Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My HJT Log Trojan


  • Please log in to reply
1 reply to this topic

#1 Kristina78

Kristina78

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 02 February 2009 - 04:23 PM

My HJT Log, I have ran malware said I had a trojan it's quarantine now, I have Ca as my virus and firewall proteciton and its not letting me enable my firewall and I have a red shield telling me to put my firewall on.

I just got a pop-up that was trying to download on my computer something about anti-virus don't know what to do



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:18:56 PM, on 2/2/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKLM\..\Run: [cafwc] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl
O4 - HKLM\..\Run: [capfasem] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
O4 - HKLM\..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Addiction by pogo - http://game3.pogo.com/v/9.1.1.8/applet/add...ction-en_US.cab
O16 - DPF: Alibaba Slots - http://game3.pogo.com/v/9.1.3.19/applet/al...ibaba-en_US.cab
O16 - DPF: Backgammon by pogo - http://game3.pogo.com/v/9.0.8.2/applet/bac...ammon-en_US.cab
O16 - DPF: Bingo Luau by pogo - http://game3.pogo.com/v/9.0.6.14/applet/fr...bingo-en_US.cab
O16 - DPF: Blackjack by pogo - http://game3.pogo.com/v/9.0.9.8/applet/bla...kjack-en_US.cab
O16 - DPF: Blackjack Carnival by pogo - http://game3.pogo.com/v/9.0.8.20/applet/vb...jack2-en_US.cab
O16 - DPF: Blooop by pogo - http://game3.pogo.com/v/9.0.1.14/applet/ca...scade-en_US.cab
O16 - DPF: Bowling by pogo - http://game3.pogo.com/v/9.0.2.1/applet/bow...wling-en_US.cab
O16 - DPF: Canasta by pogo - http://game3.pogo.com/v/9.1.3.19/applet/ca...nasta-en_US.cab
O16 - DPF: Checkers by pogo - http://game3.pogo.com/v/9.1.1.1/applet/che...ckers-en_US.cab
O16 - DPF: Chess by pogo - http://game3.pogo.com/v/9.0.1.7/applet/che...hess2-en_US.cab
O16 - DPF: Crazy Cakes by pogo - http://game3.pogo.com/v/9.0.5.5/applet/pla...inner-en_US.cab
O16 - DPF: Cribbage by pogo - http://game3.pogo.com/v/9.1.3.19/applet/cr...bbage-en_US.cab
O16 - DPF: Dice City Roller by pogo - http://game3.pogo.com/v/9.0.1.7/applet/ytz/ytz-en_US.cab
O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/v/8.1.6.3/applet/che...dflag-en_US.cab
O16 - DPF: Dominoes v2 by pogo - http://game3.pogo.com/v/9.0.7.21/applet/do...mino2-en_US.cab
O16 - DPF: Double Deuce Poker by pogo - http://game3.pogo.com/v/8.1.6.3/applet/vid...deuce-en_US.cab
O16 - DPF: Euchre by pogo - http://game3.pogo.com/v/9.1.1.1/applet/euc...uchre-en_US.cab
O16 - DPF: First Class Solitaire by pogo - http://game3.pogo.com/v/9.1.3.19/applet/fi...lass2-en_US.cab
O16 - DPF: Fortune Bingo by pogo - http://game3.pogo.com/v/9.0.1.7/applet/sup...bingo-en_US.cab
O16 - DPF: Golf Solitaire by pogo - http://game3.pogo.com/v/9.0.3.12/applet/go...taire-en_US.cab
O16 - DPF: Hangman Hijinks by pogo - http://game3.pogo.com/v/8.1.9.1/applet/han...ngman-en_US.cab
O16 - DPF: Harvest Mania by pogo - http://game3.pogo.com/v/9.1.3.19/applet/ha...rvest-en_US.cab
O16 - DPF: Hearts by pogo - http://game3.pogo.com/v/9.0.1.7/applet/hea...earts-en_US.cab
O16 - DPF: High Stakes Poker by pogo - http://game3.pogo.com/v/9.0.8.2/applet/dra...poker-en_US.cab
O16 - DPF: High Stakes Pool by pogo - http://game3.pogo.com/v/9.0.8.2/applet/pool2/pool-en_US.cab
O16 - DPF: Hog Heaven Slots by pogo - http://game3.pogo.com/v/9.1.4.5/applet/fancy/fancy-en_US.cab
O16 - DPF: Its Outta Here 2 by pogo - http://game3.pogo.com/v/9.0.1.7/applet/its...fhere-en_US.cab
O16 - DPF: Jigsaw Treasure Hunter - http://game3.pogo.com/v/9.1.2.19/applet/jth/jth-en_US.cab
O16 - DPF: Jokers Wild Poker by pogo - http://game3.pogo.com/v/8.1.9.1/applet/vid...swild-en_US.cab
O16 - DPF: Jungle Gin by pogo - http://game3.pogo.com/v/9.0.8.20/applet/gin2/gin2-en_US.cab
O16 - DPF: Keno by pogo - http://game3.pogo.com/v/8.1.9.1/applet/keno/keno-en_US.cab
O16 - DPF: KenoPop! by pogo - http://game3.pogo.com/v/9.0.4.1/applet/spe...dkeno-en_US.cab
O16 - DPF: Lost Temple Poker by pogo - http://game3.pogo.com/v/9.0.1.7/applet/mhp...poker-en_US.cab
O16 - DPF: Lottso by pogo - http://game3.pogo.com/v/8.1.9.1/applet/lot...ottso-en_US.cab
O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/v/8.1.6.21/applet/ma...jong2-en_US.cab
O16 - DPF: Mahjong Safari by Pogo - http://game3.pogo.com/v/9.1.4.5/applet/saf...afari-en_US.cab
O16 - DPF: Makeover Madness by pogo - http://game3.pogo.com/v/9.0.7.14/applet/sh...shoes-en_US.cab
O16 - DPF: Monopoly by pogo - http://game3.pogo.com/v/9.1.4.9/applet/mon...opoly-en_US.cab
O16 - DPF: Payday Freecell Solitaire by pogo - http://game3.pogo.com/v/9.0.6.14/applet/fr...cell2-en_US.cab
O16 - DPF: Pebble Beach Golf by pogo - http://game3.pogo.com/v/9.0.1.7/applet/peb...ebble-en_US.cab
O16 - DPF: Perfect Pair Solitaire by pogo - http://game1.pogo.com/v/8.1.7.44/applet/wa...wheel-en_US.cab
O16 - DPF: Phlinx by pogo - http://game3.pogo.com/v/9.1.3.19/applet/fl...inger-en_US.cab
O16 - DPF: Pinochle by pogo - http://game3.pogo.com/v/9.0.8.20/applet/pi...ochle-en_US.cab
O16 - DPF: Pop Fu by pogo - http://game3.pogo.com/v/9.0.5.4/applet/popfu/popfu-en_US.cab
O16 - DPF: PoppaZoppa by pogo - http://game3.pogo.com/v/9.0.8.20/applet/po...zoppa-en_US.cab
O16 - DPF: Poppit by pogo - http://game3.pogo.com/v/9.1.1.8/applet/pop...ppit2-en_US.cab
O16 - DPF: Pseudoku by pogo - http://game3.pogo.com/v/9.0.1.7/applet/pse...udoku-en_US.cab
O16 - DPF: Quick Quack by pogo - http://game1.pogo.com/v/8.1.7.44/applet/ho...treak-en_US.cab
O16 - DPF: QWERTY by pogo - http://game1.pogo.com/v/8.1.6.3/applet/squ...uares-en_US.cab
O16 - DPF: SciFi Slots by pogo - http://game3.pogo.com/v/9.0.1.7/applet/slots/scifi-en_US.cab
O16 - DPF: Scrabble by pogo - http://game3.pogo.com/v/9.0.7.35/applet/sc...abble-en_US.cab
O16 - DPF: Showbiz Slots by pogo - http://game3.pogo.com/v/9.1.3.19/applet/sl...owbiz-en_US.cab
O16 - DPF: Shuffle Bump by pogo - http://game3.pogo.com/v/8.1.9.1/applet/puck/puck-en_US.cab
O16 - DPF: Spades 2 by pogo - http://game3.pogo.com/v/9.1.3.19/applet/sp...ades2-en_US.cab
O16 - DPF: Spider Solitaire by pogo - http://game3.pogo.com/v/8.1.9.1/applet/spi...pider-en_US.cab
O16 - DPF: Spooky Slots - http://game3.pogo.com/v/9.1.4.25/applet/sp...pooky-en_US.cab
O16 - DPF: Squelchies by pogo - http://game3.pogo.com/v/9.0.8.20/applet/sq...chies-en_US.cab
O16 - DPF: Stax by pogo - http://game3.pogo.com/v/8.1.9.1/applet/stax/stax-en_US.cab
O16 - DPF: Super Dominoes by pogo - http://game3.pogo.com/v/8.1.7.44/applet/su...omino-en_US.cab
O16 - DPF: Swashbucks by pogo - http://game3.pogo.com/v/9.0.1.7/applet/pir...sgold-en_US.cab
O16 - DPF: Sweet Tooth 2 by Pogo - http://game3.pogo.com/v/9.0.1.7/applet/swe...ooth2-en_US.cab
