Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

possible TDSS infection


  • This topic is locked This topic is locked
3 replies to this topic

#1 kingofdumm

kingofdumm

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:38 PM

Posted 20 October 2011 - 07:22 AM

I need your help please! I done screwed up and I already know it! but I need my computer for work related purposes as well as having all my importent online financial information. please help me through this most embarrassing time.

I was farting around the web, just relaxing not looking for anything special. I came across this page or advertisement of sorts about a program that would listen to all the web radio casts around and then with information you would input ie: artists , music style etc. it would start listening and when one of your keywords were located it would then record and put it in MP3 format and save it. I thought it sounded way cool. but when I went to download it or I guess it was when I went to install it, my AV issued a big are you sure u wanna do this? one that was completely differnt then the simple do you know what the risk is? that I've gotton tons of time. but I was still in the grasps of what a cool program that would be that i was too obsessed to rufuse the install. well anyway like a gun in the hands of a jellious lover my world changed intently and not only had I pulled the trigger but my AV just freaked out said I had this or that I cant remember the exact sequence of events but boiled down it read you are on your own kid! Threat requiring manual removal detected: System infected: Tidserv Activity 2. below a link that read "tell me how" it directed me to a sight that had a tool desinged by my AV programs company. but when I tried to use it , It kept having a error that the command line was not right and that the tool would be termanted. I read a bit about how this infection works and apparently it has a trip wire of sorts and when you start looking for it or try to remove it , it zaps the program. so instead of screwing up farther I did the next best thing and followed the link on my AV 's website pointing me in your direction. I hope my post isnt to dramatic for you. I'm totaly exasperated and dont want to sound like Im not being concernd enough. because I am. and if I cant get any help im going to be in big trouble. thank you

King of Dumm


DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Wildmagic at 4:07:11 on 2011-10-20
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6071.3728 [GMT -7:00]
.
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Users\Wildmagic\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\lxeacoms.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Windows\System32\tcpsvcs.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\SFT\GuardedID\GIDD.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files (x86)\SFT\GuardedID\x64\GIDD.exe
C:\Users\Wildmagic\AppData\Roaming\HP SimpleSave Application\HPSSBackupMonitor.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Users\Wildmagic\Downloads\Defogger.exe
C:\Windows\system32\conhost.exe
C:\Users\Wildmagic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Wildmagic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Wildmagic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Wildmagic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Wildmagic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Wildmagic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Wildmagic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Wildmagic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Wildmagic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Wildmagic\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://xfinity.comcast.net/?cid=cgps09282011
mWinlogon: Userinit=userinit.exe
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\IPS\IPSBHO.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Constant Guard Protection Suite (COM): {b84cdbe7-1b46-494b-a188-01d4c52deb61} - C:\Program Files (x86)\Constant Guard Protection Suite\NativeBHO.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
BHO: Nero Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
TB: Nero Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
uRun: [Google Update] "C:\Users\Wildmagic\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [uTorrent] "C:\Users\Wildmagic\Downloads\utorrent.exe" /MINIMIZED
uRunOnce: [Application Restart #1] C:\Users\Wildmagic\AppData\Local\Google\Chrome\Application\chrome.exe --flag-switches-begin --enable-print-preview --flag-switches-end --restore-last-session -- http://www.google.com/url?sa=t&source=web&cd=1&ved=0CBwQFjAA&url=http%3A%2F%2Fwww.pogo.com%2F&ei=S_Y_TKKhFZCesQP138imDA&usg=AFQjCNFWK3iKhiaE-O6VKdYxlOyO3l-0dA
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
StartupFolder: C:\Users\WILDMA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\HPSIMP~1.LNK - C:\Users\Wildmagic\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONSTA~1.LNK - C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
LSP: mswsock.dll
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files%20(x86)/Ancient%20Tri-Jong/Images/stg_drm.ocx
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files%20(x86)/Ancient%20Tri-Jong/Images/armhelper.ocx
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{2C45C69B-7E07-486D-87D7-817629650FBE} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{7BD77939-4A67-4071-B942-9B4D4208414B} : DhcpNameServer = 192.168.0.1
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
mASetup: {9191979D-821C-4EA8-B021-2DA1D859A7C5}-3Reg - C:\Program Files (x86)\SFT\GuardedID\gidi.exe /v
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Constant Guard Protection Suite (COM): {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\Program Files (x86)\Constant Guard Protection Suite\NativeBHO.dll
BHO-X64: Constant Guard Protection Suite (COM) - No File
BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
BHO-X64: Nero Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll
TB-X64: Nero Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
mRun-x64: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun-x64: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 FixTDSS;TDSS Fixtool driver;C:\Windows\system32\drivers\FixTDSS.sys --> C:\Windows\system32\drivers\FixTDSS.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111014.001\BHDrvx64.sys [2011-10-14 1155704]
R1 GIDv2;GIDv2;C:\Windows\system32\drivers\GIDv2.sys --> C:\Windows\system32\drivers\GIDv2.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111019.030\IDSviA64.sys [2011-10-20 488568]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\N360x64\0501000.01D\SYMNETS.SYS --> C:\Windows\system32\Drivers\N360x64\0501000.01D\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 BackupService;BackupService;C:\Users\Wildmagic\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2011-9-29 83512]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-8 13336]
R2 IDVaultSvc;CGPS Service;C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe [2011-10-12 63048]
R2 lxea_device;lxea_device;C:\Windows\system32\lxeacoms.exe -service --> C:\Windows\system32\lxeacoms.exe -service [?]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccsvchst.exe [2011-9-28 130008]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-9-23 641832]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-9-30 2214504]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-9-29 1153368]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-4-18 993848]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-4-18 399416]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-9-29 136824]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\system32\Drivers\nx6000.sys --> C:\Windows\system32\Drivers\nx6000.sys [?]
R3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2011-8-27 156288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\lxeaserv.exe [2010-4-14 45736]
S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
S3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\PC-Doctor for Windows\pcdsrvc_x64.pkms [2009-9-16 23536]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
.
=============== Created Last 30 ================
.
2011-10-20 10:29:02 -------- d-----w- C:\TDSSKiller_Quarantine
2011-10-19 17:40:22 -------- d-----w- C:\Users\Wildmagic\AppData\Roaming\Tific
2011-10-19 17:00:21 27256 ----a-w- C:\Windows\System32\drivers\FixTDSS.sys
2011-10-19 17:00:21 -------- d-----w- C:\Users\Wildmagic\AppData\Roaming\FixTDSS
2011-10-19 16:48:43 -------- d-----w- C:\Users\Wildmagic\AppData\Local\Ilivid Player
2011-10-19 16:44:54 -------- dc-h--w- C:\ProgramData\{1B0B54CA-AA7D-41D3-A84A-29E7C9CB13A2}
2011-10-19 16:44:39 -------- d-----w- C:\Program Files (x86)\iLivid
2011-10-19 16:43:47 -------- d-----w- C:\Users\Wildmagic\AppData\Local\PackageAware
2011-10-19 16:39:35 -------- d-----we C:\Windows\system64
2011-10-19 16:39:30 -------- d-----w- C:\Users\Wildmagic\AppData\Local\RapidSolution
2011-10-19 16:39:11 63024600 ----a-w- C:\Users\Wildmagic\AppData\Roaming\RadioTrackerSetup.com
2011-10-18 03:03:45 -------- d-----w- C:\ProgramData\LightScribe
2011-10-18 03:00:41 -------- d-----w- C:\Users\Wildmagic\AppData\Local\Nero_AG
2011-10-18 03:00:22 -------- d-----w- C:\Users\Wildmagic\AppData\Local\Nero
2011-10-18 00:05:20 -------- d-----w- C:\Program Files (x86)\Nero
2011-10-18 00:05:02 -------- d-----w- C:\ProgramData\Nero
2011-10-17 23:50:49 -------- d-----w- C:\Program Files (x86)\Ask.com
2011-10-17 23:49:58 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll
2011-10-17 23:49:45 3727720 ----a-w- C:\Windows\SysWow64\d3dx9_35.dll
2011-10-17 23:49:29 3497832 ----a-w- C:\Windows\SysWow64\d3dx9_34.dll
2011-10-17 09:20:11 -------- d-----w- C:\Program Files (x86)\FLAC
2011-10-16 08:20:11 -------- d-----w- C:\Users\Wildmagic\AppData\Roaming\foobar2000
2011-10-16 08:20:05 -------- d-----w- C:\Program Files (x86)\foobar2000
2011-10-16 06:59:46 -------- d-----w- C:\Program Files (x86)\Elixir of Immortality
2011-10-16 03:26:32 -------- d-----w- C:\Users\Wildmagic\AppData\Roaming\Vogat Interactive
2011-10-15 11:39:57 -------- d-----w- C:\extensions
2011-10-15 11:39:56 -------- d-----w- C:\Program Files (x86)\Conduit
2011-10-15 11:39:54 -------- d-----w- C:\Program Files (x86)\uTorrentBar
2011-10-15 11:38:33 -------- d-----w- C:\Users\Wildmagic\AppData\Roaming\uTorrent
2011-10-15 11:38:33 -------- d-----w- C:\Users\Wildmagic\AppData\Local\uTorrent
2011-10-12 11:28:58 -------- d-----w- C:\Program Files\Microsoft LifeCam
2011-10-12 11:28:58 -------- d-----w- C:\Program Files (x86)\Microsoft LifeCam
2011-10-12 11:28:53 1974616 ----a-w- C:\Windows\SysWow64\D3DCompiler_42.dll
2011-10-12 11:28:52 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll
2011-10-12 11:09:04 -------- d-sh--w- C:\Windows\System32\%APPDATA%
2011-10-12 07:40:46 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-10-11 19:54:45 3138048 ----a-w- C:\Windows\System32\win32k.sys
2011-10-11 19:54:41 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2011-10-11 19:54:40 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2011-10-11 19:54:40 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2011-10-11 19:54:40 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2011-10-11 19:54:33 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2011-10-11 19:54:33 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-10-11 19:54:33 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-10-11 19:54:33 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2011-10-09 10:49:47 -------- d-----w- C:\Windows\System32\SPReview
2011-10-09 10:48:57 -------- d-----w- C:\Windows\System32\EventProviders
2011-10-09 10:46:01 -------- d-----w- C:\Users\Wildmagic\AppData\Local\ElevatedDiagnostics
2011-10-09 07:27:23 -------- d-----w- C:\Users\Wildmagic\AppData\Local\Diagnostics
2011-10-07 14:46:19 -------- d-----w- C:\Users\Wildmagic\.thumbnails
2011-10-07 03:41:20 -------- d-----w- C:\Users\Wildmagic\.gimp-2.6
2011-10-07 03:40:53 -------- d-----w- C:\Program Files (x86)\GIMP-2.0
2011-10-07 02:08:18 -------- d-----w- C:\ProgramData\Ezprint
2011-10-07 01:35:27 -------- d-----w- C:\ProgramData\lx_Cats
2011-10-07 01:35:25 189440 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\lxeadrpp.dll
2011-10-07 01:35:13 -------- d-----w- C:\Program Files\Lexmark S300-S400 Series
2011-10-07 01:31:44 -------- d-----w- C:\Program Files\Lexmark
2011-10-04 11:43:47 -------- d-----w- C:\Program Files (x86)\Morphyre
2011-10-04 04:49:03 -------- d-----w- C:\Users\Wildmagic\AppData\Roaming\SpinTop
2011-10-04 04:49:03 -------- d-----w- C:\Program Files (x86)\Ancient Tri-Jong
2011-10-03 04:58:31 -------- d-----w- C:\Users\Wildmagic\tats
2011-10-03 00:06:42 -------- d-----w- C:\Users\Wildmagic\New folder (3)
2011-10-03 00:05:59 -------- d-----w- C:\Users\Wildmagic\New folder (2)
2011-10-03 00:05:34 -------- d-----w- C:\Users\Wildmagic\FrostWire
2011-10-02 22:46:04 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-02 22:42:52 -------- d-----w- C:\Users\Wildmagic\AppData\Local\Secunia PSI
2011-10-02 22:42:46 -------- d-----w- C:\Program Files (x86)\Secunia
2011-10-02 02:28:51 -------- d-----w- C:\Program Files (x86)\Foxit Software
2011-10-01 08:18:03 -------- d-----w- C:\Users\Wildmagic\AppData\Roaming\Unity
2011-10-01 08:08:47 -------- d-----w- C:\Users\Wildmagic\AppData\Local\Unity
2011-10-01 07:27:16 -------- d-----w- C:\Windows\SysWow64\BestPractices
2011-10-01 07:27:16 -------- d-----w- C:\Windows\System32\BestPractices
2011-10-01 06:57:13 -------- d-----w- C:\Users\Wildmagic\AppData\Roaming\LibreOffice
2011-10-01 06:40:59 830464 ----a-w- C:\Windows\SysWow64\MSMPEG2ENC.DLL
2011-10-01 06:38:25 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2011-10-01 06:38:25 244736 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll
2011-10-01 06:38:20 244736 ----a-w- C:\Windows\System32\sqmapi.dll
2011-10-01 06:20:04 -------- d-----w- C:\Program Files (x86)\LibreOffice 3
2011-10-01 06:09:15 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2011-10-01 06:07:48 -------- d-----w- C:\Program Files\NVIDIA Corporation
2011-10-01 06:05:16 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2011-10-01 06:05:16 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2011-10-01 06:05:16 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-10-01 06:05:15 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-10-01 06:05:15 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-10-01 06:03:27 43640 ----a-r- C:\Windows\System32\drivers\SymIMV.sys
2011-10-01 05:48:10 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-10-01 01:43:15 -------- d-----w- C:\Users\Wildmagic\AppData\Local\CyberLink
2011-10-01 01:43:14 -------- d-----w- C:\Users\Wildmagic\AppData\Local\PowerCinema
2011-09-30 11:05:16 -------- d-----w- C:\Users\Wildmagic\.hAWabAzAr
2011-09-30 11:02:27 -------- d-----w- C:\swsetup
2011-09-30 11:02:20 -------- d-----w- C:\ProgramData\Alwil Software
2011-09-30 11:02:06 -------- d-----w- C:\NVIDIA
2011-09-30 11:02:04 -------- d-----w- C:\New folder
2011-09-30 11:01:34 -------- d-----w- C:\Lexmark
2011-09-30 11:01:34 -------- d-----w- C:\inetpub
2011-09-30 11:01:18 -------- d-----w- C:\e360a3d2f8fbdb6cafd804ef
2011-09-30 11:01:17 -------- d-----w- C:\a30c2c6b5b4afc9599197c1e
2011-09-30 11:01:17 -------- d-----w- C:\368f98ba085bb498612886f3134a71
2011-09-30 10:47:15 -------- d-----w- C:\ProgramData\HPSS
2011-09-30 10:46:07 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-09-30 10:46:07 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-09-30 10:46:07 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-09-30 10:46:06 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-09-30 10:46:06 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2011-09-30 10:38:29 -------- d-----w- C:\Windows\SysWow64\Wat
2011-09-30 10:38:29 -------- d-----w- C:\Windows\System32\Wat
2011-09-30 02:38:06 -------- d-----w- C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837}
2011-09-30 02:37:44 -------- d-----w- C:\Users\Wildmagic\AppData\Roaming\hpqLog
2011-09-30 02:37:30 -------- d--h--w- C:\System.sav
2011-09-30 02:37:25 -------- d-----w- C:\Users\Wildmagic\AppData\Roaming\WinBatch
2011-09-30 02:34:22 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2011-09-30 02:33:51 -------- d-----w- C:\Users\Wildmagic\AppData\Roaming\HP Support Assistant
2011-09-30 01:52:44 -------- d-----w- C:\Users\Wildmagic\AppData\Roaming\HPSS
2011-09-30 01:52:44 -------- d-----w- C:\Users\Wildmagic\AppData\Roaming\HP SimpleSave Application
2011-09-30 01:49:15 -------- d-----w- C:\Users\Wildmagic\AppData\Local\CrashDumps
2011-09-30 01:36:36 -------- d-----w- C:\Program Files\Speccy
2011-09-30 01:24:59 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-09-30 00:04:31 -------- d-----w- C:\Users\Wildmagic\AppData\Roaming\HpUpdate
2011-09-29 16:25:04 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-09-29 16:15:14 -------- d-----w- C:\Users\Wildmagic\AppData\Local\AVERT
2011-09-29 12:02:46 -------- d-----r- C:\Sandbox
2011-09-29 12:01:45 -------- d-----w- C:\Program Files\Sandboxie
2011-09-29 11:58:04 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2011-09-29 10:14:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-09-29 10:14:01 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-09-29 10:12:57 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-09-29 10:11:55 321024 ----a-w- C:\Windows\System32\d3d10_1core.dll
2011-09-29 10:10:48 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-09-29 10:10:46 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-09-29 10:10:46 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-09-29 09:19:01 -------- d-----w- C:\Users\Wildmagic\AppData\Local\Google
2011-09-29 09:18:33 -------- d-----w- C:\Users\Wildmagic\AppData\Local\Deployment
2011-09-29 09:18:33 -------- d-----w- C:\Users\Wildmagic\AppData\Local\Apps
2011-09-29 08:28:50 -------- d-----w- C:\Program Files (x86)\Avira
2011-09-29 07:51:57 -------- d-----w- C:\Users\Wildmagic\AppData\Local\NPE
2011-09-29 03:55:04 386168 ----a-w- C:\Windows\System32\drivers\N360x64\0501000.01D\symnets.sys
2011-09-29 03:55:03 912504 ----a-w- C:\Windows\System32\drivers\N360x64\0501000.01D\symefa64.sys
2011-09-29 03:55:03 744568 ----a-w- C:\Windows\System32\drivers\N360x64\0501000.01D\srtsp64.sys
2011-09-29 03:55:03 450680 ----a-w- C:\Windows\System32\drivers\N360x64\0501000.01D\symds64.sys
2011-09-29 03:55:03 40568 ----a-w- C:\Windows\System32\drivers\N360x64\0501000.01D\srtspx64.sys
2011-09-29 03:55:03 171128 ----a-r- C:\Windows\System32\drivers\N360x64\0501000.01D\ironx64.sys
2011-09-29 03:54:58 -------- d-----w- C:\Windows\System32\drivers\N360x64\0501000.01D
2011-09-29 03:49:06 34288 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2011-09-29 03:49:06 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2011-09-29 03:49:06 -------- d-----w- C:\Program Files\Symantec
2011-09-29 03:49:06 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2011-09-29 03:49:00 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll
2011-09-29 03:49:00 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2011-09-29 03:48:57 -------- d-----w- C:\Windows\System32\drivers\N360x64
2011-09-29 03:48:56 -------- d-----w- C:\Program Files (x86)\Norton Security Suite
2011-09-29 03:48:48 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2011-09-29 03:41:59 -------- d-----w- C:\Users\Wildmagic\AppData\Local\ID Vault
2011-09-29 03:41:59 -------- d-----w- C:\ProgramData\IsolatedStorage
2011-09-29 00:19:58 -------- d-----w- C:\Users\Wildmagic\AppData\Roaming\Intel Corporation
2011-09-29 00:19:36 -------- d-----w- C:\Users\Wildmagic\AppData\Local\VirtualStore
2011-09-29 00:17:40 -------- d-----w- C:\Users\Wildmagic\AppData\Local\Hewlett-Packard
2011-09-29 00:02:42 -------- d-----w- C:\ProgramData\Recovery
2011-09-28 23:32:53 -------- d-----w- C:\Users\Wildmagic\AppData\Roaming\ID Vault
2011-09-28 23:32:36 29288 ------w- C:\Windows\System32\drivers\gidv2.sys
2011-09-28 23:32:34 65816 ------w- C:\Windows\System32\GIDLogonCP64.dll
2011-09-28 23:32:34 467224 ------w- C:\Windows\System32\GIDHOOK64.DLL
2011-09-28 23:32:34 446752 ------w- C:\Windows\System32\GIDHookLogon64.dll
2011-09-28 23:32:34 206608 ------w- C:\Windows\System32\GIDBIN1.DLL
2011-09-28 23:32:34 109064 ------w- C:\Windows\System32\EasyHook64.dll
2011-09-28 23:32:34 102160 ------w- C:\Windows\System32\GIDBIN3.DLL
2011-09-28 23:32:25 -------- d-----w- C:\ProgramData\GID
2011-09-28 23:32:24 -------- d-----w- C:\Program Files (x86)\SFT
2011-09-28 23:32:18 -------- d-----w- C:\Program Files (x86)\Constant Guard Protection Suite
2011-09-28 23:32:11 -------- d-----w- C:\ProgramData\White Sky, Inc
2011-09-28 23:31:36 9049936 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{441786D9-6ABB-4EC7-9C10-D8352E191EA0}\mpengine.dll
2011-09-28 23:31:35 270720 ------w- C:\Windows\System32\MpSigStub.exe
.
==================== Find3M ====================
.
2011-10-09 10:57:32 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-10-09 10:57:32 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
.
============= FINISH: 4:13:18.56 ===============

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:38 PM

Posted 24 October 2011 - 11:08 PM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

In order for me to see the status of the infection I will need a new set of logs to start with.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.

Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:38 PM

Posted 28 October 2011 - 12:10 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:38 PM

Posted 01 November 2011 - 12:40 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users