-10 14336]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2008-2-3 33792]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2007-4-15 695624]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2007-4-15 79304]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2007-4-15 35240]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2007-4-15 40488]
S0 IKFileSec;File Security Driver;c:\windows\system32\drivers\ikfilesec.sys []
S1 IKSysFlt;System Filter Driver;c:\windows\system32\drivers\iksysflt.sys []
S1 IKSysSec;System Security Driver;c:\windows\system32\drivers\iksyssec.sys []
S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe []
S2 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe []
S2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\viewpoint\common\ViewpointService.exe" [2007-2-14 24652]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2007-4-15 33832]

============== File Associations ===============

regfile="regedit.exe" "%1"

=============== Created Last 30 ================

2008-12-23 19:15 476,324 a----r-- C:\txtsetup.sif
2008-12-23 19:15 260,272 a----r-- C:\$LDR$
2008-12-23 19:15 <DIR> --d----- C:\$WIN_NT$.~BT
2008-12-23 18:49 <DIR> --d----- c:\windows\setup.pss
2008-12-23 14:11 15,504 a------- c:\windows\system32\drivers\mbam.sys
2008-12-23 14:11 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-23 14:11 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2008-12-23 13:37 129,024 a------- c:\windows\system32\wkugtj.dll
2008-12-23 13:37 129,024 a------- c:\windows\system32\dqbmfpiv.dll
2008-12-23 13:29 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2008-12-23 13:29 1,661,209 ---sh--- c:\windows\system32\vettrlra.ini
2008-12-23 13:28 72,704 a------- c:\windows\system32\arlrttev.dll
2008-12-23 12:58 1,661,209 ---sh--- c:\windows\system32\bmuqreht.ini
2008-12-23 12:58 72,704 a------- c:\windows\system32\therqumb.dll
2008-12-23 12:57 129,024 a------- c:\windows\system32\onnhyc.dll
2008-12-23 12:57 129,024 a------- c:\windows\system32\oafayuar.dll
2008-12-19 20:56 134,149 a------- c:\windows\reged.exe
2008-12-19 20:56 18,941 a------- c:\windows\vmreg.dll
2008-12-19 20:56 1,003,957 a------- c:\windows\sysexplorer.exe
2008-12-19 20:56 51,197 a------- c:\windows\spoolsystem.exe
2008-12-19 20:56 50,620 a------- c:\windows\sys.com
2008-12-19 20:56 47,872 a------- c:\windows\syscert.exe
2008-12-19 20:56 <DIR> --d----- c:\program files\Spyware Guard 2008
2008-12-19 20:17 <DIR> --d----- c:\docume~1\rob\applic~1\PC Tools
2008-12-19 19:19 <DIR> --d----- c:\program files\common files\Scanner
2008-12-19 11:31 384,000 a------- c:\windows\system32\winscenter.exe
2008-12-19 11:30 29,701 a------- c:\docume~1\alluse~1\applic~1\svhost.exe
2008-12-18 21:45 1,661,209 ---sh--- c:\windows\system32\ybdiqasa.ini
2008-12-18 21:39 129,024 a------- c:\windows\system32\ldzcgl.dll
2008-12-18 21:39 129,024 a------- c:\windows\system32\jhqumtko.dll
2008-12-18 14:04 1,661,209 a--sh--- c:\windows\system32\bvuspxra.ini
2008-12-18 14:04 72,704 a------- c:\windows\system32\arxpsuvb.dll
2008-12-17 21:58 129,024 a------- c:\windows\system32\kzysmg.dll
2008-12-17 21:58 129,024 a------- c:\windows\system32\fqjiutmn.dll
2008-12-16 21:34 2,553 a--sh--- c:\windows\system32\egQsYcfe.ini2
2008-12-16 21:34 2,553 a--sh--- c:\windows\system32\egQsYcfe.ini
2008-12-16 21:34 302,592 a------- c:\windows\system32\efcYsQge.dll
2008-12-16 21:29 70,144 a------- c:\windows\system32\tuvWMGyW.dll
2008-12-04 22:09 0 a------- C:\LOG76.tmp
2008-12-04 21:34 0 a------- C:\LOG39.tmp
2008-12-03 20:30 0 a------- C:\LOG27F.tmp
2008-12-02 20:03 0 a------- C:\LOG3C2.tmp

