Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Horse, JS:Obfuscated-AU


  • This topic is locked This topic is locked
2 replies to this topic

#1 CameronRedd

CameronRedd

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:45 AM

Posted 26 July 2009 - 02:12 AM

Avast notified me that a trojan horse was found.

Malware name: JS:Obfuscated-AD [Trj]
Maware type: Trojan Horse


Avast doesn't seem to be able to fix the problem. Each time, I clicked on the remove button, as each of the files was located in a temp directory. (C drive /admin /local settings /temp)

I have also tried the MS malware remover & Ad Aware to no avail.

I want to thank you in advance for the time and effort ya'll this problem.



DDS (Ver_09-06-26.01) - NTFSx86
Run by Admin at 1:41:17.09 on Sun 07/26/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2303.1398 [GMT -5:00]

AV: Lavasoft Ad-Watch Live! Anti-Virus *On-access scanning disabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
AV: avast! antivirus 4.8.1335 [VPS 090725-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Drive Space Indicator\DrvSpace.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\Styler\Styler.exe
svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Windows Sidebar\Sidebar.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\WINDOWS\msa.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\M0HILOJ3\dds[1].scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://my.yahoo.com/
uSearch Page =
uSearch Bar =
mSearchAssistant =
uURLSearchHooks: F.T.A. Toolbar: {f904d379-5b2e-44ee-96c9-3b51bd98696c} - c:\program files\f.t.a\tbF.T..dll
uURLSearchHooks: ONLINE-TV Toolbar: {a8baaddd-ab98-4cdb-84cc-3c9ed9f38d1e} - c:\program files\online-tv\tbONL0.dll
mWinlogon: SfcDisable=-99 (0xffffff9d)
mWinlogon: UIHost=c:\windows\system32\logonuiX.exe
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: XML Class: {500bca15-57a7-4eaf-8143-8c619470b13d} - c:\windows\system32\msxml71.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: ONLINE-TV Toolbar: {a8baaddd-ab98-4cdb-84cc-3c9ed9f38d1e} - c:\program files\online-tv\tbONL0.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: Flash and Media Capture Helper: {e8803722-a7f5-45c5-b39a-a8b244486ec2} - c:\program files\metaproducts flash & media capture\FMCapt.dll
BHO: F.T.A. Toolbar: {f904d379-5b2e-44ee-96c9-3b51bd98696c} - c:\program files\f.t.a\tbF.T..dll
TB: StylerToolBar: {d2f8f919-690b-4ea2-9fa7-a203d1e04f75} - c:\program files\styler\tb\StylerTB.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: F.T.A. Toolbar: {f904d379-5b2e-44ee-96c9-3b51bd98696c} - c:\program files\f.t.a\tbF.T..dll
TB: ONLINE-TV Toolbar: {a8baaddd-ab98-4cdb-84cc-3c9ed9f38d1e} - c:\program files\online-tv\tbONL0.dll
TB: Flash and Media Capture Bar: {650eb965-8a1d-41c9-a941-0578f5cfc569} - c:\program files\metaproducts flash & media capture\FMCapt.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMBgMonitor.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [Google Update] "c:\documents and settings\admin\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Monopod] c:\docume~1\admin\locals~1\temp\b.exe
mRun: [DriveSpace] c:\program files\drive space indicator\DrvSpace.exe
mRun: [LogonStudio] "c:\program files\wincustomize\logonstudio\logonstudio.exe" /RANDOM
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [PrinTray] c:\windows\system32\spool\drivers\w32x86\3\printray.exe
mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [GroupManager] c:\program files\avg internet security\groupmanager.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Lexmark X73 Button Monitor] c:\progra~1\lexmar~1\ACMonitor_X73.exe
mRun: [Lexmark X73 Button Manager] c:\progra~1\lexmar~1\AcBtnMgr_X73.exe
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
dRunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32
StartupFolder: c:\docume~1\admin\startm~1\programs\startup\styler.lnk - c:\docume~1\admin\applic~1\microsoft\installer\{e9ecf354-2422-4fdb-9abf-d8adac0ef941}\_585b207a.exe
StartupFolder: c:\documents and settings\all users\start menu\programs\startup\Qs Black Shine Blue.wsstyles
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: Save &image with Flash and Media Capture - c:\program files\metaproducts flash & media capture\FMCapt.dll/saveimg.htm
IE: Save &media files with Flash and Media Capture - c:\program files\metaproducts flash & media capture\FMCapt.dll/savemedia.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
IE: {F6F76DF4-FD65-4DE7-942F-4BD5DE9B1C6B} - {B3DA38C9-7C7B-4C32-8A65-8745B3B6085E} - c:\program files\metaproducts flash & media capture\FMCapt.dll
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photos.walmart.com/WalmartActivia.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase1140.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1241850256734
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
DPF: {F773E7B2-62A9-4524-9109-87D2F0BEFAA4} - hxxp://zone.msn.com/bingame/zpagames/zpa_kqrp.cab56961.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Notify: avgrsstarter - avgrsstx.dll
Notify: WBSrv - c:\progra~1\stardock\object~1\window~1\wbsrv.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-6-16 64160]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-5-9 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-5-9 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-5-9 138680]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-19 1029456]
R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-5-9 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-5-9 352920]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2009-5-9 29208]
R3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [2004-4-19 6656]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2009-5-9 29208]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-1-25 42000]

=============== Created Last 30 ================

2009-07-26 01:22 142,340 a------- c:\windows\system32\msxml71.dll
2009-07-25 19:20 <DIR> --d----- c:\program files\AVG
2009-07-25 14:28 142,336 a------- c:\windows\msa.exe
2009-07-23 21:33 <DIR> --d----- C:\Movavi files
2009-07-23 21:01 <DIR> --d----- c:\program files\FreeTime
2009-07-15 05:31 119,808 -------- c:\windows\system32\dllcache\t2embed.dll
2009-07-15 05:31 81,920 -------- c:\windows\system32\dllcache\fontsub.dll
2009-07-14 20:49 <DIR> --d----- c:\program files\Movavi VideoSuite 7
2009-07-13 19:36 <DIR> --d----- c:\program files\DVD Shrink
2009-07-13 19:30 <DIR> --d----- c:\program files\SlySoft
2009-07-13 19:05 <DIR> --d----- C:\temp_dvd
2009-07-13 19:01 120 a------- c:\windows\system32\msadio.dll
2009-07-13 19:01 <DIR> --d----- c:\program files\DVD-Cloner Platinum
2009-07-08 00:13 <DIR> --d----- c:\program files\common files\MetaProducts
2009-07-08 00:13 <DIR> --d----- c:\program files\MetaProducts Flash & Media Capture
2009-07-07 00:33 <DIR> --d----- c:\program files\WinPcap
2009-07-07 00:31 <DIR> --d----- c:\program files\WMR11
2009-07-06 11:24 <DIR> --d----- c:\program files\ONLINE-TV
2009-07-06 11:14 <DIR> --dsh--- c:\documents and settings\admin\IECompatCache
2009-07-06 11:13 <DIR> --dsh--- c:\documents and settings\admin\PrivacIE
2009-07-06 11:04 <DIR> --dsh--- c:\documents and settings\admin\IETldCache
2009-07-06 10:33 102,912 -------- c:\windows\system32\dllcache\iecompat.dll
2009-07-06 10:33 <DIR> --d----- c:\windows\ie8updates
2009-07-06 10:33 12,800 -------- c:\windows\system32\dllcache\xpshims.dll
2009-07-06 10:33 246,272 -------- c:\windows\system32\dllcache\ieproxy.dll
2009-07-06 10:31 <DIR> -cd-h--- c:\windows\ie8
2009-07-01 09:16 <DIR> --d----- c:\docume~1\admin\applic~1\OverDrive

==================== Find3M ====================

2009-06-19 03:21 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-06-18 02:54 0 a---h--- c:\windows\system32\drivers\Msft_User_ZuneDriver_01_07_00.Wdf
2009-06-18 02:54 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_WinUSB_01007.Wdf
2009-06-18 02:53 0 a---h--- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-06-18 00:05 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_zumbus_01007.Wdf
2009-06-18 00:05 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-06-16 17:46 15,688 a------- c:\windows\system32\lsdelete.exe
2009-06-16 17:44 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-06-16 09:36 119,808 a------- c:\windows\system32\t2embed.dll
2009-06-16 09:36 81,920 a------- c:\windows\system32\fontsub.dll
2009-06-16 02:28 265,797 a------- c:\windows\system32\pdvcodec.dll
2009-06-11 15:33 104,512 a------- c:\windows\system32\drivers\AnyDVD.sys
2009-06-03 14:09 1,291,264 a------- c:\windows\system32\quartz.dll
2009-06-03 14:09 1,291,264 -------- c:\windows\system32\dllcache\quartz.dll
2009-05-25 07:01 89,256 a------- c:\windows\system32\ElbyCDIO.dll
2009-05-13 00:15 915,456 a------- c:\windows\system32\wininet.dll
2009-05-13 00:15 5,936,128 -------- c:\windows\system32\dllcache\mshtml.dll
2009-05-13 00:15 915,456 -------- c:\windows\system32\dllcache\wininet.dll
2009-05-09 00:22 50,968 a------- c:\windows\system32\avgfwdx.dll
2009-05-08 23:33 4,212 ----h--- c:\windows\system32\zllictbl.dat
2009-05-07 10:32 345,600 a------- c:\windows\system32\localspl.dll
2009-05-07 10:32 345,600 -------- c:\windows\system32\dllcache\localspl.dll
2009-05-06 15:57 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-05-05 13:57 10,499,072 a------- c:\windows\system32\logonuiX.exe
2009-05-05 13:47 21,640 a------- c:\windows\system32\emptyregdb.dat
2009-04-30 16:22 1,985,024 -------- c:\windows\system32\dllcache\iertutil.dll
2009-04-30 16:22 11,064,832 -------- c:\windows\system32\dllcache\ieframe.dll
2009-04-30 16:22 1,207,808 -------- c:\windows\system32\dllcache\urlmon.dll
2009-04-30 16:22 25,600 -------- c:\windows\system32\dllcache\jsproxy.dll
2009-04-30 16:22 385,536 -------- c:\windows\system32\dllcache\iedkcs32.dll
2009-04-30 06:21 173,056 -------- c:\windows\system32\dllcache\ie4uinit.exe
2009-04-28 23:49 132,608 -------- c:\windows\system32\dllcache\extmgr.dll
2009-04-28 04:56 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2001-05-11 11:39 53,248 a------- c:\program files\ACMonitor_X73.exe
2001-05-10 18:05 8,152 a------- c:\program files\OsloD3066.usb
2001-05-10 16:30 46 a------- c:\program files\ACMonitor_X73.ini
2001-05-08 16:36 114,688 a------- c:\program files\lxarscan.dll
2001-04-23 14:22 1,437 a------- c:\program files\gtx73.ini
2001-02-22 09:54 768 a------- c:\program files\x73_lut.dat

============= FINISH: 1:41:44.60 ===============

Attached Files

  • Attached File  Att.zip   2.67KB   4 downloads


BC AdBot (Login to Remove)

 


m

#2 DocSatan

DocSatan

    Bleepin' Wanna-Be


  • Members
  • 2,156 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Boston, Ma.
  • Local time:09:45 AM

Posted 03 August 2009 - 04:11 PM

Hello CameronRedd and Welcome to BleepingComputer.

I'm DocSatan and I will be helping you with your "Malware" related computer problems.

1. Please Post a New DDS Log as the first one is quite old:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please Note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE

2. Additional Instructions:

1. Please TRACK this Topic

  • At the top of this thread (not the top of this web page) there is an Options button, right below the Add Reply and the New Topic buttons.
  • Click on Options
  • Then click on Track This Topic
  • Place a tick mark next to Immediate Email Notification
  • Then click on Proceed
  • You will now receive an e-mail as soon as a Reply is made to this Topic. :thumbup2:
2. Do Not Make Any Changes to the "Infected" Computer.
  • Once you have posted a NEW DDS Log, Do Not make any changes to the computer. I will be researching the DDS Log that you post and any changes made to the system might interfere with the FIX that I prepare for you. Examples of "Changes":
  • Deleting Files/Folders
  • Installing/Uninstalling Programs
  • Running Anti-Virus, Anti-Malware, Anti-Spyware, etc., Programs
3. Please do not seek Help with this issue at another Computer Help Forum
  • While we are working together I must insist that you do not seek help with this matter at any other Help Forum.
  • Having multiple (more than one) Forums provide help for the same computer issue will result in confusion with preparing a Fix.
  • It is also not fair to the Volunteer who is helping you, as her/his time will be wasted trying to fix a computer that someone else is also trying to fix.
  • So, if you have posted at another Computer Help Forum for this same issue I would ask that you choose which Forum that you wish to stay with and inform the other Forum(s) that you no longer require their assistance.
4. Throughout the course of us working together, I will be posting step-by-step procedures for you to follow on your computer.
  • If at any time you do not fully understand what I have said, or you are not exactly sure what you are supposed to do, then please stop there and Post back to this topic and ask your questions. That way I will be able to more clearly explain the step/procedure and we won't have to worry about any steps being done incorrectly. :)

Doc.

Edited by DocSatan, 03 August 2009 - 05:26 PM.


#3 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,301 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:06:45 AM

Posted 09 August 2009 - 12:32 AM

Due to lack of feedback, this topic has been closed. Everyone, please start a new topic.
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users