Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

NT Authority /System (ComboFix log attached)


  • This topic is locked This topic is locked
1 reply to this topic

#1 Allen83

Allen83

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:54 AM

Posted 09 February 2009 - 08:41 PM

Hi all, i'm running on Win XP SP3 and my pc is currently going crazy out of a sudden.

Everytime when i start my pc, it will stuck at the blue "Welcome to Windows" screen and it seems to be loading for like 5 mins before logging into it. There is no shortcuts or taskbar showing on my desktop till the RPC auto restart thing pop up. It says NT Authority /System.

I tried most of the solutions (Hijackthis, Mblast worm, RegistryFix and many many others) provided by the web but none help. I read forum about someone who tried using Combofix and posted his log in here and people here will be able to help him by advising him what to remove. I hope i could get some help here. Thanks in advance!

My Combofix log :

ComboFix 09-02-08.02 - Bing 2009-02-09 22:24:37.2 - NTFSx86
Running from: c:\documents and settings\Bing\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\fsglmlku.ini
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\OYIOnUvw.ini
c:\windows\system32\OYIOnUvw.ini2
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((( Files Created from 2009-01-09 to 2009-02-09 )))))))))))))))))))))))))))))))
.

2009-02-09 20:43 . 2009-02-09 20:46 683 --a------ C:\Combo.bat
2009-02-09 20:42 . 2009-02-09 20:46 <DIR> d-------- C:\sUBs
2009-02-09 19:35 . 2009-02-09 19:35 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-09 18:46 . 2009-02-09 18:46 <DIR> d-------- C:\5e1bb97b36b62411fbf6b639813796
2009-02-08 23:51 . 2009-02-08 23:51 <DIR> d-------- C:\bf0a817c6506f72b5b245368ef5cd71a
2009-02-08 23:45 . 2009-02-08 23:45 <DIR> d-------- C:\aef2ab3f6ac818eec860be5989f8da

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-09 14:17 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-02-07 05:48 98,304 ----a-w c:\windows\DUMP468e.tmp
2009-01-23 11:24 98,304 ----a-w c:\windows\DUMP4bbe.tmp
2009-01-05 10:30 --------- d-----w c:\documents and settings\Bing\Application Data\ErrorFix
2008-12-13 18:34 --------- d-----w c:\program files\Windows Live
2008-12-13 18:34 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
2008-12-13 17:47 --------- d-----w c:\program files\Windows Live Toolbar
2008-12-13 17:44 --------- d--h--w c:\program files\InstallShield Installation Information
2007-06-21 10:38 30,280 ----a-w c:\program files\mozilla firefox\plugins\cgpcfg.dll
2007-06-21 10:38 79,432 ----a-w c:\program files\mozilla firefox\plugins\CgpCore.dll
2007-06-21 10:38 71,240 ----a-w c:\program files\mozilla firefox\plugins\confmgr.dll
2007-06-21 10:38 140,872 ----a-w c:\program files\mozilla firefox\plugins\ctxmui.dll
2007-06-21 10:39 38,472 ----a-w c:\program files\mozilla firefox\plugins\icafile.dll
2007-06-21 10:39 46,664 ----a-w c:\program files\mozilla firefox\plugins\icalogon.dll
2007-06-21 10:39 34,376 ----a-w c:\program files\mozilla firefox\plugins\logging.dll
2007-06-21 10:39 685,640 ----a-w c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2007-06-21 10:40 30,280 ----a-w c:\program files\mozilla firefox\plugins\TcpPServ.dll
.

------- Sigcheck -------

2004-08-04 00:56 14336 8f078ae4ed187aaabc0a305146de6716 c:\windows\$NtServicePackUninstall$\svchost.exe
2007-12-01 00:26 14336 0c82b0ae50bb2bc8a96a753f4edc495f c:\windows\ServicePackFiles\i386\svchost.exe
2007-12-01 00:26 14336 0c82b0ae50bb2bc8a96a753f4edc495f c:\windows\system32\svchost.exe

2004-08-04 00:56 577024 c72661f8552ace7c5c85e16a3cf505c4 c:\windows\$NtServicePackUninstall$\user32.dll
2007-12-01 00:26 578560 6c74c62ecdc3981a7f1f8f1656b27871 c:\windows\ServicePackFiles\i386\user32.dll
2007-12-01 00:26 578560 6c74c62ecdc3981a7f1f8f1656b27871 c:\windows\system32\user32.dll

2004-08-04 00:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 c:\windows\$NtServicePackUninstall$\ws2_32.dll
2007-12-01 00:26 82432 36f8f7a2ef12ed817fc16c3248e39092 c:\windows\ServicePackFiles\i386\ws2_32.dll
2007-12-01 00:26 82432 36f8f7a2ef12ed817fc16c3248e39092 c:\windows\system32\ws2_32.dll

