We’d like to remind Forumites to please avoid political debate on the Forum.

This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide

Web Hijack Need Help

2

Comments

  • Browntoa
    Browntoa Posts: 49,620 Forumite
    Part of the Furniture 10,000 Posts Name Dropper Photogenic
    did it remove anything , just post that top part of the log file
    Ex forum ambassador

    Long term forum member
  • crazylegs95
    crazylegs95 Posts: 27 Forumite
    this bit

    ComboFix 09-12-06.07 - Curtis 25/11/2009 20:07.1.2 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1554 [GMT 0:00]
    Running from: c:\documents and settings\Curtis\Desktop\ComboFix.exe
    AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
    FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
    * Resident AV is active
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    Infected copy of c:\windows\system32\DRIVERS\atapi.sys was found and disinfected
    Restored copy from - Kitty ate it :p
    .
    ((((((((((((((((((((((((( Files Created from 2009-10-25 to 2009-11-25 )))))))))))))))))))))))))))))))
    .
  • Browntoa
    Browntoa Posts: 49,620 Forumite
    Part of the Furniture 10,000 Posts Name Dropper Photogenic
    can I have the Files created bit below as well ;)

    sorry
    Ex forum ambassador

    Long term forum member
  • crazylegs95
    crazylegs95 Posts: 27 Forumite
    that ok

    ComboFix 09-12-06.07 - Curtis 25/11/2009 20:07.1.2 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1554 [GMT 0:00]
    Running from: c:\documents and settings\Curtis\Desktop\ComboFix.exe
    AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
    FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
    * Resident AV is active
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    Infected copy of c:\windows\system32\DRIVERS\atapi.sys was found and disinfected
    Restored copy from - Kitty ate it :p
    .
    ((((((((((((((((((((((((( Files Created from 2009-10-25 to 2009-11-25 )))))))))))))))))))))))))))))))
    .
    2009-11-25 17:58 . 2009-12-03 16:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-11-25 17:58 . 2009-12-03 16:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
    2009-11-25 17:58 . 2009-11-25 17:58
    d
    w- c:\program files\Malwarebytes' Anti-Malware
    2009-11-25 12:27 . 2009-11-25 12:27
    d
    w- c:\program files\Common Files\DivX Shared
    2009-11-25 12:22 . 2009-11-11 14:50 311296 ----a-w- c:\windows\system32\TubeFinder.exe
    2009-11-25 12:22 . 2009-06-19 18:51 9728 ----a-w- c:\windows\system32\PCCLPFR.DLL
    2009-11-25 12:22 . 2009-06-19 18:51 32768 ----a-w- c:\windows\system32\CMDLGFR.DLL
    2009-11-25 12:22 . 2009-06-19 18:51 141312 ----a-w- c:\windows\system32\MSCMCFR.DLL
    2009-11-25 12:22 . 2009-06-19 18:51 119568 ----a-w- c:\windows\system32\VB6FR.DLL
    2009-11-25 12:22 . 2009-06-19 18:51 101888 ----a-w- c:\windows\system32\VB6STKIT.DLL
    2009-11-25 12:22 . 2009-11-25 12:30
    d
    w- c:\documents and settings\Curtis\Application Data\FreeFLVConverter
    2009-11-25 12:22 . 2009-11-25 12:22
    d
    w- c:\program files\Free FLV Converter
    2009-11-25 11:53 . 2009-11-25 11:54
    d
    w- c:\documents and settings\Curtis\Application Data\Download Manager
    2009-11-24 12:31 . 2008-04-14 00:16 37888 -c--a-w- c:\windows\system32\dllcache\bthmodem.sys
    2009-11-24 12:31 . 2008-04-14 00:16 37888 ----a-w- c:\windows\system32\drivers\bthmodem.sys
    2009-11-23 23:54 . 2009-11-24 00:27
    d
    w- c:\program files\Browser Hijack Recover
    2009-11-23 23:28 . 2009-11-23 23:28
    d
    w- c:\documents and settings\All Users\Application Data\XoftSpySE
    2009-11-23 18:10 . 2009-11-02 20:42 195456
    w- c:\windows\system32\MpSigStub.exe
    2009-11-23 15:44 . 2009-11-23 15:47
    d
    w- c:\documents and settings\Curtis\Local Settings\Application Data\Temp
    2009-11-21 22:45 . 2009-11-25 19:42
    d
    w- c:\program files\Secure PC Solutions
    2009-11-21 20:41 . 2009-11-21 20:41 1962544 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player_ax.exe
    2009-11-21 20:41 . 2009-11-21 20:41
    d
    w- c:\program files\NOS
    2009-11-21 19:12 . 2009-11-21 19:12
    d
    w- c:\windows\system32\URTTEMP
    2009-11-21 19:11 . 2009-11-21 19:11
    d
    w- c:\documents and settings\Curtis\Local Settings\Application Data\Identities
    2009-11-21 19:01 . 2009-11-21 19:01
    d
    w- c:\windows\system32\wbem\Repository
    2009-11-21 19:00 . 2009-11-21 19:00
    d
    w- c:\program files\LG PC Suite 2
    2009-11-21 18:33 . 2009-11-25 13:49
    d
    w- c:\documents and settings\Curtis\Local Settings\Application Data\Google
    2009-11-21 18:32 . 2009-11-21 22:42
    d
    w- c:\program files\Google
    2009-11-21 08:22 . 2009-11-21 08:22
    d
    w- c:\documents and settings\LocalService\Application Data\McAfee
    2009-11-20 19:16 . 2009-11-20 19:16
    d
    w- c:\program files\Trend Micro
    2009-11-19 17:18 . 2009-11-20 18:10
    d
    w- C:\Downloads
    2009-11-19 17:17 . 2009-11-19 17:17 1032192 ----a-w- c:\documents and settings\Curtis\Application Data\Mozilla\Firefox\Profiles\8qmlj9hg.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash\components\IBitCometExtension.dll
    2009-11-19 17:17 . 2009-11-20 19:32
    d
    w- c:\program files\BitComet
    2009-11-19 15:51 . 2009-11-19 15:51
    d
    w- c:\program files\Ashampoo
    2009-11-19 15:46 . 2009-11-19 15:46
    d
    w- c:\documents and settings\Curtis\Application Data\InfraRecorder
    2009-11-19 15:37 . 2009-11-19 15:37
    d
    w- c:\documents and settings\Curtis\Application Data\Ashampoo
    2009-11-19 15:36 . 2009-11-19 15:36
    d
    w- c:\documents and settings\Curtis\Local Settings\Application Data\ashampoo
    2009-11-19 15:36 . 2009-11-19 15:36
    d
    w- c:\documents and settings\All Users\Application Data\ashampoo
    2009-11-19 15:28 . 2009-11-20 20:13
    d
    w- c:\program files\Spybot - Search & Destroy
    2009-11-19 15:28 . 2009-11-20 20:13
    d
    w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
    2009-11-19 14:34 . 2009-11-19 14:34
    d
    w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
    2009-11-18 23:50 . 2009-11-18 23:50 0 ----a-w- c:\windows\nsreg.dat
    2009-11-18 23:50 . 2009-11-18 23:50
    d
    w- c:\documents and settings\Curtis\Local Settings\Application Data\Mozilla
    2009-11-18 16:00 . 2009-11-25 11:31
    d
    w- c:\program files\WinFF
    2009-11-18 11:09 . 2009-11-18 11:09
    d
    w- c:\documents and settings\Curtis\Application Data\Malwarebytes
    2009-11-18 11:08 . 2009-11-18 11:08
    d
    w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2009-11-18 09:29 . 2009-11-18 20:17
    d
    w- c:\program files\BurnAware Free
    2009-11-17 20:48 . 2009-11-18 20:18
    d
    w- c:\program files\ffdshow
    2009-11-17 20:38 . 2009-11-17 20:38
    d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
    2009-11-17 19:20 . 2009-11-18 20:18
    d
    w- c:\documents and settings\Curtis\Local Settings\Application Data\Spotify
    2009-11-17 19:20 . 2009-11-17 19:24
    d
    w- c:\documents and settings\Curtis\Application Data\Spotify
    2009-11-17 18:43 . 2009-11-17 18:43
    d
    w- c:\documents and settings\Curtis\Local Settings\Application Data\Nero
    2009-11-17 18:37 . 2009-11-18 00:23 0 ----a-w- c:\windows\Owakuteroyowu.bin
    2009-11-17 18:37 . 2009-11-18 20:12 120 ----a-w- c:\windows\Ukovuresiqa.dat
    2009-11-17 11:07 . 2009-11-18 20:18
    d
    w- c:\program files\Windows Media Connect 2
    2009-11-13 19:47 . 2005-07-19 17:31 53248 ----a-r- c:\windows\system32\InstMed.exe
    2009-11-13 19:47 . 2005-05-27 09:36 372736 ----a-w- c:\windows\system32\LVUI2RC.dll
    2009-11-13 19:47 . 2005-05-27 09:31 22016 ----a-w- c:\windows\system32\drivers\LVUSBSta.sys
    2009-11-13 19:47 . 2005-05-27 09:29 204800 ----a-w- c:\windows\system32\LVUI2.dll
    2009-11-13 19:47 . 2004-02-14 10:53 110592 ----a-w- c:\windows\system32\lvcoinst.dll
    2009-11-13 19:47 . 2005-05-27 09:26 204800 ----a-w- c:\windows\system32\LVCodec2.dll
    2009-11-13 19:47 . 2004-02-14 10:55 471712 ----a-w- c:\windows\system32\drivers\lvcd.sys
    2009-11-12 19:32 . 2009-11-12 19:32
    d
    w- c:\documents and settings\Curtis\Application Data\DivX
    2009-11-10 15:33 . 2009-11-10 15:33
    d
    w- c:\documents and settings\Curtis\Local Settings\Application Data\Rockstar Games
    2009-11-10 14:47 . 2009-11-10 14:47
    d
    w- C:\5c3fd0401f3efb8b31f504b9d4
    2009-11-10 14:14 . 2009-09-04 17:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
    2009-11-10 14:14 . 2009-09-04 17:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
    2009-11-10 13:59 . 2009-11-10 13:59
    d--h--r- c:\documents and settings\Curtis\Application Data\SecuROM
    2009-11-10 13:52 . 2008-05-30 14:19 507400 ----a-w- c:\windows\system32\XAudio2_1.dll
    2009-11-10 13:52 . 2008-05-30 14:18 238088 ----a-w- c:\windows\system32\xactengine3_1.dll
    2009-11-10 13:52 . 2008-05-30 14:17 65032 ----a-w- c:\windows\system32\XAPOFX1_0.dll
    2009-11-10 13:52 . 2008-05-30 14:17 25608 ----a-w- c:\windows\system32\X3DAudio1_4.dll
    2009-11-10 13:52 . 2008-05-30 14:11 467984 ----a-w- c:\windows\system32\d3dx10_38.dll
    2009-11-10 13:52 . 2008-05-30 14:11 1491992 ----a-w- c:\windows\system32\D3DCompiler_38.dll
    2009-11-10 13:52 . 2008-05-30 14:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
    2009-11-10 13:52 . 2008-03-05 16:03 479752 ----a-w- c:\windows\system32\XAudio2_0.dll
    2009-11-10 13:52 . 2008-03-05 16:03 238088 ----a-w- c:\windows\system32\xactengine3_0.dll
    2009-11-10 13:52 . 2008-03-05 16:00 25608 ----a-w- c:\windows\system32\X3DAudio1_3.dll
    2009-11-10 13:50 . 2009-11-10 13:51
    d
    w- c:\windows\system32\drivers\umdf
    2009-11-10 13:49 . 2008-03-05 15:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
    2009-11-10 13:49 . 2008-03-05 15:56 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
    2009-11-10 13:49 . 2008-02-05 23:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
    2009-11-10 13:49 . 2007-04-04 18:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll
    2009-11-10 13:10 . 2009-11-10 13:10
    d
    w- c:\program files\MSBuild
    2009-11-10 13:04 . 2009-11-10 14:49
    d
    w- c:\windows\system32\XPSViewer
    2009-11-10 13:03 . 2009-11-10 13:03
    d
    w- c:\program files\Reference Assemblies
    2009-11-10 13:03 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
    2009-11-10 13:03 . 2006-06-29 13:07 14048
    w- c:\windows\system32\spmsg2.dll
    2009-11-10 12:59 . 2009-11-10 13:05
    d
    w- C:\4d82ea16ddf541d31e61337e6534
    2009-11-10 12:58 . 2009-11-10 15:24
    d
    w- c:\program files\Rockstar Games
    2009-11-09 20:43 . 2009-11-09 20:43
    d
    w- c:\program files\NCH Software
    2009-11-09 20:42 . 2009-11-09 20:42
    d
    w- c:\documents and settings\All Users\Application Data\NCH Swift Sound
    2009-11-09 20:42 . 2009-11-09 20:42
    d
    w- c:\documents and settings\Curtis\Application Data\NCH Swift Sound
    2009-11-09 20:39 . 2009-11-09 22:51
    d
    w- c:\program files\Mp3DoctorPRO
    2009-11-09 16:02 . 2009-11-09 16:02
    d
    w- c:\program files\MSXML 4.0
    2009-11-08 10:25 . 2009-11-08 10:25
    d
    w- c:\program files\Microsoft Office Outlook Connector
    2009-11-08 10:09 . 2009-11-08 10:09
    d
    w- c:\documents and settings\Curtis\Local Settings\Application Data\Ahead
    2009-11-08 00:38 . 2009-11-08 00:38
    d
    w- c:\documents and settings\Curtis\Application Data\Nero
    2009-11-08 00:34 . 2009-11-08 10:00
    d
    w- c:\program files\Nero
    2009-11-08 00:34 . 2009-11-18 10:27
    d
    w- c:\documents and settings\All Users\Application Data\Nero
    2009-11-08 00:34 . 2009-11-18 10:27
    d
    w- c:\program files\Common Files\Nero
    2009-11-07 21:26 . 2009-11-07 21:26
    d
    w- c:\program files\Common Files\InterVideo
    2009-11-07 21:25 . 2009-11-25 12:27
    d
    w- c:\program files\DivX
    2009-11-07 21:25 . 2009-11-08 10:09
    d
    w- c:\program files\Common Files\LightScribe
    2009-11-07 21:23 . 2009-11-07 21:36
    d
    w- c:\documents and settings\All Users\Application Data\Ulead Systems
    2009-11-07 21:22 . 2005-05-26 15:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
    2009-11-07 11:25 . 2009-11-07 11:39
    d
    w- c:\program files\VirtualDJ
    2009-11-05 18:32 . 2009-11-05 18:32
    d
    w- c:\program files\iPod
    2009-11-05 18:32 . 2009-11-05 18:33
    d
    w- c:\program files\iTunes
    2009-11-05 18:29 . 2009-08-28 19:42 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
    2009-11-05 18:29 . 2009-08-28 19:42 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
    2009-11-05 18:22 . 2009-11-05 18:22 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
    2009-11-04 15:46 . 2009-11-04 15:49 152576 ----a-w- c:\documents and settings\Curtis\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
    2009-11-03 18:08 . 2003-01-10 10:56 30921 ----a-w- c:\windows\system32\drivers\SQCaptur.sys
    2009-11-03 18:08 . 2003-01-10 09:30 25449 ----a-w- c:\windows\system32\drivers\SQCamD.sys
    2009-11-01 15:05 . 2005-03-09 20:50 46592 ----a-w- c:\windows\system32\libusb0.dll
    2009-11-01 15:05 . 2005-03-09 20:50 33792 ----a-w- c:\windows\system32\drivers\libusb0.sys
    2009-10-31 16:47 . 2009-11-18 20:09
    d
    w- c:\documents and settings\Curtis\Local Settings\Application Data\WMTools Downloaded Files
    2009-10-31 14:26 . 2003-03-18 21:44 57344 ----a-w- c:\windows\system32\MFC71ENU.DLL
    2009-10-31 14:26 . 2003-03-18 21:44 49152 ----a-w- c:\windows\system32\MFC71KOR.DLL
    2009-10-31 14:26 . 2003-03-18 21:44 61440 ----a-w- c:\windows\system32\MFC71ITA.DLL
    2009-10-31 14:26 . 2003-03-18 21:44 61440 ----a-w- c:\windows\system32\MFC71ESP.DLL
    2009-10-31 14:26 . 2003-03-18 21:44 45056 ----a-w- c:\windows\system32\MFC71CHT.DLL
    2009-10-31 14:26 . 2003-03-18 21:44 40960 ----a-w- c:\windows\system32\MFC71CHS.DLL
    2009-10-31 14:26 . 2003-03-18 21:44 65536 ----a-w- c:\windows\system32\MFC71DEU.DLL
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-11-24 09:32 . 2008-04-14 12:00 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
    2009-11-21 17:26 . 2009-10-25 20:18
    d--h--w- c:\program files\InstallShield Installation Information
    2009-11-10 17:09 . 2009-10-25 21:21 47800 ----a-w- c:\documents and settings\Manager\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-11-08 10:24 . 2009-10-25 21:20
    d
    w- c:\program files\MSECache
    2009-11-07 20:06 . 2009-10-25 20:27
    d
    w- c:\program files\Common Files\Adaptec Shared
    2009-11-05 18:32 . 2009-10-28 23:24
    d
    w- c:\program files\Common Files\Apple
    2009-10-29 13:10 . 2009-10-28 23:24
    d
    w- c:\documents and settings\All Users\Application Data\Apple
    2009-10-28 23:31 . 2009-10-25 19:52 87263 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
    2009-10-25 21:21 . 2009-10-25 21:21
    d
    w- c:\documents and settings\All Users\Application Data\CyberLink
    2009-10-25 21:08 . 2009-10-25 21:08
    d
    w- c:\program files\Microsoft.NET
    2009-10-25 21:08 . 2009-10-25 21:08
    d
    w- c:\program files\Microsoft ActiveSync
    2009-10-25 21:00 . 2009-10-25 21:00
    d
    w- c:\program files\Common Files\Adobe AIR
    2009-10-25 21:00 . 2009-10-25 20:59
    d
    w- c:\program files\Common Files\Adobe
    2009-10-25 20:57 . 2009-11-15 09:43
    d
    w- c:\documents and settings\Administrator\Application Data\U3
    2009-10-25 20:57 . 2009-10-25 21:27
    d
    w- c:\documents and settings\Curtis\Application Data\U3
    2009-10-25 20:57 . 2009-10-25 20:56
    d
    w- c:\documents and settings\Manager\Application Data\U3
    2009-10-25 20:27 . 2009-10-25 20:27 57344 ----a-w- c:\windows\uneng.exe
    2009-10-25 20:27 . 2009-10-25 20:17
    d
    w- c:\program files\Common Files\InstallShield
    2009-10-25 20:25 . 2009-10-25 20:24
    d
    w- c:\program files\Canon
    2009-10-25 20:24 . 2009-10-25 20:24
    d
    w- c:\program files\Common Files\Canon
    2009-10-25 20:23 . 2009-11-15 09:43
    d
    w- c:\documents and settings\Administrator\Application Data\CyberLink
    2009-10-25 20:23 . 2009-10-25 21:27
    d
    w- c:\documents and settings\Curtis\Application Data\CyberLink
    2009-10-25 20:23 . 2009-10-25 20:23
    d
    w- c:\documents and settings\Manager\Application Data\CyberLink
    2009-10-25 20:22 . 2009-10-25 20:22
    d
    w- c:\documents and settings\All Users\Application Data\Dell
    2009-10-25 20:22 . 2009-10-25 20:22
    d
    w- c:\program files\CyberLink
    2009-10-25 20:20 . 2009-10-25 20:20
    d
    w- c:\program files\Broadcom
    2009-10-25 20:18 . 2009-10-25 20:18
    d
    w- c:\program files\Analog Devices
    2009-10-25 20:14 . 2009-10-25 20:14
    d
    w- c:\program files\Intel
    2009-10-25 20:12 . 2009-10-25 20:12
    d
    w- c:\program files\Dell
    2009-10-25 20:10 . 2009-10-25 20:10 552 ----a-w- c:\windows\system32\d3d8caps.dat
    2009-10-25 19:53 . 2009-10-25 19:53
    d
    w- c:\program files\microsoft frontpage
    2009-10-25 19:49 . 2009-10-25 19:49 21640 ----a-w- c:\windows\system32\emptyregdb.dat
    2009-09-11 14:18 . 2008-04-14 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
    2009-09-04 21:03 . 2008-04-14 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
    2009-08-29 08:08 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
  • Browntoa
    Browntoa Posts: 49,620 Forumite
    Part of the Furniture 10,000 Posts Name Dropper Photogenic
    should be better , download and install this

    http://www.filehippo.com/download_ccleaner/

    to remove all your cookies and temp files and empty the recycle bin

    let us know if you have more problems
    Ex forum ambassador

    Long term forum member
  • crazylegs95
    crazylegs95 Posts: 27 Forumite
    thank-you so much it worked now i no who to ask for help :)
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    Your definitely still infected


    Open notepad and copy/paste the text in RED below

    File::
    c:\windows\Owakuteroyowu.bin
    c:\windows\Ukovuresiqa.dat
    c:\windows\system32\MFC71ENU.DLL
    c:\windows\system32\MFC71KOR.DLL
    c:\windows\system32\MFC71ITA.DLL
    c:\windows\system32\MFC71ESP.DLL
    c:\windows\system32\MFC71CHT.DLL
    c:\windows\system32\MFC71CHS.DLL
    c:\windows\system32\MFC71DEU.DLL


    Save this as "CFScript" (FULL file will be 'CFScript.txt')

    Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

    CFScript.gif


    This will start ComboFix again. After reboot, (in case it asks to reboot), post the WHOLE of Combofix.txt in your next reply

    Combofix should never take more that 30 minutes including the reboot if malware is detected.
    If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
    :idea:
  • crazylegs95
    crazylegs95 Posts: 27 Forumite
    edited 7 December 2009 at 5:23PM
    I cant download combofix what shall I do
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    Youve already run combofix with the log in post #15

    So follow my instructions from post #18
    :idea:
  • crazylegs95
    crazylegs95 Posts: 27 Forumite
    what bit because it still says i can post urls?
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 353.5K Banking & Borrowing
  • 254.1K Reduce Debt & Boost Income
  • 455K Spending & Discounts
  • 246.6K Work, Benefits & Business
  • 602.9K Mortgages, Homes & Bills
  • 178.1K Life & Family
  • 260.6K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 37.7K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture