Post reply

Name:
Email:
Subject:
Message icon:

Verification:
Type the letters shown in the picture
Listen to the letters / Request another image

Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

shortcuts: hit alt+s to submit/post or alt+p to preview


Topic Summary

Posted by: neerajrawat1
« on: 08. January 2011., 18:16:16 »

no need to be sorry dude we are here to help eachother only if you cant scan in any mode just do one thing using any other computer download this rescue disk from kaspersky

http://devbuilds.kaspersky-labs.com/devbuilds/RescueDisk10/kav_rescue_10.iso

its a ISO file burn it using any iso burner boot the infected PC using this cd and scan but make sure before scanning update the database
Posted by: einherjar
« on: 08. January 2011., 15:25:06 »

arghhh.. just when i have the time to spend to scan the computer.. well the owner (my uncle) bring home with him.. well i cant scan now.. sorry to bother making this thread.. anywayz i can still provide the scan result if i can visit him and scan.. or maybe he might reformat.. im really sorry for this..  :-[ tnx for your reply in advance :)
Posted by: Samker
« on: 26. December 2010., 08:06:49 »

Quote
@neerajrawat1 whichsteps should i follow first?

yours?

Quote
or Samker?

 :) Here is a brief summary my friend:

1. Sophos Computer scan: http://www.sophos.com/products/free-tools/free-security-scans.html

2. MalwareByte's: http://scforum.info/index.php/topic,2201.0.html

3. SuperAntiSpyware: http://scforum.info/index.php/topic,116.0.html

If you experience problems with downloading or running mentioned programs use RKill and after them try again (if you still doesn't success, simply skip that program and continue with another one...): http://download.bleepingcomputer.com/grinler/rkill.com


Finally, only test can you run msconfig and Safe mode, after that provide us new logs from HJT: http://scforum.info/index.php/topic,785.0.html and BitDefender Online scan (to check did we completely resolve this problem): http://scforum.info/index.php/topic,734.0.html


Quote
thanks for the help.. anyways.. the reply would be a while.. coz i cant check my computer for while sinece i got something else to do school work..(mayb a week)..  BiH Smiley  but ill give a reply soon


No problem pal, SCF Team is here 24/7 for SCF Members.  :bih:

All the Best,

S.



Posted by: einherjar
« on: 26. December 2010., 00:10:08 »

@neerajrawat1 whichsteps should i follow first?

yours?
First of all restart your computer and as soon as it will come back you will see a screen which says press F1/F2/Delete/ESC to enter setup or BIOS either of the key depending upon the motherboard of your pc immediately start tapping F8 function key and keep pressing it alternatively till you see a black screen like below


among all the options you need to select safe mode with networking
then login to the pc to the admin account or any account with admin rights
Now at the very first step download malwarebytes from the link below update it and run a
full system scan (sometimes the virus will not allow you to download it from there host so i
have also uploaded and provided alternate links make sure you always update it to the
latest virus definitions)

http://www.malwarebytes.org/

after a full scan(time will depend upon the size of your hard disk and the data on it)
download superantispyware from the below given link and alternate servers and do a full
system scan(always follow the instructions after scan might be it will ask you to restart the
computer so do the needfull)

http://portable.superantispyware.com/sassaferun.php

now download kaspersky virus removal tool from the below mentioned links and do a full
system scan and remove the malwares



http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/

Now the final step which we should do for added security is to run a scan using Emsisoft
Anti-Malware from the given link


http://www.emsisoft.com/en/software/antimalware/

Anyhow anywhere during the troubleshooting process if you find difficulty in downloading the softwares run the rkill software which will kill all the malware processes which could be blocking the software download

http://download.bleepingcomputer.com/grinler/rkill.com

or Samker?
hmmm, probably that's another signal of infection...

Don't worry, we'll do our best to help you to clean your Comp.  ;) formatting is last solution. Anyway to be sure, backup your important things (photos, music, documents...).

Right now We'll make a scan only with following tools in "Normal" mode:

Sophos Computer scan: http://www.sophos.com/products/free-tools/free-security-scans.html

SuperAntiSpyware: http://scforum.info/index.php/topic,116.0.html


After that only test can you run msconfig and Safe mode, finally provide us new logs from HJT and BitDefender Online scan.


cya later,

S.




thanks for the help.. anyways.. the reply would be a while.. coz i cant check my computer for while sinece i got something else to do school work..(mayb a week)..  :bih:  but ill give a reply soon
Posted by: neerajrawat1
« on: 25. December 2010., 09:45:38 »

dude one thing is sure your computer is infected you keep on using this os its fine but without treatment finally it would die and wont boot up later on in normal mode as well you are lucky enuff its working in normal mode

just do the steps then in normal mode (try to be in sequence if one is not working den jump to other)and let me know what all softwares were able to complete a scan on ur pc and if possible paste the screen shot of infected items after scan else ok

if no scan was able to complete then also let me know so we can provide you with an alternative

onething is sure without treatment os will die soon but we will rescue u from this situation 99.99% and even if os dies we will recover your data 99.99% rest .02 is luck

cheers enjoy the holiday
Posted by: Samker
« on: 25. December 2010., 09:13:35 »

helo.. before i do anything..
 about the reformating ..stuufff
 it looks like im gonna use  this os for a little bit longer.. i dont have external hardrives or dvds for backup .. and

il do whatever i can as long as this os wont die yet(nothing worst happen)... i dont mind anymore about running the msconfig..

if it is possible to clean without a possiblity of crashing il do it.. but if there is a catch maybe i wont do anything..

thanks in advance for the help :bih:

il give the log report later..  :) anyways merry christmas :)


Don't worry pal, it's safe to follow these instructions.

I'll wait your new logs, after that you'll get new instructions...


Also, Merry Christmas and Happy New Year  :bih: : http://scforum.info/index.php/topic,3520.msg13858.html#msg13858

Posted by: einherjar
« on: 25. December 2010., 09:02:53 »

helo.. before i do anything..
 about the reformating ..stuufff
 it looks like im gonna use  this os for a little bit longer.. i dont have external hardrives or dvds for backup .. and

il do whatever i can as long as this os wont die yet(nothing worst happen)... i dont mind anymore about running the msconfig..

if it is possible to clean without a possiblity of crashing il do it.. but if there is a catch maybe i wont do anything..

thanks in advance for the help :bih:

il give the log report later..  :) anyways merry christmas :)
Posted by: Samker
« on: 25. December 2010., 07:59:25 »

hmmm, probably that's another signal of infection...

Don't worry, we'll do our best to help you to clean your Comp.  ;) formatting is last solution. Anyway to be sure, backup your important things (photos, music, documents...).

Right now We'll make a scan only with following tools in "Normal" mode:

Sophos Computer scan: http://www.sophos.com/products/free-tools/free-security-scans.html

SuperAntiSpyware: http://scforum.info/index.php/topic,116.0.html


After that only test can you run msconfig and Safe mode, finally provide us new logs from HJT and BitDefender Online scan.


cya later,

S.


Posted by: einherjar
« on: 25. December 2010., 01:12:24 »

hi there.. i tried what neerajrawat1 told me.. but when i start to run on safe mode with networking.. i stopped at a blue screen :(

says:
a problem has been detected and windows has been shut down to prevent damage to your computer.

i dont have problem on my hardrives they are properly terminated(as what the windows suggested)
i do chkdsk but after doing that still arrive at the blue screen..

my normal mode works still fine.. only the safe mode w/ network dont run.. even safe mode doesnt work..

it keeps going 1 problm to another :(

anyways if it is impossible to resolve the problem maybe i should reformat.. :-[

anyways thanks in advance for the help :bih:..
Posted by: Samker
« on: 24. December 2010., 21:03:54 »


Hi again einherjar, after you finish steps provided by neerajrawat1... please run again HijackThis and (this time) BitDefender Online scan and provide us new logs.

cya later,

S.

 
Posted by: neerajrawat1
« on: 24. December 2010., 19:48:32 »

after this u can also try this as an alternative for msconfig

http://codestuff.tripod.com/products_starter.html
Posted by: neerajrawat1
« on: 24. December 2010., 16:41:33 »

First of all restart your computer and as soon as it will come back you will see a screen which says press F1/F2/Delete/ESC to enter setup or BIOS either of the key depending upon the motherboard of your pc immediately start tapping F8 function key and keep pressing it alternatively till you see a black screen like below


among all the options you need to select safe mode with networking
then login to the pc to the admin account or any account with admin rights
Now at the very first step download malwarebytes from the link below update it and run a
full system scan (sometimes the virus will not allow you to download it from there host so i
have also uploaded and provided alternate links make sure you always update it to the
latest virus definitions)

http://www.malwarebytes.org/

after a full scan(time will depend upon the size of your hard disk and the data on it)
download superantispyware from the below given link and alternate servers and do a full
system scan(always follow the instructions after scan might be it will ask you to restart the
computer so do the needfull)

http://portable.superantispyware.com/sassaferun.php

now download kaspersky virus removal tool from the below mentioned links and do a full
system scan and remove the malwares



http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/

Now the final step which we should do for added security is to run a scan using Emsisoft
Anti-Malware from the given link


http://www.emsisoft.com/en/software/antimalware/

Anyhow anywhere during the troubleshooting process if you find difficulty in downloading the softwares run the rkill software which will kill all the malware processes which could be blocking the software download

http://download.bleepingcomputer.com/grinler/rkill.com
Posted by: einherjar
« on: 24. December 2010., 16:22:00 »

hi..sorry for the delay.. the power was cut off due to "rotational power cutoff" in our place

the reason wanted to run msconfig is to disable some unnecessary programs that automatically load on start up..
--i have read some sources that i can do that using msconfig(so i tried to run msconfig and then error dialog says windows cannot find msconfig)
--
my computer specs
ms windows xp prof sp3 32-bit
processor: intel core 2 duo cpu E4500 @2.2GHz
1.00GB ram
radeon x1550 series (video card)
antivirus: mcafee vse 8.5i w/ the latest patch
i also installed tune up utilities 2011
--

ok here is my panda result(im shocked i have 4 infected files) i copied the result txt. :-[

;***********************************************************************************************************************************************************************************
ANALYSIS: 2010-12-24 21:39:56
PROTECTIONS: 1
MALWARE: 4
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description                                  Version                       Active    Updated
;===================================================================================================================================================================================
McAfee VirusScan Enterprise                  8.5.0.781                     Yes       Yes
;===================================================================================================================================================================================
MALWARE
Id        Description                        Type                Active    Severity  Disinfectable  Disinfected Location
;===================================================================================================================================================================================
00139061  Cookie/Doubleclick                 TrackingCookie      No        0         Yes            No           c:\documents and settings\administrator\cookies\administrator@doubleclick[1].txt
00168056  Cookie/YieldManager                TrackingCookie      No        0         Yes            No           c:\documents and settings\administrator\cookies\administrator@ad.yieldmanager[1].txt
00170554  Cookie/Overture                    TrackingCookie      No        0         Yes            No           c:\documents and settings\administrator\cookies\administrator@overture[1].txt
00172221  Cookie/Zedo                        TrackingCookie      No        0         Yes            No           c:\documents and settings\administrator\cookies\administrator@zedo[2].txt
;===================================================================================================================================================================================
SUSPECTS
Sent      Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id        Severity       Description
;===================================================================================================================================================================================
223917    HIGH           MS10-084
223916    HIGH           MS10-083
223914    HIGH           MS10-081
223909    HIGH           MS10-076
223906    HIGH           MS10-073
223904    HIGH           MS10-071
223355    HIGH           MS10-069
223353    HIGH           MS10-067
223352    HIGH           MS10-066
223349    HIGH           MS10-063
223346    HIGH           MS10-061
222627    HIGH           MS10-054
222626    HIGH           MS10-053
222622    HIGH           MS10-049
222621    HIGH           MS10-048
222620    HIGH           MS10-047
222470    HIGH           MS10-046
222062    HIGH           MS10-042
221290    HIGH           MS10-035
221289    HIGH           MS10-034
221287    HIGH           MS10-032
219830    HIGH           MS10-029
219822    HIGH           MS10-021
219821    HIGH           MS10-020
219647    HIGH           MS10-018
217842    HIGH           MS10-015
217839    HIGH           MS10-012
217838    HIGH           MS10-011
217834    HIGH           MS10-008
217832    HIGH           MS10-006
217831    HIGH           MS10-005
217169    HIGH           MS10-002
216839    HIGH           MS10-001
215938    HIGH           MS09-072
215935    HIGH           MS09-069
215048    HIGH           MS09-065
214076    HIGH           MS09-059
214075    HIGH           MS09-058
214074    HIGH           MS09-057
214073    HIGH           MS09-056
214072    HIGH           MS09-055
214071    HIGH           MS09-054
213109    HIGH           MS09-046
;===================================================================================================================================================================================


here is my hijackthis result i also copy the txt (i click scan and save log file) :-[

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:40:01 PM, on 12/24/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Administrator\Desktop\Internet Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoomail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://aa.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://ph.yahoo.com
R3 - URLSearchHook: Alawar.com Toolbar - {511131f1-4629-4254-a85f-ed7b6d75dd3c} - C:\Program Files\Alawar.com\tbAla2.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
F2 - REG:system.ini: Shell=Explorer.exe msnmgnr.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Alawar.com Toolbar - {511131f1-4629-4254-a85f-ed7b6d75dd3c} - C:\Program Files\Alawar.com\tbAla2.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\Scriptcl.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Alawar.com Toolbar - {511131f1-4629-4254-a85f-ed7b6d75dd3c} - C:\Program Files\Alawar.com\tbAla2.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKLM\..\Policies\Explorer\Run: [csrcs] C:\WINDOWS\system32\csrcs.exe
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZRman000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.ph/com/EGamesPlugin.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - https://my.levelupgames.ph/keycrypt/npkcx.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: Antiwpa - antiwpa.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

--
End of file - 8850 bytes


======
did i do right? ???

anyways tanx for the help in advance
 :bih:
Posted by: neerajrawat1
« on: 24. December 2010., 10:32:49 »

@einherjar

also tell us about your computer specs including your OS and what you wana do with msconfig
Posted by: Samker
« on: 24. December 2010., 09:41:17 »

Hi einherjar,

don't worry we will help you to resolve this problem. ;)

If I understand you correctly, you don't change your registers?? That's good, since I suspect on problem with some Malware... additionally I need information how do you notice this problem with msconfig, what do you try to change and why??


After that please follow next instruction:


1. Run Panda or BitDefender Online AntiVirus Scan: http://scforum.info/index.php/topic,734.0.html

2. Download & run HijackThis: http://scforum.info/index.php/topic,785.0.html

3. Provide us logs from HijackThis & AntiVirus Online Scan


I'll wait your reply (with logs).

Regards,

Samker
Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising