Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer freezing. Thought was MSBlaster or Lsass... but it is neither. don't know how to proceed from here.


  • This topic is locked This topic is locked
4 replies to this topic

#1 Natick Girly

Natick Girly

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:43 PM

Posted 03 May 2011 - 07:20 AM

This began yesterday when I got computer freezing, this was in the message - "NT AUTHORITY\SYSTEM", with a shutdown countdown of a minute.

After running Malwarebytes, Webroot Antivirus and another antivirus that I found here, as well as rkill.exe, I now get "C:\WINDOWS\is-TN7EK.exe." with a completely blank screen upon turning on the computer. When I click on it, my regular desktop loads up, but I am unable to get online completely, without being in Safe Mode.

Any and all help is greatly appreciated. :)

.
DDS (Ver_11-03-05.01) - NTFSx86 NETWORK
Run by HP_Administrator at 21:52:06.50 on Mon 05/02/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.563 [GMT -4:00]
.
AV: Webroot AntiVirus with Spy Sweeper *Enabled/Updated* {77E10C7F-2CCA-4187-9394-BDBC267AD597}
.
============== Running Processes ===============
.
C:\Program Files\Webroot\Security\Current\Framework\WRConsumerService.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Webroot\Security\current\plugins\antimalware\AEI.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75.001\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75.001\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75.001\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75.001\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75.001\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75.001\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\HP_Administrator.YOUR-4DACD0EA75.001\My Documents\Downloads\dds.scr
.
============== Pseudo HJT Report ===============
.
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PAVILION&pf=desktop
mSearchAssistant = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PAVILION&pf=desktop
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
uRun: [ctfmon.exe] "c:\windows\system32\ctfmon.exe"
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Google Update] "c:\documents and settings\hp_administrator.your-4dacd0ea75.001\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [ehTray] "c:\windows\ehome\ehtray.exe"
mRun: [RTHDCPL] "RTHDCPL.EXE"
mRun: [igfxhkcmd] "c:\windows\system32\hkcmd.exe"
mRun: [igfxpers] "c:\windows\system32\igfxpers.exe"
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\iaanotif.exe"
mRun: [DISCover] "c:\program files\disc\DISCover.exe"
mRun: [DiscUpdateManager] "c:\program files\disc\DiscUpdMgr.exe"
mRun: [DMAScheduler] "c:\program files\hp digitalmedia archive\DMAScheduler.exe"
mRun: [Recguard] "c:\windows\sminst\RECGUARD.EXE"
mRun: [PCDrProfiler]
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [Reminder] "c:\windows\creator\Remind_XP.exe"
mRun: [BluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [KodakShareButtonApp] "c:\program files\kodak\kodak share button app\Listener.exe"
mRun: [ISUSPM Startup] "c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe" -startup
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [<NO NAME>]
mRun: [WebrootTrayApp] "c:\program files\webroot\security\current\framework\WRTray.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: facebook.com\www
Trusted Zone: intuit.com\ttlc
Trusted Zone: trymedia.com
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\hp_adm~1.001\applic~1\mozilla\firefox\profiles\alxjatwp.default\
FF - component: c:\documents and settings\hp_administrator.your-4dacd0ea75.001\application data\mozilla\firefox\profiles\alxjatwp.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\hp_administrator.your-4dacd0ea75.001\application data\mozilla\firefox\profiles\alxjatwp.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - plugin: c:\documents and settings\hp_administrator.your-4dacd0ea75.001\local settings\application data\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox 3.6 beta 5\plugins\np_gp.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\nos\bin\np_gp.dll
.
============= SERVICES / DRIVERS ===============
.
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine;c:\program files\webroot\security\current\plugins\antimalware\AEI.exe [2011-4-18 3899008]
R2 WRConsumerService;Webroot Client Service;c:\program files\webroot\security\current\framework\WRConsumerService.exe [2011-4-18 3251928]
S2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S2 SSFMONM;Spy Sweeper File System Filter Driver;c:\windows\system32\drivers\ssfmonm.sys [2011-4-18 45072]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-10 14336]
.
=============== Created Last 30 ================
.
2011-05-02 14:40:25 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-02 14:40:22 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-02 14:40:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-05-02 12:51:28 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2011-05-02 12:08:25 -------- d-----w- c:\docume~1\hp_adm~1.001\applic~1\Sammsoft
2011-05-02 09:15:14 -------- d-----w- C:\7e5f7b12e8bb220560769b0f7400aa
2011-04-19 00:52:54 45072 ----a-w- c:\windows\system32\drivers\ssfmonm.sys
2011-04-19 00:52:54 24496 ----a-w- c:\windows\system32\drivers\sshrmd.sys
2011-04-19 00:52:54 182056 ----a-w- c:\windows\system32\drivers\ssidrv.sys
2011-04-19 00:51:22 -------- dc-h--w- c:\docume~1\alluse~1\applic~1\{3140EA8C-7399-4EC4-819C-16996F38FCFC}
2011-04-19 00:51:02 -------- d-----w- c:\program files\Webroot
2011-04-19 00:50:17 -------- d-----w- c:\docume~1\alluse~1\applic~1\Webroot
2011-04-17 10:24:45 -------- d-----w- c:\windows\system32\Adobe
2011-04-07 22:57:38 -------- d-----w- c:\windows\SxsCaPendDel
2011-04-05 00:16:25 -------- d-----w- c:\docume~1\hp_adm~1.001\locals~1\applic~1\PackageAware
.
==================== Find3M ====================
.
2011-02-04 22:48:32 456192 ------w- c:\windows\system32\encdec.dll
2011-02-04 22:48:30 291840 ----a-w- c:\windows\system32\sbe.dll
2011-02-03 02:40:23 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-03 00:19:39 73728 -c--a-w- c:\windows\system32\javacpl.cpl
2007-11-17 12:19:33 774144 -c--a-w- c:\program files\RngInterstitial.dll
.
============= FINISH: 21:53:28.93 ===============





And then the Attach - Notepad log:


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 3/4/2010 7:15:20 PM
System Uptime: 5/2/2011 9:47:54 PM (0 hours ago)
.
Motherboard: ASUSTek Computer INC. | | LEUCITE
Processor: Intel® Pentium® D CPU 2.80GHz | Socket 775 | 2800/200mhz
Processor: Intel® Pentium® D CPU 2.80GHz | Socket 775 | 2800/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 177 GiB total, 155.144 GiB free.
D: is FIXED (FAT32) - 9 GiB total, 0.419 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is FIXED (NTFS) - 466 GiB total, 453.026 GiB free.
K: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Shockwave Player 11.5
AiO_Scan
AiO_Scan_CDA
AiOSoftware
AiOSoftwareNPI
BufferChm
C3100
c3100_Help
CameraDrivers
CameraUserGuides
Customer Experience Enhancement
CustomerResearchQFolder
Data Fax SoftModem with SmartCP
Destinations
DISCover
DocProc
DocProcQFolder
DocumentViewer
Easy Internet Sign-up
Enhanced Multimedia Keyboard Solution
eSupportQFolder
Fax
Fax_CDA
Google Chrome
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 10 (KB910393)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB893357)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB912024)
Hotfix for Windows XP (KB918997)
Hotfix for Windows XP (KB935448)
Hotfix for Windows XP (KB945060-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Boot Optimizer
HP Customer Participation Program 7.0
HP DigitalMedia Archive
HP Document Viewer 6.1
HP DVD Play 2.1
HP Imaging Device Functions 7.0
HP Photosmart Cameras 6.0
HP Photosmart Essential
HP Photosmart for Media Center PC
HP Photosmart, Officejet and Deskjet 7.0.A
HP PSC & OfficeJet 5.3.B
HP Rhapsody
HP Solution Center 7.0
HP Update
HP Web Helper
hpiCamDrvQFolder
HPPhotoSmartExpress
HPProductAssistant
HpSdpAppCoreApp
InstantShareDevicesMFC
Intel Matrix Storage Manager
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
Intel® Quick Resume Technology Drivers
Intel® Viiv™ Software
J2SE Runtime Environment 5.0 Update 5
Java Auto Updater
Java™ 6 Update 24
KodakShareButtonApp
LightScribe 1.4.84.1
Malwarebytes' Anti-Malware
MarketResearch
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Works
Mozilla Firefox 4.0 (x86 en-US)
MSN
MSN Toolbar
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
muvee autoProducer 5.0
muvee autoProducer unPlugged 2.0
NewCopy
NewCopy_CDA
OCR Software by I.R.I.S 7.0
PanoStandAlone
ProductContextNPI
Readme
Realtek High Definition Audio Driver
Scan
ScannerCopy
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981350)
Security Update for Windows XP (KB982381)
SolutionCenter
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Status
Toolbox
TrayApp
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB898461)
Update for Windows XP (KB912945)
Update for Windows XP (KB925720)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB978207)
Update for Windows XP (KB980182)
Update Rollup 2 for Windows XP Media Center Edition 2005
WebFldrs XP
WebReg
Webroot Software
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Media Format Runtime
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB892050
Windows XP Hotfix - KB893066
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB912067
Windows XP Media Center Edition 2005 KB973768
.
==== Event Viewer Messages From Past Week ========
.
5/2/2011 9:50:02 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm
5/2/2011 9:50:02 PM, error: Service Control Manager [7023] - The System Restore Service service terminated with the following error: The system cannot find the file specified.
5/2/2011 9:48:59 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/1/2011 11:35:53 PM, error: Service Control Manager [7022] - The Intel® Quick Resume Technology Drivers service hung on starting.
4/30/2011 11:40:39 PM, error: Service Control Manager [7022] - The Intel® Quick Resume Technology Drivers service hung on starting.
.
==== End Of File ===========================


I am trying to attach the gmer file, but it says 'this file is invalid or corrupted'.

I hope I have included everything, but if I am missing something, I will do over whichever part that you need.

Thank you again for your time.

-NG

Attached Files



BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,993 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:04:43 PM

Posted 11 May 2011 - 02:26 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Please take note:

  • If you have since resolved the original problem you were having, we would appreciate you letting us know.
  • If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.
  • If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.
  • If you have already posted a DDS log, please do so again, as your situation may have changed.
  • Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


Thanks and again sorry for the delay.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 Natick Girly

Natick Girly
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:43 PM

Posted 12 May 2011 - 04:02 AM

Hi Orange Blossom,

No problem.

I don't have the recovery CD.

I haven't used my PC at all since posting the DDS log, but I will run it again in a few hours when I am home from work and then repost here and include a new GMER log.

Thanks.


Also, one weird thing... I have clicked on 'watch topic' but a reply did not show up in 'notifications'. Not sure why or I would have replied sooner, as I look for a notification each time I log in here, quite a few times a day. *shrugs*

Edited by Natick Girly, 12 May 2011 - 04:04 AM.


#4 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:04:43 AM

Posted 14 May 2011 - 02:23 AM

Hello Natick Girly and welcome to BC. :)

Did Malwarebytes and Webroot Antivirus found anything when you run the scan?
When you clicked the "Watch Topic", did you choose to receive "Immediate Notification"?

Please post the new log when ready. Thanks.

Edited by sempai, 14 May 2011 - 02:25 AM.

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 


#5 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:04:43 AM

Posted 18 May 2011 - 04:16 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users