|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Resolved HJT Threads Resolved spyware and popup issues. |
|
|
LinkBack | Thread Tools |
07-19-2007, 05:54 AM
|
#1 (permalink) |
|
Registered User
Join Date: Jul 2007
Posts: 16
OS: XP
|
Help with laptop
Hello, I have a new laptop:
Dell Latitude D630, Windows XP Just a while ago, it has been acting all nuts.. spybot was constantly denying access to two browser things [which was {long string of characters}], teatimer ended by me [even though I didn't], and security task manager keeps on reading iiffdcc.dll and vturs.dll [both of which are in quarantine and probably aren't causing any trouble now.. they used to keep on reappearing] i have just installed Trend Micro PC-cillin in exchange for spybot and AVG.. for now my laptop seems to be happy ^_^ Logfile of HijackThis v1.99.1 Scan saved at 4:44:18 AM, on 7/18/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\SCardSvr.exe C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe C:\Program Files\Wave Systems Corp\Common\DataServer.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Apoint\HidFind.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\WINDOWS\system32\KADxMain.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\Dell Support\DSAgnt.exe C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Security Task Manager\TaskMan.exe C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe C:\Program Files\Trend Micro\Internet Security 2007\pccmain.exe C:\PROGRA~1\TRENDM~1\INTERN~1\PccHCMS.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\PROGRA~1\TRENDM~1\INTERN~1\PccVScan.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6070706 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&...us&ibd=6070706 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6070706 O2 - BHO: (no name) - {38E39267-16AC-41D3-924F-E61DC4CEFAE8} - (no file) O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [KADxMain] C:\WINDOWS\system32\KADxMain.exe O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx2\PXConsole.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe" O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup O4 - Global Startup: EMBASSY Trust Suite Secure Update.lnk = C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580 O20 - AppInit_DLLs: wxvault.dll O20 - Winlogon Notify: iiffdcc - C:\WINDOWS\ O20 - Winlogon Notify: vturs - C:\WINDOWS\ O23 - Service: Broadcom ASF IP and SMBIOS Mailbox Monitor (ASFIPmon) - Unknown owner - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe" -service (file missing) O23 - Service: DataSvr2 - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Common\DataServer.exe O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx2\PXAgent.exe" -f (file missing) O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: NTRU Hybrid TSS v2.0.25 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe i don't have anything to donate to any helper [im rather poor], but I'd be more than happy to offer some artist services in gratitude ^_^ i dont want to feel like im advertising my gallery.. so ill only post my gallery if permitted second note: if it helps, I have some things I refered from castlecops msconfig/startup ALLOWED [that I don't know what they are about, or may be a bit suspicious] KADxMain windows/system32 weird thing is There are two entries for Item Command NvCpl RUNDLL32.EXE C:\Windows\System32\NvCpl.dll,NvStartup, one is allowed the other denied Denied: rundll32 rundll32.exe nvHotkey.dll, Start RunDLL32 bleh qttask jusched digital line detect Note: If it's possible, I would be more than exhillierated to let the laptop forget everything and reinstall itself like it was when it was packaged. Seriously [because I don't have anything much on this laptop]. If it IS possible, reliable, and somewhat simple, I would like to try that out ^_^ and then have a short list of must-have free laptop stuff [I would've loved to have known about spybot earlier] Last edited by addjenius; 07-19-2007 at 06:09 AM. |
|
     |
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
07-24-2007, 10:16 PM
|
#2 (permalink) |
|
Analyst, Security Team
Join Date: Jun 2005
Posts: 3,065
OS: Windows XP
|
Re: Help with laptop
Dell attempts to make it simple to restore your computer to factory condition. I do not own a Dell machine so please let me know if any of these instructions are incorrect and I will look for some new ones for you.
Restart your computer. When the Dell logo appears press Ctrl and F11 at the same time. This should boot into Dell's Restore utility. From here it should be easy to restore using on-screen prompts/directions. If this does not work try restarting again and pressing the keys right after the dell logo disappears.
__________________
|
|
|
|
|
07-25-2007, 08:32 AM
|
#4 (permalink) |
|
Analyst, Security Team
Join Date: Jun 2005
Posts: 3,065
OS: Windows XP
|
Re: Help with laptop
No problem, we can go through and make sure you're all cleaned up then.
Combofix-Save it to your Desktop, we will need this later. Double click combofix.exe & follow the prompts. When finished, it shall produce a log for you. Post that log in your next reply Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall
__________________
|
|
|
|
|
07-25-2007, 10:00 AM
|
#5 (permalink) |
|
Registered User
Join Date: Jul 2007
Posts: 16
OS: XP
|
Re: Help with laptop
"Dennis Benson" - 2007-07-24 8:52:15 [GMT -5:00] - ComboFix 07-07-24.5 - Service Pack 2 NTFS
* Created a new restore point ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\drivers\sfsync02.sys ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) -------\LEGACY_SFSYNC02 -------\sfsync02 ((((((((((((((((((((((((( Files Created from 2007-06-24 to 2007-07-24 ))))))))))))))))))))))))))))))) 2007-07-24 08:53 0 --a------ C:\WINDOWS\system32\sfsync02.dll 2007-07-24 08:50 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-07-23 12:32 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys 2007-07-23 12:32 11,440 --a------ C:\WINDOWS\system32\drivers\WacomVKHid.sys 2007-07-23 12:32 <DIR> d-------- C:\DOCUME~1\DENNIS~1\APPLIC~1\WTablet 2007-07-23 12:31 12,848 --a------ C:\WINDOWS\system32\drivers\wacomvhid.sys 2007-07-23 12:31 11,312 --a------ C:\WINDOWS\system32\drivers\wacommousefilter.sys 2007-07-23 12:12 8,138 --------- C:\WINDOWS\system32\drivers\PenClass.sys 2007-07-23 12:12 124,464 --a------ C:\WINDOWS\system32\Wintab32.dll 2007-07-23 12:12 12,939 --a------ C:\WINDOWS\system32\tablet.dat 2007-07-23 12:12 1,189,424 --a------ C:\WINDOWS\system32\Tablet.exe 2007-07-23 12:12 <DIR> d-------- C:\WINDOWS\system32\WTablet 2007-07-23 12:12 <DIR> d-------- C:\Program Files\Tablet 2007-07-22 21:18 21,504 --a------ C:\WINDOWS\system32\hidserv.dll 2007-07-22 21:17 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2007-07-22 13:35 63,557 --a------ C:\WINDOWS\War3Unin.dat 2007-07-22 13:35 2,829 --a------ C:\WINDOWS\War3Unin.pif 2007-07-22 13:35 139,264 --a------ C:\WINDOWS\War3Unin.exe 2007-07-22 13:33 <DIR> d-------- C:\Program Files\Warcraft III 2007-07-21 15:55 <DIR> d-------- C:\DOCUME~1\DENNIS~1\APPLIC~1\Thunderbird 2007-07-21 15:54 <DIR> d-------- C:\Program Files\Mozilla Thunderbird 2007-07-20 23:58 <DIR> d-------- C:\Program Files\Game_Maker6 2007-07-18 17:23 <DIR> d-------- C:\Program Files\Bethesda Softworks 2007-07-18 17:19 <DIR> d-------- C:\Program Files\PowerISO 2007-07-18 14:05 90,112 --a------ C:\WINDOWS\system32\stacsv.exe 2007-07-18 14:05 303,104 --a------ C:\WINDOWS\stsystra.exe 2007-07-18 14:05 142,848 --a------ C:\WINDOWS\system32\staco.dll 2007-07-18 14:05 1,601,536 --a------ C:\WINDOWS\system32\stlang.dll 2007-07-18 14:04 266,240 --a------ C:\WINDOWS\system32\stacapi.dll 2007-07-18 14:04 1,228,296 --a------ C:\WINDOWS\system32\drivers\sthda.sys 2007-07-18 14:04 <DIR> d-------- C:\Program Files\SigmaTel 2007-07-18 13:50 <DIR> d-------- C:\WINDOWS\system32\vmm32 2007-07-18 13:35 <DIR> d-------- C:\Program Files\DriverGuide Toolkit 2007-07-18 12:50 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2007-07-18 12:48 <DIR> d-------- C:\WINDOWS\system32\AGEIA 2007-07-18 12:48 <DIR> d-------- C:\Program Files\AGEIA Technologies 2007-07-18 12:46 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-07-18 04:19 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trend Micro 2007-07-18 04:05 <DIR> d-------- C:\DOCUME~1\DENNIS~1\.housecall6.6 2007-07-18 04:04 <DIR> d-------- C:\Program Files\CONEXANT 2007-07-18 03:17 <DIR> d-------- C:\WINDOWS\SxsCaPendDel 2007-07-18 02:50 <DIR> d-------- C:\DOCUME~1\DENNIS~1\APPLIC~1\Prevx 2007-07-18 02:48 <DIR> d-------- C:\Program Files\Prevx2 2007-07-18 02:48 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Prevx 2007-07-18 02:47 77,312 --a------ C:\WINDOWS\ua2.dll 2007-07-18 02:43 <DIR> d---s---- C:\DOCUME~1\DENNIS~1\UserData 2007-07-11 22:24 <DIR> d-------- C:\WINDOWS\system32\appmgmt 2007-07-11 21:53 <DIR> d-------- C:\WINDOWS\system32\PreInstall 2007-07-11 21:19 <DIR> d-------- C:\DOCUME~1\DENNIS~1\APPLIC~1\Help 2007-07-11 21:11 <DIR> d-------- C:\WINDOWS\pss 2007-07-11 21:06 <DIR> d-------- C:\WINDOWS\system32\SoftwareDistribution 2007-07-11 02:54 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SecTaskMan 2007-07-09 22:03 <DIR> d-------- C:\Program Files\iTunes 2007-07-09 22:03 <DIR> d-------- C:\Program Files\iPod 2007-07-09 22:03 <DIR> d-------- C:\DOCUME~1\DENNIS~1\APPLIC~1\Apple Computer 2007-07-09 22:02 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE 2007-07-09 21:52 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer 2007-07-09 21:26 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles 2007-07-09 16:59 1,156 --a------ C:\WINDOWS\mozver.dat 2007-07-09 16:55 <DIR> d-------- C:\WINDOWS\system32\LogFiles 2007-07-09 16:54 0 --a------ C:\WINDOWS\nsreg.dat 2007-07-09 16:54 <DIR> d-------- C:\MDT 2007-07-09 16:54 <DIR> d-------- C:\DOCUME~1\DENNIS~1\APPLIC~1\CyberLink 2007-07-09 16:54 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink 2007-07-09 16:50 <DIR> d-------- C:\DOCUME~1\DENNIS~1\APPLIC~1\Google 2007-07-09 16:49 3,407,872 --ah----- C:\DOCUME~1\DENNIS~1\NTUSER.DAT 2007-07-09 16:49 <DIR> d--h----- C:\DOCUME~1\DENNIS~1\APPLIC~1\Gtek 2007-07-09 16:49 <DIR> d-------- C:\DOCUME~1\DENNIS~1\APPLIC~1\Intel 2007-07-09 16:49 <DIR> d-------- C:\DOCUME~1\DENNIS~1\APPLIC~1\InstallShield 2007-07-09 16:49 <DIR> d-------- C:\DOCUME~1\DENNIS~1\APPLIC~1\Dell 2007-07-09 16:48 262,144 --a------ C:\DOCUME~1\ALLUSE~1\NTUSER.DAT 2007-07-09 16:48 <DIR> d-------- C:\DOCUME~1\DEFAUL~1\APPLIC~1\InstallShield 2007-07-07 01:42 1,802,867 ---hs---- C:\WINDOWS\system32\srutv.bak2 2007-07-06 17:41 <DIR> d-------- C:\Program Files\DAEMON Tools 2007-07-06 17:37 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2007-07-06 15:51 <DIR> d-------- C:\Program Files\Security Task Manager 2007-07-06 13:43 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy 2007-07-06 13:42 1,807,323 ---hs---- C:\WINDOWS\system32\srutv.bak1 2007-07-06 13:28 <DIR> d-------- C:\Program Files\Game_Maker7 2007-07-06 13:21 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2007-07-06 13:21 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2007-07-06 06:09 <DIR> d--hs---- C:\RECYCLER 2007-07-06 06:07 <DIR> d--h----- C:\DOCUME~1\DEFAUL~1\APPLIC~1\Gtek 2007-07-06 06:07 <DIR> d--h----- C:\DOCUME~1\ADMINI~1\APPLIC~1\GTek 2007-07-06 06:07 <DIR> d-------- C:\Program Files\Dell Support 2007-07-06 06:07 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\GTek 2007-07-06 06:07 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google 2007-07-06 06:06 99,176 --a------ C:\WINDOWS\system32\drivers\DRVMCDB.SYS 2007-07-06 06:06 92,920 --a------ C:\WINDOWS\DLA.EXE 2007-07-06 06:06 56,056 --a------ C:\WINDOWS\system32\DLAAPI_W.DLL 2007-07-06 06:06 51,768 --a------ C:\WINDOWS\system32\drivers\DRVNDDM.SYS 2007-07-06 06:06 44,544 --a------ C:\WINDOWS\system32\msxml4a.dll 2007-07-06 06:06 28,184 --a------ C:\WINDOWS\system32\drivers\DLARTL_M.SYS 2007-07-06 06:06 12,920 --a------ C:\WINDOWS\system32\drivers\DLACDBHM.SYS 2007-07-06 06:06 <DIR> d-------- C:\WINDOWS\system32\DLA 2007-07-06 06:06 <DIR> d-------- C:\Program Files\Google 2007-07-06 06:06 <DIR> d-------- C:\Program Files\CyberLink 2007-07-06 06:06 <DIR> d-------- C:\Program Files\BAE 2007-07-06 06:05 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2007-07-06 06:05 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-07-06 10:54:26 -------- d-----w C:\Program Files\Messenger 2007-07-06 10:34:18 5,958 ----a-w C:\WINDOWS\system32\drivers\1028_Dell_LAT_D630.mrk 2007-05-31 20:50:20 6,727,136 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys 2007-05-31 20:50:18 5,464,320 ----a-w C:\WINDOWS\system32\nv4_disp.dll 2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll 2007-05-16 00  58 71,208 ----a-w C:\WINDOWS\system32\PhysXLoader.dll2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="C:\Program Files\Apoint\Apoint.exe" [2007-01-25 02:34] "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-02-21 11:19] "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-02-21 11:17] "PrevxOne"="C:\Program Files\Prevx2\PXConsole.exe" [2007-07-10 07:42] "NvMediaCenter"="NvMCTray.dll" [2007-05-31 15:50 C:\WINDOWS\system32\nvmctray.dll] "SigmatelSysTrayApp"="stsystra.exe" [2007-02-19 14:26 C:\WINDOWS\stsystra.exe] "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-04-09 07:23] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-07-22 02:21] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DellSupport"="C:\Program Files\Dell Support\DSAgnt.exe" [2006-08-28 21:57] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ EMBASSY Trust Suite Secure Update.lnk - C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe [2006-08-25 09:45:30] TabUserW.exe.lnk - C:\WINDOWS\system32\WTablet\TabUserW.exe [2007-07-23 12:12:14] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iiffdcc] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vturs] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=wxvault.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages msv1_0 wvauth [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk backup=C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Document Manager] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVHotkey] rundll32.exe nvHotkey.dll,Start [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /installquiet [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp] stsystra.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe R0 PBADRV;PBADRV;C:\WINDOWS\system32\drivers\pbadrv.sys R0 PenClass;Pen Class;C:\WINDOWS\system32\Drivers\PenClass.sys R0 PrevxDriver;PREVX Kernel Mode Agent;C:\WINDOWS\system32\DRIVERS\pxfsf.sys R1 DLACDBHM;DLACDBHM;C:\WINDOWS\system32\Drivers\DLACDBHM.SYS R1 DLARTL_M;DLARTL_M;C:\WINDOWS\system32\Drivers\DLARTL_M.SYS R1 PREVXTdi;PREVX TDI filter;C:\WINDOWS\system32\DRIVERS\pxtdi.sys R1 PXRDDriver;PREVX Rootkitscan driver;C:\WINDOWS\system32\DRIVERS\pxrd.sys R1 SCDEmu;SCDEmu;C:\WINDOWS\system32\drivers\SCDEmu.sys R1 WmiAcpi;Microsoft Windows Management Interface for ACPI;C:\WINDOWS\system32\DRIVERS\wmiacpi.sys R2 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor;"C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe" -service R2 BASFND;BASFND;\??\C:\Program Files\Broadcom\ASFIPMon\BASFND.sys R2 DLABMFSM;DLABMFSM;C:\WINDOWS\system32\DLA\DLABMFSM.SYS R2 DLABOIOM;DLABOIOM;C:\WINDOWS\system32\DLA\DLABOIOM.SYS R2 DLADResM;DLADResM;C:\WINDOWS\system32\DLA\DLADResM.SYS R2 DLAIFS_M;DLAIFS_M;C:\WINDOWS\system32\DLA\DLAIFS_M.SYS R2 DLAOPIOM;DLAOPIOM;C:\WINDOWS\system32\DLA\DLAOPIOM.SYS R2 DLAPoolM;DLAPoolM;C:\WINDOWS\system32\DLA\DLAPoolM.SYS R2 DLAUDF_M;DLAUDF_M;C:\WINDOWS\system32\DLA\DLAUDF_M.SYS R2 DLAUDFAM;DLAUDFAM;C:\WINDOWS\system32\DLA\DLAUDFAM.SYS R2 DRVNDDM;DRVNDDM;C:\WINDOWS\system32\Drivers\DRVNDDM.SYS R2 s24trans;WLAN Transport;C:\WINDOWS\system32\DRIVERS\s24trans.sys R3 DSproct;DSproct;\??\C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys R3 guardian2;guardian2;C:\WINDOWS\system32\Drivers\oz776.sys R3 HSF_DPV;HSF_DPV;C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys R3 HSFHWAZL;HSFHWAZL;C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys R3 NETw4x32;Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit;C:\WINDOWS\system32\DRIVERS\NETw4x32.sys R3 STHDA;SigmaTel High Definition Audio CODEC;C:\WINDOWS\system32\drivers\sthda.sys R3 TcUsb;TC USB Kernel Driver;C:\WINDOWS\system32\Drivers\tcusb.sys R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver;C:\WINDOWS\system32\DRIVERS\usbehci.sys R3 usbhub;Microsoft USB Standard Hub Driver;C:\WINDOWS\system32\DRIVERS\usbhub.sys R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver;C:\WINDOWS\system32\DRIVERS\usbuhci.sys R3 wacommousefilter;Wacom Mouse Filter Driver;C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys R3 wacomvhid;Wacom Virtual Hid Driver;C:\WINDOWS\system32\DRIVERS\wacomvhid.sys R3 WacomVKHid;Virtual Keyboard Driver;C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys S2 Fax;Fax;C:\WINDOWS\system32\fxssvc.exe S3 BCMTPM;BCMTPM;C:\WINDOWS\system32\DRIVERS\btpmw32.sys S3 DXEC01;DXEC01;C:\WINDOWS\system32\drivers\dxec01.sys S3 E100B;Intel(R) PRO Adapter Driver;C:\WINDOWS\system32\DRIVERS\e100b325.sys S3 HidUsb;Microsoft HID Class Driver;C:\WINDOWS\system32\DRIVERS\hidusb.sys S3 PREVXEmulator;PREVX Emulator driver;C:\WINDOWS\system32\DRIVERS\PxEmu.sys S3 usbccgp;Microsoft USB Generic Parent Driver;C:\WINDOWS\system32\DRIVERS\usbccgp.sys S3 USBSTOR;USB Mass Storage Driver;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS S4 agpCPQ;Compaq AGP Bus Filter;C:\WINDOWS\system32\DRIVERS\agpCPQ.sys ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-07-24 08:56:38 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-07-24 8:58:03 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-07-24 08:57 --- E O F --- |
|
|
|
|
07-25-2007, 10:25 AM
|
#6 (permalink) |
|
Analyst, Security Team
Join Date: Jun 2005
Posts: 3,065
OS: Windows XP
|
Re: Help with laptop
Open notepad and copy/paste the text in the quotebox below into it:
Code:
File:: C:\WINDOWS\system32\srutv.bak2 C:\WINDOWS\system32\srutv.bak1 Registry:: [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iiffdcc] [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vturs]  Refering to the picture above, drag CFScript.txt into ComboFix.exe When finished, it shall produce a log for you, C:\ComboFix.txt. Post that log in your next reply.
__________________
|
|
|
|
|
07-25-2007, 03:20 PM
|
#8 (permalink) |
|
Analyst, Security Team
Join Date: Jun 2005
Posts: 3,065
OS: Windows XP
|
Re: Help with laptop
Nope, definitely shouldn't take that long. Strange that it ran the first time, but didn't run with CF-Script.
Try closing the window and restarting your computer. Then do the following: File and Folder Deletions Delete the following Files indicated in RED and Folders indicated in BLUE if they still exist. C:\WINDOWS\system32\srutv.bak2 C:\WINDOWS\system32\srutv.bak1 HijackThis! Open Hijack This and click on Scan. Check the following entries (make sure you do not miss any) O2 - BHO: (no name) - {38E39267-16AC-41D3-924F-E61DC4CEFAE8} - (no file) O20 - Winlogon Notify: iiffdcc - C:\WINDOWS\ O20 - Winlogon Notify: vturs - C:\WINDOWS\ Please remember to close all other windows, including browsers then click Fix checked. Then post a new Hijackthis log.
__________________
|
|
|
|
|
07-25-2007, 03:38 PM
|
#9 (permalink) |
|
Registered User
Join Date: Jul 2007
Posts: 16
OS: XP
|
Re: Help with laptop
i didnt find any srutv
nor any of those 3 files under hijack Logfile of HijackThis v1.99.1 Scan saved at 14:38, on 2007-07-24 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\Wave Systems Corp\Common\DataServer.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Prevx2\PXAgent.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe C:\WINDOWS\system32\Tablet.exe C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe C:\WINDOWS\system32\WTablet\TabUserW.exe C:\WINDOWS\system32\Tablet.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Apoint\HidFind.exe C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Apoint\Apntex.exe C:\WINDOWS\stsystra.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Dell Support\DSAgnt.exe C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&...us&ibd=6070706 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6070706 O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx2\PXConsole.exe" O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup O4 - Global Startup: EMBASSY Trust Suite Secure Update.lnk = C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580 O20 - AppInit_DLLs: wxvault.dll O23 - Service: Broadcom ASF IP and SMBIOS Mailbox Monitor (ASFIPmon) - Unknown owner - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe" -service (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: DataSvr2 - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Common\DataServer.exe O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx2\PXAgent.exe" -f (file missing) O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe O23 - Service: NTRU Hybrid TSS v2.0.25 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe |
|
|
|
|
07-25-2007, 03:40 PM
|
#10 (permalink) |
|
Analyst, Security Team
Join Date: Jun 2005
Posts: 3,065
OS: Windows XP
|
Re: Help with laptop
Looks like Combofix completed my script before getting stuck.
Your log appears to be clean. If you still have any problems let me know and we will work on diagnosing those through other means. If not, there are just a few more things to go through to finish this off and help prevent future infections. Please post one more time even if you have no problems so we can mark this thread as resolved. Setting a new Restore Point Go to Start >> Run - type control sysdm.cpl,,4 & press Enter.
Windows Update Make sure to get the latest updates for Windows and Internet Explorer at Microsoft Update Site. Prevention A good virus scanner is a necessity in today's computer environment. Many virus scanners include active components that protect you from infection without even running a scan. A listing of online and standalone scanners can be found here A firewall is the first line of defense standing between the internet and your computer. A tutorial on Firewalls and a listing of some available ones can be found here Spybot SD is an anti-spyware scanner that should be run every week or two. Spybot also contains two other useful pieces. The first is "Immunize", this helps protect your computer against known exploits. The second is "TeaTimer", with this feature enabled you will receive notifications of all changes to the registry such as programs adding themselves to start-up and you default search page being changed. Spyware Blaster is a powerful tool that prevents "drive-by" downloads and other unwanted installations. It also uses no system resources, run it once and you're all set. Spyware Guard Is a realtime protection engine to guard your computer from spyware. This program does for spyware what an antivirus program does for viruses. IE-Spyad is a program that only needs to be run once to protect you from many malicious sites. It adds domains of known adware companies into the Restricted List of Internet Explorer, preventing them from performing malicious actions on your PC. The MVPS HOSTS file is a file you can download and use to replace your regular hosts file. It prevents many sites from performing malicious actions by blocking the sites from ever being accessed. Together these programs form a powerful barrier between the Internet and your computer. However, all the programs stand alone and feel free to eliminate any you are not comfortable with. Any protection you add to your PC is better than no protection at all. Alternative Programs Here are some alternatives that are either less suceptible than others to malware or don't contain malware where similar programs do. Trillian or Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN) Desktop Weather - Free taskbar weather program that is free, malware free, and resource light. Firefox - This is an increasingly popular alternate browser. Whilst Internet Explorer is not a bad browser, almost every exploit crafted is targeted to take advantage of an IE weakness.
__________________
|
|
|
|
|
07-25-2007, 05:24 PM
|
#12 (permalink) |
|
Analyst, Security Team
Join Date: Jun 2005
Posts: 3,065
OS: Windows XP
|
Re: Help with laptop
System Restore (Microsoft) or Factory Restore (Dell)??
To read more about System Restore you can go here. To Restore your Dell laptop to factory conditions follow the steps I posted in my first response. This will erase all data and return your laptop to "factory" condition.
__________________
Last edited by Vikesrock8411; 07-25-2007 at 05:27 PM. |
|
|
|
| Thread Tools | |
|
|
