Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijacked Browser & Not Operating Windows Components


  • Please log in to reply
5 replies to this topic

#1 speedboy

speedboy

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:48 AM

Posted 09 January 2009 - 10:36 PM

Hi -My browser wont let me go to websites that I enter - eg microsoft update goes to what looks like the google search page - also windows components arent functioning properly -cant run chkdsk or eject usb devices ???

Log below:

DDS (Ver_09-01-07.01) - NTFSx86
Run by Chris at 13:27:37.64 on Sat 10/01/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3583.3027 [GMT 10:00]

AV: Trend Micro Internet Security Pro *On-access scanning enabled* (Updated)
FW: Trend Micro Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\OV530EM.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Ilium Software\ListPro\ListProAlarms.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Trend Micro\TrendSecure\SecurityActivityDashboard\tmarsvc.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Trend Micro\TrendSecure\TSCFCommander.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Chris\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.news.com.au/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: TSToolbarBHO: {43c6d902-a1c5-45c9-91f6-fd9e90337e18} - c:\program files\trend micro\trendsecure\tisprotoolbar\TSToolbar.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Trend Micro Toolbar: {ccac5586-44d7-4c43-b64a-f042461a97d2} - c:\program files\trend micro\trendsecure\tisprotoolbar\TSToolbar.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [SpriteService] "c:\program files\sprite software\sprite backup\SpriteService.exe"
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [Google Update] "c:\documents and settings\chris\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [OE] c:\program files\trend micro\internet security\tmas_oe\TMAS_OEMon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Ovt Wia] c:\windows\OV530EM.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [UfSeAgnt.exe] "c:\program files\trend micro\internet security\UfSeAgnt.exe"
mRun: [nwiz] nwiz.exe /install
mRun: [HDAudDeck] c:\program files\via\viaudioi\hdadeck\HDeck.exe 1
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [OE] c:\program files\trend micro\internet security\tmas_oe\TMAS_OEMon.exe
StartupFolder: c:\docume~1\chris\startm~1\programs\startup\listpr~1.lnk - c:\program files\ilium software\listpro\ListProAlarms.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpoddt~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\office~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hposol08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~2\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~2\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
LSP: c:\windows\system32\idmmbc.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - c:\program files\trend micro\trendsecure\tisprotoolbar\TSToolbar.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

============= SERVICES / DRIVERS ===============

R0 nvcchflt;NVIDIA Disk Cache Filter Driver;c:\windows\system32\drivers\nvcchflt.sys [2008-1-5 16640]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1e51x86.sys [2008-11-30 36864]
R3 ovt530;AV301P;c:\windows\system32\drivers\ov530vid.sys [2005-3-15 161792]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [2008-11-17 334352]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2008-11-30 222976]
R4 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [2008-9-15 14976]
R4 Security Activity Dashboard Service;Security Activity Dashboard Service;c:\program files\trend micro\trendsecure\securityactivitydashboard\tmarsvc.exe [2008-11-17 181584]
R4 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2008-11-17 49680]
R4 TmPfw;Trend Micro Personal Firewall;c:\program files\trend micro\internet security\TmPfw.exe [2008-11-19 492888]
R4 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2008-11-17 36368]
R4 TmProxy;Trend Micro Proxy Service;c:\program files\trend micro\internet security\TmProxy.exe [2008-11-17 677128]
S3 EC168BDA;EC168BDA service;c:\windows\system32\drivers\EC168BDA.sys [2007-9-11 87296]
S3 KTalk;KTalk;\??\c:\docume~1\chris\locals~1\temp\ktalk.sys --> c:\docume~1\chris\locals~1\temp\ktalk.sys [?]

=============== Created Last 30 ================

2009-01-08 17:07 28,288 ac------ c:\windows\system32\dllcache\xjis.nls
2009-01-08 17:07 156,672 ac------ c:\windows\system32\dllcache\winzm.ime
2009-01-08 17:07 156,672 ac------ c:\windows\system32\dllcache\winsp.ime
2009-01-08 17:07 156,672 ac------ c:\windows\system32\dllcache\winpy.ime
2009-01-08 17:07 65,536 ac------ c:\windows\system32\dllcache\winime.ime
2009-01-08 17:07 79,360 ac------ c:\windows\system32\dllcache\winar30.ime
2009-01-08 17:07 69,120 ac------ c:\windows\system32\dllcache\wingb.ime
2009-01-08 17:07 53,248 ac------ c:\windows\system32\dllcache\wamreg51.dll
2009-01-08 17:07 41,600 ac------ c:\windows\system32\dllcache\weitekp9.dll
2009-01-08 17:07 31,232 ac------ c:\windows\system32\dllcache\weitekp9.sys
2009-01-08 17:05 13,463,552 ac------ c:\windows\system32\dllcache\hwxjpn.dll
2009-01-08 17:03 488 a---hr-- c:\windows\system32\logonui.exe.manifest
2009-01-08 17:03 749 a---hr-- c:\windows\WindowsShell.Manifest
2009-01-08 17:03 749 a---hr-- c:\windows\system32\wuaucpl.cpl.manifest
2009-01-08 17:03 749 a---hr-- c:\windows\system32\sapi.cpl.manifest
2009-01-08 17:03 749 a---hr-- c:\windows\system32\nwc.cpl.manifest
2009-01-08 17:03 749 a---hr-- c:\windows\system32\ncpa.cpl.manifest
2009-01-08 17:03 16,384 ac------ c:\windows\system32\dllcache\isignup.exe
2009-01-04 19:21 255 ---shr-- C:\autorun.inf
2009-01-04 19:09 <DIR> --dshr-- C:\resycled
2009-01-04 19:02 <DIR> --d----- c:\docume~1\chris\applic~1\Cool Record Edit Pro
2008-12-27 14:33 <DIR> --d----- c:\docume~1\chris\applic~1\iTunes Agent
2008-12-27 14:32 <DIR> --d----- c:\program files\iTunes Agent
2008-12-25 07:59 107,368 a------- c:\windows\system32\GEARAspi.dll
2008-12-25 07:59 15,464 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2008-12-25 07:58 <DIR> --d----- c:\program files\iPod
2008-12-25 07:58 <DIR> --d----- c:\program files\iTunes
2008-12-25 07:58 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-25 07:58 32,000 a------- c:\windows\system32\drivers\usbaapl.sys
2008-12-19 16:40 <DIR> --d----- c:\program files\Nobilis
2008-12-18 11:16 421,888 a------- c:\windows\system32\rmsp.ax
2008-12-18 11:16 45,056 a------- c:\windows\system32\fc.ax
2008-12-18 11:16 <DIR> --d----- c:\program files\Free RM to AVI Converter Splitter
2008-12-18 06:46 <DIR> --d----- c:\windows\ie8updates
2008-12-13 11:25 <DIR> --d----- c:\program files\DiskCheckup
2008-12-11 17:24 <DIR> --d----- c:\docume~1\alluse~1\applic~1\BlazeVideo
2008-12-11 17:24 14 a------- c:\windows\system32\systeminfo.dll
2008-12-11 17:24 <DIR> --d----- c:\program files\BlazeVideo
2008-12-11 17:20 <DIR> --d----- c:\program files\DVBT

==================== Find3M ====================

2009-01-08 17:02 22,748 a------- c:\windows\system32\emptyregdb.dat
2009-01-05 06:14 722,472 a------- c:\windows\system32\kdfmgr.exe
2009-01-05 06:14 192,512 a------- c:\windows\system32\kdfvmgr.exe
2009-01-05 06:14 77,824 a------- c:\windows\system32\kdfapi.dll
2009-01-05 06:14 53,248 a------- c:\windows\system32\Kdfhok.dll
2008-12-17 21:03 206,256 a------- c:\windows\system32\idmmbc.dll
2008-12-17 18:49 410,984 a------- c:\windows\system32\deploytk.dll
2008-11-30 19:22 633,832 a------- c:\windows\P5KPL-CM-ASUS-0517.zip
2008-11-30 19:13 633,532 a------- c:\windows\P5KPL-CM-ASUS-0514.zip
2008-11-26 19:58 4,371,339 a------- c:\windows\guitarMatrix.scr
2008-11-17 06:44 1,195,448 a------- c:\windows\system32\drivers\vsapint.sys
2008-11-17 06:44 334,352 a------- c:\windows\system32\drivers\TM_CFW.sys
2008-11-17 06:44 205,328 a------- c:\windows\system32\drivers\tmxpflt.sys
2008-11-17 06:44 144,912 a------- c:\windows\system32\drivers\tmcomm.sys
2008-11-17 06:44 80,400 a------- c:\windows\system32\drivers\tmtdi.sys
2008-11-17 06:44 50,192 a------- c:\windows\system32\drivers\tmactmon.sys
2008-11-17 06:44 49,680 a------- c:\windows\system32\drivers\tmevtmgr.sys
2008-11-17 06:44 36,368 a------- c:\windows\system32\drivers\tmpreflt.sys
2008-11-14 17:37 846,336 a------- c:\windows\system32\kdfinj.dll
2008-10-29 08:36 823,296 a------- c:\windows\system32\divx_xx0c.dll
2008-10-29 08:36 823,296 a------- c:\windows\system32\divx_xx07.dll
2008-10-29 08:35 815,104 a------- c:\windows\system32\divx_xx0a.dll
2008-10-29 08:35 802,816 a------- c:\windows\system32\divx_xx11.dll
2008-10-29 08:35 684,032 a------- c:\windows\system32\DivX.dll
2008-10-16 14:06 268,648 a------- c:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 a------- c:\windows\system32\muweb.dll
2008-10-01 13:42 87,608 a------- c:\docume~1\chris\applic~1\inst.exe
2008-10-01 13:42 47,360 a------- c:\docume~1\chris\applic~1\pcouffin.sys
2008-05-14 07:44 64,736 a------- c:\docume~1\chris\applic~1\GDIPFONTCACHEV1.DAT
2008-02-21 16:49 87,608 a------- c:\docume~1\chris\applic~1\ezpinst.exe
2008-06-24 08:00 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008062420080625\index.dat

============= FINISH: 13:27:54.01 ===============

Any help appreciated.

Thank you.

Attached Files



BC AdBot (Login to Remove)

 


#2 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:10:48 PM

Posted 19 January 2009 - 01:42 PM

Hello Speedboy and welcome to Bleeping Computer,

Please read [url="http://"http://www.bleepingcomputer.com/combofix/how-to-use-combofix"]this tutorial[/url] carefully to download ComboFix from one of the locations specified, and save it to your Desktop.
Double click the ComboFix icon to run it.
If ComboFix askes you to install the Recovery Console, please do so..
The Windows Recovery Console will allow you to boot up into a special recovery mode, in case your computer has a problem after an attempted removal of malware. This allows us to help you.
Once the Recovery Console is installed, continue with the malware scan.

Note: Make sure not to click ComboFix's window while it's running. That may cause it to stall or freeze.

Please post the log from ComboFix (can also be found as C:\ComboFix.txt) in your next reply. :thumbsup:

If you have any questions along the way, STOP and ask them before proceeding !!

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#3 speedboy

speedboy
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:48 AM

Posted 20 January 2009 - 04:33 AM

Greetings Thunder

Thank you kindly for assisting me with my problem.

Combofix log as per instructions. My computer restarted through the combo fix process as it combo fix said it needed to and then continued with the scan.

When it restarted my antivirus started running again so I am not sure if this had any effect,

Attached Files

  • Attached File  log.txt   19.05KB   25 downloads


#4 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:10:48 PM

Posted 20 January 2009 - 05:27 AM

Hello Speedboy,

Your log looks a lot better now. :thumbsup:

Still having problems ?

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#5 speedboy

speedboy
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:48 AM

Posted 20 January 2009 - 06:49 PM

Hi Thunder

Seems to be quite good now - like it is back to normal :thumbsup: - after having a look at the log do you think it seems all ok??

Thanks

Speedboy

#6 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:10:48 PM

Posted 21 January 2009 - 03:57 PM

Hello Speedboy,

Yes, the log looks OK. :thumbsup:

You can remove all used tools and folders created in the process.
To remove ComboFix :
Go to Start > Run, and copy and paste next command in the field:ComboFix /u
Make sure there's a space between Combofix and /u
Then press Enter.
This will uninstall Combofix, delete its related folders and files, restore your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.

No more issues ?

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users