Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DEP Closing userinit Logon, and Taskmgr


  • This topic is locked This topic is locked
1 reply to this topic

#1 heartkore

heartkore

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:37 AM

Posted 28 February 2009 - 01:46 PM

Hello,

New poster.

I have reinstalled windows xp pro on my primary drive a few time and keep having the same issue with DEP closing userinit logon.

I have ran ComboFix and here is the log. I am at a loss...:

ComboFix 09-02-27.02 - Administrator 2009-02-28 12:33:16.1 - NTFSx86 NETWORK
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3583.3333 [GMT -6:00]
Running from: c:\documents and settings\Administrator.KT-188441D62ADA\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\NetworkService\Application Data\NetMon
c:\documents and settings\NetworkService\Application Data\NetMon\domains.txt
c:\documents and settings\NetworkService\Application Data\NetMon\log.txt
c:\documents and settings\Open Labs\Application Data\gadcom
c:\documents and settings\Open Labs\Application Data\SpeedRunner
c:\documents and settings\Open Labs\Local Settings\Temporary Internet Files\bestwiner.stt
c:\documents and settings\Open Labs\Local Settings\Temporary Internet Files\CPV.stt
c:\documents and settings\Open Labs\Local Settings\Temporary Internet Files\fbk.sts
c:\documents and settings\Open Labs\reader_s.exe
c:\program files\inetget2
c:\program files\Mjcore
c:\program files\network monitor
c:\windows\system32\3.tmp
c:\windows\system32\Cache

c:\windows\system32\userinit.exe . . . is infected!!

c:\windows\system32\spoolsv.exe . . . is infected!!

c:\windows\explorer.exe . . . is infected!!

.
((((((((((((((((((((((((( Files Created from 2009-01-28 to 2009-02-28 )))))))))))))))))))))))))))))))
.

2009-02-28 11:55 . 2009-02-28 11:55 <DIR> d-------- c:\documents and settings\Administrator.KT-188441D62ADA
2009-02-28 11:55 . 2009-02-27 22:37 577,024 --a------ c:\windows\system32\pcsz
2009-02-28 11:55 . 2009-02-28 11:55 105,984 --a------ c:\windows\system32\39.tmp
2009-02-28 11:55 . 2009-02-28 11:55 40 --a------ c:\windows\system32\38.tmp
2009-02-27 23:39 . 2009-02-28 11:49 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2009-02-27 23:36 . 2009-02-27 23:36 <DIR> d-------- c:\documents and settings\kelley.KT-188441D62ADA\Application Data\vlc
2009-02-27 23:17 . 2009-02-27 22:37 577,024 --a------ c:\windows\system32\nlabcj
2009-02-27 23:17 . 2009-02-27 23:17 40 --a------ c:\windows\system32\2.tmp
2009-02-27 22:57 . 2005-04-18 05:57 18,706,432 -ra------ c:\windows\system32\ALSNDMGR.CPL
2009-02-27 22:57 . 2005-04-18 06:31 9,343,488 -ra------ c:\windows\system32\RTLCPL.EXE
2009-02-27 22:57 . 2005-04-18 20:40 2,317,504 -ra------ c:\windows\system32\drivers\ALCXWDM.SYS
2009-02-27 22:57 . 2004-09-07 00:23 156,672 -ra------ c:\windows\system32\RTLCPAPI.dll
2009-02-27 22:57 . 2002-02-04 23:54 141,016 -ra------ c:\windows\system32\ALSNDMGR.WAV
2009-02-27 22:57 . 2005-04-14 21:01 98,304 -ra------ c:\windows\SOUNDMAN.EXE
2009-02-27 22:41 . 2009-02-27 22:41 0 --a------ c:\windows\mqcd.dbt
2009-02-27 22:40 . 2009-02-28 11:58 77,312 --a------ c:\windows\system32\rkoq.pxf
2009-02-27 22:40 . 2009-02-28 11:58 32,768 --a------ c:\windows\system32\odjan.wa
2009-02-27 22:40 . 2009-02-28 11:58 32,768 --a------ c:\windows\system32\kei1w.an
2009-02-27 22:40 . 2009-02-28 11:58 28,672 --a------ c:\windows\system32\kdoqmn.sr
2009-02-27 22:40 . 2009-02-28 11:58 28,672 --a------ c:\windows\system32\doqkm.zt
2009-02-27 22:39 . 2004-09-06 20:41 102,400 --a------ c:\windows\system32\DICoInst.dll
2009-02-27 22:37 . 2009-02-27 22:37 262,144 --a------ c:\windows\system32\nvtpm32.dll
2009-02-27 22:37 . 2009-02-28 11:55 105,984 --a------ c:\windows\system32\azton.mt
2009-02-27 22:37 . 2009-02-27 22:37 0 --a------ c:\windows\system32\6E.tmp
2009-02-27 22:36 . 2009-02-27 22:37 105,984 --a------ c:\windows\system32\6D.tmp
2009-02-27 22:36 . 2009-02-27 22:36 40 --a------ c:\windows\system32\6C.tmp
2009-02-27 22:35 . 2005-01-19 03:17 5,824 --a------ c:\windows\system32\drivers\ASUSHWIO.SYS
2009-02-27 22:35 . 2009-02-27 22:35 4,553 --a------ c:\windows\Ascd_tmp.ini
2009-02-27 22:33 . 2009-02-27 22:33 <DIR> d-------- c:\documents and settings\kelley.KT-188441D62ADA
2009-02-27 22:32 . 2009-02-27 22:32 <DIR> d--hs---- c:\documents and settings\NetworkService.NT AUTHORITY.001
2009-02-27 22:32 . 2009-02-27 22:32 <DIR> d--hs---- c:\documents and settings\LocalService.NT AUTHORITY.001
2009-02-27 22:32 . 2009-02-27 22:32 8,192 --a------ c:\windows\REGLOCS.OLD
2009-02-27 22:29 . 2004-08-03 19:07 13,463,552 --a--c--- c:\windows\system32\dllcache\hwxjpn.dll
2009-02-27 22:28 . 2004-08-03 19:07 2,134,528 --a--c--- c:\windows\system32\dllcache\smtpsnap.dll
2009-02-27 22:27 . 2009-02-27 22:27 <DIR> d--hs---- c:\documents and settings\All Users.WINDOWS\DRM
2009-02-27 22:26 . 2004-08-03 19:07 4,399,505 --a--c--- c:\windows\system32\dllcache\nls302en.lex
2009-02-27 22:26 . 2009-02-27 22:26 749 -rah----- c:\windows\WindowsShell.Manifest
2009-02-27 22:26 . 2009-02-27 22:26 749 -rah----- c:\windows\system32\wuaucpl.cpl.manifest
2009-02-27 22:26 . 2009-02-27 22:26 749 -rah----- c:\windows\system32\sapi.cpl.manifest
2009-02-27 22:26 . 2009-02-27 22:26 749 -rah----- c:\windows\system32\nwc.cpl.manifest
2009-02-27 22:26 . 2009-02-27 22:26 749 -rah----- c:\windows\system32\ncpa.cpl.manifest
2009-02-27 22:26 . 2009-02-27 22:26 749 -rah----- c:\windows\system32\cdplayer.exe.manifest
2009-02-27 22:26 . 2009-02-27 22:26 488 -rah----- c:\windows\system32\WindowsLogon.manifest
2009-02-27 22:26 . 2009-02-27 22:26 488 -rah----- c:\windows\system32\logonui.exe.manifest
2009-02-27 22:24 . 2004-08-03 19:07 605,696 --a------ c:\windows\system32\getuname.dll
2009-02-27 22:23 . 2004-08-03 19:07 1,352,192 --a--c--- c:\windows\system32\dllcache\cimwin32.dll
2009-02-27 21:22 . 2009-02-27 21:22 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2009-02-27 21:22 . 2009-02-27 21:22 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-27 21:22 . 2009-02-27 21:22 <DIR> d-------- c:\documents and settings\Administrator.BLAH-596213093F\Application Data\Malwarebytes
2009-02-27 21:21 . 2009-02-27 21:22 <DIR> d-------- c:\program files\a-squared Free
2009-02-27 20:56 . 2009-02-27 21:00 <DIR> d-------- c:\documents and settings\Administrator.BLAH-596213093F
2009-02-27 20:39 . 2009-02-27 20:42 <DIR> d-------- c:\documents and settings\kelley.BLAH-596213093F\Application Data\BitTorrent
2009-02-27 20:38 . 2009-02-27 20:46 <DIR> d-------- c:\program files\DNA
2009-02-27 20:38 . 2009-02-27 20:38 <DIR> d-------- c:\program files\BitTorrent
2009-02-27 20:38 . 2009-02-27 20:54 <DIR> d-------- c:\documents and settings\kelley.BLAH-596213093F\Application Data\DNA
2009-02-27 16:20 . 2004-08-03 17:10 38,912 --a------ c:\windows\system32\drivers\avc.sys
2009-02-27 16:20 . 2004-08-03 18:56 21,504 --a------ c:\windows\system32\hidserv.dll
2009-02-27 16:20 . 2001-08-17 07:59 3,072 --a------ c:\windows\system32\drivers\audstub.sys
2009-02-27 16:19 . 2004-08-03 18:56 4,274,816 --a------ c:\windows\system32\nv4_disp.dll
2009-02-27 16:19 . 2004-08-03 16:29 1,897,408 --a------ c:\windows\system32\drivers\nv4_mini.sys
2009-02-27 16:19 . 2004-08-03 16:59 57,472 --a------ c:\windows\system32\drivers\redbook.sys
2009-02-27 16:19 . 2004-08-03 17:10 48,128 --a------ c:\windows\system32\drivers\61883.sys
2009-02-27 16:18 . 2004-08-03 18:56 74,240 --a------ c:\windows\system32\usbui.dll
2009-02-27 16:18 . 2004-08-03 17:07 46,464 --a------ c:\windows\system32\drivers\GAGP30KX.SYS
2009-02-27 16:18 . 2001-08-17 07:46 6,400 --a------ c:\windows\system32\drivers\enum1394.sys
2009-02-27 16:12 . 2009-02-27 22:25 <DIR> dr------- c:\documents and settings\All Users.WINDOWS\Documents
2009-02-27 16:12 . 2004-08-03 19:07 2,012,670 --a--c--- c:\windows\system32\dllcache\NT5.CAT
2009-02-27 16:11 . 2009-02-28 12:24 <DIR> d--h----- c:\documents and settings\Default User.WINDOWS
2009-02-27 16:11 . 2009-02-27 22:27 <DIR> d-------- c:\documents and settings\All Users.WINDOWS
2009-02-27 16:10 . 2009-02-27 22:31 261 --a------ c:\windows\system32\$winnt$.inf
2009-02-26 19:41 . 2009-02-26 22:33 <DIR> d--h----- C:\$AVG8.VAULT$
2009-02-26 19:34 . 2009-02-27 16:06 <DIR> d-------- c:\windows\system32\drivers\Avg
2009-02-26 19:34 . 2009-02-26 19:34 <DIR> d-------- c:\program files\AVG
2009-02-26 19:25 . 2009-02-26 19:25 <DIR> d-------- c:\windows\system32\CatRoot_bak
2009-02-26 18:02 . 2009-02-26 18:02 <DIR> d-------- c:\documents and settings\kelley.BLAH-596213093F\Application Data\earibamd
2009-02-25 13:31 . 2009-02-25 13:31 <DIR> d-------- c:\program files\Trend Micro
2009-02-23 20:27 . 2009-02-23 20:27 <DIR> d-------- C:\Cakewalk Projects
2009-02-23 20:14 . 2009-02-27 16:06 <DIR> d-------- c:\windows\nview
2009-02-23 20:11 . 2009-02-23 20:11 <DIR> d-------- c:\program files\M-Audio Delta
2009-02-23 20:09 . 2009-02-23 20:09 <DIR> d-------- c:\documents and settings\kelley.BLAH-596213093F\Application Data\nView_Wallpaper
2009-02-23 20:04 . 2009-02-23 20:04 <DIR> d-------- c:\program files\ASIO4ALL v2
2009-02-23 19:45 . 2009-02-23 19:58 <DIR> d-------- c:\documents and settings\kelley.BLAH-596213093F\Application Data\vlc
2009-02-23 19:36 . 2009-02-23 19:36 <DIR> d-------- c:\program files\VideoLAN
2009-02-23 16:30 . 2009-02-23 16:30 <DIR> d-------- c:\documents and settings\KELLEY~1~BLA\LOCALS~1
2009-02-23 16:30 . 2009-02-23 16:30 <DIR> d-------- c:\documents and settings\KELLEY~1~BLA
2009-02-20 14:54 . 2009-02-20 14:54 <DIR> d---s---- c:\documents and settings\kelley.BLAH-596213093F\UserData
2009-02-20 14:46 . 2009-02-27 16:06 <DIR> d---s---- c:\windows\system32\config\systemprofile\UserData
2009-02-20 13:01 . 2009-02-20 13:01 <DIR> d--hs---- c:\documents and settings\LocalService.NT AUTHORITY.000
2009-02-20 13:01 . 2009-02-26 18:35 <DIR> d-------- c:\documents and settings\kelley.BLAH-596213093F
2009-02-20 13:00 . 2009-02-20 13:41 <DIR> d--hs---- c:\documents and settings\NetworkService.NT AUTHORITY.000
2009-02-20 12:24 . 2009-02-20 12:24 <DIR> d-------- c:\windows\IIS Temporary Compressed Files
2009-02-20 12:23 . 2009-02-20 12:23 <DIR> d-------- c:\windows\system32\Logfiles
2009-02-20 12:23 . 2009-02-20 12:24 <DIR> d-------- C:\Inetpub
2009-02-20 11:27 . 2009-02-23 20:27 <DIR> d-------- c:\program files\Cakewalk
2009-02-20 11:26 . 2009-02-20 11:26 <DIR> d-------- c:\program files\LUXONIX
2009-02-20 10:57 . 2009-02-20 10:57 <DIR> d-------- c:\documents and settings\Kelley
2009-02-20 10:56 . 2009-02-20 10:56 <DIR> d--hs---- c:\documents and settings\LocalService.NT AUTHORITY
2009-02-20 10:55 . 2009-02-20 10:55 <DIR> d--hs---- c:\documents and settings\NetworkService.NT AUTHORITY
2009-02-20 10:49 . 2004-08-03 19:07 12,288 --a--c--- c:\windows\system32\dllcache\cb32.exe
2009-02-20 10:49 . 2004-08-03 19:07 4,639 --a--c--- c:\windows\system32\dllcache\mplayer2.exe
2009-02-20 10:48 . 2004-08-03 19:07 73,216 --a--c--- c:\windows\system32\dllcache\setup50.exe
2009-02-20 10:48 . 2004-08-03 19:07 30,208 --a--c--- c:\windows\system32\dllcache\wabmig.exe
2009-02-20 10:47 . 2004-08-03 19:07 214,528 --a--c--- c:\windows\system32\dllcache\wordpad.exe
2009-02-20 10:47 . 2004-08-03 19:07 42,577 --a--c--- c:\windows\system32\dllcache\bckgzm.exe
2009-02-20 10:47 . 2004-08-03 19:07 42,575 --a--c--- c:\windows\system32\dllcache\chkrzm.exe
2009-02-20 10:47 . 2004-08-03 19:07 42,574 --a--c--- c:\windows\system32\dllcache\rvsezm.exe
2009-02-20 10:47 . 2004-08-03 19:07 42,573 --a--c--- c:\windows\system32\dllcache\shvlzm.exe
2009-02-20 10:47 . 2004-08-03 19:07 42,573 --a--c--- c:\windows\system32\dllcache\hrtzzm.exe
2009-02-20 04:29 . 2009-02-27 16:10 <DIR> d-------- c:\windows\ehome
2009-02-19 20:39 . 2009-02-20 00:03 <DIR> d-------- c:\program files\a-squared Anti-Malware
2009-02-19 11:16 . 2009-02-19 11:16 <DIR> d-------- c:\program files\Alwil Software
2009-02-19 00:12 . 2009-02-20 00:12 <DIR> d-------- c:\windows\system32\inf
2009-02-15 11:57 . 2009-02-15 11:58 <DIR> d-------- c:\program files\Tag Support Plugin for Media Player
2009-02-14 13:17 . 2009-02-14 13:17 <DIR> d-------- c:\program files\Adobe Media Player
2009-02-14 13:13 . 2009-02-14 13:16 <DIR> d-------- c:\program files\Common Files\Adobe AIR
2009-02-09 14:50 . 2009-02-09 14:52 <DIR> d-------- c:\program files\ICQ6.5
2009-02-09 14:50 . 2009-02-09 14:52 <DIR> d-------- c:\documents and settings\Open Labs\Application Data\ICQ
2009-02-07 20:20 . 2009-02-07 20:20 <DIR> d-------- c:\program files\Real
2009-02-07 20:20 . 2009-02-07 20:20 <DIR> d-------- c:\program files\Common Files\xing shared
2009-02-07 20:20 . 2009-02-07 20:20 <DIR> d-------- c:\program files\Common Files\Real
2009-02-04 16:11 . 2009-02-26 21:05 <DIR> d-------- c:\program files\HomeKeylogger
2009-02-02 11:58 . 2009-02-02 11:58 <DIR> d-------- c:\documents and settings\Open Labs\Application Data\iZotope

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-28 04:37 577,024 ----a-w c:\windows\system32\user32.DLL
2009-02-27 03:05 --------- d-----w c:\program files\Furcadia
2009-02-27 03:05 --------- d-----w c:\program files\DAEMON Tools Lite
2009-02-24 02:26 --------- d-----w c:\program files\VSTplugins
2009-02-24 02:11 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-24 01:39 --------- d-----w c:\program files\AvRack
2009-02-20 17:27 --------- d-----w c:\program files\OpenLabs
2009-02-19 17:39 --------- d-----w c:\program files\Extra Antivir
2009-02-19 04:26 --------- d-----w c:\program files\Java
2009-02-16 05:34 --------- d-----w c:\documents and settings\Open Labs\Application Data\dvdcss
2009-02-15 18:32 --------- d-----w c:\documents and settings\Open Labs\Application Data\Azureus
2009-02-14 19:19 --------- d-----w c:\program files\Common Files\Adobe
2009-02-07 23:38 --------- d-----w c:\documents and settings\Open Labs\Application Data\X-Chat 2
2009-02-02 04:43 --------- d-----w c:\program files\Vuze
2009-01-18 01:29 --------- d-----w c:\documents and settings\Open Labs\Application Data\vlc
2009-01-10 22:04 --------- d-----w c:\program files\u-he
2009-01-10 07:12 --------- d-----w c:\documents and settings\Open Labs\Application Data\mIRC
2009-01-10 06:58 --------- d-----w c:\program files\mIRC
2008-12-29 04:42 --------- d-----w c:\documents and settings\Open Labs\Application Data\Propellerhead Software
2008-12-23 01:29 0 ---ha-w c:\documents and settings\Open Labs\Application Data\.C854E1EAABB8C36B.sys
2008-12-23 01:28 0 ---ha-w c:\documents and settings\Open Labs\Application Data\.C854E1EA6659B183.sys
2008-12-22 00:25 0 ---ha-w c:\documents and settings\Open Labs\Application Data\.C854E1EA28CEB20A.sys
.
file copied: c:\windows\system32\user32.dll -> c:\qoobox\Quarantine\C\WINDOWS\system32\user32.dll.vir ( 577024 bytes )
Infected c:\windows\system32\user32.dll hex repaired


------- Sigcheck -------

2004-08-03 19:07 1049088 7d3058db96e46e8beaa55c5b74c2c2eb c:\windows\explorer.exe
2004-08-03 19:07 1049088 c1ea5452b3e5f4c55f903c64021a55a8 c:\windows\system32\dllcache\explorer.exe

2004-08-03 19:07 32256 cf6d3f0dfe0ad17ab565d94f0cd7bcad c:\windows\system32\ctfmon.exe
2004-08-03 19:07 32256 107fae80d7412069d1d17a0cdc6095a0 c:\windows\system32\dllcache\ctfmon.exe

2004-08-03 19:07 75264 e332ad53e9c765138ba1a1ad725a6f61 c:\windows\system32\spoolsv.exe
2004-08-03 19:07 75264 659c2fc976f0efc3c61d2db8e16bd77f c:\windows\system32\dllcache\spoolsv.exe

2004-08-03 19:07 128000 5e89fbcde40d0c0fcda1e1b0b3d4c454 c:\windows\system32\wuauclt.exe
2004-08-03 19:07 128000 0877f96fdc5cc6d0abe993a172ca8f17 c:\windows\system32\dllcache\wuauclt.exe

2004-08-03 19:07 41472 53f0141d8297b9a148d29d82d0823ff1 c:\windows\system32\userinit.exe
2004-08-03 19:07 41472 0c42a6a79dba103de21e9a06de6706df c:\windows\system32\dllcache\userinit.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FIREBOX"="c:\program files\PreSonus\1394AudioDriver_FIREBox\FIREBOX Control.exe" [2005-01-28 1024000]
"SoundMan"="SOUNDMAN.EXE" [2005-04-14 c:\windows\SOUNDMAN.EXE]

c:\documents and settings\Open Labs\Start Menu\Programs\Startup\
OpenLabsShell.lnk - c:\program files\OpenLabs\OpenLabsShell.exe [2004-04-30 323584]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=

R3 ps_1394;ps_1394;c:\windows\system32\drivers\ps_1394.sys [2006-07-19 97152]
R3 ps_avs;ps_avs;c:\windows\system32\drivers\ps_avs.sys [2006-07-19 24576]
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-28 12:36:27
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-02-28 12:40:13 - machine was rebooted [kelley]
ComboFix-quarantined-files.txt 2009-02-28 18:40:11

Pre-Run: 21,938,450,432 bytes free
Post-Run: 19,889,930,240 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

233

BC AdBot (Login to Remove)

 


#2 Guest_The weatherman_*

Guest_The weatherman_*

  • Guests
  • OFFLINE
  •  

Posted 28 February 2009 - 05:08 PM

Hello heartkore

Please note the message text in blue at the top of the Am I infected? What do I do? forum.

ComboFix logs should not to be posted outside the HijackThis forums and then only when requested by a HJT Team member. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

Please create a new topic explaining the nature of your problem in the Am I infected? What do I do? forum. Describe pop-ups and system tray or desktop icons that have appeared. Explain what is "going wrong" with your computer. Note any tools you have used and their respective results.

If needed, we will direct you to our HJT Preparation Guide.

Thank you for using BleepingComputer as your malware removal source.

This topic is now closed. If you have any questions, please PM me or another Moderator.
The BC Staff




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users