We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Unable to remove virus from my computer
Options
Comments
-
Open notepad and copy/paste the text in RED below
File::
c:\users\Jon\AppData\Roaming\SystemRequirementsLab\srlproxy_cyri_4.1.71.0A.dll
c:\windows\WLXPGSS.SCR
The first one ~ c:\users\Jon\AppData\Roaming\SystemRequirementsLab\srlproxy_cyri_4.1.71.0A.dll
must NOT have a gap inbetween Lab and \ (This site puts in random gaps, dont ask me why)
Save this as "CFScript" (FULL file will be 'CFScript.txt' EXACTLY as shown)
Then drag the CFScript into ComboFix.exe as you see in the screenshot below.
This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply
Combofix should never take more that 30 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.:idea:0 -
ComboFix 10-07-03.06 - Jon 04/07/2010 20:17:36.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3036.1902 [GMT 1:00]
Running from: c:\users\Jon\Downloads\ComboFix.exe
Command switches used :: c:\users\Jon\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
FILE ::
"c:\users\Jon\AppData\Roaming\SystemRequirementsLab\srlproxy_cyri_4.1.71.0A.dll"
"c:\windows\WLXPGSS.SCR"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Jon\AppData\Roaming\SystemRequirementsLab\srlproxy_cyri_4.1.71.0A.dll
c:\windows\WLXPGSS.SCR
.
((((((((((((((((((((((((( Files Created from 2010-06-04 to 2010-07-04 )))))))))))))))))))))))))))))))
.
2010-07-04 19:22 . 2010-07-04 19:22
d
w- c:\users\Jon\AppData\Local\temp
2010-07-04 19:22 . 2010-07-04 19:22
d
w- c:\users\Public\AppData\Local\temp
2010-07-04 19:22 . 2010-07-04 19:22
d
w- c:\users\Default\AppData\Local\temp
2010-07-03 18:18 . 2010-07-03 18:18 388096 ----a-r- c:\users\Jon\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-07-03 18:18 . 2010-07-03 18:18
d
w- c:\program files\Trend Micro
2010-07-03 00:00 . 2010-07-03 18:00
d
w- c:\users\Jon\AppData\Local\rbuplrdsr
2010-06-24 02:00 . 2009-11-08 09:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-24 02:00 . 2009-11-08 09:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-24 02:00 . 2009-11-08 09:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-24 02:00 . 2009-11-08 09:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-24 02:00 . 2009-11-08 09:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-23 22:39 . 2010-06-23 22:39 501936 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb6BDE.tmp.exe
2010-06-23 02:54 . 2010-04-16 16:43 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-06-23 02:54 . 2010-04-16 14:39 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-06-13 12:53 . 2010-06-13 12:53
d
w- c:\program files\SystemRequirementsLab
2010-06-13 12:53 . 2010-07-04 19:21
d
w- c:\users\Jon\AppData\Roaming\SystemRequirementsLab
2010-06-11 18:35 . 2010-06-11 18:35
d
w- c:\users\Jon\AppData\Local\Dell
2010-06-09 18:51 . 2010-06-09 18:51
d
w- c:\program files\DIFX
2010-06-09 18:51 . 2010-06-09 18:51
d
w- C:\opticon_driver
2010-06-09 08:06 . 2010-06-09 08:06 976832 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\20876\AdobeARM.exe
2010-06-09 08:06 . 2010-06-09 08:06 70584 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\20876\AdobeExtractFiles.dll
2010-06-09 08:06 . 2010-06-09 08:06 331176 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\20876\ReaderUpdater.exe
2010-06-09 08:06 . 2010-06-09 08:06 331176 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\20876\AcrobatUpdater.exe
2010-06-05 06:02 . 2010-06-05 06:02 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-06-05 06:02 . 2010-06-05 06:02 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-06-05 06:02 . 2010-06-05 06:02 49152 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-06-05 06:02 . 2010-06-05 06:02 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-06-05 06:02 . 2010-06-05 06:02 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-06-05 06:02 . 2010-06-05 06:02 40960 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-06-05 06:02 . 2010-06-05 06:02 341600 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-06-05 06:02 . 2010-06-05 06:02 308808 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-06-05 06:02 . 2010-06-05 06:02 14848 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
2010-06-05 06:02 . 2010-06-05 06:02
d
w- c:\program files\Common Files\xing shared
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-04 12:16 . 2009-10-14 18:37
d
w- c:\program files\Cheat Engine
2010-07-03 16:54 . 2009-09-30 21:54
d
w- c:\program files\Malwarebytes' Anti-Malware
2010-07-02 23:28 . 2009-07-30 19:48
d
w- c:\program files\Windows Live
2010-07-02 19:02 . 2009-08-05 12:09 72936 ----a-w- c:\users\Jon\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-02 18:59 . 2009-08-06 16:45
d
w- c:\program files\MUSICMATCH
2010-07-02 18:59 . 2009-07-30 19:34
d--h--w- c:\program files\InstallShield Installation Information
2010-07-02 18:58 . 2009-07-30 19:48
d
w- c:\program files\Microsoft
2010-07-02 18:57 . 2009-07-30 19:53
d
w- c:\programdata\Microsoft Help
2010-07-02 18:57 . 2009-07-30 19:53
d
w- c:\program files\Microsoft.NET
2010-06-27 10:36 . 2009-09-01 12:05 2400256 ---h--w- c:\programdata\PopCap Games\Peggle\popcapgame1.exe
2010-06-21 19:19 . 2009-09-01 12:05
d
w- c:\program files\PopCap Games
2010-06-13 22:13 . 2010-01-25 22:08
d
w- c:\users\Jon\AppData\Roaming\EVEMon
2010-06-11 19:03 . 2009-08-14 18:31
d
w- c:\program files\Tropico
2010-06-11 19:02 . 2010-03-10 16:01
d
w- c:\program files\Pokemon World Online
2010-06-11 19:01 . 2006-11-02 12:37
d
w- c:\program files\Microsoft Games
2010-06-11 19:00 . 2010-05-10 15:21
d
w- c:\programdata\OfficeRecovery
2010-06-09 02:23 . 2006-11-02 11:18
d
w- c:\program files\Windows Mail
2010-06-05 06:02 . 2009-08-06 16:45
d
w- c:\program files\Common Files\Real
2010-06-05 06:02 . 2009-08-06 16:45
d
w- c:\program files\Real
2010-06-02 22:51 . 2010-06-02 22:50 1198133 ----a-w- c:\users\Jon\EFT2.12.3.zip
2010-05-26 17:06 . 2010-06-08 23:59 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-08 23:59 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-21 13:14 . 2009-10-02 18:35 221568
w- c:\windows\system32\MpSigStub.exe
2010-05-18 09:47 . 2010-05-17 17:21
d
w- c:\program files\Virtual Villagers 2
2010-05-17 17:06 . 2010-05-17 17:05
d
w- c:\program files\Virtual Villagers - The Lost Children
2010-05-17 17:04 . 2010-05-17 17:04
d
w- c:\program files\bfgclient
2010-05-17 17:03 . 2010-05-17 17:03 207952 ----a-w- c:\users\Jon\virtualvillagersth_s1_l1_gF1438T1L1_d894768462.exe
2010-05-14 17:24 . 2010-05-14 17:24
d
w- c:\programdata\CCP
2010-05-14 16:56 . 2009-11-15 20:58
d
w- c:\program files\CCP
2010-05-10 22:12 . 2009-07-30 19:56
d
w- c:\programdata\McAfee
2010-05-10 15:30 . 2010-05-10 15:30
d
w- c:\users\Jon\AppData\Roaming\OfficeRecovery
2010-05-10 15:27 . 2010-05-10 15:21
d
w- c:\program files\OfficeRecovery
2010-05-10 14:58 . 2010-05-10 14:58
d
w- c:\program files\Recuva
2010-05-10 13:41 . 2010-05-10 13:35
d
w- c:\program files\DDR - FAT Recovery(Demo)
2010-05-10 13:17 . 2010-02-07 20:45
d
w- c:\users\Jon\AppData\Roaming\vlc
2010-05-10 13:08 . 2010-05-10 13:08
d
w- c:\program files\EASEUS
2010-05-09 11:13 . 2009-09-01 11:28
d
w- c:\program files\Google
2010-05-04 05:59 . 2010-06-08 23:59 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-08 23:59 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 05:55 . 2010-06-08 23:59 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 04:31 . 2010-06-08 23:59 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-05-01 14:13 . 2010-06-08 23:59 2037248 ----a-w- c:\windows\system32\win32k.sys
2010-04-29 14:39 . 2009-09-30 21:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 14:39 . 2009-09-30 21:54 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-23 14:13 . 2010-05-26 11:16 2048 ----a-w- c:\windows\system32\tzres.dll
2010-04-16 21:12 . 2010-04-16 21:12 48464 ----a-w- c:\windows\system32\sirenacm.dll
2010-04-16 16:43 . 2010-06-23 02:54 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
2010-04-16 16:43 . 2010-06-23 02:54 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2010-04-16 16:43 . 2010-06-23 02:54 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll
2010-04-16 16:43 . 2010-06-23 02:54 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll
2009-05-13 21:55 . 2009-05-13 21:55 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-13 21:55 . 2009-05-13 21:55 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-07-31 05:09 . 2009-04-11 17:43 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-01 39408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Google Update"="c:\users\Jon\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-08-11 133104]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2008-01-21 215552]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-06-05 202256]
"RtHDVCpl"="RtHDVCpl.exe" [2008-07-18 6246400]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-02-23 150552]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-04-24 250192]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]
"LVCOMSX"="c:\program files\Common Files\LogiShrd\LComMgr\LVComSX.exe" [2007-01-12 244512]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-01-12 488984]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-02-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-02-23 173592]
"Flashget"="c:\program files\FlashGet\FlashGet.exe" [2007-09-25 2007088]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-06-03 206064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
c:\users\Jon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-5-28 1320288]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2009-12-25 67128]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-8-13 813584]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-07-30 19:40 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):81,de,16,d4,18,2c,ca,01
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1ca2af76176118b;Google Update Service (gupdate1ca2af76176118b);c:\program files\Google\Update\GoogleUpdate.exe [2009-09-01 133104]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 aswSP;avast! Self Protection; [x]
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2008-07-18 73728]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2008-07-21 27648]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-02-23 112128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
2010-07-04 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-01 20:24]
2010-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-01 11:28]
2010-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-01 11:28]
2010-07-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-295937859-792311906-2248885373-1000Core.job
- c:\users\Jon\AppData\Local\Google\Update\GoogleUpdate.exe [2009-08-11 23:56]
2010-07-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-295937859-792311906-2248885373-1000UA.job
- c:\users\Jon\AppData\Local\Google\Update\GoogleUpdate.exe [2009-08-11 23:56]
2010-07-04 c:\windows\Tasks\RtlNICDiagVistaStart.job
- c:\program files\Realtek\RTNICDiag\RTNICDiag.exe [2009-07-30 11:18]
2010-07-04 c:\windows\Tasks\User_Feed_Synchronization-{21C70AB0-27B3-4FC9-8263-AF0E68D0925E}.job
- c:\windows\system32\msfeedssync.exe [2010-06-08 04:30]
.
.
Supplementary Scan
.
uStart Page = hxxp://www.eveonline.com/
uInternet Settings,ProxyOverride = <local>
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Save YouTube Video - c:\program files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
IE: Save YouTube Video as MP3 - c:\program files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\users\Jon\AppData\Roaming\Mozilla\Firefox\Profiles\q4zvk57j.default\
FF - component: c:\program files\Common Files\DVDVideoSoft\Dll\FFContextMenuY\components\FFContextMenu.dll
FF - component: c:\users\Jon\AppData\Roaming\Mozilla\Firefox\Profiles\q4zvk57j.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}\components\nsCatcher.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1851.5542\npCIDetect14.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nppopcaploader.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\users\Jon\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\users\Jon\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\users\Jon\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-04 20:22
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2010-07-04 20:24:08
ComboFix-quarantined-files.txt 2010-07-04 19:24
ComboFix2.txt 2010-07-04 19:05
ComboFix3.txt 2010-07-04 12:24
Pre-Run: 252,434,497,536 bytes free
Post-Run: 252,393,304,064 bytes free
- - End Of File - - 92C5875BEF343B7B90E2FB4EE367B6730 -
Download and run the FREE version of DR WEB
http://www.freedrweb.com/download+cureit/gr/
Turn your anti virus OFF
Click CANCEL to the 'Would you like to read purchase terms now?' message
Click START click OK
It will auto QUICK scan
After that set to scan the WHOLE computer and press the 'play' icon
***DO NOT UPGRADE TO FULL VERSION***:idea:0 -
Download and run the FREE version of DR WEB
http://www.freedrweb.com/download+cureit/gr/
Turn your anti virus OFF
Click CANCEL to the 'Would you like to read purchase terms now?' message
Click START click OK
It will auto QUICK scan
After that set to scan the WHOLE computer and press the 'play' icon
***DO NOT UPGRADE TO FULL VERSION***
It came up with 0 infections so hubby decided not to post the result here.
Unless there is something else we need to do I'd just like to take the opportunity to thank you for helping us out. The PC seems now to be working great
x 0 -
Yep, id say your good to go
May as well give it a spring clean though ~
Download CCLEANER
http://www.piriform.com/ccleaner/download/slim
Run the CLEANER scan (UNTICK 'cookies')
Then run the REGISTRY scan (Backup the registry when it asks):idea:0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.8K Banking & Borrowing
- 253K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.8K Work, Benefits & Business
- 598.6K Mortgages, Homes & Bills
- 176.8K Life & Family
- 257.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards