Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

xp with a problem

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

xp with a problem

Unread postby suzy » June 13th, 2009, 9:43 pm

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:29:25 PM, on 6/13/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\ps2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us6.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us6.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us6.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us6.hpwis.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us6.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us6.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us6.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us6.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://us6.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://srch-us6.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://srch-us6.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.viruslist.com/en/search?VN=I ... eferer=kav
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
O2 - BHO: (no name) - {06DEF0B3-F1BE-4ECE-92CE-77E0804E555B} - (no file)
O2 - BHO: (no name) - {0850EE30-889E-4529-9490-6414B4C97387} - (no file)
O2 - BHO: (no name) - {0FCFC1D3-6F13-4F76-B677-41C3CD687361} - (no file)
O2 - BHO: (no name) - {164451DC-D644-4F9E-B81F-E2B2D52261D4} - (no file)
O2 - BHO: (no name) - {1D46E1C8-7A5A-43A0-B62A-B6549FD088D8} - (no file)
O2 - BHO: (no name) - {1D792760-4908-4743-9F95-D63E7B95A260} - (no file)
O2 - BHO: (no name) - {248ADF9D-48F2-48E1-B6B1-7109F9427709} - (no file)
O2 - BHO: (no name) - {27BCD570-151D-4BBA-9C92-1862BB47D165} - (no file)
O2 - BHO: (no name) - {280D3D3B-3C2E-4BF3-BE38-218ADCB2BF9F} - (no file)
O2 - BHO: (no name) - {2850F54D-6C19-4DE5-953E-A2880E261FDC} - (no file)
O2 - BHO: (no name) - {2CF822EF-1917-43D1-89E7-082D9A41F417} - (no file)
O2 - BHO: (no name) - {35848375-DBF4-4AFE-8B94-82443C3AB020} - (no file)
O2 - BHO: (no name) - {3750A995-E212-4244-B7FA-9993C61CA923} - (no file)
O2 - BHO: (no name) - {37A6BF0F-9183-47F2-B7C7-FAE358EAF087} - (no file)
O2 - BHO: (no name) - {3A4CC61B-EF76-498D-8025-A262FC600128} - (no file)
O2 - BHO: (no name) - {3A891FB4-16F8-44B6-88B8-3BC33674B674} - (no file)
O2 - BHO: (no name) - {3B14B08F-DEDD-4B7C-8F36-F6C11A017FA8} - (no file)
O2 - BHO: (no name) - {485BF0AF-0428-4746-9EC0-719500D210CD} - (no file)
O2 - BHO: (no name) - {49DA9F4F-C4E7-4090-8594-114717FF51DE} - (no file)
O2 - BHO: (no name) - {4C507FA9-90E7-4A28-9BA6-4A57FAED6F10} - (no file)
O2 - BHO: (no name) - {4CE2A953-4B5F-4BC5-B993-480D6A8C1C89} - (no file)
O2 - BHO: (no name) - {4E430B27-8C9F-428C-B244-99E07266A37C} - (no file)
O2 - BHO: (no name) - {4E6F2B5B-2CB9-4B65-BBFC-EB9F19730AAF} - (no file)
O2 - BHO: (no name) - {4FE841F9-3F06-445C-B5FD-7DE5C57EBE0F} - (no file)
O2 - BHO: (no name) - {5144C395-FBC2-4C58-82C0-534731DF4F5D} - (no file)
O2 - BHO: (no name) - {54D26925-2311-4D43-A112-035FF4780D78} - (no file)
O2 - BHO: (no name) - {5673A283-6C20-4357-818B-72A929BBEF9C} - (no file)
O2 - BHO: (no name) - {5A6D18E4-C4C9-4476-A44E-51E6B806760F} - (no file)
O2 - BHO: (no name) - {5BDBF015-B73C-41D7-9154-74CEED9E102F} - (no file)
O2 - BHO: (no name) - {5BE049E2-210F-4B5C-9A6C-F21B251BEDE3} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {5DEF6B2A-117D-411A-9641-EA5285C56E75} - (no file)
O2 - BHO: (no name) - {5E7A137F-3736-4E35-A9D9-B5DDEF79E326} - (no file)
O2 - BHO: (no name) - {60A0125A-C8CA-4857-BFBF-83F81FDCBA2C} - (no file)
O2 - BHO: (no name) - {610711BC-74B5-4812-8BCD-F86274E59F8F} - (no file)
O2 - BHO: (no name) - {61D04F4B-4B49-4AC4-8947-5A6C8F6658BD} - (no file)
O2 - BHO: (no name) - {62380186-4294-4F8F-BAFC-C639A8D27ECC} - (no file)
O2 - BHO: (no name) - {63656CFB-BA28-4E17-AFB7-7CF6D235A8BA} - (no file)
O2 - BHO: (no name) - {69E3CF34-09BE-467C-8926-B98F9088EF43} - C:\WINDOWS\system32\efcdEuuS.dll (file missing)
O2 - BHO: (no name) - {6BA786E8-2B94-4FE9-8F47-A4FD32C2DC36} - (no file)
O2 - BHO: (no name) - {6D9052C4-0C75-415A-A7FB-D4B79F20DC8A} - (no file)
O2 - BHO: (no name) - {6E23FEC4-0CAD-40FC-95A4-38A0B02B1187} - (no file)
O2 - BHO: (no name) - {6F2E3C8C-E826-47D2-9163-5AC1BE981FFC} - (no file)
O2 - BHO: (no name) - {71E67BF2-421C-47A4-AF6D-AE550EAC99C7} - (no file)
O2 - BHO: {7adc29c4-1409-2639-d6d4-320adc0cd227} - {722dc0cd-a023-4d6d-9362-90414c92cda7} - C:\WINDOWS\system32\oypppf.dll (file missing)
O2 - BHO: (no name) - {72551162-6CB5-4B05-822F-80E5455C46BF} - (no file)
O2 - BHO: (no name) - {73CD8640-2CAF-4C48-9E45-18DFDDCBFC86} - (no file)
O2 - BHO: (no name) - {7402B53C-FFF7-45F7-BB77-7525CB92C5EF} - (no file)
O2 - BHO: (no name) - {74A2663A-0A32-407E-9981-C42F6E4CA8D6} - (no file)
O2 - BHO: (no name) - {75249D95-9BA9-4B90-BA60-59D96A7737BA} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7619CBE9-E395-45AB-B726-7AB4AC54A0FE} - (no file)
O2 - BHO: (no name) - {768CAE22-D7D1-47CC-8D70-868AE74CCC4D} - (no file)
O2 - BHO: (no name) - {7B13AA62-4F2F-40F6-A3F4-99CFB3D8763A} - (no file)
O2 - BHO: (no name) - {7C073986-EF97-4AB4-9C1A-401400AA368D} - (no file)
O2 - BHO: (no name) - {7D8B6FE5-4908-410F-BBBD-6EEC6471EA98} - (no file)
O2 - BHO: (no name) - {7DD11E4F-48F5-405D-972A-37B6DDD748CF} - (no file)
O2 - BHO: (no name) - {803F7128-351D-474D-8911-229BACC60A98} - (no file)
O2 - BHO: (no name) - {80A0D41A-D85F-4544-B9FA-1B73B83E9438} - (no file)
O2 - BHO: (no name) - {864BCA59-6F6D-47E9-89FB-C9F8E2591EEE} - (no file)
O2 - BHO: (no name) - {8B0223A6-5337-4AEC-BEAF-C2BFFFDB4EBD} - (no file)
O2 - BHO: (no name) - {8CE3B00F-C09B-4303-B5A7-5F850A0A9A67} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {91F8E7AB-1B33-4AA4-A393-4584C6ADFEB5} - (no file)
O2 - BHO: (no name) - {92F075CC-2428-4F27-9091-D7EFD7003663} - (no file)
O2 - BHO: (no name) - {93250E48-6B9F-411D-A0CC-074887F0EE53} - (no file)
O2 - BHO: (no name) - {93B26F6F-94C4-4D9B-9FFE-BEA2A6EE484F} - (no file)
O2 - BHO: (no name) - {9742F01B-87E2-4BB9-8216-7667DA23D074} - (no file)
O2 - BHO: (no name) - {9A18FB10-169B-42AA-B3F4-4CF1EEDDC6C0} - (no file)
O2 - BHO: (no name) - {9BC5AE1D-5180-465B-9E50-8834BD92C50B} - (no file)
O2 - BHO: (no name) - {9C243FFB-518F-4282-9B03-F3CB804DADB3} - (no file)
O2 - BHO: (no name) - {9E400087-1E25-40C1-B8FF-8DC1F0B6B7AC} - (no file)
O2 - BHO: (no name) - {A353F7A9-04C5-4721-8023-2AAFFD3160B4} - (no file)
O2 - BHO: (no name) - {A87CCA38-2B16-483E-81FC-4F256199642A} - (no file)
O2 - BHO: (no name) - {A98FF57C-7C2D-4212-9F70-B20D48F00057} - (no file)
O2 - BHO: (no name) - {AAACBF3B-D342-448F-8F11-B807C4392617} - (no file)
O2 - BHO: (no name) - {AADEF4B5-D5BC-4E4C-85A0-5745B783A66B} - (no file)
O2 - BHO: (no name) - {AD02A224-8D49-4A8E-A3E8-9B305DB4A2D0} - (no file)
O2 - BHO: (no name) - {B5C0E0FC-6291-4C59-9D5B-FB8A9E8EED3D} - (no file)
O2 - BHO: (no name) - {BA0D16CA-8969-471B-A7AB-468FBB8FABBA} - (no file)