2004-08-04 00:56 656384 c0823fc5469663ba63e7db88f9919d70 c:\windows\$NtServicePackUninstall$\wininet.dll
2007-12-01 00:26 666112 e7f441cde6e418bb68fc700872c004a0 c:\windows\ie7\wininet.dll
2007-12-01 00:26 666112 e7f441cde6e418bb68fc700872c004a0 c:\windows\ServicePackFiles\i386\wininet.dll
2007-08-13 18:54 818688 a4a0fc92358f39538a6494c42ef99fe9 c:\windows\system32\wininet.dll
2007-08-13 18:54 818688 a4a0fc92358f39538a6494c42ef99fe9 c:\windows\system32\dllcache\wininet.dll

2004-08-03 23:14 359040 9f4b36614a0fc234525ba224957de55c c:\windows\$NtServicePackUninstall$\tcpip.sys
2007-11-30 18:18 361344 19ebda988da80f133dc9e28a50f606e8 c:\windows\ServicePackFiles\i386\tcpip.sys
2007-11-30 18:18 361344 19ebda988da80f133dc9e28a50f606e8 c:\windows\system32\drivers\tcpip.sys

2004-08-04 00:56 502272 01c3346c241652f43aed8e2149881bfe c:\windows\$NtServicePackUninstall$\winlogon.exe
2007-12-01 00:26 507904 45ffe966290b9c4ba659325561de4830 c:\windows\ServicePackFiles\i386\winlogon.exe
2007-12-01 00:26 507904 45ffe966290b9c4ba659325561de4830 c:\windows\system32\winlogon.exe

2004-08-03 23:14 182912 558635d3af1c7546d26067d5d9b6959e c:\windows\$NtServicePackUninstall$\ndis.sys
2007-11-30 18:18 182656 d1b364f049eb84a883c8a45d3b92ff3b c:\windows\ServicePackFiles\i386\ndis.sys
2007-11-30 18:18 182656 d1b364f049eb84a883c8a45d3b92ff3b c:\windows\system32\drivers\ndis.sys

2004-08-03 23:00 29056 4448006b6bc60e6c027932cfc38d6855 c:\windows\$NtServicePackUninstall$\ip6fw.sys
2007-11-30 17:44 36608 ef9bb587e33c2c245b5b83e882501ff6 c:\windows\ServicePackFiles\i386\ip6fw.sys
2007-11-30 17:44 36608 ef9bb587e33c2c245b5b83e882501ff6 c:\windows\system32\drivers\ip6fw.sys

2004-08-03 22:59 2015232 fb142b7007ca2eea76966c6c5cc12150 c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
2007-11-30 17:25 2065792 a809f109717bcc7ddd72e8715998add8 c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
2007-11-30 17:25 2023936 20149e35c5852fa94011fa96b9cb4ad8 c:\windows\system32\ntkrnlpa.exe

2004-08-03 23:18 2148352 626309040459c3915997ef98ec1c8d40 c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
2007-11-30 18:25 2188928 13cfbf3dd054291af3e9b040d0b5c8a7 c:\windows\ServicePackFiles\i386\ntoskrnl.exe
2007-11-30 18:22 2145280 e8bce0516a035ace1c4a00a07a30350f c:\windows\system32\ntoskrnl.exe

2007-12-01 00:26 1033728 e0ee428f4777a3cd8760bad61f87abed c:\windows\explorer.exe
2004-08-04 00:56 1032192 a0732187050030ae399b241436565e64 c:\windows\$NtServicePackUninstall$\explorer.exe
2007-12-01 00:26 1033728 e0ee428f4777a3cd8760bad61f87abed c:\windows\ServicePackFiles\i386\explorer.exe

2004-08-04 00:56 108032 c6ce6eec82f187615d1002bb3bb50ed4 c:\windows\$NtServicePackUninstall$\services.exe
2007-12-01 00:26 108544 76727219614a50b2db29bd0cda4260d5 c:\windows\ServicePackFiles\i386\services.exe
2007-12-01 00:26 108544 76727219614a50b2db29bd0cda4260d5 c:\windows\system32\services.exe

2004-08-04 00:56 13312 84885f9b82f4d55c6146ebf6065d75d2 c:\windows\$NtServicePackUninstall$\lsass.exe
2007-12-01 00:26 13312 4dd0637ae896eb8e00df331d1cccfc5c c:\windows\ServicePackFiles\i386\lsass.exe
2007-12-01 00:26 13312 4dd0637ae896eb8e00df331d1cccfc5c c:\windows\system32\lsass.exe

2004-08-04 00:56 15360 24232996a38c0b0cf151c2140ae29fc8 c:\windows\$NtServicePackUninstall$\ctfmon.exe
2007-12-01 00:26 15360 e6735d6e15457e06fede517051af0d70 c:\windows\ServicePackFiles\i386\ctfmon.exe
2007-12-01 00:26 15360 e6735d6e15457e06fede517051af0d70 c:\windows\system32\ctfmon.exe

2004-08-04 00:56 57856 7435b108b935e42ea92ca94f59c8e717 c:\windows\$NtServicePackUninstall$\spoolsv.exe
2007-12-01 00:26 57856 0dd64932b9a6394b53222b7fd294d12a c:\windows\ServicePackFiles\i386\spoolsv.exe
2007-12-01 00:26 57856 0dd64932b9a6394b53222b7fd294d12a c:\windows\system32\spoolsv.exe

2004-08-04 00:56 24576 39b1ffb03c2296323832acbae50d2aff c:\windows\$NtServicePackUninstall$\userinit.exe
2007-12-01 00:26 26112 813b2e9c4caea05fba51a442fab7a95d c:\windows\ServicePackFiles\i386\userinit.exe
2007-12-01 00:26 26112 813b2e9c4caea05fba51a442fab7a95d c:\windows\system32\userinit.exe

2004-08-04 00:56 295424 b60c877d16d9c880b952fda04adf16e6 c:\windows\$NtServicePackUninstall$\termsrv.dll
2007-12-01 00:26 295424 03178da1a2b7c9b918e5062b2080d732 c:\windows\ServicePackFiles\i386\termsrv.dll
2007-12-01 00:26 295424 03178da1a2b7c9b918e5062b2080d732 c:\windows\system32\termsrv.dll

2004-08-04 00:56 983552 888190e31455fad793312f8d087146eb c:\windows\$NtServicePackUninstall$\kernel32.dll
2007-12-01 00:25 989696 64b3a42738ce5bfb1a4b96971521329a c:\windows\ServicePackFiles\i386\kernel32.dll
2007-12-01 00:25 989696 64b3a42738ce5bfb1a4b96971521329a c:\windows\system32\kernel32.dll

2004-08-04 00:56 17408 1b5f6923abb450692e9fe0672c897aed c:\windows\$NtServicePackUninstall$\powrprof.dll
2007-12-01 00:25 17408 cdd4433ede84a9266363507111095b4e c:\windows\ServicePackFiles\i386\powrprof.dll
2007-12-01 00:25 17408 cdd4433ede84a9266363507111095b4e c:\windows\system32\powrprof.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2008-04-10 1107848]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"= ctwdm32.dll
"msacm.l3fhg"= mp3fhg.acm
"msacm.divxa32"= divxa32.acm
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Program Neighborhood Agent.lnk]
backup=c:\windows\pss\Program Neighborhood Agent.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a--c--- 2008-01-11 22:16 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
-ra------ 2007-03-01 10:37 2321600 c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-10-19 20:16 286720 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
--------- 2008-02-20 13:22 356352 c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"sdCoreService"=3 (0x3)
"sdAuxService"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"="0x00000000"
"UpdatesDisableNotify"="0x00000000"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IEPro\\MiniDM.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"22296:TCP"= 22296:TCP:BitComet 22296 TCP
"22296:UDP"= 22296:UDP:BitComet 22296 UDP

R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2008-08-07 13352]
R3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208]
R3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]
R3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]
R3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]
R3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s115obex.sys [2007-04-23 98568]
R3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\DRIVERS\s3017bus.sys [2007-12-10 83880]
R3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s3017mdfl.sys [2007-12-10 15016]
R3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s3017mdm.sys [2007-12-10 110632]
R3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s3017mgmt.sys [2007-12-10 104616]
R3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\DRIVERS\s3017nd5.sys [2007-12-10 25512]
R3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s3017obex.sys [2007-12-10 100648]
R3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\DRIVERS\s3017unic.sys [2007-12-10 110120]
R3 XDva136;XDva136; [x]
S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-04-10 337800]


--- Other Services/Drivers In Memory ---

*Deregistered* - AFD
*Deregistered* - audstub
*Deregistered* - Beep
*Deregistered* - Browser
*Deregistered* - DcomLaunch
*Deregistered* - Dhcp
*Deregistered* - dmio
*Deregistered* - dmload
*Deregistered* - Dnscache
*Deregistered* - emu10k1
*Deregistered* - Fastfat
*Deregistered* - Fips
*Deregistered* - FltMgr
*Deregistered* - Ftdisk
*Deregistered* - Gpc
*Deregistered* - IKFileSec
*Deregistered* - IKSysFlt
*Deregistered* - IKSysSec
*Deregistered* - IpNat
*Deregistered* - IPSec
*Deregistered* - KSecDD
*Deregistered* - lanmanserver
*Deregistered* - lanmanworkstation
*Deregistered* - LmHosts
*Deregistered* - mchInjDrv
*Deregistered* - mnmdd
*Deregistered* - Mouclass
*Deregistered* - MountMgr
*Deregistered* - MRxDAV
*Deregistered* - MRxSmb
*Deregistered* - Msfs
*Deregistered* - mssmbios
*Deregistered* - Mup
*Deregistered* - NDIS
*Deregistered* - NdisTapi
*Deregistered* - Ndisuio
*Deregistered* - NdisWan
*Deregistered* - NDProxy
*Deregistered* - NetBIOS
*Deregistered* - NetBT
*Deregistered* - Npfs
*Deregistered* - Ntfs
*Deregistered* - Null
*Deregistered* - NVSvc
*Deregistered* - PartMgr
*Deregistered* - ParVdm
*Deregistered* - PptpMiniport
*Deregistered* - PSched
*Deregistered* - RasAcd
*Deregistered* - Rasl2tp
*Deregistered* - RasPppoe
*Deregistered* - Raspti
*Deregistered* - Rdbss
*Deregistered* - RDPCDD
*Deregistered* - rdpdr
*Deregistered* - RpcSs
*Deregistered* - sdAuxService
*Deregistered* - sdCoreService
*Deregistered* - seclogon
*Deregistered* - sfman
*Deregistered* - sptd
*Deregistered* - sr
*Deregistered* - Srv
*Deregistered* - swenum
*Deregistered* - Tcpip
*Deregistered* - TermDD
*Deregistered* - Themes
*Deregistered* - Udfs
*Deregistered* - Update
*Deregistered* - VgaSave
*Deregistered* - VolSnap
*Deregistered* - W32Time
*Deregistered* - Wanarp
*Deregistered* - WebClient
*Deregistered* - wuauserv
*Deregistered* - WudfPf
*Deregistered* - WudfSvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0b224ef0-c93d-11dd-be3b-00179a379594}]
\Shell\AutoRun\command - h:\wd_windows_tools\Setup.exe
.
Contents of the 'Scheduled Tasks' folder

2009-01-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57]

2009-02-04 c:\windows\Tasks\ErrorFix Scan.job
- c:\program files\ErrorFix\ErrorFix.exe []

2009-02-04 c:\windows\Tasks\ErrorFix Scan.job
- c:\program files\ErrorFix []
.
.
------- Supplementary Scan -------
.
FF - ProfilePath - c:\documents and settings\Bing\Application Data\Mozilla\Firefox\Profiles\9eu6bvwk.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - www.google.com.sg
FF - plugin: c:\program files\Mozilla Firefox\plugins\npicaN.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-09 22:31:43
Windows 5.1.2600 Service Pack 3, v.3264 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\SQLOLEDB*Enumerator]
@="Microsoft OLE DB Enumerator for SQL Server"

[HKEY_LOCAL_MACHINE\software\Classes\SQLOLEDB*Enumerator\Clsid]
@="{DFA22B8E-E68D-11d0-97E4-00C04FC2AD98}"
.
Completion time: 2009-02-09 23:49:40
ComboFix-quarantined-files.txt 2009-02-09 15:49:36
ComboFix2.txt 2009-02-09 12:46:23

Pre-Run: 17,954,254,848 bytes free
Post-Run: 17,881,391,104 bytes free

Current=6 Default=6 Failed=5 LastKnownGood=7 Sets=1,2,3,4,5,6,7
295

BC AdBot (Login to Remove)

 


#2 rigel

rigel

    FD-BC


  • Members
  • 12,944 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina - USA
  • Local time:03:54 PM

Posted 09 February 2009 - 09:20 PM

Hello Allen83

Please note the message text in blue at the top of the Am I infected? What do I do? forum.

ComboFix logs should not to be posted outside the HijackThis forums and then only when requested by a HJT Team member. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

Please create a new topic explaining the nature of your problem in the Am I infected? What do I do? forum. Describe pop-ups and system tray or desktop icons that have appeared. Explain what is "going wrong" with your computer. Note any tools you have used and their respective results.

If needed, we will direct you to our HJT Preparation Guide.

Thank you for using BleepingComputer as your malware removal source.

This topic is now closed. If you have any questions, please PM me or another Moderator.
The BC Staff

"In a world where you can be anything, be yourself." ~ unknown

"Fall in love with someone who deserves your heart. Not someone who plays with it. Will Smith





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users