when i open my window media player my bitdefender will come out a message said bitdefender block a virus
name is worm.VB.NGM location at File B:\autorun.inf. how i remove tis worm? thx anyone help
crysty2k5's EDIT: Topic moved
Post here a HijackThis log.
Instructions: http://forum.bitdefender.com/index.php?showtopic=5668
Post here a HijackThis log.Instructions: http://forum.bitdefender.com/index.php?showtopic=5668
hi i m sleepyhead sorry i forgot my password the sleepyhead id so i register a new id for reply
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:51:39 AM, on 30/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Catcher Class - {ADECBED6-0366-4377-A739-E69DFBA04663} - C:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [skyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [bDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
--
End of file - 6197 bytes
tis is my logfile can u help me to settle it. thx
Check and press Fix checked for:
Empty value !
The log is clean !
Not all malware are visible in the log !
Pack the suspicious files in a zip or a rar arhive with the password infected and attach it here !
Nevertheless, your PC may contain viruses, so I suggest you to run ComboFix that will investigate and eliminate all infections it may found (if it has them in its database).
Download ComboFix from here: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Then close all running programs, including web browser, instant messenger, etc and then run ComboFix.
It will ask you whether it should start cleaning or not. Press 1 and hit Enter. Don't stop it while running. While doing this your screen may disappear but don't worry, it's a normal behaviour.
At the end, ComboFix will generate a log file. Save it and post it here.
Check and press Fix checked for:Empty value ! The log is clean ! Not all malware are visible in the log ! Pack the suspicious files in a zip or a rar arhive with the password infected and attach it here ! Nevertheless, your PC may contain viruses, so I suggest you to run ComboFix that will investigate and eliminate all infections it may found (if it has them in its database). Download ComboFix from here: http://download.bleepingcomputer.com/sUBs/ComboFix.exe Then close all running programs, including web browser, instant messenger, etc and then run ComboFix. It will ask you whether it should start cleaning or not. Press 1 and hit Enter. Don't stop it while running. While doing this your screen may disappear but don't worry, it's a normal behaviour. At the end, ComboFix will generate a log file. Save it and post it here.
ComboFix 08-06-08.5 - Admin 2008-06-09 11:41:52.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1505 [GMT 8:00]
Running from: \ComboFix.exe
* Created a new restore point
* Resident AV is active
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-05-09 to 2008-06-09 )))))))))))))))))))))))))))))))
2008-06-05 13:29 . 2008-06-05 13:30 <DIR> d-------- C:\Program Files\GameHouse
2008-06-05 13:29 . 2008-06-05 13:29 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\GameHouse
2008-06-05 12:43 . 2008-06-05 12:43 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\Oberon Media
2008-06-02 13:43 . 2008-06-02 13:43 244 --ah----- C:\sqmnoopt13.sqm
2008-06-02 13:43 . 2008-06-02 13:43 232 --ah----- C:\sqmdata13.sqm
2008-05-30 11:38 . 2008-05-30 11:38 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-28 17:48 . 2008-05-28 17:48 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\Meridian93
2008-05-28 17:47 . 2008-05-28 17:47 <DIR> d-------- C:\Program Files\ReflexiveArcade
2008-05-28 17:47 . 2008-05-29 11:40 <DIR> d-------- C:\Program Files\Magic Farm
2008-05-28 11:33 . 2008-05-28 11:38 13,030 --a------ C:\PDOXUSRS.NET
2008-05-28 11:28 . 2008-06-02 14:03 <DIR> d-------- C:\Program Files\EdotWin
2008-05-22 18:43 . 2008-05-23 10:28 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\Moyea
2008-05-22 18:43 . 2004-08-04 00:56 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-05-22 18:43 . 2001-08-17 22:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-05-22 18:42 . 2008-05-22 18:43 <DIR> d-------- C:\Program Files\Moyea
2008-05-22 16:07 . 2008-06-04 13:02 <DIR> d-------- C:\Program Files\Free FLV Converter
2008-05-22 16:07 . 2007-06-19 01:22 364,544 --a------ C:\WINDOWS\system32\PropertyGrid.ocx
2008-05-22 16:07 . 2008-05-15 11:30 208,896 --a------ C:\WINDOWS\system32\TubeFinder.exe
2008-05-22 16:07 . 2005-10-13 15:42 208,500 --a------ C:\WINDOWS\system32\ReyXpBasics.tlb
2008-05-22 16:07 . 1998-07-13 01:00 141,312 --a------ C:\WINDOWS\system32\MSCMCFR.DLL
2008-05-22 16:07 . 2000-10-01 21:00 119,568 --a------ C:\WINDOWS\system32\VB6FR.DLL
2008-05-22 16:07 . 2000-07-15 07:00 101,888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL
2008-05-22 16:07 . 2004-03-09 02:00 84,512 --a------ C:\WINDOWS\system32\PICCLP32.OCX
2008-05-22 16:07 . 1998-07-12 21:00 32,768 --a------ C:\WINDOWS\system32\CMDLGFR.DLL
2008-05-22 16:07 . 2005-09-28 03:31 24,576 --a------ C:\WINDOWS\system32\ControlSubX.ocx
2008-05-22 16:07 . 1998-07-13 02:00 9,728 --a------ C:\WINDOWS\system32\PCCLPFR.DLL
2008-05-22 16:06 . 2008-05-22 16:06 <DIR> d-------- C:\Program Files\YouTube Downloader
2008-05-19 17:48 . 2008-05-19 17:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FloodLightGames
2008-05-19 17:48 . 2008-05-19 17:48 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\FloodLightGames
2008-05-19 12:09 . 2008-05-19 17:48 <DIR> d-------- C:\Documents and Settings\Admin\Saved Games
2008-05-19 11:11 . 2008-05-19 11:11 244 --ah----- C:\sqmnoopt12.sqm
2008-05-19 11:11 . 2008-05-19 11:11 232 --ah----- C:\sqmdata12.sqm
2008-05-19 11:03 . 2008-05-19 11:03 244 --ah----- C:\sqmnoopt11.sqm
2008-05-19 11:03 . 2008-05-19 11:03 232 --ah----- C:\sqmdata11.sqm
2008-05-19 11:02 . 2008-05-19 11:02 244 --ah----- C:\sqmnoopt10.sqm
2008-05-19 11:02 . 2008-05-19 11:02 232 --ah----- C:\sqmdata10.sqm
2008-05-19 10:46 . 2008-05-19 10:46 <DIR> d-------- C:\Documents and Settings\Admin\Application Data\Kingsoft
2008-05-16 17:42 . 2008-05-16 17:42 <DIR> d-------- C:\Program Files\Common Files\Kingsoft
2008-05-16 17:40 . 2008-05-16 17:40 <DIR> d-------- C:\Program Files\Kingsoft
2008-05-16 17:25 . 2008-05-16 17:25 244 --ah----- C:\sqmnoopt09.sqm
2008-05-16 17:25 . 2008-05-16 17:25 232 --ah----- C:\sqmdata09.sqm
2008-05-16 17:24 . 2008-05-16 17:24 244 --ah----- C:\sqmnoopt08.sqm
2008-05-16 17:24 . 2008-05-16 17:24 232 --ah----- C:\sqmdata08.sqm
2008-05-13 11:02 . 2008-05-13 11:02 <DIR> d-------- C:\Program Files\Common Files\Borland Shared
2008-05-13 11:02 . 1999-11-12 05:11 183,808 --a------ C:\WINDOWS\system32\BDEADMIN.CPL
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2008-06-09 03:48 81,984 ----a-w C:\WINDOWS\system32\bdod.bin
2008-06-05 04:51 --------- d-----w C:\Program Files\Oberon Media
2008-06-05 04:50 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-05 04:42 --------- d-----w C:\Program Files\Common Files\Oberon Media
2008-04-30 02:21 --------- d-----w C:\Program Files\ABBYY FineReader 5.0 Sprint
2008-04-30 02:16 --------- d-----w C:\Program Files\Lexmark X74-X75
2008-04-23 07:23 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-04-22 06:34 --------- d-----w C:\Documents and Settings\Admin\Application Data\Talkback
2008-04-16 09:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-04-15 07:28 --------- d-----w C:\Documents and Settings\Admin\Application Data\Apple Computer
2008-04-11 09:42 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-11 01:23 --------- d-----w C:\Program Files\Google
2008-04-09 04:00 --------- d-----w C:\Documents and Settings\Admin\Application Data\Autodesk
2008-04-09 03:55 --------- d-----w C:\Program Files\Common Files\Autodesk Shared
2008-04-09 03:55 --------- d-----w C:\Program Files\AutoCAD 2007
