Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 




Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > HijackThis Log Help
ComboFix log...please look at ComboFix log...please look at
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read

HijackThis Log Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help.

Closed Thread
 
Thread Tools
Old 07-17-2008, 06:51 PM   #1 (permalink)
Registered User
 
Join Date: Jul 2008
Posts: 1
OS: windows xp home edition service pack 2


ComboFix log...please look at
Hey guys,
I had a virus on my computer and was told to run ComboFix and post the log on this site so someone could look it over and instruct me further. It seems to have fixed all the problems I had including hidding my c: drive in my computer, hidding my "all programs" in the start menu, causing my clock to go to military time and VIRUS ALERT! posted next to it in my toolbar, many popups while online, my computer running very slowly, and several applications added to my desktop. If someone could look over the following and tell me if there is anything else I need to do I would appriciate it.

Thanks!



ComboFix 08-07-15.4 - Evan Privoznik 2008-07-17 16:46:42.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.158 [GMT -8:00]
Running from: C:\Documents and Settings\Evan Privoznik\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Evan Privoznik\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Evan Privoznik\Application Data\rhc5t8j0ee9c
C:\Documents and Settings\Evan Privoznik\Start Menu\Programs\Antivirus 2008 PRO
C:\Documents and Settings\Evan Privoznik\Start Menu\Programs\Antivirus 2008 PRO\antivirus-2008pro.lnk
C:\Program Files\rhc5t8j0ee9c
C:\WINDOWS\cookies.ini
C:\WINDOWS\efke.exe
C:\WINDOWS\fsrpknov.dll
C:\WINDOWS\gpefaowr.exe
C:\WINDOWS\pskt.ini
C:\WINDOWS\sqvgnrpx.dll
C:\WINDOWS\system32\AutoRun.inf
C:\WINDOWS\system32\bdfMUvut.ini
C:\WINDOWS\system32\bdfMUvut.ini2
C:\WINDOWS\system32\beep.sys
C:\WINDOWS\system32\blphc1t8j0ee9c.scr
C:\WINDOWS\system32\bmgwoxxm.ini
C:\WINDOWS\system32\buvslkvg.dll
C:\WINDOWS\system32\clbinit.dll
C:\WINDOWS\system32\cmytds.dll
C:\WINDOWS\system32\dtwbtfbx.ini
C:\WINDOWS\system32\fdmsqyag.ini
C:\WINDOWS\system32\fduumduf.dll
C:\WINDOWS\system32\fosmufva.dll
C:\WINDOWS\system32\hcdrxadx.ini
C:\WINDOWS\system32\kdcpua.dll
C:\WINDOWS\system32\kzlgmo.dll
C:\WINDOWS\system32\lphc1t8j0ee9c.exe
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mxxowgmb.dll
C:\WINDOWS\system32\oUwDdMoq.ini
C:\WINDOWS\system32\oUwDdMoq.ini2
C:\WINDOWS\system32\phc1t8j0ee9c.bmp
C:\WINDOWS\system32\pphc1t8j0ee9c.exe
C:\WINDOWS\system32\qoMdDwUo.dll
C:\WINDOWS\system32\rwxskdox.ini
C:\WINDOWS\system32\tohheyfl.dll
C:\WINDOWS\system32\vtUkIApp.dll
C:\WINDOWS\system32\wvUmkLCU.dll
C:\WINDOWS\system32\wvUmlmNd.dll
C:\WINDOWS\system32\wvUnLBrq.dll
C:\WINDOWS\system32\xaagov.dll
C:\WINDOWS\system32\xodksxwr.dll
C:\WINDOWS\system32\xutakj.dll
C:\WINDOWS\system32\ypmpqqxa.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CLBDRIVER
-------\Legacy_NPF
-------\Service_clbdriver


((((((((((((((((((((((((( Files Created from 2008-06-18 to 2008-07-18 )))))))))))))))))))))))))))))))
.

2008-07-17 15:48 . 2008-07-17 15:48 16,244 --a------ C:\WINDOWS\system32\rrt_is.wav
2008-07-17 15:48 . 2008-07-17 15:48 7,302 --a------ C:\WINDOWS\system32\rrt_vf.wav
2008-07-17 15:48 . 2008-07-17 15:48 7,148 --a------ C:\WINDOWS\system32\rrt_tv.wav
2008-07-17 15:48 . 2008-07-17 15:48 6,282 --a------ C:\WINDOWS\system32\rrt_tn.wav
2008-07-17 14:18 . 2008-07-17 14:18 110,419 --a------ C:\WINDOWS\BM5bb4bcf2.xml
2008-07-17 14:18 . 2008-07-17 14:18 106,496 --a------ C:\WINDOWS\system32\kdkcmstg.dll
2008-07-17 14:07 . 2008-07-17 14:07 <DIR> d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-07-17 14:07 . 2008-07-17 14:07 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\toshiba
2008-07-17 14:07 . 2008-07-17 14:07 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
2008-07-17 14:07 . 2008-07-17 14:07 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\InterVideo
2008-07-17 14:07 . 2008-07-17 14:07 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\InterTrust
2008-07-16 23:12 . 2008-07-17 14:06 <DIR> d-------- C:\Documents and Settings\Administrator
2008-07-16 00:49 . 2008-07-16 00:49 <DIR> d-------- C:\Program Files\Alwil Software
2008-07-14 04:07 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-07-14 04:07 . 2008-05-29 09:35 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-07-14 04:07 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-07-14 04:07 . 2008-07-02 13:33 82,432 --a------ C:\WINDOWS\system32\IEDFix.C.exe
2008-07-14 04:07 . 2008-05-23 18:21 81,920 --a------ C:\WINDOWS\system32\404Fix.exe
2008-07-14 04:07 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-07-14 03:56 . 2008-07-15 23:54 3,380 --a------ C:\WINDOWS\system32\tmp.reg
2008-07-14 03:51 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-07-14 03:51 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-07-14 03:51 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-07-14 03:41 . 2008-07-14 03:41 0 --a------ C:\WINDOWS\TPTray.INI
2008-07-14 03:22 . 2008-07-14 03:46 94,208 --a------ C:\WINDOWS\system32\19.tmp
2008-07-14 03:22 . 2008-07-14 03:45 94,208 --a------ C:\WINDOWS\system32\18.tmp
2008-07-14 03:22 . 2008-07-14 03:45 94,208 --a------ C:\WINDOWS\system32\17.tmp
2008-07-14 03:22 . 2008-07-14 03:45 94,208 --a------ C:\WINDOWS\system32\15.tmp
2008-07-14 03:22 . 2008-07-14 03:45 94,208 --a------ C:\WINDOWS\system32\14.tmp
2008-07-14 03:22 . 2008-07-14 03:45 94,208 --a------ C:\WINDOWS\system32\13.tmp
2008-07-10 03:06 . 2008-07-10 03:06 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-07-09 00:52 . 2008-07-09 00:52 3,472 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-07-01 23:39 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-07-01 23:39 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-07-01 23:39 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-07-01 01:59 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-07-01 01:53 . 2008-07-01 01:53 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-07-01 01:45 . 2008-07-01 01:48 <DIR> d-------- C:\Documents and Settings\Evan Privoznik\Contacts
2008-07-01 01:19 . 2008-07-01 01:52 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-07-01 01:18 . 2008-07-02 23:47 <DIR> d-------- C:\Program Files\Windows Live
2008-07-01 01:17 . 2008-07-01 01:17 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-20 09:41 . 2008-06-20 09:41 245,248 -----c--- C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 02:44 . 2008-06-20 02:44 138,368 -----c--- C:\WINDOWS\system32\dllcache\afd.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-17 22:06 --------- d-----w C:\Program Files\Symantec
2008-07-17 22:06 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-07-15 09:48 --------- d-----w C:\Program Files\Norton AntiVirus
2008-07-15 09:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-07-15 07:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-18 06:01 --------- d-----w C:\Program Files\Ballance
2008-06-18 05:59 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-13 13:10 272,128 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-13 08:08 --------- d-----w C:\Program Files\Napster
2008-06-09 11:06 --------- d-----w C:\Documents and Settings\Evan Privoznik\Application Data\Apple Computer
2008-06-04 06:52 --------- d-----w C:\Program Files\EA GAMES
2008-05-29 09:14 --------- d-----w C:\Program Files\Apple Software Update
2008-05-20 22:54 --------- d-----w C:\Program Files\iTunes
2008-05-20 22:54 --------- d-----w C:\Program Files\iPod
2008-05-20 22:51 --------- d-----w C:\Program Files\QuickTime
2008-05-20 21:33 --------- d-----w C:\Documents and Settings\Evan Privoznik\Application Data\Amazon
2008-05-20 21:32 --------- d-----w C:\Program Files\Amazon
2003-08-27 22:19 36,963 ----a-r C:\Program Files\Common Files\SM1updtr.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2003-09-05 03:24 65536]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-04-21 21:10 335872]
"LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2003-09-26 15:43 184320]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2003-10-30 16:46 192512]
"EzButton"="C:\Program Files\EzButton\EzButton.EXE" [2004-05-14 10:29 712704]
"CeEKEY"="C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" [2004-05-06 13:12 638976]
"TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" [2004-03-15 11:17 53248]
"PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" [2004-02-03 14:47 1089589]
"CeEPOWER"="C:\Program Files\TOSHIBA\Power Management\CePMTray.exe" [2004-05-20 09:21 135168]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 18:34 49152]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2005-01-13 22:05 122939]
"NapsterShell"="C:\Program Files\Napster\napster.exe" [2008-05-09 14:37 323216]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 19:16 39792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 00:25 144784]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"BM5bb4bcf2"="C:\WINDOWS\system32\kdkcmstg.dll" [2008-07-17 14:18 106496]
"AGRSMMSG"="AGRSMMSG.exe" [2004-02-20 15:00 88363 C:\WINDOWS\agrsmmsg.exe]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 18:26:24 210520]
Microsoft Office OneNote 2003 Quick Launch.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2003-08-06 13:23:32 51776]
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [2003-12-02 14:45:18 155648]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\TOSHIBA\\ivp\\NetInt\\Netint.exe"=
"C:\\TOSHIBA\\Ivp\\ISM\\pinger.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\AIM6\\aim6.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-15 15:20]
R1 ECioctl;ECioctl;C:\WINDOWS\system32\Drivers\ECioctl.sys [2004-05-06 12:40]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-15 15:16]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
"2008-05-20 21:43:36 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-07-18 01:30:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
- - - - ORPHANS REMOVED - - - -

BHO-{1C6FFD8A-7238-491F-BD8D-B83E45A453CB} - C:\WINDOWS\system32\tuvUMfdb.dll
HKCU-Run-Aim6 - (no file)
SSODL-fsrpknov-{578C4123-9E7A-42B6-A6BD-5665D199259B} - C:\WINDOWS\fsrpknov.dll


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-17 17:21:18
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\system32\kdkcmstg.dll
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Apoint2K\ApntEx.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
.
**************************************************************************
.
Completion time: 2008-07-17 17:32:15 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-18 01:31:45

Pre-Run: 16,389,058,560 bytes free
Post-Run: 16,883,408,896 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

236 --- E O F --- 2008-07-14 10:44:44
Boblahblah is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 07-22-2008, 04:18 AM   #2 (permalink)
Moderator, Analyst, Security Team
 
amateur's Avatar
 
Join Date: Jun 2006
Location: Rhode Island, USA
Posts: 2,755
OS: XP Home SP3, XP Media Center Edition SP3


Re: ComboFix log...please look at
Hello and welcome to TSF.

Quote:
I had a virus on my computer and was told to run ComboFix and post the log on this site
Told by whom?

Nowhere in our sticky, there's a request for Combofix to be run. ComboFix is an extremely powerful tool and should only be used when instructed by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

Combofix has removed the major part of the infection with some remnants only to clean up.
  • Open notepad (Start>All programs>accessories>notepad )
  • Copy the entire contents of the Quote Box below to Notepad.
  • Name the file as CFScript.txt
  • Change the Save as Type to All Files
  • and Save it on the desktop
(It must be notepad, not wordpad, or it won't work):

Code:
File::
C:\WINDOWS\system32\rrt_is.wav
C:\WINDOWS\system32\rrt_vf.wav
C:\WINDOWS\system32\rrt_tv.wav
C:\WINDOWS\system32\rrt_tn.wav
C:\WINDOWS\BM5bb4bcf2.xml
C:\WINDOWS\system32\kdkcmstg.dll
C:\WINDOWS\system32\19.tmp
C:\WINDOWS\system32\18.tmp
C:\WINDOWS\system32\17.tmp
C:\WINDOWS\system32\15.tmp
C:\WINDOWS\system32\14.tmp
C:\WINDOWS\system32\13.tmp

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"BM5bb4bcf2"=-
Save this as CFScript.txt



Refering to the picture above, drag CFScript.txt into ComboFix.exe

When finished, it shall produce a log for you. Post that log in your next reply along with a fresh HijackThis log.

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

==============================

It's important to run this online scan to search for any remnants. It can take some time, so please be patient and allow it to run it's full course:

Using Internet Explorer, visit http://www.kaspersky.nl/scanforvirus-en/kavwebscan.html

Establish an internet connection & perform an online scan with Internet Explorer at Kaspersky Online Scanner

Answer Yes, when prompted to install an ActiveX component.
  • The program will then begin downloading the latest definition files.
  • Once the files have been downloaded click on NEXT
  • Locate the Scan Settings button & configure to:
    • Scan using the following Anti-Virus database:
      • Extended
    • Scan Options:
      • Scan Archives
      • Scan Mail Bases
  • Click OK & have it scan My Computer
  • Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
  • Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
  • Click View scan report at the bottom.


  • Click the Save as Text button to save the file to your desktop so that you may post it in your next reply

**Note**

To optimize scanning time and produce a more sensible report for review:
  • Close any open programs
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
======================

Expected logs:

Combofix.txt
HijackThis log
Kaspersky report
__________________
My services are free. However, you can donate to TSF to help keep it running and prospering.
ASAP

Last edited by amateur : 07-22-2008 at 04:25 AM.
amateur is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Closed Thread

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 08:49 PM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2008, Tech Support Forum

Search Engine Friendly URLs by vBSEO

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81