O16 - DPF: Team Bingo by Pogo - http://game3.pogo.com/v/9.1.3.19/applet/te...bingo-en_US.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://game3.pogo.com/v/9.0.1.14/applet/ho...oldem-en_US.cab
O16 - DPF: Thousand Island Solitaire by pogo - http://game3.pogo.com/v/8.1.9.1/applet/mil...lbrae-en_US.cab
O16 - DPF: Tri-Peaks by pogo - http://game3.pogo.com/v/9.1.1.1/applet/peaks/peaks-en_US.cab
O16 - DPF: Trivial Pursuit by pogo - http://game3.pogo.com/v/9.1.4.18/applet/tr...ivial-en_US.cab
O16 - DPF: Tumble Bees by pogo - http://game3.pogo.com/v/9.1.3.19/applet/tu...mbee2-en_US.cab
O16 - DPF: Turbo 21 v2 by pogo - http://game1.pogo.com/v/8.1.9.7/applet/tur...rbo22-en_US.cab
O16 - DPF: Vaults of Atlantis Slots by pogo - http://game3.pogo.com/v/9.0.5.4/applet/mls...slots-en_US.cab
O16 - DPF: Video Poker by pogo - http://game1.pogo.com/v/8.1.7.44/applet/vi...poker-en_US.cab
O16 - DPF: Wonderland Memories by pogo - http://game3.pogo.com/v/9.0.8.20/applet/me...ories-en_US.cab
O16 - DPF: Word Craft by pogo - http://game3.pogo.com/v/9.1.3.19/applet/ba...abble-en_US.cab
O16 - DPF: Word Search Daily by pogo - http://game3.pogo.com/v/9.1.4.5/applet/wor...earch-en_US.cab
O16 - DPF: Word Whomp by pogo - http://game3.pogo.com/v/9.0.9.8/applet/wor...homp2-en_US.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://game3.pogo.com/v/8.1.9.1/applet/wha...kdown-en_US.cab
O16 - DPF: WordJong by pogo - http://game3.pogo.com/v/9.0.1.7/applet/wor...djong-en_US.cab
O16 - DPF: World Class Solitaire by pogo - http://game3.pogo.com/v/9.0.8.20/applet/wo...class-en_US.cab
O16 - DPF: Yahoo! Pool 2 - http://download2.games.yahoo.com/games/clients/y/poti_x.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://supportcenter.rr.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/PogoWebLa...erInstaller.CAB
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=26688
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe

--
End of file - 16830 bytes

Edited by Kristina78, 02 February 2009 - 04:47 PM.


BC AdBot (Login to Remove)

 


#2 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:01:57 PM

Posted 15 February 2009 - 10:02 AM

Hello Kristina78

Welcome to BleepingComputer :thumbup2:
========================

Please download DDS and save it to your desktop.
  • Disable any script blocking protection
  • Double click dds.scr to run the tool.
  • When done, DDS.txt will open.
  • Click Yes at the next prompt for Optional Scan.
  • Save both reports to your desktop.
---------------------------------------------------

Please include the contents of the following in your next reply:

DDS.txt
Attach.txt.
================
Download the GMER Rootkit Scanner. Unzip it to your Desktop.

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any
"<--- ROOKIT" entries unless advised!

If possible rootkit activity is found, you will be asked if you would like to perform a full scan.
  • Click NO
  • In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.
  • Now click the Scan button.
    Once the scan is complete, you may receive another notice about rootkit activity.
  • Click OK.
  • GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
  • Save it where you can easily find it, such as your desktop.
Post the contents of GMER.txt in your next reply.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users