Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can I please have help with infected computer


  • This topic is locked This topic is locked
1 reply to this topic

#1 randomone

randomone

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:16 PM

Posted 14 August 2009 - 01:55 AM

Can I please have help with infected computer
Im not sure where to post on this site I have a combofix log

ComboFix 09-08-10.06 - Administrator 14/08/2009 18:09.1.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.503.151 [GMT 12:00]
Running from: c:\documents and settings\Administrator\Desktop\combofixworksnow.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Outdated) {FB06448E-52B8-493A-90F3-E43226D3305C}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrator\Application Data\wiaserva.log
c:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\icwsetup.exe
c:\program files\Internet Explorer\Connection Wizard\icwsetup.exe
C:\VDM6D2E.tmp
C:\VDM6D2F.tmp
C:\VDM6D35.tmp
C:\VDM6D36.tmp
c:\windows\Installer\1018ae.msi
c:\windows\Installer\1430a9d.msp
c:\windows\Installer\1b958.msi
c:\windows\Installer\4117b09.msp
c:\windows\Installer\45a1bde.msi
c:\windows\Installer\45a1be4.msi
c:\windows\Installer\50338e2.msp
c:\windows\Installer\5e2120.msi
c:\windows\Installer\8cb2ab7.msi
c:\windows\system32\drivers\f3247840.sys
c:\windows\system32\Microsoft\backup.tftp


.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_GENERIC_HOST_PROCESS_FOR_WIN-32_SERVICE
-------\Legacy_XSML
-------\Service_Generic Host Process for Win-32 Service
-------\Service_XSML
-------\Service_f3247840


((((((((((((((((((((((((( Files Created from 2009-07-14 to 2009-08-14 )))))))))))))))))))))))))))))))
.

2009-08-14 04:31 . 2009-08-14 04:31 27656 ----a-w- c:\windows\system32\drivers\pxsec.sys
2009-08-14 04:31 . 2009-08-14 04:31 22024 ----a-w- c:\windows\system32\drivers\pxscan.sys
2009-08-14 04:31 . 2009-08-14 04:31 -------- d-----w- c:\program files\Prevx
2009-08-14 04:31 . 2009-08-14 04:31 -------- d-----w- c:\documents and settings\All Users\Application Data\PrevxCSI
2009-08-08 21:26 . 2009-08-08 21:26 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{3D91BFA3-4B91-4808-862D-BF7B5E9B6BA9}
2009-08-08 21:26 . 2009-07-30 18:17 2819870 -c--a-w- c:\documents and settings\All Users\Application Data\{3D91BFA3-4B91-4808-862D-BF7B5E9B6BA9}\PPSE.exe
2009-08-08 21:26 . 2009-08-08 21:26 -------- d-----w- c:\program files\ProjectPokemon
2009-08-08 21:25 . 2009-08-08 21:25 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\PackageAware
2009-08-07 06:52 . 2007-12-26 05:30 679936 ----a-w- c:\windows\system32\D3DX81ab.dll
2009-08-07 06:52 . 2007-12-26 05:30 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2009-08-07 06:52 . 2009-08-08 06:54 -------- d-----w- c:\program files\Cheat Engine
2009-07-16 23:03 . 2009-07-16 23:03 107952 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-07-16 23:02 . 2009-07-16 23:02 -------- d-----w- c:\program files\MSBuild
2009-07-16 23:02 . 2009-07-16 23:02 -------- d-----w- c:\windows\system32\XPSViewer
2009-07-16 23:01 . 2009-07-16 23:01 -------- d-----w- c:\program files\Reference Assemblies
2009-07-16 23:01 . 2006-06-29 01:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-07-16 21:11 . 2009-07-16 21:58 -------- d-----w- c:\program files\R4 Commander

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-14 06:24 . 2005-11-30 09:44 -------- d-----w- c:\program files\Symantec AntiVirus
2009-08-14 04:05 . 2004-08-19 05:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2009-08-14 01:22 . 2008-12-08 20:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-08-09 06:41 . 2008-09-07 02:32 34 ----a-w- c:\documents and settings\Administrator\jagex_runescape_preferences.dat
2009-07-16 23:13 . 2008-12-03 10:19 41224 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-13 04:04 . 2009-07-13 04:04 -------- d-----w- c:\documents and settings\LocalService\Application Data\PhotoParade
2009-07-13 01:23 . 2009-07-13 01:17 -------- d-----w- c:\program files\Mp3 To All Converter
2009-07-13 00:17 . 2009-07-12 23:38 -------- d-----w- c:\program files\Common Files\AVSMedia
2009-07-13 00:17 . 2009-07-12 23:38 -------- d-----w- c:\program files\AVS4YOU
2009-07-13 00:17 . 2007-07-07 02:50 -------- d-----w- c:\program files\MP3
2009-07-12 23:38 . 2009-07-12 23:38 -------- d-----w- c:\documents and settings\All Users\Application Data\AVS4YOU
2009-07-12 23:38 . 2009-07-12 23:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\AVS4YOU
2009-07-12 21:13 . 2009-07-12 21:07 -------- d-----w- c:\program files\Project64 1.6
2009-07-12 21:07 . 2009-07-12 21:07 8854 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\Uninstall_Project64__9559F7CA5E344237A2D9D856464AD727.exe
2009-07-12 21:07 . 2009-07-12 21:07 40960 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
2009-07-12 21:07 . 2009-07-12 21:07 40960 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
2009-07-12 12:15 . 2009-07-12 12:15 -------- d-----w- c:\program files\QuickTime
2009-07-12 11:31 . 2007-01-16 19:05 -------- d-----w- c:\documents and settings\Administrator\Application Data\Apple Computer
2009-07-06 22:54 . 2009-07-06 22:54 -------- d-----w- c:\program files\Pokemon World Online
2009-06-18 10:13 . 2009-06-18 10:13 -------- d-----w- c:\program files\Datel
2001-10-04 22:53 . 2004-01-29 22:34 21866 -c--a-w- c:\program files\Common Files\tppupd2k.dll
2008-02-02 10:27 . 2008-03-24 03:47 67696 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2008-02-02 10:27 . 2008-03-24 03:47 54376 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2008-02-02 10:27 . 2008-03-24 03:47 34952 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2008-02-02 10:27 . 2008-03-24 03:47 46720 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2008-02-02 10:27 . 2008-03-24 03:47 172144 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
2009-03-17 03:43 . 2009-03-17 03:43 106496 --sha-r- c:\windows\system32\jpnqys.dll
.

------- Sigcheck -------

[7] 2002-08-29 08:58 332928 244A2F9816BC9B593957281EF577D976 c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2004-08-03 11:14 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2006-04-20 11:38 340480 B8158E2A6112C0A5CA67BC158FC70218 c:\windows\SoftwareDistribution\Download\556eb98436b65a8c1ffae674c83d197f\sp1qfe\tcpip.sys
[-] 2006-04-20 11:51 359808 1DBF125862891817F374F407626967F4 c:\windows\SoftwareDistribution\Download\556eb98436b65a8c1ffae674c83d197f\sp2gdr\tcpip.sys
[-] 2006-04-20 12:18 360576 B2220C618B42A2212A59D91EBD6FC4B4 c:\windows\SoftwareDistribution\Download\556eb98436b65a8c1ffae674c83d197f\sp2qfe\tcpip.sys
[-] 2008-03-31 07:14 359040 3BB4B08619C111C7BE8BDA07AA0DE6A2 c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-03 1667584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vptray"="c:\progra~1\SYMANT~2\VPTray.exe" [2005-06-23 85696]
"Smapp"="c:\program files\Analog Devices\SoundMAX\Smtray.exe" [2002-01-31 81920]
"MplSetUp"="c:\program files\RMClient\MplSetUp.exe" [2000-11-04 40960]
"JobHisInit"="c:\program files\RMClient\JobHisInit.exe" [2003-05-29 135168]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2005-06-21 155648]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2005-06-21 126976]
"CPQEASYACC"="c:\program files\COMPAQ\Easy Access Button Support\StartEAK.exe" [2001-12-15 32768]
"ChkAdmin"="c:\progra~1\Compaq\COMPAQ~1\CHKADMIN.EXE" [2002-01-25 81920]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2005-06-01 48752]
"basicsmssmenu"="c:\program files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" [2007-10-09 169328]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-02-26 185632]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-06 148888]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-03-17 1932568]
"tcnz_McciTrayApp"="c:\program files\tcnz\McciTrayApp.exe" [2008-06-20 1464832]
"Prefs"="c:\program files\oDesk\oDeskLaunch.exe" [2009-05-14 357696]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"PROMon.exe"="PROMon.exe" - c:\windows\system32\PROMon.exe [2002-03-25 73728]

c:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\
Adobe Gamma Loader.exe.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2002-11-21 110592]
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2002-11-21 110592]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-03-17 06:53 10520 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"44470:TCP"= 44470:TCP:JournalService IntelPolicy
"13673:UDP"= 13673:UDP:JournalService 64Profiles
"59215:TCP"= 59215:TCP:JournalService PackagesExplorer
"21832:UDP"= 21832:UDP:JournalService Securityen

R0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys [14/08/2009 4:31 p.m. 22024]
R0 pxsec;pxsec;c:\windows\system32\drivers\pxsec.sys [14/08/2009 4:31 p.m. 27656]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [17/03/2009 6:53 p.m. 325640]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [17/03/2009 6:53 p.m. 107912]
R1 ClntMgmt;Compaq Client Management Driver;c:\windows\system32\drivers\Clntmgmt.sys [25/10/2002 9:49 a.m. 54222]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [17/03/2009 6:52 p.m. 298264]
R2 CpqDfwWebAgent;Compaq Remote Diagnostics Enabling Agent;c:\windows\Cpqdiag\CPQDFWAG.EXE [25/10/2002 9:49 a.m. 212992]
R2 cpqWebDmi;Compaq DMI Web Agent;c:\progra~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe [25/10/2002 9:49 a.m. 24576]
R2 csiscanner;CSIScanner;c:\program files\Prevx\prevx.exe [14/08/2009 4:31 p.m. 4368952]
R2 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [23/06/2005 6:27 p.m. 124608]
S2 aatswygwq;aatswygwq;c:\windows\system32\svchost.exe -k netsvcs [19/08/2001 2:00 a.m. 14336]
S2 COM+ Event Systemn;COM+ Event Systemn;c:\windows\SYSTEM32\mmso.exe -u --> c:\windows\SYSTEM32\mmso.exe -u [?]
S2 lakstfn;lakstfn;c:\windows\system32\svchost.exe -k netsvcs [19/08/2001 2:00 a.m. 14336]
S2 SRauto;Microsoft Backup;c:\windows\system32\svchost.exe -k netsvcs [19/08/2001 2:00 a.m. 14336]
S2 Windos Service Protocol Line;Windos Service Protocol Line;"c:\windows\wspl.exe" --> c:\windows\wspl.exe [?]
S2 xtuajq;xtuajq;c:\windows\system32\svchost.exe -k netsvcs [19/08/2001 2:00 a.m. 14336]
S2 xyayihigm;xyayihigm;c:\windows\system32\svchost.exe -k netsvcs [19/08/2001 2:00 a.m. 14336]
S3 INIDVD;Initio USB DVD Filter Driver;c:\windows\system32\drivers\inidvd.sys [2/01/2009 1:02 p.m. 7936]
S3 TPP300;USB Storage Adapter V3 (TPP);c:\windows\system32\DRIVERS\TPP300.SYS --> c:\windows\system32\DRIVERS\TPP300.SYS [?]

--- Other Services/Drivers In Memory ---

*Deregistered* - EraserUtilDrv10633

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
SRauto
xtuajq
xyayihigm
aatswygwq
lakstfn
.
Contents of the 'Scheduled Tasks' folder

2009-08-14 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-08 02:31]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Internet Connection Wizard Setup Tool - c:\program files\Internet Explorer\Connection Wizard\icwsetup.exe
HKLM-Run-POINTER - point32.exe
HKLM-Run-StarUpdater - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.nz/
mSearch Bar = hxxp://go.compaq.com/1Q00CDT/0409/bl8.asp
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
IE: Add to AMV Converter... - c:\program files\MP3 Player Utilities 4.05\AMVConverter\grab.html
IE: Add to Media Manager... - c:\program files\MP3 Player Utilities 4.05\MediaManager\grab.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: 0.0.0.0
Trusted Zone: google.com\www
Trusted Zone: lulu.com\www
Trusted Zone: motive.com
Trusted Zone: motive.com\ptcnztbc.tcnz
Trusted Zone: telecom.co.nz\www
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\5drevhen.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.nz
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-14 18:24
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\INIDVD]
"ImagePath"=multi:"system32\DRIVERS\inidvd.sys\00"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\INIDVD]
"ImagePath"=multi:"system32\DRIVERS\inidvd.sys\00"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3852)
c:\windows\System32\shdoclc.dll
c:\windows\system32\msi.dll
c:\program files\Microsoft Office\OFFICE11\msohev.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe
c:\compaq\ACLIENT\AClient.exe
c:\program files\Microsoft Hardware\Mouse\point32.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Seagate\Basics\Service\SyncServicesBasics.exe
c:\program files\COMPAQ\Easy Access Button Support\CpqEAKSystemTray.exe
c:\program files\COMPAQ\Easy Access Button Support\CPQEADM.exe
c:\compaq\eakdrv\EAUSBKBD.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\progra~1\COMPAQ\EASYAC~1\BttnServ.exe
c:\program files\Common Files\Symantec Shared\ccSetMgr.exe
c:\program files\COMPAQ\Compaq Management Agents\Cpqalert.exe
c:\program files\oDesk\oDeskCommonPrefs.exe
c:\program files\Symantec AntiVirus\DefWatch.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\windows\system32\snmp.exe
c:\program files\Symantec AntiVirus\Rtvscan.exe
c:\program files\COMPAQ\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe
c:\windows\system32\MsPMSPSv.exe
c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\progra~1\COMPAQ\COMPAQ~1\Cpqdmi.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2009-08-14 18:32 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-14 06:32

Pre-Run: 2,032,381,952 bytes free
Post-Run: 2,025,578,496 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\Windows
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\Windows="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

263



PLease please help locate it thanks!!!

Edited by randomone, 14 August 2009 - 05:31 AM.


BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,911 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:02:16 PM

Posted 14 August 2009 - 01:13 PM

ComboFix logs should not be posted outside the HijackThis forums and only when requested. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert." It is NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

==>Please create a new topic explaining the nature of your problem in the Am I infected? What do I do? forum. Describe pop-ups and system tray or desktop icons that have appeared. Explain what is "going wrong" with your computer. Note any tools you have used and their respective results.<==

If needed, we will direct you to our HJT Preparation Guide.

Thank you for using BleepingComputer as your malware removal source.

At this point, I shall delete your logless topic in the HiJack This forum as I have provided instructions here for posting in the Am I Infected forum. Please retain the Combofix log in the event we need to refer you to the HiJack This forum and the HiJack This Team member requests it.

This topic is now closed.

Orange Blossom ~ forum moderator
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users