==================== Find3M ====================

2008-10-23 08:01 283,648 a------- c:\windows\system32\gdi32.dll
2008-10-16 15:38 826,368 a------- c:\windows\system32\wininet.dll
2008-10-16 14:06 268,648 a------- c:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 a------- c:\windows\system32\muweb.dll
2008-10-15 20:40 262,144 a------- C:\ntuser.dat
2008-10-03 05:15 247,326 a------- c:\windows\system32\strmdll.dll
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2006-10-13 16:24 40 a------- c:\documents and settings\rob\language.dat
2005-05-24 13:31 32 a----r-- c:\documents and settings\all users\hash.dat
2004-12-26 10:04 251 a------- c:\program files\wt3d.ini

============= FINISH: 19:48:57.01 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 rmacleod21

rmacleod21
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 31 December 2008 - 03:03 PM

The Spyware Guard 2008 has taken over my computer. I have tried to install both Malwarebytes and SuperAntiSpyware and they both fail. If I try to get updates to my McAfee it is blocked. The system keeps telling me that I have corrupt files and the that the system is not protected.
It appears that trojan/virus has totally taken over control of my explorer and firefox browsers and always diverts me to fake search sites, etc. It will let me do a google search but any attempts to go to the links are diverted.

I have backed all my important documents, photos and videos onto an external drive.

Thanks for your help
Rob

DDS (Version 1.1.0) - NTFSx86
Run by Rob at 5:57:09.62 on Wed 12/31/2008
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_05
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.459 [GMT -5:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated)
FW: McAfee Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\DRIVERS\PRINTER\540\StatMon.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Dell Network Assistant\hnm_svc.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MSC\mcuimgr.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Rob\Desktop\dds.scr
C:\Program Files\Spyware Guard 2008\spywareguard.exe
C:\WINDOWS\system32\wuauclt.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.dell4me.com/myway
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: AOLTBSearch Class: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - c:\program files\aol\aol toolbar 2.0\aoltb.dll
uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
BHO: AOL Toolbar Launcher: {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - c:\program files\aol\aol toolbar 2.0\aoltb.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
BHO: Google Toolbar Notifier BHO
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: AIM Search: {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - c:\program files\aim toolbar\AIMBar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
TB: Easy-WebPrint: {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - c:\program files\canon\easy-webprint\Toolband.dll
TB: AOL Toolbar: {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 2.0\aoltb.dll
TB: &Google: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
McAfee SiteAdvisor
uRun: [updateMgr] c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe AcRdB7_0_9
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Uniblue RegistryBooster 2] c:\program files\uniblue\registrybooster 2\RegistryBooster.exe /S
uRun: [AdobeUpdater] c:\program files\common files\adobe\updater5\AdobeUpdater.exe
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe"
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_02\bin\jusched.exe"
mRun: [OpwareSE2] "c:\program files\scansoft\omnipagese2.0\OpwareSE2.exe"
mRun: [mmtask] c:\program files\musicmatch\musicmatch jukebox\mmtask.exe
mRun: [MediaFace Integration] c:\program files\fellowes\mediaface 4.2\SetHook.exe
mRun: [mcagent_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [IAAnotif] c:\program files\intel\intel application accelerator\iaanotif.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [DellStatusMonitor] "c:\drivers\printer\540\StatMon.exe"
mRun: [CTSysVol] c:\program files\creative\sbaudigy2zs\surround mixer\CTSysVol.exe /r
mRun: [CTHelper] CTHELPER.EXE
mRun: [CTDVDDET] "c:\program files\creative\sbaudigy2zs\dvdaudio\CTDVDDET.EXE"
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [spywareguard] c:\program files\spyware guard 2008\spywareguard.exe
mRun: [107070aa] rundll32.exe "c:\windows\system32\xkeshaey.dll",b
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\rob\startm~1\programs\startup\memoni~1.lnk - c:\program files\v cast music manager\MEMonitor.exe
StartupFolder: c:\documents and settings\rob\start menu\programs\startup\PowerReg Scheduler V3.exe
StartupFolder: c:\documents and settings\rob\start menu\programs\startup\PowerReg Scheduler.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-us\local\search.html
IE: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNzeb053YYUS_ZN
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Resource.dll/RC_Print.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 2.0\aoltb.dll
IE: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - {4C171D40-8277-11D5-AD55-00010333D0AD} - c:\program files\yahoo!\companion\modules\messmod4\v6\yhexbmes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: efcCrppM - efcCrppM.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
SSODL: ieModule - {1C35E6DB-D748-451F-9D76-1770524EF3FB} - c:\documents and settings\all users\application data\microsoft\internet explorer\dlls\ieModule.dll
SSODL: InternetConnection - {F4156065-2578-4998-B5DA-3394F9EA9609} - c:\documents and settings\all users\application data\microsoft\internet explorer\dlls\pgctzykgel.dll
SEH: SABShellExecuteHook Class: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\rob\applic~1\mozilla\firefox\profiles\ssrrhqxy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\program files\gametap\bin\release\npgametaptool.dll
FF - plugin: c:\program files\ign\download manager\npfpdlm.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nppopcaploader.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npsnapfish.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\virtools\3d life player\npvirtools.dll

============= SERVICES / DRIVERS ===============

PP2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2007-4-15 144704]
R1 mfehidk;McAfee Inc.;c:\windows\system32\drivers\mfehidk.sys [2007-4-15 201320]
R1 SASDIFSV;SASDIFSV;\??\c:\program files\superantispyware\SASDIFSV.SYS [2008-12-4 8944]
R1 SASKUTIL;SASKUTIL;\??\c:\program files\superantispyware\SASKUTIL.sys [2008-12-4 55024]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe []
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\mcafee\siteadvisor\McSACore.exe" [2008-9-28 206096]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2007-8-13 359248]
R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [2004-8-10 14336]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2008-2-3 33792]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2007-4-15 695624]
R3 mfeavfk;McAfee Inc.;c:\windows\system32\drivers\mfeavfk.sys [2007-4-15 79304]
R3 mfebopk;McAfee Inc.;c:\windows\system32\drivers\mfebopk.sys [2007-4-15 35240]
R3 mfesmfk;McAfee Inc.;c:\windows\system32\drivers\mfesmfk.sys [2007-4-15 40488]
S0 IKFileSec;File Security Driver;c:\windows\system32\drivers\ikfilesec.sys []
S1 IKSysFlt;System Filter Driver;c:\windows\system32\drivers\iksysflt.sys []
S1 IKSysSec;System Security Driver;c:\windows\system32\drivers\iksyssec.sys []
S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe []
S2 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe []
S2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\viewpoint\common\ViewpointService.exe" [2007-2-14 24652]
S3 mferkdk;McAfee Inc.;c:\windows\system32\drivers\mferkdk.sys [2007-4-15 33832]
S3 SASENUM;SASENUM;\??\c:\program files\superantispyware\SASENUM.SYS [2008-12-4 7408]

=============== Created Last 30 ================

2008-12-31 05:51 1,003,957 a------- c:\windows\sysexplorer.exe
2008-12-31 05:51 134,149 a------- c:\windows\reged.exe
2008-12-31 05:51 51,197 a------- c:\windows\spoolsystem.exe
2008-12-31 05:51 50,620 a------- c:\windows\sys.com
2008-12-31 05:51 47,872 a------- c:\windows\syscert.exe
2008-12-31 05:51 18,941 a------- c:\windows\vmreg.dll
2008-12-31 05:51 <DIR> --d----- c:\program files\Spyware Guard 2008
2008-12-30 15:44 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2008-12-30 15:43 <DIR> --d----- c:\program files\SUPERAntiSpyware
2008-12-30 15:43 <DIR> --d----- c:\docume~1\rob\applic~1\SUPERAntiSpyware.com
2008-12-30 13:53 72,704 a------- c:\windows\system32\xkeshaey.dll
2008-12-30 13:53 1,755,812 ---sh--- c:\windows\system32\yeahsekx.ini
2008-12-23 19:15 476,324 a----r-- C:\txtsetup.sif
2008-12-23 19:15 260,272 a----r-- C:\$LDR$
2008-12-23 19:15 <DIR> --d----- C:\$WIN_NT$.~BT
2008-12-23 18:49 <DIR> --d----- c:\windows\setup.pss
2008-12-23 14:21 5,780,000 a------- C:\superantispyware.bat
2008-12-23 14:11 15,504 a------- c:\windows\system32\drivers\mbam.sys
2008-12-23 14:11 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-23 14:11 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2008-12-23 13:37 129,024 a------- c:\windows\system32\dqbmfpiv.dll
2008-12-23 13:29 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2008-12-23 13:29 1,755,812 ---sh--- c:\windows\system32\vettrlra.ini
2008-12-23 13:17 2,538,872 a------- C:\mbam-setup.bat
2008-12-23 12:58 1,661,209 ---sh--- c:\windows\system32\bmuqreht.ini
2008-12-23 12:58 72,704 a------- c:\windows\system32\therqumb.dll
2008-12-23 12:57 129,024 a------- c:\windows\system32\onnhyc.dll
2008-12-23 12:57 129,024 a------- c:\windows\system32\oafayuar.dll
2008-12-19 20:17 <DIR> --d----- c:\docume~1\rob\applic~1\PC Tools
2008-12-19 19:19 <DIR> --d----- c:\program files\common files\Scanner
2008-12-19 11:31 384,000 a------- c:\windows\system32\winscenter.exe
2008-12-18 21:45 1,661,209 ---sh--- c:\windows\system32\ybdiqasa.ini
2008-12-18 21:39 129,024 a------- c:\windows\system32\ldzcgl.dll
2008-12-18 21:39 129,024 a------- c:\windows\system32\jhqumtko.dll
2008-12-18 14:04 1,661,209 a--sh--- c:\windows\system32\bvuspxra.ini
2008-12-18 14:04 72,704 a------- c:\windows\system32\arxpsuvb.dll
2008-12-17 21:58 129,024 a------- c:\windows\system32\kzysmg.dll
2008-12-17 21:58 129,024 a------- c:\windows\system32\fqjiutmn.dll
2008-12-16 21:34 675,576 a--sh--- c:\windows\system32\egQsYcfe.ini2
2008-12-16 21:34 675,576 a--sh--- c:\windows\system32\egQsYcfe.ini
2008-12-16 21:29 70,144 a------- c:\windows\system32\tuvWMGyW.dll
2008-12-04 22:09 0 a------- C:\LOG76.tmp
2008-12-04 21:34 0 a------- C:\LOG39.tmp
2008-12-03 20:30 0 a------- C:\LOG27F.tmp
2008-12-02 20:03 0 a------- C:\LOG3C2.tmp

==================== Find3M ====================

2008-10-23 08:01 283,648 a------- c:\windows\system32\gdi32.dll
2008-10-16 15:38 826,368 a------- c:\windows\system32\wininet.dll
2008-10-16 14:06 268,648 a------- c:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 a------- c:\windows\system32\muweb.dll
2008-10-15 20:40 262,144 a------- C:\ntuser.dat
2008-10-03 05:15 247,326 a------- c:\windows\system32\strmdll.dll
2006-10-13 16:24 40 a------- c:\documents and settings\rob\language.dat
2005-05-24 13:31 32 a----r-- c:\documents and settings\all users\hash.dat
2004-12-26 10:04 251 a------- c:\program files\wt3d.ini

============= FINISH: 5:58:52.64 ===============

Attached Files


Edited by Orange Blossom, 31 December 2008 - 08:38 PM.
Merged topics. ~ OB


#3 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,612 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:49 PM

Posted 04 January 2009 - 07:37 AM

Please visit the following link and use the instructions there to post a ComboFix log as a reply to this topic:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

When following the instructions please install the Windows XP Recovery Console if you are using XP.

After running ComboFix, please post the ComboFix log as a reply to this topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users