 [Resolved] Spyware, Trojans, Vundo, Etc., Slow boot, slow web page load, odd results |
Welcome! Register for a free account (or login) > How does it work?
|
|
 Jun 29 2009, 03:03 PM
Post
#1
|
|
|
New Member  Group: Authentic Member Posts: 18 Joined: 29-June 09 Member No.: 86,469 Operating System: XP SP3  |
Slow boot,slow or no loading of web page, strange search results, odd behavior and if I try to delete a user account it crashes. I have Norton running, run MalWarebytes Anti Malware and others often.
Need help. Intermediate user. Thanks |
 |
 
|
|
Replies
|
Jul 6 2009, 12:05 PM
Post
#2
|
|
|
New Member Group: Authentic Member Posts: 18 Joined: 29-June 09 Member No.: 86,469 Operating System: XP SP3 |
Hi
Sorry I have been gone so long. Thanks for staying with me. DDS (Ver_09-06-26.01) - NTFSx86 Run by Roy Bristow at 14:01:15.81 on Mon 07/06/2009 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1013.295 [GMT -4:00] AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Program Files\Dell Network Assistant\hnm_svc.exe C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Documents and Settings\Roy Bristow\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Microsoft Office\Office\OSA.EXE C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE svchost C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Documents and Settings\Roy Bristow\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://comcast.net/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\16.5.0.135\coIEPlg.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\16.5.0.135\IPSBHO.DLL BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File TB: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - No File TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\16.5.0.135\coIEPlg.dll TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter uRun: [Google Update] "c:\documents and settings\roy bristow\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe" mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~2.lnk - c:\program files\microsoft office\office\FINDFAST.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\office~1.lnk - c:\program files\microsoft office\office\OSA.EXE uPolicies-system: EnableProfileQuota = 1 (0x1) IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} Trusted Zone: download.com Trusted Zone: intuit.com DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} - hxxp://webeffective.keynote.com/applications/pconnector/download/ConnectorLauncher.cab DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {94B82441-A413-4E43-8422-D49930E69764} - hxxps://chat2.j2.com/Media/VisitorchatEnu/TLIEFlash.CAB DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton internet security\engine\16.5.0.135\CoIEPlg.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll Notify: igfxcui - igfxdev.dll Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL ============= SERVICES / DRIVERS =============== R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-2-25 64160] R0 MPRIFL;MPRIFL;c:\windows\system32\drivers\mprifl.sys [2009-1-28 17264] R0 nielprt;Nielsen Patch Service;c:\windows\system32\drivers\nielprt.sys [2009-5-12 21888] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1005000.087\SymEFA.sys [2009-3-23 310320] R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nis\1005000.087\BHDrvx86.sys [2009-3-23 258608] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1005000.087\cchpx86.sys [2009-3-23 482352] R1 nnrnstdi;nnrnstdi;c:\windows\system32\drivers\nnrnstdi.sys [2008-12-7 14336] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-4-28 9968] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-4-28 72944] R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [2008-11-13 13360] R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\microsoft small business\business contact manager\BcmSqlStartupSvc.exe [2008-1-11 30312] R2 IntuitUpdateService;Intuit Update Service;c:\program files\common files\intuit\update service\IntuitUpdateService.exe [2008-10-10 13088] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 953168] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-1-4 195856] R2 Norton Internet Security;Norton Internet Security;c:\program files\norton internet security\engine\16.5.0.135\ccSvcHst.exe [2009-3-23 115560] R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2008-11-13 69168] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-7-3 101936] R3 km_filter;km_filter;c:\windows\system32\drivers\km_filter.sys [2008-12-7 8832] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2008-9-26 19096] R3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2008-11-24 29263712] R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090705.020\NAVENG.SYS [2009-7-5 89104] R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090705.020\NAVEX15.SYS [2009-7-5 876144] S1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20090625.003\IDSXpx86.sys [2009-6-30 276344] S2 gupdate1c9a2515ee9ac6;Google Update Service (gupdate1c9a2515ee9ac6);c:\program files\google\update\GoogleUpdate.exe [2009-3-11 133104] S3 NielGfx;Nielsen USB GFX;c:\windows\system32\drivers\nielgfx.sys [2009-5-12 9088] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064] S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-4-28 7408] S3 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2008-10-23 92464] =============== Created Last 30 ================ 2009-07-03 18:03 116,224 a------- c:\windows\system32\dllcache\xrxwiadr.dll 2009-07-03 18:01 53,760 a------- c:\windows\system32\dllcache\wiamsmud.dll 2009-07-03 18:00 687,999 a------- c:\windows\system32\dllcache\usrwdxjs.sys 2009-07-03 17:59 50,176 a------- c:\windows\system32\dllcache\umaxp60.dll 2009-07-03 17:58 241,664 a------- c:\windows\system32\dllcache\tosdvd02.sys 2009-07-03 17:57 10,240 a------- c:\windows\system32\dllcache\swpdflt2.dll 2009-07-03 17:56 143,422 a------- c:\windows\system32\dllcache\softkey.dll 2009-07-03 17:55 50,432 a------- c:\windows\system32\dllcache\sisv.sys 2009-07-03 17:54 17,280 a------- c:\windows\system32\dllcache\scr111.sys 2009-07-03 17:53 79,872 a------- c:\windows\system32\dllcache\rwia430.dll 2009-07-03 17:52 112,574 a------- c:\windows\system32\dllcache\ptserlp.sys 2009-07-03 17:51 86,016 a------- c:\windows\system32\dllcache\pctspk.exe 2009-07-03 17:50 27,209 a------- c:\windows\system32\dllcache\otc06x5.sys 2009-07-03 17:49 85,248 a------- c:\windows\system32\dllcache\nabtsfec.sys 2009-07-03 17:48 22,016 a------- c:\windows\system32\dllcache\msircomm.sys 2009-07-03 17:47 58,368 a------- c:\windows\system32\dllcache\m3091dc.dll 2009-07-03 17:46 6,144 a------- c:\windows\system32\dllcache\kbd106.dll 2009-07-03 17:45 20,480 a------- c:\windows\system32\dllcache\icam5ext.dll 2009-07-03 17:44 115,807 a------- c:\windows\system32\dllcache\hsf_fsks.sys 2009-07-03 17:43 108,827 a------- c:\windows\system32\dllcache\hanja.lex 2009-07-03 17:42 7,040 a------- c:\windows\system32\dllcache\exabyte2.sys 2009-07-03 17:41 241,206 a------- c:\windows\system32\dllcache\el656se5.sys 2009-07-03 17:40 65,622 a------- c:\windows\system32\dllcache\digiasyn.dll 2009-07-03 17:39 272,640 a------- c:\windows\system32\dllcache\cinemclc.sys 2009-07-03 17:38 54,271 a------- c:\windows\system32\dllcache\bcm42xx5.sys 2009-07-03 17:37 66,048 a------- c:\windows\system32\dllcache\s3legacy.dll 2009-07-01 15:24 <DIR> --d----- c:\windows\system32\dllcache\cache 2009-07-01 15:10 <DIR> a-dshr-- C:\cmdcons 2009-07-01 15:08 161,792 a------- c:\windows\SWREG.exe 2009-07-01 15:08 155,136 a------- c:\windows\PEV.exe 2009-07-01 15:08 98,816 a------- c:\windows\sed.exe 2009-06-29 17:34 <DIR> --d----- c:\program files\Flip Words 2009-06-29 15:17 <DIR> --d----- c:\docume~1\roybri~1\applic~1\ZoomBrowser EX 2009-06-29 15:09 <DIR> --d----- c:\docume~1\roybri~1\applic~1\CameraWindowDC 2009-06-29 15:09 <DIR> --d----- c:\docume~1\roybri~1\applic~1\CANON INC 2009-06-22 14:17 <DIR> -cd-h--- c:\windows\ie8 2009-06-22 14:04 255,848 a------- c:\windows\system32\xactengine2_6.dll 2009-06-22 14:03 <DIR> --d-h--- c:\windows\msdownld.tmp 2009-06-22 14:02 <DIR> --d----- c:\windows\Logs 2009-06-21 19:27 16 a------- c:\documents and settings\roy bristow\FlipWords.dat 2009-06-21 14:14 293 a------- c:\windows\FlipWords.ini 2009-06-18 19:07 <DIR> --d----- c:\docume~1\alluse~1\applic~1\ZoomBrowser 2009-06-18 19:07 <DIR> --d----- c:\program files\Canon 2009-06-18 19:04 <DIR> --d----- c:\program files\common files\Canon 2009-06-10 16:03 118 a------- c:\windows\system32\MRT.INI 2009-06-10 04:52 246,272 -------- c:\windows\system32\dllcache\ieproxy.dll 2009-06-10 04:52 12,800 -------- c:\windows\system32\dllcache\xpshims.dll 2009-06-09 15:37 <DIR> --dsh--- c:\documents and settings\roy bristow\IECompatCache ==================== Find3M ==================== 2009-06-21 14:13 1,682 a--sh--- c:\windows\system32\KGyGaAvL.sys 2009-06-17 11:27 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-17 11:27 19,096 a------- c:\windows\system32\drivers\mbam.sys 2009-05-21 11:33 410,984 a------- c:\windows\system32\deploytk.dll 2009-05-13 01:15 5,936,128 a------- c:\windows\system32\dllcache\mshtml.dll 2009-05-13 01:15 915,456 a------- c:\windows\system32\wininet.dll 2009-05-13 01:15 915,456 a------- c:\windows\system32\dllcache\wininet.dll 2009-05-13 01:15 915,456 a------- c:\windows\system32\dllcache\cache\wininet.dll 2009-05-12 06:56 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_nielprt_01007.Wdf 2009-05-12 06:55 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf 2009-05-12 01:11 102,912 -------- c:\windows\system32\dllcache\iecompat.dll 2009-05-07 11:32 345,600 a------- c:\windows\system32\localspl.dll 2009-05-07 11:32 345,600 a------- c:\windows\system32\dllcache\localspl.dll 2009-04-30 17:22 1,985,024 -------- c:\windows\system32\dllcache\iertutil.dll 2009-04-30 17:22 1,207,808 a------- c:\windows\system32\dllcache\urlmon.dll 2009-04-30 17:22 25,600 a------- c:\windows\system32\dllcache\jsproxy.dll 2009-04-30 17:22 11,064,832 -------- c:\windows\system32\dllcache\ieframe.dll 2009-04-30 17:22 385,536 a------- c:\windows\system32\dllcache\iedkcs32.dll 2009-04-30 07:21 173,056 a------- c:\windows\system32\dllcache\ie4uinit.exe 2009-04-22 20:09 15,688 a------- c:\windows\system32\lsdelete.exe 2009-04-17 08:26 1,847,168 a------- c:\windows\system32\win32k.sys 2009-04-17 08:26 1,847,168 a------- c:\windows\system32\dllcache\win32k.sys 2009-04-15 10:51 585,216 a------- c:\windows\system32\rpcrt4.dll 2009-04-15 10:51 585,216 a------- c:\windows\system32\dllcache\rpcrt4.dll 2009-02-10 15:38 60,744 a------- c:\documents and settings\roy bristow\g2mdlhlpx.exe 2009-01-26 12:00 2,516 a--sh--- c:\docume~1\alluse~1\applic~1\KGyGaAvL.sys 2009-01-26 12:00 88 ---shr-- c:\docume~1\alluse~1\applic~1\020AC935B7.sys 2008-07-07 09:56 81,920 a------- c:\docume~1\roybri~1\applic~1\ezpinst.exe 2008-07-07 09:56 47,360 a------- c:\docume~1\roybri~1\applic~1\pcouffin.sys 2008-09-23 20:59 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008092320080924\index.dat ============= FINISH: 14:02:16.59 ===============
Attached File(s)
|
|
|
|
Posts in this topic
royb [Resolved] Spyware, Trojans, Vundo, Etc. Jun 29 2009, 03:03 PM
jpshortstuff Hi,
Does MalwareBytes' find anything? If so, ... Jul 1 2009, 03:36 AM royb Thanks for the help. I will gladly donate as soon ... Jul 1 2009, 12:28 PM jpshortstuff Looks like you've got a nasty Rootkit (or two)... Jul 1 2009, 12:36 PM royb FYI - I received several warnings that the ComboFi... Jul 1 2009, 01:33 PM jpshortstuff Hi,
Please click Start >> Control Panel ... Jul 1 2009, 02:09 PM royb Before I go further - I removed J2SE, Java 6 Updat... Jul 1 2009, 02:47 PM jpshortstuff Hi,
You don't need to delete Spybot, just dis... Jul 1 2009, 02:51 PM royb I wasn't clear. Spybot is no longer a program ... Jul 1 2009, 02:56 PM royb I wasn't clear. Spybot is no longer a program ... Jul 1 2009, 02:57 PM jpshortstuff Ah, I understand. In which case, you don't hav... Jul 1 2009, 02:59 PM royb I must go for the evening. My machine still works ... Jul 1 2009, 06:21 PM jpshortstuff Hi,
I've got another CFScript for you to run,... Jul 2 2009, 04:33 AM royb Hi
Spybot folder deleted without problems. Here i... Jul 2 2009, 11:42 AM jpshortstuff Hi,
Something keeps coming back. Please delete yo... Jul 3 2009, 02:32 AM royb Hello
Machine is much better although when I try ... Jul 3 2009, 10:28 AM jpshortstuff Let's hope that Blue Screen was a one off, and... Jul 3 2009, 12:02 PM royb Hello
Still having the problem with deleting user... Jul 3 2009, 02:56 PM jpshortstuff OK, let's see if any of your system files are ... Jul 3 2009, 03:05 PM royb Hi - I just got your latest and have not acted yet... Jul 3 2009, 03:15 PM jpshortstuff Did MalwareBytes' remove them? I'd run a Q... Jul 3 2009, 03:25 PM royb On the run you asked for Malwarebytes found the fo... Jul 3 2009, 06:25 PM jpshortstuff Another DDS log please, looks like you were infect... Jul 5 2009, 04:55 AM jpshortstuff Looking good. I notice you did the sfc scan, did y... Jul 6 2009, 12:11 PM royb I did both scans but they did not help the deletin... Jul 6 2009, 12:25 PM jpshortstuff Two more things to try.
First, try creating a new... Jul 6 2009, 12:35 PM royb The new account was created and deleted without a ... Jul 6 2009, 01:03 PM jpshortstuff I can't see any Malware involved, so I think I... Jul 6 2009, 03:07 PM royb I was not given any warnings.
Thanks
GMER 1.0.1... Jul 6 2009, 04:31 PM jpshortstuff Hi,
Log looks good
Click Start >> Run, an... Jul 6 2009, 04:38 PM royb Will do all of the above and I REALLY appreciate y... Jul 6 2009, 04:44 PM jpshortstuff Here's a link you can use:CODEhttp://forum... Jul 6 2009, 04:51 PM royb As a note: Tony Klein's page will not open. I ... Jul 6 2009, 04:57 PM jpshortstuff Sorry, that website doesn't exist any more. We... Jul 7 2009, 03:36 AM royb Thanks for all the help. Machine is working great... Jul 8 2009, 11:32 AM jpshortstuff Glad to hear it Jul 9 2009, 03:45 AM
jpshortstuff Since this issue appears to be resolved ... this T... Jul 9 2009, 03:46 AM |
Similar Topics
| Topic Title | Replies | Topic Starter | Views | Last Action | |||
|---|---|---|---|---|---|---|---|
 |
8 | ZeroMovement | 132 | Today, 12:39 AM Last post by: ZeroMovement |
|||
 |
16 | Tim F. | 203 | Yesterday, 03:30 PM Last post by: MrCharlie |
|||
|
15 | tiancheng | 479 | Yesterday, 06:46 AM Last post by: Blade81 |
|||
|
15 | Angel2121 | 495 | Yesterday, 05:46 AM Last post by: jpshortstuff |
|||
|
Time is now: 22nd March 2010 - 04:48 AM |
Member site: Alliance of Security Analysis Professionals | UNITE Against Malware
Memory Forums | Auto Repair Forum
© Geeks to Go, Inc. | All Rights Reserved | Privacy Policy
