Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware infection


  • This topic is locked This topic is locked
2 replies to this topic

#1 Wat Tyler

Wat Tyler

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:07:02 PM

Posted 26 April 2010 - 02:54 PM

My PC recently had the hard drive give up, and a new one was installed by a local computer engineer.
Thankfully, I had an external hard drive, so documents, photos, etc.., were all safe, but unfortunately I lost all applications that I had been using. I went through over a sitting in reinstalling all browsers, applications, anti-viruses, etc.., and since that time I have had this constant redirecting problem in the browsers I use.

I use Firefox, Opera, Google Chrome and sometimes Explorer, but my day-to-day browser is Firefox.

I ran all scans using Spybot and Avira, and they both found some Trojans and other infections. I then used SuperAntiSpyware Free Edition, and it found quite a few in two seperate scans, each one after the other.

I ran all scans today and found nothing, but the problem still exists. Through Googling keywords I found this forum. I have hopefully followed all that was stated in the prep thread, and now come to ask if someone could kindly take a glance at the required information.

[quote]DDS (Ver_10-03-17.01) - NTFSx86
Run by Home User at 19:52:19.20 on 26/04/2010
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.430 [GMT 1:00]

AV: AntiVir Desktop *On-access scanning enabled* (Updated) {11638345-E4FC-4BEE-BB73-EC754659C5F6}
FW: Avira FireWall *enabled* {11638345-E4FC-4BEE-BB73-EC754659C5F6}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Program Files\Registry Mechanic\regmech.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Home User\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.co.uk/
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [RegistryMechanic] c:\program files\registry mechanic\RegMech.exe /H
mRun: [WINDVDPatch] CTHELPER.EXE
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [Jet Detection] "c:\program files\creative\sblive\program\ADGJDet.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: c:\program files\avira\antivir desktop\avsda.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: winjvl32 - winjvl32.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 127.0.0.1 www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\homeus~1\applic~1\mozilla\firefox\profiles\fcpxjfng.default\
FF - prefs.js: browser.search.selectedEngine - Search the Web
FF - prefs.js: keyword.URL - hxxp://ws.infospace.com/coolchaser/ws/redir?_iceUrl=true&user_id=&tool_id=60531&qkw=
FF - component: c:\documents and settings\home user\application data\mozilla\firefox\profiles\fcpxjfng.default\extensions\{a2880346-35bb-45bb-9190-eedb49c132c5}\components\Engine.dll
FF - component: c:\documents and settings\home user\application data\mozilla\firefox\profiles\fcpxjfng.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - plugin: c:\documents and settings\home user\application data\mozilla\firefox\profiles\fcpxjfng.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 avfwot;avfwot;c:\windows\system32\drivers\avfwot.sys [2010-4-22 102856]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-4-22 11608]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-2-17 66632]
R2 AntiVirFirewallService;Avira FireWall;c:\program files\avira\antivir desktop\avfwsvc.exe [2010-4-22 536232]
R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\avira\antivir desktop\avmailc.exe [2010-4-22 337064]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-4-22 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-4-22 267432]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\avira\antivir desktop\avwebgrd.exe [2010-4-22 405672]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-4-22 60936]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2010-4-26 632792]
R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\drivers\avfwim.sys [2010-4-22 79432]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2010-2-17 12872]

=============== Created Last 30 ================

2010-04-26 18:48:48 0 ----a-w- c:\documents and settings\home user\defogger_reenable
2010-04-26 17:19:29 880640 ----a-w- c:\windows\system32\UniBox10.ocx
2010-04-26 17:19:29 212992 ----a-w- c:\windows\system32\UniBoxVB12.ocx
2010-04-26 17:19:29 1101824 ----a-w- c:\windows\system32\UniBox210.ocx
2010-04-26 17:19:29 1081616 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2010-04-26 17:19:23 0 d-----w- c:\program files\common files\PC Tools
2010-04-26 16:55:04 3375034 ----a-w- c:\windows\{00000000-00000000-0000000A-00001102-00000002-80651102}.BAK
2010-04-26 08:51:14 0 d-----w- c:\windows\system32\XPSViewer
2010-04-26 08:50:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-04-26 08:50:05 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-04-26 08:50:05 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-04-26 08:50:05 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-04-26 08:50:05 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-04-26 08:50:05 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-04-26 08:50:05 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-04-25 22:12:37 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-04-25 21:34:11 0 d-----w- c:\docume~1\homeus~1\applic~1\Foxit Software
2010-04-25 21:27:39 0 d-----w- c:\program files\common files\DivX Shared
2010-04-25 21:23:13 0 d-----w- c:\program files\DivX
2010-04-25 21:20:23 0 d-----w- c:\docume~1\alluse~1\applic~1\DivX
2010-04-25 12:51:09 0 d-sh--w- c:\documents and settings\home user\PrivacIE
2010-04-24 23:52:58 0 d-----w- c:\windows\ie8updates
2010-04-24 21:14:24 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-04-24 21:14:24 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-04-24 21:14:23 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-04-24 21:14:23 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-04-24 21:14:22 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-04-24 15:39:03 215920 ----a-w- c:\windows\system32\muweb.dll
2010-04-24 15:39:03 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2010-04-24 15:39:02 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-04-24 09:48:12 0 d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2010-04-24 09:47:34 0 d-----w- c:\program files\SUPERAntiSpyware
2010-04-24 09:47:33 0 d-----w- c:\docume~1\homeus~1\applic~1\SUPERAntiSpyware.com
2010-04-24 09:46:17 0 d-----w- c:\program files\common files\Wise Installation Wizard
2010-04-23 19:35:12 0 d-----w- c:\windows\pss
2010-04-23 13:25:28 0 d-----w- c:\program files\Paint.NET
2010-04-23 13:22:00 0 d--h--r- C:\AHCache
2010-04-22 22:52:52 0 d-----w- c:\documents and settings\home user\Tracing
2010-04-22 22:48:38 0 d-----w- c:\program files\Microsoft
2010-04-22 22:48:17 0 d-----w- c:\program files\Windows Live SkyDrive
2010-04-22 22:45:24 0 d-----w- c:\program files\common files\Windows Live
2010-04-22 22:18:09 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-04-22 22:18:09 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-22 22:03:00 0 d-----w- c:\program files\Zeallsoft
2010-04-22 22:02:28 0 d-----w- C:\Fraps
2010-04-22 21:51:43 0 d-sh--w- c:\documents and settings\home user\IETldCache
2010-04-22 21:46:25 0 d-----w- c:\program files\Softoria Capture
2010-04-22 21:43:59 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-04-22 21:40:21 0 d-----r- c:\program files\Skype
2010-04-22 21:33:05 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-04-22 21:33:04 81920 ----a-w- c:\windows\system32\dllcache\ieencode.dll
2010-04-22 21:31:19 0 d-----w- c:\windows\system32\NtmsData
2010-04-22 21:28:42 0 d-----w- c:\docume~1\homeus~1\applic~1\Avira
2010-04-22 21:17:30 79432 ----a-w- c:\windows\system32\drivers\avfwim.sys
2010-04-22 21:17:30 102856 ----a-w- c:\windows\system32\drivers\avfwot.sys
2010-04-22 21:17:29 0 d-----w- c:\program files\Avira
2010-04-22 19:30:04 0 d-----w- c:\docume~1\alluse~1\applic~1\PC Tools
2010-04-22 18:37:44 0 d-----w- c:\documents and settings\home user\dwhelper
2010-04-22 17:07:39 0 d-----w- c:\program files\VideoLAN
2010-04-22 15:01:48 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-04-22 15:01:46 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-04-22 15:01:46 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-04-22 15:00:43 293376 ------w- c:\windows\system32\browserchoice.exe
2010-04-22 14:57:39 2146304 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-04-22 14:57:38 2189952 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-04-22 14:57:37 2024448 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-04-22 14:51:42 0 d-----w- c:\windows\system32\PreInstall
2010-04-22 14:51:41 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-04-22 14:51:39 0 d--h--w- c:\windows\$hf_mig$
2010-04-22 14:48:15 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-04-22 14:43:30 0 d-----w- c:\program files\Foxit Software
2010-04-22 14:33:11 2560 ------w- c:\windows\system32\xpsp4res.dll
2010-04-22 13:47:22 0 d-----w- c:\docume~1\alluse~1\applic~1\Avira
2010-04-22 13:42:12 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-04-22 13:42:12 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-04-22 13:39:47 0 d-----w- c:\program files\CCleaner
2010-04-22 12:53:41 8704 -c----w- c:\windows\system32\dllcache\tsbyuv.dll
2010-04-22 12:53:41 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll
2010-04-22 12:48:28 0 d-----w- c:\docume~1\homeus~1\applic~1\MSNInstaller
2010-04-22 12:43:54 0 d-sh--w- c:\documents and settings\home user\UserData
2010-04-22 12:40:34 0 d-----w- c:\windows\system32\SoftwareDistribution
2010-04-22 12:37:46 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2010-04-22 12:37:46 21504 ----a-w- c:\windows\system32\hidserv.dll
2010-04-22 12:37:42 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2010-04-22 12:37:42 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2010-04-22 12:37:24 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-04-22 12:37:24 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-04-22 09:25:21 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2010-04-22 09:25:21 12160 ----a-w- c:\windows\syst

Attached Files


Edited by Orange Blossom, 26 April 2010 - 05:58 PM.
Pasting in a bit of log from another post with more log but no attachments. ~ OB


BC AdBot (Login to Remove)

 


#2 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:09:02 PM

Posted 01 May 2010 - 05:24 AM

Hi,

Please visit this webpage for download links, and instructions for running ComboFix tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please ensure you read this guide carefully first.


Please continue as follows:
  1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link
    Remember to re-enable them afterwards.

  2. Click Yes to allow ComboFix to continue scanning for malware.

When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New dds log.


A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#3 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:09:02 PM

Posted 11 May 2010 - 08:11 AM

Due to inactivity, this thread will now be closed. If you need this topic reopened, please contact a Staff member. Include the address of this thread in your request. This applies only to the original topic starter. Should you have a new issue, please start a New Topic.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users