possible virus

View previous topic View next topic Go down

possible virus

Post by dgarland55 on Sat Oct 31, 2009 11:21 pm

Hi, I think my computer has a virus. Every once in a while a pop up appears with DELL E153FP on it and it has a bunch of image settings, color settings OSD settings Language and factory reset on it. I can't click on anything my mouse is under the pop us. Also sometime a picture of a padlock appears and then sometimes it appears opened. I virus scanned with Mcafee and I used Webroot spysweeper and when I use spysweeper it freezes when I try to remove threats. Help!

dgarland55
Beginner
Beginner

Posts Posts : 3
Joined Joined : 2009-10-26
OS OS : XP
Points Points : 25985
# Likes # Likes : 0

View user profile

Back to top Go down

Re: possible virus

Post by Dr Jay on Sun Nov 01, 2009 2:27 am

Please download ComboFix from [You must be registered and logged in to see this link.]

Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found [You must be registered and logged in to see this link.]
  • Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console


Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


  • Click on Yes, to continue scanning for malware.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

I would also like to see a list of installed programs, so please do this:
Click Start > Run then copy/paste the following single-line command into the Run box and click OK:

C:\Qoobox\Add-Remove Programs.txt

In your next reply, please include the ComboFix log and the Add-Remove Programs log.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13719
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302143
# Likes # Likes : 10

View user profile

Back to top Go down

Re: possible virus

Post by dgarland55 on Sun Nov 01, 2009 2:14 pm

okay here it is:ComboFix 09-10-30.01 - Jane 11/01/2009 8:39.1.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.767.325 [GMT -5:00]
Running from: c:\documents and settings\Jane\My Documents\Downloads\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Start Menu\HP Image Zone .lnk
c:\progra~1\Webroot\WEBROO~1\Backup\ntSVc.ocx
c:\windows\COUPON~1.OCX
c:\windows\CouponPrinter.ocx

.
((((((((((((((((((((((((( Files Created from 2009-10-01 to 2009-11-01 )))))))))))))))))))))))))))))))
.

2009-11-01 01:36 . 2009-11-01 01:36 -------- d-----w- c:\program files\Trend Micro
2009-10-31 23:27 . 2009-10-31 23:27 -------- d-----w- c:\documents and settings\Jane\Application Data\Malwarebytes
2009-10-31 23:26 . 2009-09-10 18:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-31 23:26 . 2009-10-31 23:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-31 23:26 . 2009-09-10 18:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-31 23:26 . 2009-10-31 23:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-31 18:29 . 2009-10-31 18:29 -------- d--h--w- c:\windows\PIF
2009-10-31 16:51 . 2001-08-17 11:22 23296 ----a-r- c:\windows\system32\drivers\NaiFiltr.sys
2009-10-31 16:49 . 2009-10-31 16:49 -------- d-----w- c:\program files\Common Files\Network Associates
2009-10-27 23:46 . 2009-10-27 23:46 -------- d-----w- c:\program files\MSSOAP
2009-10-26 02:38 . 2009-10-30 05:01 -------- d-----w- c:\documents and settings\Jane\Local Settings\Application Data\AskToolbar
2009-10-26 02:25 . 2009-10-27 23:46 -------- d-----w- c:\program files\Ask.com
2009-10-26 02:23 . 2009-05-13 19:39 1563008 ----a-w- c:\windows\WRSetup.dll
2009-10-26 02:23 . 2009-10-27 23:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Webroot
2009-10-26 02:23 . 2009-10-26 02:23 -------- d-----w- c:\program files\Webroot
2009-10-26 02:23 . 2009-10-26 02:23 -------- d-----w- c:\documents and settings\Jane\Application Data\Webroot
2009-10-26 02:22 . 2009-10-27 18:16 164 ----a-w- c:\windows\install.dat
2009-10-26 00:06 . 2009-09-16 14:22 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2009-10-26 00:06 . 2009-09-16 14:22 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys
2009-10-26 00:06 . 2009-09-16 14:22 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2009-10-26 00:06 . 2009-07-16 16:32 120136 ----a-w- c:\windows\system32\drivers\Mpfp.sys
2009-10-26 00:04 . 2009-10-26 00:06 -------- d-----w- c:\program files\Common Files\McAfee
2009-10-26 00:04 . 2009-10-26 00:05 -------- d-----w- c:\program files\McAfee.com
2009-10-26 00:03 . 2009-10-31 18:27 -------- d-----w- c:\program files\McAfee
2009-10-25 23:40 . 2009-09-16 14:22 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys
2009-10-25 22:20 . 2009-10-26 03:06 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-30 22:00 . 2008-01-13 02:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2009-10-30 22:00 . 2009-01-24 00:22 -------- d-----w- c:\program files\Angle Interactive
2009-10-30 21:59 . 2009-04-25 18:18 -------- d-----w- c:\program files\The Chronicles of Spellborn
2009-10-27 21:54 . 2007-12-22 19:33 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-10-25 23:39 . 2009-04-16 21:13 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-10-15 07:09 . 2008-05-17 17:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-09-16 14:22 . 2009-09-16 14:22 214664 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2009-09-11 14:18 . 2001-08-18 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-10 07:15 . 2008-07-04 01:02 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-04 21:03 . 2001-08-18 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 08:08 . 2001-08-18 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-26 08:00 . 2001-08-18 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-18 03:33 . 2009-08-18 03:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-06 23:24 . 2007-12-28 05:06 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 23:24 . 2007-12-28 05:06 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 23:24 . 2007-12-28 05:06 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 23:24 . 2007-12-28 05:06 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 23:24 . 2007-12-22 19:06 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-06 23:24 . 2001-08-18 12:00 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 23:23 . 2007-12-28 05:06 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 23:23 . 2007-12-28 05:07 215920 ----a-w- c:\windows\system32\muweb.dll
2009-08-06 23:23 . 2007-12-28 05:07 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-08-06 23:23 . 2007-12-22 19:06 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:01 . 2001-08-18 12:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-05 00:44 . 2001-08-18 12:00 2189184 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20 . 2001-08-17 13:48 2066048 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-06-17 19:19 . 2009-06-17 18:39 692554778 -c--a-w- c:\program files\MTGOIII.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-02-09 19:06 764296 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-02-09 764296]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-02-09 764296]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Aim6"="c:\program files\AIM6\aim6.exe" [2008-03-25 50528]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"McAfee.InstantUpdate.Monitor"="c:\program files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" [2003-06-03 122948]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2008-09-12 160160]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-12 49152]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"AdaptecDirectCD"="c:\program files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe" [2001-09-04 655360]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-21 148888]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-26 177472]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-09-17 645328]
"McAfee Guardian"="c:\program files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" [2002-10-29 145920]
"Imonitor"="c:\program files\McAfee\QuickClean\Plguni.exe" [2002-11-15 98304]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]

c:\documents and settings\Jane\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]
HP Image Zone Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-5-12 73728]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Documents and Settings\\Jane\\Desktop\\MTGOIII_Helper(2).exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"6112:TCP"= 6112:TCP:Blizzard Downloader
"59157:TCP"= 59157:TCP:Pando Media Booster
"59157:UDP"= 59157:UDP:Pando Media Booster

R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys [4/21/2009 5:27 PM 29808]
R2 WRConsumerService;Webroot Client Service;c:\program files\Webroot\WebrootSecurity\WRConsumerService.exe [10/25/2009 9:25 PM 1205760]
S2 AvSynMgr;AVSync Manager;"c:\program files\McAfee\McAfee VirusScan\Avsynmgr.exe" --> c:\program files\McAfee\McAfee VirusScan\Avsynmgr.exe [?]
S3 ati2mpaa;ati2mpaa;c:\windows\system32\drivers\ati2mpaa.sys [12/22/2007 9:02 AM 281856]
S3 NaiFiltr;NaiFiltr;c:\windows\system32\drivers\NaiFiltr.sys [10/31/2009 11:51 AM 23296]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - CLASSPNP_2
*NewlyCreated* - MBR
*NewlyCreated* - PCIIDEX_2
*Deregistered* - CLASSPNP_2
*Deregistered* - mbr
*Deregistered* - PCIIDEX_2
.
Contents of the 'Scheduled Tasks' folder

2009-10-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2009-11-01 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 15:20]

2009-10-26 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-10-26 16:22]

2009-10-26 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-10-26 16:22]

2009-11-01 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-02-09 19:06]

2009-10-30 c:\windows\Tasks\wrSpySweeper_L5AD4F949A4EC44018C35911DCCDDE145.job
- c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe [2009-10-26 19:40]

2009-10-30 c:\windows\Tasks\wrSpySweeper_L5AD4F949A4EC44018C35911DCCDDE145.job
- c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe [2009-10-26 19:40]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - [You must be registered and logged in to see this link.]
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Jane\Start Menu\Programs\IMVU\Run IMVU.lnk
DPF: Microsoft XML Parser for Java - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\documents and settings\Jane\Application Data\Mozilla\Firefox\Profiles\8bk45mb6.default\
FF - prefs.js: browser.search.defaulturl - [You must be registered and logged in to see this link.]
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NpPopup.dll
FF - hȋdden: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-HookURL - (no file)
URLSearchHooks-Rank - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{C3CD744D-2FAE-4640-8297-16B5DA423104} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-11-01 09:04
Windows 5.1.2600 Service Pack 3 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************
.
Completion time: 2009-11-01 9:09
ComboFix-quarantined-files.txt 2009-11-01 14:09

Pre-Run: 3,642,347,520 bytes free
Post-Run: 10,509,725,696 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

- - End Of File - - 09A7227D521562B94F7D8A868AF5F22D

dgarland55
Beginner
Beginner

Posts Posts : 3
Joined Joined : 2009-10-26
OS OS : XP
Points Points : 25985
# Likes # Likes : 0

View user profile

Back to top Go down

Re: possible virus

Post by dgarland55 on Sun Nov 01, 2009 2:16 pm

3100_3200_3300_Help
3100_3200_3300trb
3200
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Reader 8.1.2
AIM 6
AIM Search
AiO_Scan_CDA
AiOSoftwareNPI
Apple Mobile Device Support
Apple Software Update
Ask.com Toolbar
Bonjour
BufferChm
CA Yahoo! Anti-Spy (remove only)
Coupon Printer for Windows
CP_AtenaShokunin1Config
CP_CalendarTemplates1
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
Critical Update for Windows Media Player 11 (KB959772)
CueTour
CustomerResearchQFolder
Destinations
DeviceFunctionQFolder
DeviceManagementQFolder
DocProc
DocumentViewer
DocumentViewerQFolder

dgarland55
Beginner
Beginner

Posts Posts : 3
Joined Joined : 2009-10-26
OS OS : XP
Points Points : 25985
# Likes # Likes : 0

View user profile

Back to top Go down

Re: possible virus

Post by Dr Jay on Sun Nov 01, 2009 6:39 pm

Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.].

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13719
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302143
# Likes # Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum