Tech Support Forum - View Single Post - Need help on possible mal-ware and clean up

**TheBruce1** · 07-02-2009, 03:58 AM

Hello again

Do not attach your logs, simply copy/paste into your replies.

========

Open notepad and copy/paste the text in the quotebox below into it:

Code:

File::
C:\Documents and Settings\HP_Administrator\Desktop\Musicccc\loltastic.dll 
C:\Documents and Settings\HP_Administrator\Desktop\Musicccc\loltastic.rar 
D:\I386\APPS\APP06901\src\CompaqPresario_Spring06.exe 
D:\I386\APPS\APP06901\src\HPPavillion_Spring06.exe

Driver::
XDva037
XDva143
XDva190
XDva225
geebers12
npggsvc

DDS::
uInternet Settings,ProxyOverride = 127.0.0.1;*.local

Registry::
[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]

Save this as CFscript

Refering to the picture above, drag CFscript into ComboFix.exe

Follow the prompts, and post the resulting log, C:\ComboFix.txt

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

Warning:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

=======

Try updating Java again, see if the problem persists. If you recieve any errors messages, take a note of it and post it in your reply along with the C:\Combofix.txt.

07-02-2009, 03:58 AM	#23 (permalink)
TheBruce1 Moderator, Analyst, Security Team Join Date: Oct 2006 Location: Dùn Èideann,Scotland. Posts: 5,093 OS: XP	Re: Need help on possible mal-ware and clean up Hello again Do not attach your logs, simply copy/paste into your replies. ======== Open notepad and copy/paste the text in the quotebox below into it: Code: File:: C:\Documents and Settings\HP_Administrator\Desktop\Musicccc\loltastic.dll C:\Documents and Settings\HP_Administrator\Desktop\Musicccc\loltastic.rar D:\I386\APPS\APP06901\src\CompaqPresario_Spring06.exe D:\I386\APPS\APP06901\src\HPPavillion_Spring06.exe Driver:: XDva037 XDva143 XDva190 XDva225 geebers12 npggsvc DDS:: uInternet Settings,ProxyOverride = 127.0.0.1;.local Registry:: [-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc] Save this as CFscript* Refering to the picture above, drag CFscript into ComboFix.exe Follow the prompts, and post the resulting log, C:\ComboFix.txt Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system. Warning: Do not mouseclick combofix's window whilst it's running. That may cause it to stall ======= Try updating Java again, see if the problem persists. If you recieve any errors messages, take a note of it and post it in your reply along with the C:\Combofix.txt. __________________ Member of ASAP since 2007 Member of UNITE since 2008 Notice to BT customers BT to dump Phorm, see Here for more information. No DPI If we have helped you in anyway, please consider Donating