Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected and gettiong pop-ups and etc.


  • This topic is locked This topic is locked
2 replies to this topic

#1 mana347

mana347

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 05 April 2010 - 06:12 PM

I have been getting pop-up for a week now and sometime when I google and try to go to certain website, it takes me to different site. I used Combo fix, Ad-ware, and Spyware Terminator (I've been trying to download Melwarebytes but somehow I can open it). My computer is still acting werid.

So I followed the steps of 'Preparation for Use before Using Malware Removal Tools and Requestion Help'

When I run 'Gmer' my computer freeze and even I could luckily finish scaning, when I tries to save the file, my computer freeze again. (when I started the scan I saw many names on the list some were red)



(HERE IS MY DDS)

DDS (Ver_10-03-17.01) - NTFSx86
Run by Mana Mishina at 4:25:12.42 on Mon 04/05/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1526.466 [GMT -7:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Mana Mishina\Local Settings\Temporary Internet Files\Content.IE5\TXW5EEX4\Defogger[1].exe
C:\Documents and Settings\Mana Mishina\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com
uSearch Bar = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60426
mStart Page = hxxp://www.yahoo.com
uInternet Connection Wizard,ShellNext = hxxp://www.toshibadirect.com/dpdstart
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://www.crawler.com/search/ie.aspx?tb_id=60426
mCustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=60426
uURLSearchHooks: N/A: {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~1\crawler\toolbar\ctbr.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: : {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~1\crawler\toolbar\ctbr.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: {c0fc1a9d-7489-4cb2-a652-43646c06f82a} - buretapo.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: &Crawler Toolbar: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - c:\progra~1\crawler\toolbar\ctbr.dll
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
uRun: [SpywareTerminatorUpdate] "c:\program files\spyware terminator\SpywareTerminatorUpdate.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [SpywareTerminator] "c:\program files\spyware terminator\SpywareTerminatorShield.exe"
mRun: [mayeyihoti] Rundll32.exe "panukowe.dll",s
mRun: [sinofurof] Rundll32.exe "c:\windows\system32\liluhato.dll",a
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_04\bin\npjpi150_04.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\crawler\toolbar\ctbr.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: hoseyima.dll c:\windows\system32\liluhato.dll c:\windows\system32\tazatetu.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: tijimiyuy - {1d5c84c4-50e5-4e76-a387-435f564ac60c} - c:\windows\system32\liluhato.dll
STS: gahurihor: {1d5c84c4-50e5-4e76-a387-435f564ac60c} - c:\windows\system32\liluhato.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli hoseyima.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\manami~1\applic~1\mozilla\firefox\profiles\l3lc1vhm.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
FF - prefs.js: network.proxy.http - 80.93.32.73
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 2
FF - plugin: c:\documents and settings\mana mishina\application data\facebook\npfbplugin_1_0_0.dll
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJava11.dll
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJava12.dll
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJava13.dll
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJava14.dll
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJava32.dll
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJPI150_04.dll
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPOJI610.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - truec:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-4-2 64288]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-1-5 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-1-5 66632]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2010-4-2 95024]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-4-3 142592]
R2 a2free;a-squared Free Service;c:\program files\a-squared free\a2service.exe [2010-4-2 1858144]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-2-4 1265264]
S3 MSHUSBVideo;NX6000/NX3000/VX5000/VX5500/VX2000/VX7000 Filter Driver;c:\windows\system32\drivers\nx6000.sys [2010-2-15 30560]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2010-1-5 12872]

=============== Created Last 30 ================

2010-04-05 11:21:25 0 ----a-w- c:\documents and settings\mana mishina\defogger_reenable
2010-04-04 07:05:25 0 d-----w- c:\program files\WinClamAVShield
2010-04-03 08:53:09 0 d-----w- c:\program files\Crawler
2010-04-03 08:53:06 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-04-03 08:53:05 0 d-----w- c:\docume~1\manami~1\applic~1\Spyware Terminator
2010-04-03 08:53:00 0 d-----w- c:\program files\Spyware Terminator
2010-04-03 08:53:00 0 d-----w- c:\docume~1\alluse~1\applic~1\Spyware Terminator
2010-04-03 08:33:06 2 ----a-w- c:\windows\msoffice.ini
2010-04-02 14:02:00 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-04-02 11:40:17 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-04-02 11:39:38 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-04-02 11:31:55 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-04-02 11:30:22 0 d-----w- c:\program files\Lavasoft
2010-04-02 09:13:01 0 d-----w- c:\program files\a-squared Free
2010-04-02 00:41:03 594432 ----a-w- c:\windows\system32\SETC.tmp
2010-04-02 00:41:03 55296 ----a-w- c:\windows\system32\SETB.tmp
2010-04-02 00:41:02 916480 ------w- c:\windows\system32\SET6.tmp
2010-04-02 00:41:02 1985536 ----a-w- c:\windows\system32\SETF.tmp
2010-04-02 00:41:02 1209344 ----a-w- c:\windows\system32\SET7.tmp
2010-04-02 00:41:01 5944832 ------w- c:\windows\system32\SETA.tmp
2010-03-30 22:02:06 0 d-----w- c:\docume~1\manami~1\applic~1\Avira
2010-03-30 21:59:09 0 d-----w- c:\windows\system32\NtmsData
2010-03-30 08:33:27 98816 ----a-w- c:\windows\sed.exe
2010-03-30 08:33:27 77312 ----a-w- c:\windows\MBR.exe
2010-03-30 08:33:27 261632 ----a-w- c:\windows\PEV.exe
2010-03-30 08:33:27 161792 ----a-w- c:\windows\SWREG.exe
2010-03-30 08:33:14 0 d-----w- C:\qwer
2010-03-29 08:57:36 0 d-----w- c:\windows\system32\wbem\Repository
2010-03-12 00:29:40 0 d-----w- c:\docume~1\alluse~1\applic~1\Blizzard Entertainment
2010-03-11 10:18:38 0 d-----w- c:\program files\World of Warcraft
2010-03-11 00:47:08 0 d-----w- c:\docume~1\alluse~1\applic~1\Blizzard
2010-03-10 06:23:04 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe

==================== Find3M ====================

2010-02-25 18:54:36 11070976 ----a-w- c:\windows\system32\SET11.tmp
2010-02-17 23:19:29 65560 ---ha-w- c:\windows\system32\mlfcache.dat
1601-01-01 00:12:31 61952 --sha-w- c:\windows\system32\buretapo.dll
2010-01-05 06:02:25 92160 --sha-w- c:\windows\system32\liluhato.dll
2010-01-04 17:48:28 91648 --sha-w- c:\windows\system32\nagadogu.dll
2010-01-03 22:03:45 39424 --sha-w- c:\windows\system32\povutute.dll
2010-01-03 10:03:19 39424 --sha-w- c:\windows\system32\sekisahi.dll
2010-01-03 22:03:45 92160 --sha-w- c:\windows\system32\tazatetu.dll
2010-01-04 17:48:28 39424 --sha-w- c:\windows\system32\toserabo.dll
2010-01-03 10:03:19 92160 --sha-w- c:\windows\system32\yofivowi.dll
2010-01-05 06:02:25 39424 --sha-w- c:\windows\system32\zamafome.dll

============= FINISH: 4:25:46.57 ===============



(DDS LOG)

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 12/29/2009 1:47:00 AM
System Uptime: 4/3/2010 1:18:49 AM (51 hours ago)

Motherboard: Intel Corporation | | MPAD-MSAE Customer Reference Boards
Processor: Genuine Intel® CPU T2250 @ 1.73GHz | U1 | 1728/mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 112 GiB total, 62.228 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP25: 1/5/2010 11:43:57 AM - System Checkpoint
RP26: 1/6/2010 7:05:22 PM - System Checkpoint
RP27: 1/8/2010 2:18:41 AM - System Checkpoint
RP28: 1/8/2010 5:32:00 PM - Avg8 Update
RP29: 1/10/2010 11:28:58 AM - System Checkpoint
RP30: 1/11/2010 11:59:50 AM - System Checkpoint
RP31: 1/12/2010 2:04:46 PM - System Checkpoint
RP32: 1/13/2010 8:15:14 PM - Avg8 Update
RP33: 1/14/2010 3:00:50 AM - Software Distribution Service 3.0
RP34: 1/14/2010 12:07:31 PM - Avg8 Update
RP35: 1/15/2010 12:34:58 PM - System Checkpoint
RP36: 1/16/2010 12:57:54 PM - System Checkpoint
RP37: 1/17/2010 1:33:41 PM - System Checkpoint
RP38: 1/18/2010 2:21:14 AM - Software Distribution Service 3.0
RP39: 1/18/2010 2:41:35 AM - Restore Operation
RP40: 1/18/2010 2:53:44 AM - Avg8 Update
RP41: 1/18/2010 2:59:39 AM - Avg8 Update
RP42: 1/18/2010 3:00:44 AM - Software Distribution Service 3.0
RP43: 1/19/2010 6:29:09 AM - System Checkpoint
RP44: 1/20/2010 8:09:38 AM - System Checkpoint
RP45: 1/21/2010 12:27:17 PM - System Checkpoint
RP46: 1/22/2010 3:00:58 AM - Software Distribution Service 3.0
RP47: 1/23/2010 5:12:51 AM - System Checkpoint
RP48: 1/23/2010 5:32:15 AM - Avg8 Update
RP49: 1/24/2010 4:35:09 AM - Restore Operation
RP50: 1/25/2010 8:41:52 AM - System Checkpoint
RP51: 1/26/2010 4:35:54 AM - Restore Operation
RP52: 1/26/2010 4:43:46 AM - Software Distribution Service 3.0
RP53: 1/27/2010 5:11:31 AM - System Checkpoint
RP54: 1/27/2010 12:25:05 PM - Avg8 Update
RP55: 1/27/2010 9:39:19 PM - Installed VIPRE Antivirus + Antispyware.
RP56: 1/27/2010 9:57:06 PM - Installed SUPERAntiSpyware Free Edition
RP57: 1/28/2010 1:32:42 AM - Installed SpyWall
RP58: 1/28/2010 1:52:17 AM - Removed SpyWall
RP59: 1/28/2010 2:18:02 PM - Removed AVG 9.0
RP60: 1/28/2010 2:19:34 PM - Removed AVG 9.0
RP61: 1/28/2010 2:22:45 PM - Removed AVG 9.0
RP62: 1/28/2010 2:25:17 PM - Removed AVG 9.0
RP63: 1/28/2010 2:30:34 PM - Removed AVG 9.0
RP64: 1/29/2010 2:48:52 PM - System Checkpoint
RP65: 1/30/2010 3:23:37 PM - System Checkpoint
RP66: 1/31/2010 4:36:34 PM - System Checkpoint
RP67: 2/1/2010 5:23:49 PM - System Checkpoint
RP68: 2/3/2010 12:58:33 AM - System Checkpoint
RP69: 2/4/2010 1:38:04 AM - System Checkpoint
RP70: 2/5/2010 3:22:40 AM - System Checkpoint
RP71: 2/6/2010 6:22:58 AM - System Checkpoint
RP72: 2/7/2010 6:28:48 AM - System Checkpoint
RP73: 2/8/2010 10:43:49 AM - System Checkpoint
RP74: 2/9/2010 12:16:36 AM - Installed Microsoft Office Enterprise 2007
RP75: 2/9/2010 12:33:50 AM - Printer Driver Send To Microsoft OneNote Driver Installed
RP76: 2/9/2010 2:31:17 AM - Configured Microsoft Office Enterprise 2007
RP77: 2/9/2010 2:35:20 AM - Configured Microsoft Office Enterprise 2007
RP78: 2/10/2010 2:37:41 AM - System Checkpoint
RP79: 2/10/2010 3:00:37 AM - Software Distribution Service 3.0
RP80: 2/11/2010 3:01:37 AM - Software Distribution Service 3.0
RP81: 2/12/2010 4:58:24 AM - System Checkpoint
RP82: 2/13/2010 5:14:35 AM - System Checkpoint
RP83: 2/14/2010 6:20:53 AM - System Checkpoint
RP84: 2/15/2010 9:00:27 AM - System Checkpoint
RP85: 2/15/2010 9:28:08 PM - Installed DirectX
RP86: 2/17/2010 6:03:48 AM - System Checkpoint
RP87: 2/18/2010 6:05:27 AM - System Checkpoint
RP88: 2/19/2010 6:13:08 AM - System Checkpoint
RP89: 2/20/2010 6:28:52 AM - System Checkpoint
RP90: 2/21/2010 1:59:09 PM - System Checkpoint
RP91: 2/23/2010 12:57:58 AM - System Checkpoint
RP92: 2/24/2010 5:59:46 AM - System Checkpoint
RP93: 2/25/2010 3:00:22 AM - Software Distribution Service 3.0
RP94: 2/26/2010 4:31:46 AM - System Checkpoint
RP95: 2/27/2010 5:08:15 AM - System Checkpoint
RP96: 2/28/2010 2:53:01 PM - System Checkpoint
RP97: 3/1/2010 4:46:44 PM - System Checkpoint
RP98: 3/2/2010 9:56:01 PM - System Checkpoint
RP99: 3/4/2010 12:57:31 AM - System Checkpoint
RP100: 3/5/2010 2:52:42 AM - System Checkpoint
RP101: 3/6/2010 3:29:57 PM - System Checkpoint
RP102: 3/7/2010 3:38:57 PM - System Checkpoint
RP103: 3/8/2010 5:08:27 PM - System Checkpoint
RP104: 3/9/2010 11:18:31 PM - System Checkpoint
RP105: 3/10/2010 3:00:59 AM - Software Distribution Service 3.0
RP106: 3/11/2010 4:34:40 AM - System Checkpoint
RP107: 3/13/2010 5:11:03 AM - System Checkpoint
RP108: 3/14/2010 6:58:47 AM - System Checkpoint
RP109: 3/15/2010 12:43:32 PM - System Checkpoint
RP110: 3/16/2010 12:54:52 PM - System Checkpoint
RP111: 3/17/2010 1:46:24 PM - System Checkpoint
RP112: 3/18/2010 6:21:02 PM - System Checkpoint
RP113: 3/20/2010 12:54:51 AM - System Checkpoint
RP114: 3/21/2010 4:01:40 AM - System Checkpoint
RP115: 3/22/2010 7:48:22 AM - System Checkpoint
RP116: 3/23/2010 9:57:16 AM - System Checkpoint
RP117: 3/24/2010 10:18:49 AM - System Checkpoint
RP118: 3/25/2010 2:34:59 PM - System Checkpoint
RP119: 3/26/2010 2:43:27 PM - System Checkpoint
RP120: 3/27/2010 4:46:54 PM - System Checkpoint
RP121: 3/29/2010 1:55:30 AM - Restore Operation
RP122: 3/30/2010 1:00:02 AM - Removed VIPRE Antivirus + Antispyware.
RP123: 3/31/2010 1:02:44 AM - System Checkpoint
RP124: 4/1/2010 1:51:58 AM - System Checkpoint
RP125: 4/2/2010 6:52:22 AM - System Checkpoint
RP126: 4/3/2010 12:50:37 AM - Restore Operation
RP127: 4/3/2010 1:21:36 AM - Software Distribution Service 3.0
RP128: 4/3/2010 2:03:40 AM - Spyware Terminator - restore point
RP129: 4/3/2010 2:25:59 AM - Spyware Terminator - restore point
RP130: 4/3/2010 6:38:47 AM - Spyware Terminator - restore point
RP131: 4/4/2010 12:01:38 AM - Spyware Terminator - restore point
RP132: 4/4/2010 12:51:27 PM - Spyware Terminator - restore point
RP133: 4/4/2010 7:40:37 PM - Spyware Terminator - restore point
RP134: 4/5/2010 4:06:47 AM - Removed Ad-Aware Email Scanner for Outlook

==== Installed Programs ======================

a-squared Free 4.5
Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0
AOL You've Got Pictures Screensaver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
BitTorrent
Bluetooth Stack for Windows by Toshiba
Bonjour
CD/DVD Drive Acoustic Silencer
Crawler Toolbar with Web Security Guard
DownloadX Free 1.1.1
DVD-RAM Driver
ESPNMotion
Facebook Plug-In
GemMaster Mystic
Google Toolbar for Internet Explorer
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
Intel® PROSet/Wireless Software
InterVideo WinDVD Creator 2
InterVideo WinDVD for TOSHIBA
iTunes
J2SE Runtime Environment 5.0 Update 4
Lexmark 510 Series
Macromedia Flash Player 8
mCore
mDrWiFi
Metamail (Toshiba Registration Utility)
mHelp
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Corporation
Microsoft LifeCam
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
mIWA
mLogView
mMHouse
Mozilla Firefox (3.5.9)
mPfMgr
mPfWiz
mProSafe
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB925673)
mWlsSafe
mXML
MyConnect Special Offer
mZConfig
Office 2003 Trial Assistant
Otto
PokerStars
QuickTime
RealPlayer Basic
Realtek High Definition Audio Driver
SCRABBLE
SD Secure Module
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB978380)
Security Update for Microsoft Office Excel 2007 (KB978382)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB969604)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978706)
Segoe UI
Sonic DLA
Sonic Encoders
Sonic RecordNow!
Spyware Terminator
SUPERAntiSpyware Free Edition
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Controls
TOSHIBA Game Console
TOSHIBA Hotkey Utility
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver
TOSHIBA SD Memory Card Format
TOSHIBA Software Modem
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA TouchPad ON/Off Utility
TOSHIBA TV Tuner 4.0.12.73
TOSHIBA Utilities
TOSHIBA Virtual Sound
TOSHIBA Zooming Utility
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB977724)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Outlook 2007 Junk Email Filter (kb979895)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
VDownloader 1.12
Veoh Web Player
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
WildTangent Web Driver
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Presentation Foundation
Windows XP Media Center Edition 2005 KB888316
Windows XP Media Center Edition 2005 KB894553
Windows XP Media Center Edition 2005 KB895678
Windows XP Media Center Edition 2005 KB908250
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
World of Warcraft
XML Paper Specification Shared Components Pack 1.0
Yahoo! Messenger
Yahoo! Music Engine
Yahoo! Software Update
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

4/4/2010 9:48:28 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
4/4/2010 9:48:06 AM, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 001302AB4906 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
4/4/2010 11:18:57 PM, error: E100B [6] - Adapter Intel® PRO/100 VE Network Connection: Hardware failure detected
4/3/2010 12:54:20 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip
4/3/2010 12:54:20 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
4/3/2010 12:54:20 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/3/2010 12:54:20 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
4/3/2010 12:54:20 AM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/3/2010 12:54:20 AM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/3/2010 1:33:24 AM, error: Service Control Manager [7034] - The AOL Connectivity Service service terminated unexpectedly. It has done this 1 time(s).
4/3/2010 1:31:47 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
4/3/2010 1:18:14 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/3/2010 1:02:08 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
4/1/2010 9:11:10 PM, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 001302AB4906 has been denied by the DHCP server 192.168.5.1 (The DHCP Server sent a DHCPNACK message).
4/1/2010 5:32:47 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE
4/1/2010 5:09:38 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL SBRE Tcpip
4/1/2010 5:03:41 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
4/1/2010 5:00:42 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avgio avipbb Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL SBRE ssmdrv Tcpip
4/1/2010 11:17:18 PM, error: Dhcp [1002] - The IP address lease 192.168.5.144 for the Network Card with network address 001302AB4906 has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).
3/30/2010 2:52:47 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error message: The referenced assembly is not installed on your system. .
3/30/2010 2:52:47 PM, error: SideBySide [59] - Generate Activation Context failed for C:\DOCUME~1\MANAMI~1\LOCALS~1\Temp\RarSFX0\redist.dll. Reference error message: The operation completed successfully. .
3/30/2010 2:52:47 PM, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
3/30/2010 2:51:42 PM, information: Windows File Protection [64004] - The protected system file kbdpash.dll could not be restored to its original, valid version. The file version of the bad file is unknown The specific error code is 0x00000005 [Access is denied. ].
3/30/2010 2:51:42 PM, information: Windows File Protection [64004] - The protected system file kbdnepr.dll could not be restored to its original, valid version. The file version of the bad file is unknown The specific error code is 0x00000005 [Access is denied. ].
3/30/2010 2:51:42 PM, information: Windows File Protection [64004] - The protected system file kbdinmal.dll could not be restored to its original, valid version. The file version of the bad file is unknown The specific error code is 0x00000005 [Access is denied. ].
3/30/2010 2:51:42 PM, information: Windows File Protection [64004] - The protected system file kbdinben.dll could not be restored to its original, valid version. The file version of the bad file is unknown The specific error code is 0x00000005 [Access is denied. ].
3/30/2010 2:51:42 PM, information: Windows File Protection [64004] - The protected system file kbdinbe1.dll could not be restored to its original, valid version. The file version of the bad file is unknown The specific error code is 0x00000005 [Access is denied. ].
3/30/2010 2:42:15 PM, error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: Cannot create a file when that file already exists.
3/30/2010 2:27:37 AM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer SOTA-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{36A006B7-7A95-49BC-9. The master browser is stopping or an election is being forced.

==== End Of File ===========================



BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,087 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:17 PM

Posted 09 April 2010 - 05:17 AM

Hello ,
And welcome.gif to the Bleeping Computer Malware Removal Forum
. My name is Elise and I'll be glad to help you with your computer problems.


I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.
  • The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.
You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.
-----------------------------------------------------------

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

If you have already posted a log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.


  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.

-------------------------------------------------------------
In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply
  • A detailed description of your problems
  • A new OTL log (don't forget extra.txt)
  • GMER log

Thanks and again sorry for the delay.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#3 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,087 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:02:17 PM

Posted 17 April 2010 - 02:02 PM

Due to lack of feedback this topic is now closed.

If you are the original topic starter and you need this topic reopened, please send me a PM.

Everyone else, please start a new topic.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users