Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Access Denied


  • This topic is locked This topic is locked
2 replies to this topic

#1 baldeagle39

baldeagle39

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:26 AM

Posted 22 March 2009 - 11:11 PM

I have a Lenovo K100 with Vista Home Premium with SP1. It has a small C drive and large D drive so most programs are on D drive. Over the past 6 weeks programs are one by one failing to operate, stating "access denied". I am an administrator and the only user. FIrst, MagicJack failed to load, then AnyDVD, then Picasa 3 tried to do an update and it failed. All stated "Access Denied". Then PaperPort would start but close as soon as I changed anything. I tried to install AdAware to D and it failed. It installed on C. Install of Spybot also failed on D but OK on C. All say access denied. I even tried the hidden Admistrator user to install with the same results. In trying to upgrade Picasa (which won't start, saying access denied) I tried to remove the Picasa folders. All are access denied, even with the Administrator user. All these programs worked previously. Not aware of any new programs added just prior to start of problems. Certainly nothing new added before PaperPort stopped working. All the Access Denied issues are on the D drive programs (almost none on C).
Below is result of DDS scan. I also have ComboFix and Gmer logs if required.

DDS (Ver_09-03-16.01) - NTFSx86
Run by Dennis at 20:28:50.15 on Sun 03/22/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.5.0_14
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3054.1474 [GMT -7:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
D:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
C:\Windows\system32\atashost.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
C:\Program Files\DynDNS Updater\DynUpSvc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
D:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
D:\Program Files\LogMeIn\x86\RaMaint.exe
D:\Program Files\LogMeIn\x86\LogMeIn.exe
D:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
C:\Program Files\Trend Micro\OKAVAgent\OKAVAgent.exe
C:\Program Files\Visioneer\OneTouch 4.0\OtService.exe
C:\Windows\system32\IoctlSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
C:\Windows\system32\locator.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
C:\Program Files\Visioneer\OneTouch 4.0\OtMonEx.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
D:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Windows\system32\wbem\wmiprvse.exe
D:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Windows\system32\wbem\unsecapp.exe
D:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Windows\system32\vssvc.exe
D:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
D:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Windows\system32\taskeng.exe
D:\Program Files\Palm\Hotsync.exe
D:\Program Files\Palm\AlarmApp_PSI.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\Explorer.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
D:\Users\Dennis\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: NCO 2.0 IE BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\common files\symantec shared\coshared\browser\2.6\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - d:\program files\siber systems\ai roboform\roboform.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - d:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - d:\program files\siber systems\ai roboform\roboform.dll
TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\common files\symantec shared\coshared\browser\2.6\CoIEPlg.dll
TB: {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No File
uRun: [cdloader] "c:\users\dennis\appdata\roaming\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [RoboForm] "d:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
mRun: [BtTray] "d:\program files\ivt corporation\bluesoleil\BtTray.exe"
mRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [osCheck] "d:\program files\osCheck.exe"
mRun: [LogMeIn GUI] "d:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "d:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
StartupFolder: c:\users\dennis\appdata\roaming\micros~1\windows\startm~1\programs\startup\alarmm~1.lnk - d:\program files\palm\AlarmApp_PSI.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hotsyn~1.lnk - d:\program files\palm\Hotsync.exe
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Customize Menu - file://d:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Fill Forms - file://d:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://d:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - file://d:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - d:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - d:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - d:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\progra~1\java\jre16~2.0_0\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - d:\progra~1\micros~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - d:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: dyndns.org\defineran
Trusted Zone: turbotax.com
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/43.10/uploader2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://support.magicjack.com/jre-1_5_0_14-windows-i586-p.exe
DPF: {CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://boeing.webex.com/client/T23LBA/webex/ieatgpc.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - d:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\windows\system32\skype4com.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - d:\program files\microsoft office\office12\GrooveShellExtensions.dll

============= SERVICES / DRIVERS ===============

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2008-1-21 21512]
R0 ntdisk;ntdisk;c:\windows\system32\drivers\ntdisk.sys [2008-3-26 24856]
R0 safnt;safnt;c:\windows\system32\drivers\safnt.sys [2008-3-26 16912]
R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\ipsdefs\20090310.004\IDSvix86.sys [2009-3-11 270384]
R2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2008-3-31 19864]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\microsoft small business\business contact manager\BcmSqlStartupSvc.exe [2008-1-11 30312]
R2 DQLWinService;DQLWinService;c:\program files\common files\intel\inteldh\nms\adpplugins\DQLWinService.exe [2007-2-12 208896]
R2 DynDNS Updater;DynDNS Updater;c:\program files\dyndns updater\DynUpSvc.exe [2008-6-23 65536]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-3-9 951632]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-2-18 149352]
R2 LMIInfo;LogMeIn Kernel Information Provider;d:\program files\logmein\x86\rainfo.sys [2008-7-24 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2009-1-12 47640]
R2 NMSCore;Intel® NMSCore;c:\program files\common files\intel\inteldh\nms\nmscore\NMSCore.exe [2007-6-27 317656]
R2 nmsunidr;UniDriver for NMS;c:\windows\system32\drivers\nmsunidr.sys [2007-2-18 5376]
R2 OKAV Agent Service;OKAV Agent Service;c:\program files\trend micro\okavagent\OKAVAgent.exe [2007-5-29 67088]
R2 OneTouch 4.0 Monitor;OneTouch 4.0 Monitor;c:\program files\visioneer\onetouch 4.0\OtService.exe [2007-8-23 131072]
R2 QualityManager;Intel® Quality Manager;c:\program files\intel\inteldh\intel media server\media server\bin\QualityManager.exe [2007-6-27 272600]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-2-27 101936]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2007-7-18 968064]
R3 IntelDH;IntelDH Driver;c:\windows\system32\drivers\IntelDH.sys [2008-3-26 5632]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2008-1-21 26248]
R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2009-2-19 41008]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-1-12 23888]
S3 DHTRACE;Intel® DHTrace Controller;c:\program files\common files\intel\inteldh\bin\DHTraceController.exe [2007-6-27 39640]
S3 getPlus® Helper;getPlus® Helper;c:\program files\nos\bin\getPlus_HelperSvc.exe [2008-9-27 33752]
S3 LitModeCtrl;LitModeCtrl;c:\program files\lenovo\powerdial\LitModeCtrl.exe [2008-3-26 92048]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2008-11-24 29263712]
S3 NeroRegInCDSrv;Nero Registry InCD Service;d:\program files\nero\nero8\incd\NBHRegInCDSrv.exe [2008-6-10 53032]

=============== Created Last 30 ================

2009-03-22 10:23 161,792 a------- c:\windows\SWREG.exe
2009-03-22 10:23 98,816 a------- c:\windows\sed.exe
2009-03-22 10:23 <DIR> --d----- C:\ComboFix
2009-03-22 10:22 6,736 a------- c:\windows\system32\drivers\PROCEXP90.SYS
2009-03-22 10:09 15,688 a------- c:\windows\system32\lsdelete.exe
2009-03-22 09:20 <DIR> -cd-h--- c:\programdata\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-03-22 09:20 <DIR> -cd-h--- c:\progra~2\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-03-22 09:19 <DIR> --d----- c:\programdata\Lavasoft
2009-03-22 09:19 <DIR> --d----- c:\program files\Lavasoft
2009-03-22 08:54 <DIR> --d----- c:\programdata\Spybot - Search & Destroy
2009-03-22 08:54 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-03-22 08:54 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
2009-03-14 23:19 <DIR> --d----- c:\program files\WINForms Desktop
2009-03-14 02:32 <DIR> --d----- c:\programdata\FLEXnet
2009-03-14 02:02 <DIR> --d----- c:\program files\common files\Macrovision Shared
2009-03-10 16:58 7,680 a------- c:\windows\system32\spwmp.dll
2009-03-10 16:58 4,096 a------- c:\windows\system32\msdxm.ocx
2009-03-10 16:58 4,096 a------- c:\windows\system32\dxmasf.dll
2009-03-10 16:58 8,147,456 a------- c:\windows\system32\wmploc.DLL
2009-03-10 16:58 268,288 a------- c:\windows\system32\schannel.dll
2009-03-10 16:58 2,033,152 a------- c:\windows\system32\win32k.sys
2009-02-28 10:30 <DIR> --d----- c:\programdata\DynDNS
2009-02-28 10:30 <DIR> --d----- c:\program files\DynDNS Updater
2009-02-28 10:30 <DIR> --d----- c:\progra~2\DynDNS

==================== Find3M ====================

2009-03-14 00:12 129,784 -------- c:\windows\system32\PxAFS.DLL
2009-03-14 00:12 118,520 -------- c:\windows\system32\pxinsi64.exe
2009-03-14 00:12 116,472 -------- c:\windows\system32\pxcpyi64.exe
2009-02-27 10:19 143,360 a------- c:\windows\inf\infstrng.dat
2009-02-27 10:19 86,016 a------- c:\windows\inf\infstor.dat
2009-02-27 10:19 51,200 a------- c:\windows\inf\infpub.dat
2009-02-19 12:31 24,112 a------- c:\windows\system32\drivers\SymIMV.sys
2009-02-19 12:31 9,844 a------- c:\windows\system32\drivers\SymRedir.cat
2009-02-19 12:31 1,611 a------- c:\windows\system32\drivers\SymRedir.inf
2009-02-19 12:31 41,008 a------- c:\windows\system32\drivers\symndisv.sys
2009-02-19 12:31 184,496 a------- c:\windows\system32\drivers\symtdi.sys
2009-02-19 12:31 96,560 a------- c:\windows\system32\drivers\symfw.sys
2009-02-19 12:31 38,576 a------- c:\windows\system32\drivers\symids.sys
2009-02-19 12:31 22,320 a------- c:\windows\system32\drivers\symredrv.sys
2009-02-19 12:31 13,616 a------- c:\windows\system32\drivers\symdns.sys
2009-01-14 23:11 827,392 a------- c:\windows\system32\wininet.dll
2008-08-15 18:58 174 a--sh--- c:\program files\desktop.ini
2008-08-15 18:49 665,600 a------- c:\windows\inf\drvindex.dat
2006-11-02 05:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 05:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 05:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 05:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 02:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 02:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 02:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 02:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2008-10-10 21:47 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2008-10-10 21:47 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2008-10-10 21:47 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat

============= FINISH: 20:29:33.14 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:05:26 AM

Posted 30 March 2009 - 02:45 PM

Welcome to the BleepingComputer Forums.

Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Please post the contents of log.txt.
Thank you for your patience.

Please see Preparation Guide for use before posting about your potential Malware problem.

If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped.

Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so.

While we are working on your HijackThis log, please:
  • Reply to this thread; do not start another!
  • Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so.
  • Do not run any other tool until instructed to do so!
  • Let me know if any of the links do not work or if any of the tools do not work.
  • Tell me about problems or symptoms that occur during the fix.
  • Do not run any other programs or open any other windows while doing a fix.
  • Ask any questions that you have regarding the fix(es), the infection(s), the performance of your computer, etc.
Thanks.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.

#3 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:05:26 AM

Posted 06 April 2009 - 10:51 AM

This subject is now closed. If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you. Include the address of this thread in your request. If you should have a new issue, please start a new topic. This applies only to the original topic starter. Everyone else please begin a New Topic.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users