Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

websites won't load

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: websites won't load

Unread postby kilowat » February 11th, 2012, 4:59 pm

SystemLook 30.07.11 by jpshortstuff
Log created at 14:59 on 11/02/2012 by Mike
Administrator - Elevation successful

========== filefind ==========

Searching for "regedit.exe"
C:\WINDOWS\regedit.exe ------- 146432 bytes [12:00 28/02/2006] [00:12 14/04/2008] 058710B720282CA82B909912D3EF28DB
C:\WINDOWS\$NtServicePackUninstall$\regedit.exe -----c- 146432 bytes [17:19 19/08/2008] [12:00 28/02/2006] 783AFC80383C176B22DBF8333343992D
C:\WINDOWS\ServicePackFiles\i386\regedit.exe -----c- 146432 bytes [12:40 18/08/2008] [00:12 14/04/2008] 058710B720282CA82B909912D3EF28DB
C:\WINDOWS\system32\dllcache\regedit.exe --a--c- 146432 bytes [12:00 28/02/2006] [00:12 14/04/2008] 058710B720282CA82B909912D3EF28DB

-= EOF =-
kilowat
Regular Member
 
Posts: 26
Joined: February 10th, 2012, 2:50 pm
Location: western Ky
Advertisement
Register to Remove

Re: websites won't load

Unread postby kilowat » February 11th, 2012, 5:15 pm

I'm not sure if this is what you need
SHA256: 97535e75ca6a77e6bcb81216b0fb383024709539727fd656df6afd33a50cad04
SHA1: 48f4612efeb713a5860726fdb999ceceff07557d
MD5: 058710b720282ca82b909912d3ef28db
File size: 143.0 KB ( 146432 bytes )
File name: c:\windows\regedit.exe
File type: Win32 EXE
Detection ratio: 0 / 41
Analysis date: 2012-02-11 21:08:34 UTC ( 1 minute ago )
kilowat
Regular Member
 
Posts: 26
Joined: February 10th, 2012, 2:50 pm
Location: western Ky

Re: websites won't load

Unread postby deltalima » February 11th, 2012, 5:26 pm

Hi kilowat,

Blitzblank.

Download BlitzBlank and save it to your desktop. Open Blitzblank.exe

  • Click OK at the warning (and take note of it, this is a VERY powerful tool!).
  • Click the Script tab and copy/paste the following text there:
Code: Select all
CopyFile:
C:\WINDOWS\ServicePackFiles\i386\regedit.exe C:\WINDOWS\regedit.exe

  • Click Execute Now. Your computer will need to reboot in order to replace the files.
  • When done, post me the report created by Blitzblank. you can find it at the root of the drive Normaly C:\
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: websites won't load

Unread postby kilowat » February 11th, 2012, 5:42 pm

BlitzBlank 1.0.0.32

File/Registry Modification Engine native application
CopyFileOnReboot: sourceFile = "\??\c:\windows\servicepackfiles\i386\regedit.exe", destinationFile = "\??\c:\windows\regedit.exe"
kilowat
Regular Member
 
Posts: 26
Joined: February 10th, 2012, 2:50 pm
Location: western Ky

Re: websites won't load

Unread postby deltalima » February 11th, 2012, 5:43 pm

OK, now run a new scan with Combofix and post the log.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: websites won't load

Unread postby kilowat » February 11th, 2012, 6:28 pm

the first time i tried to run Combofix it wouldn't run
two errors
1 windows can't find NIRKMD
2 Error opening C:\32788R22fwjfw\per.3xe
second try on Combofix

