1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

malware... help please

Discussion in 'Virus & Other Malware Removal' started by pennylane2241982, Nov 5, 2007.

Thread Status:
Not open for further replies.
  1. pennylane2241982

    pennylane2241982 Thread Starter

    Joined:
    Nov 5, 2007
    Messages:
    1
    ok so i have been taken over by malware and the yellow triangle that says u have a networm- i virus and alos it says i have a black horse trojan virus... i also have the 2 icons that others have been talking about the online scurity guide and the safety center one... i ran combo fix this is my log... also i have windows xp and a gateway...

    ComboFix 07-11-01.1** - Administrator 2007-11-05 19:32:05.2 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.1.1252.1.1033.18.218 [GMT -5:00]Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\Administrator\Desktop\Live Safety Center.lnk
    C:\Documents and Settings\Administrator\Desktop\Online Security Guide.lnk
    C:\Documents and Settings\Administrator\Favorites\Online Security Guide.lnk
    C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\ta_start.lnk
    C:\Documents and Settings\All Users\Start Menu\Live Safety Center.lnk
    C:\Documents and Settings\All Users\Start Menu\Online Security Guide.lnk
    C:\WINNT\system32\drivers\runtime2.sys
    C:\WINNT\system32\dwdsrngt.exe
    C:\WINNT\system32\ehhkj.bak1
    C:\WINNT\system32\ehhkj.ini
    C:\WINNT\system32\jkhhe.dll
    C:\WINNT\system32\msnav32.ax
    C:\WINNT\system32\rliswpqh.dllbox

    .
    ((((((((((((((((((((((((( Files Created from 2007-10-06 to 2007-11-06 )))))))))))))))))))))))))))))))
    .

    2007-11-05 19:38 <DIR> d--hs---- C:\found.000
    2007-11-05 19:11 8,704 --a------ C:\syslpen.exe
    2007-11-05 18:35 51,200 --a------ C:\WINNT\NirCmd.exe
    2007-11-05 17:42 85,568 --a------ C:\WINNT\system32\rfadsjas.dll
    2007-11-05 17:42 83,008 --a------ C:\WINNT\system32\fhaxdgdp.dll
    2007-11-03 18:55 81,472 --a------ C:\WINNT\system32\rjobbulb.dll
    2007-11-03 18:49 340,032 --a------ C:\WINNT\system32\smiandmb.dll
    2007-11-03 18:49 340,032 --a------ C:\WINNT\system32\rliswpqh.dll
    2007-10-30 19:04 34,816 --a------ C:\WINNT\system32\wvuronl.dll
    2007-10-30 19:01 35,840 --a------ C:\WINNT\mrofinu572.exe
    2007-10-30 19:00 <DIR> d-------- C:\WINNT\system32\Mz02r
    2007-10-30 19:00 <DIR> d-------- C:\Temp\mZOr
    2007-10-30 19:00 34,816 --a------ C:\WINNT\system32\jkklkig.dll
    2007-10-30 17:42 3,638 --a------ C:\wndhixh.exe
    2007-10-29 18:02 <DIR> d-------- C:\Program Files\QdrModule
    2007-10-26 14:02 196,679 --a------ C:\WINNT\system32\twinlndq.exe
    2007-10-11 19:16 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\acccore
    2007-10-11 19:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP
    2007-10-11 19:13 <DIR> d-------- C:\Program Files\AIM6
    2007-10-09 18:21 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\SoftwareDetectionScripts
    2007-10-09 18:20 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\temp
    2007-10-08 19:42 <DIR> d-------- C:\WINNT\system32\bak
    2007-10-08 19:42 <DIR> d-------- C:\WINNT\bak
    2007-10-08 19:42 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\bak
    2007-10-08 18:03 4,399 --a------ C:\WINNT\anxs.exe

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-11-06 00:40 --------- d-----w C:\Program Files\Common Files\AOL
    2007-11-06 00:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
    2007-11-06 00:08 --------- d-----w C:\Documents and Settings\Administrator\Application Data\AOL
    2007-11-04 00:22 --------- d-----w C:\Program Files\Common Files\Scanner
    2007-11-04 00:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
    2007-10-30 00:53 46,970 ----a-w C:\Documents and Settings\Administrator\Application Data\wklnhst.dat
    2007-10-16 00:06 --------- d-----w C:\Program Files\Verizon
    2007-10-16 00:06 --------- d-----w C:\Program Files\QuickTime
    2007-10-16 00:06 --------- d-----w C:\Program Files\Lfkofyua
    2007-10-16 00:06 --------- d-----w C:\Program Files\iTunes
    2007-10-16 00:06 --------- d-----w C:\Program Files\Gateway Utilities
    2007-10-16 00:03 27,660 ----a-w C:\WINNT\system32\twinlnds.exe
    2007-10-16 00:03 27,660 ----a-w C:\WINNT\system32\NeroCheck.exe
    2007-10-16 00:03 27,660 ----a-w C:\WINNT\system32\igfxtray.exe
    2007-10-16 00:03 27,660 ----a-w C:\WINNT\system32\hkcmd.exe
    2007-10-16 00:03 27,660 ----a-w C:\Documents and Settings\All Users\Application Data\hwfutczk.exe
    2007-10-12 00:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL Downloads
    2007-10-09 00:42 --------- d-----w C:\Program Files\Common Files\ouiz
    2007-10-08 23:03 --------- d-----w C:\Program Files\Weddings Addressed
    2007-10-02 21:40 122 ----a-w C:\Documents and Settings\Administrator\c200.bat
    2007-09-29 17:22 167,444 ----a-w C:\WINNT\system32\ombeabge.exe
    2007-09-27 22:59 167,444 ----a-w C:\WINNT\system32\xriweosf.exe
    2007-09-18 21:31 68,096 ----a-w C:\WINNT\system32\l4acdb2.dll
    2007-09-18 21:31 3,638 ----a-w C:\WINNT\d5p8354e.exe
    2007-09-18 21:18 425,480 ----a-w C:\sysfakh.exe
    2007-08-22 18:10 52,746 ----a-w C:\WINNT\system32\mkdsrngm.exe
    2005-01-24 23:52 56,488 ----a-w C:\Documents and Settings\Administrator\Application Data\GDIPFONTCACHEV1.DAT
    .

    ((((((((((((((((((((((((((((( [email protected]_18.53.08.81 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2007-11-05 23:37:39 262,144 ----a-w C:\WINNT\system32\config\systemprofile\NTUSER.DAT
    + 2007-11-06 00:31:49 262,144 ----a-w C:\WINNT\system32\config\systemprofile\NTUSER.DAT
    - 2007-10-29 23:06:22 45,408 ----a-w C:\WINNT\system32\perfc009.dat
    + 2007-11-05 23:53:22 45,408 ----a-w C:\WINNT\system32\perfc009.dat
    - 2007-10-29 23:06:22 363,734 ----a-w C:\WINNT\system32\perfh009.dat
    + 2007-11-05 23:53:22 363,734 ----a-w C:\WINNT\system32\perfh009.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{13197ace-6851-45c3-a7ff-c281324d5489}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2A640D1D-CC50-4B32-9281-B7228A4BEA41}]
    C:\Program Files\Messenger\rybito539.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30000273-8230-4dd4-be4f-6889d1e74167}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3829F7D5-6DC8-4983-91F8-5FD7F39E2097}]
    C:\Program Files\Online Services\nipy4444.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{38847C4B-1AB1-4A47-9026-9A6CF7B43D31}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4e1075f4-eec4-4a86-add7-cd5f52858c31}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{50BC9F18-E8D4-4046-8F72-EDEE84C05BFc}]
    2007-07-22 17:19 124948 --a------ C:\WINNT\System32\hcgmyiqh.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53B5F2B1-94DD-43E5-8187-EB4E31F00701}]
    2007-09-18 16:31 68096 --a------ C:\WINNT\system32\l4acdb2.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{549B5CA7-4A86-11D7-A4DF-000874180BB3}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{669695bc-a811-4a9d-8cdf-ba8c795f261e}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{820A2C8D-DFC0-4A9F-B3CA-4410CA4F7C04}]
    2007-10-30 19:00 34816 --a------ C:\WINNT\system32\jkklkig.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83729CDE-37C6-4BB0-8DC9-88E15D6596Cb}]
    2007-07-22 17:19 124948 --a------ C:\WINNT\System32\hcgmyiqh.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8674aea0-9d3d-11d9-99dc-00600f9a01f1}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{965a592f-8efa-4250-8630-7960230792f1}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9b02624f-5b13-47b0-8219-cb1a89723c47}]
    2007-11-05 17:42 83008 --a------ C:\WINNT\System32\fhaxdgdp.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]
    2007-11-03 18:49 340032 --a------ C:\WINNT\system32\rliswpqh.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b8875bfe-b021-11d4-bfa8-00508b8e9bd3}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ca1d1b05-9c66-11d5-a009-000103c1e50b}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cf021f40-3e14-23a5-cba2-717765728274}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E13A2E2F-8263-4AA4-81C9-90B4DDCF98C8}]
    C:\WINNT\System32\pmkhe.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fc3a74e5-f281-4f10-ae1e-733078684f3c}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{11A69AE4-FBED-4832-A2BF-45AF82825583}"= C:\WINNT\system32\rliswpqh.dll [2007-11-03 18:49 340032]

    [HKEY_CLASSES_ROOT\CLSID\{11A69AE4-FBED-4832-A2BF-45AF82825583}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"="C:\WINNT\System32\igfxtray.exe" [2007-10-15 19:03]
    "HotKeysCmds"="C:\WINNT\System32\hkcmd.exe" [2007-10-15 19:03]
    "Gateway Ink Monitor"="C:\Program Files\Gateway Utilities\GWInkMonitor.exe" [2007-10-15 19:03]
    "NvCplDaemon"="C:\WINNT\System32\NvCpl.dll" [2003-06-13 12:31]
    "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2007-10-15 19:03]
    "NeroCheck"="C:\WINNT\System32\NeroCheck.exe" [2007-10-15 19:03]
    "PDUiP6000DMon"="C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMon.exe" [2007-10-15 19:03]
    "PDUiP6000DTskbr"="C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DTskbr.exe" [2007-10-15 19:03]
    "Verizon_McciTrayApp"="C:\Program Files\Verizon\McciTrayApp.exe" [2007-10-15 19:03]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-10-15 19:03]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-10-15 19:03]
    "uddrmfwA"="C:\WINNT\uddrmfwA.exe" []
    "hwfutczk.exe"="C:\Documents and Settings\All Users\Application Data\hwfutczk.exe" [2007-10-15 19:03]
    "-FreedomNeedsReboot"="C:\Program Files\Verizon\Verizon Internet Security Suite\ZkRunOnceR.exe" []
    "VerizonServicepoint.exe"="C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" [2007-10-15 19:03]
    "RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2007-10-15 19:03]
    "urcvmhmj"="C:\Program Files\Lfkofyua\urcvmhmj.exe" [2007-10-15 19:03]
    "{A2-2F-F4-42-ZN}"="c:\winnt\system32\dwdsrngt.exe" []
    "niwoqijo"="C:\Program Files\Windows NT\niwoqijo22011.exe" []
    "7c6a2fed"="C:\WINNT\System32\rfadsjas.dll" [2007-11-05 17:42]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2002-08-20 15:08]
    "ouiz"="C:\PROGRA~1\COMMON~1\ouiz\ouizm.exe" []
    "ISMPack6"="C:\Program Files\ISM2\ISMPack6.exe" []
    "Aim6"="C:\Program Files\AIM6\aim6.exe" [2007-10-15 19:03]
    "QdrModule9"="C:\Program Files\QdrModule\QdrModule9.exe" [2007-11-01 14:51]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "tlz"=C:\WINNT\47681728.exe

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-09 19:37:25]
    Media Card Companion Monitor.lnk - C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe [2005-03-22 21:01:34]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{820A2C8D-DFC0-4A9F-B3CA-4410CA4F7C04}"= C:\WINNT\system32\jkklkig.dll [2007-10-30 19:00 34816]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fccyxww]
    fccyxww.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkklkig]
    jkklkig.dll 2007-10-30 19:00 34816 C:\WINNT\system32\jkklkig.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmkhe]
    C:\WINNT\System32\pmkhe.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\rliswpqh]
    rliswpqh.dll 2007-11-03 18:49 340032 C:\WINNT\system32\rliswpqh.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\winnt\system32\vtutqnm.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    "Authentication Packages"= msv1_0 C:\WINNT\System32\jkhhe.dll

    S3 hamachi_oem;PlayLinc Adapter;C:\WINNT\System32\DRIVERS\gan_adapter.sys

    .
    Contents of the 'Scheduled Tasks' folder
    "2007-10-01 01:37:01 C:\WINNT\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2007-10-13 04:00:00 C:\WINNT\Tasks\At1.job"
    - C:\WINNT\System32\n8W1fyvw.exe
    "2007-05-28 02:01:37 C:\WINNT\Tasks\At10.job"
    - C:\WINNT\System32\n8W1fyvw.exe
    "2007-06-22 14:00:00 C:\WINNT\Tasks\At11.job"
    - C:\WINNT\System32\n8W1fyvw.exe
    "2007-09-30 15:00:00 C:\WINNT\Tasks\At12.job"
    - C:\WINNT\System32\n8W1fyvw.exe
    "2007-09-30 16:00:00 C:\WINNT\Tasks\At13.job"
    - C:\WINNT\System32\n8W1fyvw.exe
    "2007-09-30 17:00:00 C:\WINNT\Tasks\At14.job"
    "2007-09-30 18:00:00 C:\WINNT\Tasks\At15.job"
    "2007-10-02 19:00:00 C:\WINNT\Tasks\At16.job"
    "2007-10-26 20:00:00 C:\WINNT\Tasks\At17.job"
    "2007-10-30 22:00:00 C:\WINNT\Tasks\At18.job"
    "2007-11-05 23:00:00 C:\WINNT\Tasks\At19.job"
    "2007-10-13 05:00:00 C:\WINNT\Tasks\At2.job"
    - C:\WINNT\System32\n8W1fyvw.exe
    "2007-11-06 00:00:00 C:\WINNT\Tasks\At20.job"
    "2007-10-31 01:00:00 C:\WINNT\Tasks\At21.job"
    "2007-10-31 02:00:00 C:\WINNT\Tasks\At22.job"
    - C:\WINNT\System32\n8W1fyvw.exe
    "2007-10-26 02:00:00 C:\WINNT\Tasks\At23.job"
    - C:\WINNT\System32\n8W1fyvw.exe
    "2007-10-13 03:00:00 C:\WINNT\Tasks\At24.job"
    - C:\WINNT\System32\n8W1fyvw.exe
    "2007-10-13 04:00:30 C:\WINNT\Tasks\At25.job"
    "2007-10-13 05:00:30 C:\WINNT\Tasks\At26.job"
    "2007-09-10 06:00:30 C:\WINNT\Tasks\At27.job"
    "2007-07-05 03:19:44 C:\WINNT\Tasks\At28.job"
    - C:\WINNT\System32\ACQ03Eci.exe
    "2007-07-05 03:19:45 C:\WINNT\Tasks\At29.job"
    - C:\WINNT\System32\ACQ03Eci.exe
    "2007-09-10 06:00:00 C:\WINNT\Tasks\At3.job"
    "2007-07-05 03:19:45 C:\WINNT\Tasks\At30.job"
    - C:\WINNT\System32\ACQ03Eci.exe
    "2007-07-05 03:19:45 C:\WINNT\Tasks\At31.job"
    - C:\WINNT\System32\ACQ03Eci.exe
    "2007-07-05 03:19:45 C:\WINNT\Tasks\At32.job"
    - C:\WINNT\System32\ACQ03Eci.exe
    "2007-07-05 03:19:45 C:\WINNT\Tasks\At33.job"
    - C:\WINNT\System32\ACQ03Eci.exe
    "2007-07-05 03:19:45 C:\WINNT\Tasks\At34.job"
    "2007-07-05 03:19:45 C:\WINNT\Tasks\At35.job"
    - C:\WINNT\System32\ACQ03Eci.exe
    "2007-09-30 15:00:30 C:\WINNT\Tasks\At36.job"
    - C:\WINNT\System32\ACQ03Eci.exe
    "2007-09-30 16:00:00 C:\WINNT\Tasks\At37.job"
    "2007-09-30 17:00:00 C:\WINNT\Tasks\At38.job"
    - C:\WINNT\System32\ACQ03Eci.exe
    "2007-09-30 18:00:00 C:\WINNT\Tasks\At39.job"
    - C:\WINNT\System32\ACQ03Eci.exe
    "2007-06-22 07:00:00 C:\WINNT\Tasks\At4.job"
    - C:\WINNT\System32\n8W1fyvw.exe
    "2007-10-02 19:00:56 C:\WINNT\Tasks\At40.job"
    "2007-10-26 20:00:30 C:\WINNT\Tasks\At41.job"
    "2007-10-30 22:00:30 C:\WINNT\Tasks\At42.job"
    "2007-11-05 23:00:30 C:\WINNT\Tasks\At43.job"
    - C:\WINNT\System32\ACQ03Eci.exe
    "2007-11-06 00:00:30 C:\WINNT\Tasks\At44.job"
    - C:\WINNT\System32\ACQ03Eci.exe
    "2007-10-31 01:00:30 C:\WINNT\Tasks\At45.job"
    "2007-10-31 02:00:30 C:\WINNT\Tasks\At46.job"
    "2007-10-26 02:00:30 C:\WINNT\Tasks\At47.job"
    "2007-10-13 03:01:39 C:\WINNT\Tasks\At48.job"
    "2007-06-22 08:00:00 C:\WINNT\Tasks\At5.job"
    - C:\WINNT\System32\n8W1fyvw.exe
    "2007-06-22 09:00:00 C:\WINNT\Tasks\At6.job"
    - C:\WINNT\System32\n8W1fyvw.exe
    "2007-05-28 02:01:37 C:\WINNT\Tasks\At7.job"
    - C:\WINNT\System32\n8W1fyvw.exe
    "2007-05-28 02:01:37 C:\WINNT\Tasks\At8.job"
    "2007-05-28 02:01:37 C:\WINNT\Tasks\At9.job"
    - C:\WINNT\System32\n8W1fyvw.exe
    "2005-01-19 01:45:00 C:\WINNT\Tasks\ISP signup reminder 1.job"
    - C:\WINNT\System32\OOBE\oobebaln.exe
    "2005-01-26 23:00:00 C:\WINNT\Tasks\ISP signup reminder 2.job"
    "2005-02-01 02:45:00 C:\WINNT\Tasks\ISP signup reminder 3.job"
    - C:\WINNT\System32\OOBE\oobebaln.exe
    "2007-05-28 23:59:12 C:\WINNT\Tasks\Symantec NetDetect.job"
    - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
    .
    **************************************************************************

    catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-11-05 19:41:15
    Windows 5.1.2600 Service Pack 1 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-11-05 19:42:18 - machine was rebooted
    C:\ComboFix2.txt ... 2007-11-05 18:53
    .
     
  2. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Hi, pennylane2241982 :)

    Welcome.

    Posting multiple threads wont help. Please do not post your E-mail.

    • Copy the entire contents of the Quote Box below to Notepad.
    • Name the file as CFScript.txt
    • Change the Save as Type to All Files
    • and Save it on the desktop
    [​IMG]

    Once saved, referring to the picture above, drag CFScript.txt into ComboFix.exe, and post back the resulting report along with a fresh Hijackthis log.

    In addition:

    Please run the MGA Diagnostic Tool and post back the report it creates:
    1. Download MGADiag to your desktop.
    2. Double-click on MGADiag.exe to launch the program
    3. Click "Continue"
    4. Ensure that the "Windows" tab is selected (it should be by default).
    5. Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.
    6. Paste the MGA Diagnostic Report back here in your next reply.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/648278

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice