It only takes a few seconds visiting the wrong site to get infected.
You appear to still have an active Vundo infection. It may be hiding from HJT.
Run ComboFix again, using these instructions:
- Click the Windows 'Start' button > Select 'Run' - then copy/paste this into the run box & click OK
"%userprofile%\desktop\combofix.exe" /v ssqro flgrrcaf
- When finished, it shall produce a log for you. Post that log in your next reply.
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
---------------------------------------------------------------------------------------------
Open HijackThis and click on 'Do a System Scan Only'. Check the following entries if they exist
(make sure you do not miss any) and click
Fix Checked
O4 - HKLM\..\Run: [WindowsService] rundll32.exe "C:\WINDOWS\system32\flgrrcaf.dll",realset
Close HijackThis now.
---------------------------------------------------------------------------------------------
Please run DSS again, and post it's main.txt
__________________
Practice Safe Surfing
Because what you don't know, CAN hurt you.
Proud Member of ASAP since 2005
Proud Member of UNITE since 2006