ComboFix 12-02-11.02 - Mike 02/11/2012 16:12:31.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2559.2074 [GMT -6:00]
Running from: c:\documents and settings\Mike\My Documents\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 111201-0] *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: COMODO Antivirus *Enabled/Updated* {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
C:\RECYCLER(2)
c:\recycler(2)\S-1-5-21-789336058-879983540-839522115-1004(2)\INFO2
.
.
((((((((((((((((((((((((( Files Created from 2012-01-11 to 2012-02-11 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-11 21:34 . 2006-02-28 12:00 146432 ------w- c:\windows\regedit.exe
2012-02-04 17:07 . 2011-08-23 04:39 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-17 21:00 . 2011-12-20 00:59 494968 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-12-24 17:37 . 2010-05-18 00:31 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-12-24 17:37 . 2010-05-10 21:08 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-20 00:59 . 2011-12-20 00:59 97760 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-12-20 00:59 . 2011-12-20 00:59 31704 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-12-20 00:59 . 2011-12-20 00:59 18056 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-12-20 00:58 . 2011-12-20 00:58 33984 ----a-w- c:\windows\system32\cmdcsr.dll
2011-12-20 00:58 . 2011-12-20 00:58 301224 ----a-w- c:\windows\system32\guard32.dll
2011-12-10 21:24 . 2011-04-05 20:45 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-28 17:53 . 2011-12-09 16:44 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-25 21:57 . 2006-02-28 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 13:25 . 2006-02-28 12:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-21 10:47 . 2011-12-27 14:02 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{52FA2CCC-8BB3-4FAA-9392-50696E01FD34}\mpengine.dll
2011-11-21 10:47 . 2011-04-06 18:17 6823496 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-11-19 17:52 . 2011-12-06 01:34 17280 ----a-w- c:\windows\system32\roboot.exe
2011-11-18 12:35 . 2006-02-28 12:00 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21 . 2006-02-28 12:00 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21 . 2006-02-28 12:00 152064 ----a-w- c:\windows\system32\schannel.dll
2012-02-11 00:32 . 2012-02-10 18:35 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-02-11_19.38.37 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-02-11 21:34 . 2012-02-11 21:34 16384 c:\windows\Temp\Perflib_Perfdata_1f0.dat
+ 2011-12-30 00:15 . 2012-02-11 22:13 1132880 c:\windows\system32\drivers\sfi.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"PCTools FGuard"="c:\program files\PC Tools Security\BDT\FGuard.exe" [2011-01-07 108496]
"InstaLAN"="c:\program files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2011-02-25 1770400]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-12-21 6676808]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
NETGEAR WG311T Smart Wizard.lnk - c:\program files\NETGEAR\WG311T\wlancfg5.exe [N/A]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
2010-10-29 20:06 5915480 ----a-w- c:\program files\Logitech\Vid HD\Vid.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
2009-10-14 18:36 2793304 ----a-w- c:\program files\Logitech\Logitech WebCam Software\LWS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager]
2009-07-17 17:12 288080 ----a-w- c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-05-28 13:27 570664 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-10-22 18:22 7700480 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-10-22 18:22 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-10-13 15:27 17351304 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 22:07 2260480 ------w- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8000:UDP"= 8000:UDP:Express Talk RTP Incoming Audio (UDP)
"8001:UDP"= 8001:UDP:Express Talk RTP Incoming Audio (UDP)
"8002:UDP"= 8002:UDP:Express Talk RTP Incoming Audio (UDP)
"8003:UDP"= 8003:UDP:Express Talk RTP Incoming Audio (UDP)
"8004:UDP"= 8004:UDP:Express Talk RTP Incoming Audio (UDP)
"8005:UDP"= 8005:UDP:Express Talk RTP Incoming Audio (UDP)
"8006:UDP"= 8006:UDP:Express Talk RTP Incoming Audio (UDP)
"8007:UDP"= 8007:UDP:Express Talk RTP Incoming Audio (UDP)
"8008:UDP"= 8008:UDP:Express Talk RTP Incoming Audio (UDP)
"8009:UDP"= 8009:UDP:Express Talk RTP Incoming Audio (UDP)
"5070:UDP"= 5070:UDP:Express Talk Sip Incoming Calls (UDP)
.
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [12/19/2011 6:59 PM 494968]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools Security\BDT\BDTUpdateService.exe [10/4/2011 6:51 PM 247760]
S1 aswSP;avast! Self Protection; [x]
S1 efbDisk;efbDisk; [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys --> c:\windows\system32\DRIVERS\aswFsBlk.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12/24/2011 1:06 PM 136176]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 5:19 PM 13592]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12/24/2011 1:06 PM 136176]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; [x]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [2/28/2006 6:00 AM 14336]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; [x]
S3 SetupNTGLM7X;SetupNTGLM7X; [x]
S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-11 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2011-12-06 17:21]
.
2012-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-24 19:06]
.
2012-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-24 19:06]
.
2008-07-27 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
- c:\program files\Microsoft IntelliPoint\ipoint.exe [2007-08-31 19:01]
.
2012-02-11 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-789336058-879983540-839522115-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-08 22:14]
.
2012-02-11 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-789336058-879983540-839522115-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-08 22:14]
.
2012-02-05 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-789336058-879983540-839522115-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-08 22:14]
.
2012-02-04 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-789336058-879983540-839522115-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-08 22:14]
.
2012-02-11 c:\windows\Tasks\User_Feed_Synchronization-{68D9A955-D50C-4AFB-84CF-8323DA46781E}.job
- c:\windows\system32\msfeedssync.exe [2007-08-14 10:31]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
TCP: DhcpNameServer = 208.139.139.5 208.139.139.4
TCP: Interfaces\{A1BBAC8E-EAA0-4277-BBDB-9355D50BFA06}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{E8DC04C1-ACAA-459D-8D2A-1BF4057B28BA}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{F139F404-3852-493D-89A9-D8062FC4DEE2}: NameServer = 8.26.56.26,156.154.70.22
FF - ProfilePath - c:\documents and settings\Mike\Application Data\Mozilla\Firefox\Profiles\4ntswr22.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=BABTDF&PC=BBLN&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: network.proxy.type - 0
FF - user.js: capability.policy.policynames - allowclipboard
FF - user.js: capability.policy.allowclipboard.sites - us.mc305.mail.yahoo.com hillbillyreport.org mail.google.com hardblogger.msnbc.msn.com support.mozilla.com us.mg1.mail.yahoo.com
FF - user.js: capability.policy.allowclipboard.Clipboard.cutcopy - allAccess
FF - user.js: capability.policy.allowclipboard.Clipboard.paste - allAccess
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-11 16:22
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\.amdk7]
"ImagePath"="\*"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(752)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'csrss.exe'(668)
c:\windows\system32\cmdcsr.dll
.
Completion time: 2012-02-11 16:25:10
ComboFix-quarantined-files.txt 2012-02-11 22:25
ComboFix2.txt 2012-02-11 19:42
ComboFix3.txt 2011-12-16 18:29
ComboFix4.txt 2011-04-06 01:52
.
Pre-Run: 33,665,822,720 bytes free
Post-Run: 33,629,163,520 bytes free
.
- - End Of File - - 15376359FED3607C89A3B9C483101F1B
kilowat
Regular Member
 
Posts: 26
Joined: February 10th, 2012, 2:50 pm
Location: western Ky

Re: websites won't load

Unread postby deltalima » February 11th, 2012, 6:49 pm

Hi kilowat,

Please let me know how the computer is running now.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: websites won't load

Unread postby kilowat » February 11th, 2012, 6:53 pm

it's running great, hope you don't charge by the hour ;)
Thanks very much
kilowat
Regular Member
 
Posts: 26
Joined: February 10th, 2012, 2:50 pm
Location: western Ky

Re: websites won't load

Unread postby deltalima » February 11th, 2012, 6:56 pm

it's running great,


Great to hear!

As the problems have been intermittent I would suggest that you use the computer for several hours, maybe until the end of the day and then let me know if any problems return.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: websites won't load

Unread postby kilowat » February 11th, 2012, 7:06 pm

Okay, any subjection ( links) on how to completely uninstall AVG and AVAST, since the uninstall in control panel didn't work
kilowat
Regular Member
 
Posts: 26
Joined: February 10th, 2012, 2:50 pm
Location: western Ky

Re: websites won't load

Unread postby deltalima » February 11th, 2012, 7:09 pm

For AVG

http://www.avg.com/ww-en/utilities - choose the 32 bit version of the remover

For Avast

http://www.avast.com/uninstall-utility
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: websites won't load

Unread postby kilowat » February 12th, 2012, 3:02 pm

I've only had this Comodo for a few months it has wanted to run a scan. I had left the computer on, it ran today. I don't know if i should let it run the clean, what should i do ?

Malware@#3lxnh3a9u8gnw C:\Program Files\FREEzeFlip\bin\2.0.3.0\FREEzeFlipSAHook.dll

Malware@#34240neewh565 C:\Documents and Settings\Mike\My Documents\Downloads\ComboFix.exe|UPX|catchme.3XE

Malware@#34240neewh565 C:\Documents and Settings\Mike\My Documents\Downloads\ComboFix.exe|catchme.3XE
kilowat
Regular Member
 
Posts: 26
Joined: February 10th, 2012, 2:50 pm
Location: western Ky

Re: websites won't load

Unread postby deltalima » February 12th, 2012, 4:16 pm

Hi kilowat,

Malware@#3lxnh3a9u8gnw C:\Program Files\FREEzeFlip\bin\2.0.3.0\FREEzeFlipSAHook.dll


That is spyware, ESET also detected it earlier. It's not crucial but we can let Comodo fix it later.

The other 2 are false positives, we will remove Combofix in the next section so those will not occur again.

Now that you are clean, please follow these steps in order to keep your computer clean and secure.

Remove GMER

Delete the GMER icon from your desktop.

Uninstall ComboFix

  • Click START then RUN
  • Now type Combofix /Uninstall in the runbox and click OK

Clean up with OTL

  • Double-click OTL.exe to start the program. This will remove all the tools we used to clean your pc.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CleanUp! button
  • Say Yes to the prompt and then allow the program to reboot your computer.

Create a new, clean System Restore point which you can use in case of future system problems:
  • Press Start >> All Programs >> Accessories >>System Tools >> System Restore
  • Select Create a restore point, then Next, type a name like All Clean then press the Create button and once it's done press Close
  • Now remove old, infected System Restore points:
  • Next click Start >> Run and type cleanmgr in the box and press OK
  • Ensure the boxes for Recycle Bin, Temporary Files and Temporary Internet Files are checked, you can choose to check other boxes if you wish but they are not required.
  • Select the More Options tab, under System Restore press Clean up... and say Yes to the prompt
  • Press OK and Yes to confirm

Update your AntiVirus Software and keep your other programs up-to-date
Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector
F-secure Health Check

Security Updates for Windows, Internet Explorer & Microsoft Office
Whenever a security problem in its software is found, Microsoft will usually create a patch so that after the patch is installed, attackers can't use the vulnerability to install malicious software on your PC. Keeping up with these patches will help to prevent malicious software being installed on your PC. Ensure you are registered for Windows updates via Start > right-click on My Computer > Properties > Automatic Updates tab or visit the Microsoft Update site on a regular basis.

Now run a full AV scan with Comodo, allow it to remove any items it finds.

Happy surfing and stay clean!
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: websites won't load

Unread postby kilowat » February 12th, 2012, 4:38 pm

Thanks CP has been running great last 24 hrs

PS I have traced my ancestry back to the Orkney and Shetland Islands in 1762 watt
kilowat
Regular Member
 
Posts: 26
Joined: February 10th, 2012, 2:50 pm
Location: western Ky

Re: websites won't load

Unread postby deltalima » February 12th, 2012, 5:00 pm

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 41 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware