My anti virus cannot run and every now and then i get a blue screen

this is my SYSPRo scan txt

 

 

lphdelj0ejgf.exe file is found in my msconfig start up file and it is in windows/system32 but just can never locate this file to del it pls help

cybercell1708,

 

If you have access to high speed internet, you may want to try our Bootable Repair Tool to attempt to disinfect your system.  You'll find instructions here:

 

http://www.symantec.com/norton/support/kb/web_view.jsp?wv_type=public_web&docurl=20080612122232EN

 

If you have a retail CD, you can boot from it as well.

 

 

 

thanks will give it a shot and see if it works …thanks once again

You sysprot log is faulty, you can't have run as admin or unblocked.

 

Quads 

So sorry pls explain how i should run the sysprot . i just had the program and then disable the auto protect in my norton and then did a log thingy and this is what it gave me.

OK

 

http://www.gmer.net/ 

 

When starting GMER Right Click the file and select "Run as Administrator"

 

If a Full Scan Crashes,  Next time instead close that warning box so it doesn't do a Full Scan, above the Drives box (right hand side) there are items ticked from "system" to "files'   untick all but "services" and "registry" and scan those 2 areas.

 

Quads 

here is my GMER log pls help me look thru it thanks a million

cybercell1708:

 

You have an rotscx rootkit infection.  I don't know if Symantec has the definitions for that rootkit, but you can try the repair mentioned by the Symantec rep, or wait for Quads, our malware specialist.

 

Let us know which you would prefer to do.

dont know which is better ..i am open to anything that will save my comp. so just tell me what to do and i will follow ..

 

thanks

Cyber

Message Edited by cybercell1708 on 09-13-2009 04:40 PM

cybercell1708:

 

If you require hands on assistance, I will advise Quads that you require his help.

Yes Pls … i have tried scanning my comp with other malware remover it got the Rotscr thingy but after reboot and scan again it is still there i really dont know how to get rid of this stupid malware… thank you guys for helping me out on this matter …

Hi

 

What other rootkit scanner??  

 

Quads 

i tried this programe called super anti spy ware - free edition ,

Hi

 

 

Now

 

1.  Download Combofix  to your Desktop, http://www.bleepingcomputer.com/combofix/how-to-use-combofix 

 

Don't use yet.

 

2. I have Personal Messaged you the script between the lines, look for the yellow envelope at the upper right hand side.   Copy the Script.

 

3.  Open Notepad and paste it in to notepad with the first line being killall::

 

4. Save the script as "CFScript.txt"       CFScript.txt is what you see on your desktop after saving.

 

5. Disable Nortons Auto-Protect and Firewall.

 

6.  Drag and drop CFScript.txt on top of Combofix.exe, like when you drop files into the recycle bin.

 

7. Combofix will start,  When it is scanning don't move the mouse cursor inside the box, can cause freezing.

 

Quads 

 Hi  Sir

 

  I ahve done the scan and here is the log for it... after scan it just upload the file to their server for checks ... how do i know if the bug have been fixed? thanks once again

 

 

Cybercell1708:

 

There is a bit of other work for you to do.  It is necessary for Quads to look at the log before you continue.  He will advise a bit later due to time zone differences.  Don't do anything further for the time being.

ok will wait … thank you guys for really taking your time to help me out here …

Hi

 

Now see if You can Download, Install, Update the definitions and run a Full Scan with Malwarebytes

 

http://www.filehippo.com/download_malwarebytes_anti_malware/

 

Quads 

ok i can download and install update and also run a full scan ...and at the end it picked up 28 malware and was told to remove it and reboot the comp.   attach is the log of the scan