2008-04-09 03:55 --------- d-----w C:\Program Files\AnswerWorks 4.0
2008-04-09 03:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Autodesk
2008-04-09 03:52 --------- d-----w C:\Program Files\Autodesk
2008-04-09 03:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\BitDefender
2008-04-09 03:06 --------- d-----w C:\Documents and Settings\Admin\Application Data\Bitdefender
2008-04-09 03:05 --------- d-----w C:\Program Files\Softwin
2008-04-09 03:05 --------- d-----w C:\Program Files\Common Files\Softwin
2008-04-09 03:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-04-07 14:46 15,600 ----a-w C:\WINDOWS\gdrv.sys
2008-04-07 14:44 315,392 ----a-w C:\WINDOWS\HideWin.exe
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 10:21 153136]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 20:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-09 12:30 68856]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 01:06 1667584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2006-02-28 20:00 208952]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2006-02-28 20:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2006-02-28 20:00 455168]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-31 14:35 7634944]
"nwiz"="nwiz.exe" [2006-10-31 14:35 1622016 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-31 14:35 86016]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16:08 16380416 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2007-06-15 16:45 1826816 C:\WINDOWS\SkyTel.exe]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
"BDMCon"="C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe" [2008-04-09 11:12 290816]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-03-26 15:49 69632]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"Lexmark X74-X75"="C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe" [2002-10-15 04:09 57344]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
AutoCAD Startup Accelerator.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe [2006-03-05 10:43:54 11000]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=sockspy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\fxsclnt.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\Kingsoft\\Powerword 2007\\xdict.exe"=
"C:\\Program Files\\Kingsoft\\Powerword 2007\\update.exe"=
S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2008-04-07 22:46]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d9918042-04eb-11dd-9eb0-806d6172696f}]
\Shell\AutoRun\command - E:\Run.exe
*Newly Created Service* - CATCHME
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-09 11:49:51
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
Completion time: 2008-06-09 11:51:11
ComboFix-quarantined-files.txt 2008-06-09 03:50:26
Pre-Run: 68,036,165,632 bytes free
Post-Run: 68,540,981,248 bytes free
145
pls check the log, thx q very much
Combo didn't deleted anyting !
That's good !
Hello crysty2k5,
The log is not clean. You must always look at the newly created files,hidden files,etc. If combox fix
doesn't delete anything that doesn't mean that there aren't any infections present.
Best regards,
Niels
Hello wiltechjb
Please download avenger that you can download here and save it on your desktop.
Unzip it and double click on avenger.exe
WARNING: Be sure that there are not any lines in the input ****** here section before typing the ******.
In the input ****** here section please type this:
Files to delete:
C:\sqmnoopt13.sqm
C:\sqmdata13.sqm
C:\sqmnoopt12.sqm
C:\sqmdata12.sqm
C:\sqmnoopt11.sqm
C:\sqmdata11.sqm
C:\sqmnoopt10.sqm
C:\sqmdata10.sqm
C:\sqmnoopt09.sqm
C:\sqmdata09.sqm
C:\sqmnoopt08.sqm
C:\sqmdata08.sqm
Now click on the execute button. Choose yes to proceed and to reboot your pc. If your pc doesn't reboot, reboot it yourself.
Can you please post a new combox fix log afterwards?
Best regards