O2 - BHO: (no name) - {BACF4FE2-BCC6-4817-8408-FFFC9D85EA10} - (no file)
O2 - BHO: (no name) - {BD6C6836-FF2E-4018-96B9-9D88F970CA2C} - (no file)
O2 - BHO: (no name) - {C6E1A78E-F841-4980-B305-7FDAE2B96061} - (no file)
O2 - BHO: (no name) - {C6E5A89D-CA0C-4C88-BA1A-5926C1EE750D} - (no file)
O2 - BHO: (no name) - {CA587C0C-B7FC-4450-9BAA-3B047E54610D} - (no file)
O2 - BHO: (no name) - {D119082A-37D7-47B5-8ADF-B079C3322AD9} - (no file)
O2 - BHO: (no name) - {D4178694-A563-4514-A9AF-EF52C003D431} - (no file)
O2 - BHO: (no name) - {D4E67FA2-20A2-4C4E-BF09-3606C5218BDF} - (no file)
O2 - BHO: (no name) - {D5E83BFB-89E7-4463-B8EE-A17824C72376} - (no file)
O2 - BHO: (no name) - {D6706D8E-EBE9-484B-A4E0-434081134D24} - (no file)
O2 - BHO: (no name) - {D6DF957C-597C-4DEC-BD4A-9B8F664554DC} - (no file)
O2 - BHO: (no name) - {DAD127B0-A633-4FE7-A691-86EEAD224F77} - (no file)
O2 - BHO: (no name) - {DB17C1A1-CF51-4C64-90B6-3297A20CC0F1} - (no file)
O2 - BHO: (no name) - {DCA65F0B-791F-49C8-9292-1FBDF80F1082} - (no file)
O2 - BHO: (no name) - {DF61FF4A-94CB-45AF-BE5E-514A98B96B17} - (no file)
O2 - BHO: (no name) - {E0448169-6C80-4830-81ED-9884499A2CAE} - (no file)
O2 - BHO: (no name) - {E196F8C7-D891-43B8-9C32-CABC37F86344} - (no file)
O2 - BHO: (no name) - {E27B83C7-1354-4CFA-A3CA-C0D7FDF57222} - (no file)
O2 - BHO: (no name) - {E2A8CB3A-5309-4914-94B5-F88CCD92EFBC} - (no file)
O2 - BHO: (no name) - {E8965586-CCB6-43B6-AEBC-FAE1D8F874DA} - (no file)
O2 - BHO: (no name) - {EA01B3B1-C784-43F7-B456-7EC564C174F2} - (no file)
O2 - BHO: (no name) - {EB41AA79-D381-41E9-930E-C825CFC3CFA8} - (no file)
O2 - BHO: (no name) - {EBB03CEE-80BF-488A-88AA-C655B0479191} - (no file)
O2 - BHO: (no name) - {EDFE0873-9491-42F6-BC5F-3FE8AD50DC83} - (no file)
O2 - BHO: (no name) - {EE7BE473-4794-4E5C-A76A-0C5C11D29DC4} - (no file)
O2 - BHO: (no name) - {EF4DF5AE-AA24-44CD-B808-88D3C5A7F9B8} - (no file)
O2 - BHO: (no name) - {F43E2768-8D9E-49AE-B3A1-84D4D2B0B818} - (no file)
O2 - BHO: (no name) - {F60BA375-3E91-45B4-B7E2-277295770262} - (no file)
O2 - BHO: (no name) - {FA2D268A-8C6E-4FE3-8159-FFC2511923EB} - (no file)
O2 - BHO: (no name) - {FA2EFAE0-3461-407F-9C1C-ADC78C85FC71} - (no file)
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - S-1-5-18 Startup: AutoPlay.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoPlay.exe (User 'Default user')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoPlay.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Startup: PowerReg Scheduler V3.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Owner\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 8059681857
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 9421990670
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v ... b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {C7E002D6-324B-4500-883D-84B620FD8640} (Bridge Installer) - http://cdn2.zone.msn.com/Bingame/BRDG/d ... rtbeat.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://www.arkansashighways.com/Road/acgm.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A9D987A6-8F9C-456A-A752-AA59799AEB80}: NameServer = 85.255.112.194,85.255.112.125
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.194,85.255.112.125
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.194,85.255.112.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.194,85.255.112.125
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

--
End of file - 15762 bytes
ok here goes--the infection happened somewhere around the 8th of june-that is when my antivirus quit doing its updates--I cannot remember the name of that anti-virus software I removed the program when I downloaded Avast. The main problem I have is I cannot download any programs from microsoft or malware bytes. I have just run the hijack this and could you please help me out. At one time virtum was a name the anti spyware detected.

Thank you Suzy
suzy
Active Member
 
Posts: 2
Joined: June 13th, 2009, 9:32 pm
Advertisement
Register to Remove

Re: xp with a problem

Unread postby Dakeyras » June 17th, 2009, 2:09 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.

Hi Suzy and welcome to Malware Removal :)

I'm Dakeyras and I am going to try to assist you with your problem. Please take note of the below:

  • I will start working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine!.
  • The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Refrain from running self fixes as this will hinder the malware removal process.
  • It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

Before we start:

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Scan with Rooter:

Please download Rooter.exe to your desktop.

  • Double click on Rooter.exe to start the application.
  • Now click on the Scan button.
  • When the scan is completed a text file called Rooter.txt will appear on your desktop, post the contents in your next reply.
  • Now click on Close button to exit Rooter.

Note: The logfile can also be located within this folder Rooter$ at the root of your installed Hard-Drive. EG: C:\Rooter$

Scan with RSIT:

  • Please download Random's System Information Tool by random/random from here and save it to your desktop.
Make sure that RSIT.exe is on the your Desktop before running the application!
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open:
    • log.txt will be opened maximized.
    • info.txt will be opened minimized.
  • Please post the contents of both log.txt and info.txt.

When completed the above, please post back the following in the order asked for:

  • How is you computer performing now, any further symptoms and or problems encountered?
  • Rooter Log.
  • Both RSIT logs. <-- Post them individually please, IE: one Log per post/reply.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8732
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: xp with a problem

Unread postby suzy » June 17th, 2009, 8:46 am

Hey thanks for getting back to me but I think I fixed it on my own. I went all over your website and followed some wonderful instructions and was finally able to download malware bytes and done abunch of clean up. I am at work right now but tonight when I get home I will run those programs for you and see what you think.
Thanks Suzy
suzy
Active Member
 
Posts: 2
Joined: June 13th, 2009, 9:32 pm

Re: xp with a problem

Unread postby Dakeyras » June 17th, 2009, 9:28 am

Hi and you're welcome! :)

By all means I will check to see if your computer is malware free. Be aware though that:
All instructions given are customised for a individual computer only, the tools used may cause damage if used on a computer with different infections.
So copying fixes specifically for another machine is not advisable but hopefully this will not be the case.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8732
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: xp with a problem

Unread postby Dakeyras » June 19th, 2009, 6:53 am

Hi :)

Do you still need help with your machine?

If the instructions are unclear or something isn't working, please let me know before proceeding.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8732
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: xp with a problem

Unread postby chryssi2001 » June 22nd, 2009, 12:48 pm

As this issue appears to be resolved, this topic is now closed.

You can help support this site from this link :
Donations For Malware Removal
User avatar
chryssi2001
MRU Teacher Emeritus
 
Posts: 14395
Joined: September 24th, 2006, 2:11 am
Location: far away
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 38 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware