Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Firefox redirected to lvhook.biz [Solved]


  • This topic is locked This topic is locked

#1
adummi

adummi

    Member

  • Member
  • PipPip
  • 21 posts
Hi.

I'm using Firefox 3.0.4. Today I clicked a link on a Google search for capcan.org and was apparently redirected. There was a black screen, on top of which was a window with the following (sorry, it is incomplete) message:

"System Warning
There were errors during security setting restore!...System has detected spyware infection!...Click OK to download antispyware tool."

I noticed the url I was now on was a site with the address lvhook.biz.

I clicked Firefox's "Go back one page button" and ran a Malwarebytes scan, which found nothing. My HJT log also looked the same as it did a couple weeks ago when I last checked it, so I don't think anything nasty made its way on my computer, but wouldn't mind some reassurance.

I was hoping someone would check the HJT log. I posted one a couple weeks ago about the 020 line without a response, but I didn't feel worried enough about it to repost in The Waiting Room.

Another poster in the software/browsers section tried the capcan.org site with no problem.

Thanks.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:32:38 PM, on 3/20/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [DadApp] "C:\Program Files\Dell\AccessDirect\dadapp.exe"
O4 - HKLM\..\Run: [SynTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [NvCplDaemon] "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "C:\WINDOWS\system32\nwiz.exe" /installquiet
O4 - HKLM\..\Run: [WorksFUD] "C:\Program Files\Microsoft Works\wkfud.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] "C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell....iler/SysPro.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1235488204989
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-sec...m/ols/fscax.cab
O20 - AppInit_DLLs:
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

--
End of file - 4103 bytes
  • 0

Advertisements


#2
greyknight17

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Is this problem just affecting Firefox or is it happening to Internet Explorer also (test it out if unsure)?

Go to http://www.bleepingc...to-use-combofix and follow the instructions on how to install the Recovery Console and run ComboFix. Go through all the steps until posting the log part. Post the combofix log here.

Download GooredFix and save it to your Desktop. Double-click Goored.exe to run it. Select 1. Find Goored (no fix) by typing 1 and pressing Enter. A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called Goored.txt). Note: Do not run Option #2 yet.
  • 0

#3
adummi

adummi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Hi greyknight17,

I just tried clicking the link in IE and Firefox, and didn't get any redirection with either.

Do you still want me to perform those two other procedures? If so, is it OK to skip the Recovery Console installation? For one thing, I don't like the idea of being connected to the internet for the installation while AV and FW are disabled, and also, this computer is pretty old - it originally had WindowsMe and was upgraded to XP - not sure if that would pose a conflict to the Windows Recovery install.

Was there anything in the log that makes you think I need combofix?

Thanks.
  • 0

#4
greyknight17

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
It's running XP now so it should not have problems installing the recovery console. To make things easier, go back to that bleepingcomputer site and skip the part where it asks you for the CD. Go down a little and click on the link to go to the Microsoft site instead to download the recovery console. Then just drag and drop that file into ComboFix.

I suggest performing the steps as it may seem like it's ok now, but it will probably return later on, especially if you didn't do anything to remove it in the first place. They usually don't just go away :)
  • 0

#5
adummi

adummi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Hi greyknight17,

The only glitches I encountered were the Message "Error - Win32 only -- Incompatible OS. Combofix only works for workstations with Windows 2000 and XP" The program ran despite the warning. Everything went well from then until the log.txt window opened. The desktop icons and taskbar had disappeared (not the background though) and never reappeared after the scan. The mouse pointer was still there, but I couldn't figure out how to get anything back, so I rebooted.

Here are the two logs you've requested.

And thanks for helping me out with this stuff :)

ComboFix 09-03-19.02 - Dee and Frank 2009-03-21 12:30:39.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.255.95 [GMT -4:00]
Running from: c:\documents and settings\Dee and Frank\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Dee and Frank\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated)
FW: COMODO Firewall *disabled*
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\patch.exe

.
((((((((((((((((((((((((( Files Created from 2009-02-21 to 2009-03-21 )))))))))))))))))))))))))))))))
.

2009-03-08 10:48 . 2009-03-08 10:47 410,984 --a------ c:\windows\system32\deploytk.dll
2009-03-08 10:48 . 2009-03-08 10:47 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-03-08 10:47 . 2009-03-08 10:47 <DIR> d-------- c:\program files\Java
2009-03-08 10:43 . 2009-03-08 10:43 0 --a------ c:\windows\system32\REN7.tmp
2009-03-08 10:43 . 2009-03-08 10:43 0 --a------ c:\windows\system32\REN6.tmp
2009-03-04 18:03 . 2007-10-17 08:36 102,664 --a------ c:\windows\system32\drivers\tmcomm.sys
2009-03-04 11:26 . 2009-03-04 11:26 <DIR> d-------- c:\documents and settings\Dee and Frank\Application Data\OpenOffice.org
2009-03-04 11:18 . 2009-03-04 11:18 <DIR> d-------- c:\program files\JRE
2009-03-04 11:17 . 2009-03-04 11:18 <DIR> d-------- c:\program files\OpenOffice.org 3
2009-02-22 19:25 . 2009-02-22 20:12 <DIR> d-------- c:\program files\EsetOnlineScanner
2009-02-21 20:02 . 2008-06-19 17:24 28,544 --a------ c:\windows\system32\drivers\pavboot.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-21 13:40 --------- d-----w c:\documents and settings\All Users\Application Data\AntiVir PersonalEdition Classic
2009-03-20 18:37 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-03-20 18:37 --------- d-----w c:\program files\SpywareBlaster
2009-03-04 22:00 --------- d-----w c:\program files\Dell
2009-03-02 15:33 --------- d-----w c:\documents and settings\All Users\Application Data\comodo
2009-03-02 15:27 24,336 ----a-w c:\windows\system32\drivers\cmdhlp.sys
2009-03-02 15:22 155,384 ----a-w c:\windows\system32\guard32.dll
2009-03-02 15:22 110,992 ----a-w c:\windows\system32\drivers\cmdguard.sys
2009-02-24 00:20 --------- d-----w c:\program files\SUPERAntiSpyware
2009-02-24 00:20 --------- d-----w c:\documents and settings\Dee and Frank\Application Data\SUPERAntiSpyware.com
2009-02-21 15:21 --------- d-----w c:\program files\Trend Micro
2009-02-21 13:47 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-02-21 01:36 --------- d-----w c:\program files\ERUNT
2009-02-20 21:23 --------- d-----w c:\program files\Google
2009-02-11 15:19 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-11 15:19 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-01-24 00:05 --------- d-----w c:\documents and settings\LocalService\Application Data\SACore
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DadApp"="c:\program files\Dell\AccessDirect\dadapp.exe" [2002-11-01 208560]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2003-03-17 110592]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2003-03-17 569344]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-06-24 4800512]
"nwiz"="c:\windows\system32\nwiz.exe" [2003-06-24 323584]
"WorksFUD"="c:\program files\Microsoft Works\wkfud.exe" [2000-08-08 24576]
"HPDJ Taskbar Utility"="c:\windows\System32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-12-11 196608]
"avgnt"="c:\program files\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-22 266497]
"COMODO Firewall Pro"="c:\program files\COMODO\Firewall\cfp.exe" [2009-03-02 1851128]
"COMODO Internet Security"="c:\program files\COMODO\Firewall\cfp.exe" [2009-03-02 1851128]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-08 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Portfolio]
--a------ 2000-08-08 16:00 311350 c:\program files\Microsoft Works\wkssb.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2004-06-30 17:02 77824 c:\program files\QuickTime\qttask.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-02-21 28544]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2008-11-20 110992]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2008-11-20 24336]
R3 maestro;ESS Maestro 3 Audio Driver (WDM);c:\windows\system32\drivers\es198x.sys [2003-12-12 174464]
S3 LSWPCv4;Wireless-B Notebook Adapter Driver;c:\windows\system32\drivers\rtl8180.sys [2003-10-01 184832]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\LaunchU3.exe -a
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Microsoft Works Update Detection - c:\program files\Microsoft Works\WkDetect.exe
MSConfigStartUp-Microsoft Works Update Detection - c:\program files\Microsoft Works\WkDetect.exe
MSConfigStartUp-MSKAGENTEXE - c:\progra~1\McAfee\SPAMKI~1\MSKAgent.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
Trusted Zone: turbotax.com
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Dee and Frank\Application Data\Mozilla\Firefox\Profiles\mugxqruy.Default User\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\documents and settings\Dee and Frank\Application Data\Mozilla\Firefox\Profiles\mugxqruy.Default User\extensions\[email protected]\platform\WINNT_x86-msvc\plugins\npmnqmp071101000055.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPMGWRAP.DLL
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-21 12:33:15
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwClose, ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1409082233-492894223-1343024091-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(716)
c:\windows\system32\guard32.dll

- - - - - - - > 'lsass.exe'(776)
c:\windows\system32\guard32.dll
.
Completion time: 2009-03-21 12:38:17
ComboFix-quarantined-files.txt 2009-03-21 16:38:08

Pre-Run: 12,263,014,400 bytes free
Post-Run: 12,250,730,496 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

137

Now the goored:

GooredFix v1.92 by jpshortstuff
Log created at 13:04 on 21/03/2009 running Option #1 (Dee and Frank)
Firefox version 3.0.4 (en-US)

=====Suspect Goored Entries=====

=====Dumping Registry Values=====

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.4\extensions]
"Plugins"="C:\Program Files\Mozilla Firefox\plugins"

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.4\extensions]
"Components"="C:\Program Files\Mozilla Firefox\components"
  • 0

#6
greyknight17

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Delete the following files:

c:\windows\system32\REN7.tmp
c:\windows\system32\REN6.tmp


Other than that, it looks ok so far. Test it out for a day or two and confirm that you don't get redirected anymore.

Good job. Your log is clean.

To help prevent future spyware infections, read the Anti-Spyware Tutorial and use the tools provided.

Go to Start->Run, copy/paste in combofix /u and hit OK to remove it.
  • 0

#7
adummi

adummi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
OK. I deleted the two .tmp files and uninstalled Combofix (I hope it uninstalled with no problem - my firewall interrupted it a few times).

One thing - Combofix seemed to reset IE as my default browser - is that normal?

Also, was that patch.exe which Combofix deleted the source of the trouble?

Thanks again. I'll try things out for a couple days and then let you know how it goes.
  • 0

#8
greyknight17

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
I'm not sure if that patch file was the cause, but I would have to say no in this case, especially if it's a legitimate patch file. It must have been something else that was removed earlier if everything is ok now. Otherwise, we will need to run additional scans to find the files responsible for the problem.

ComboFix will restore some system settings once it's removed. If it restored IE, just make Firefox your default browser again to fix the problem.
  • 0

#9
adummi

adummi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Other than the single instance of browser redirection to lvhook. biz mentioned in the OP, I haven't been redirected. Neither in IE (which I don't usually use much) or Firefox.

I ran a Kaspersky online scan yesterday and it didn't detect anything.

Are there any other scans I ought to run, or do you think the problem's been demolished?

Thanks.
  • 0

#10
greyknight17

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Can't find much on this right now, but if you want, run a Panda online scan to see if anything is found:

Perform an online scan with Internet Explorer at Panda ActiveScan http://www.pandasoft.../activescan.htm

* Click on 'Scan your PC' button. There should be a popup - if you have a pop-up blocker, make sure it's not blocking it.
* Click 'Check Now' & a pop-up window will appear.
* Enter your Country, State and E-mail Address & click 'Scan Now' - begin downloading Panda's ActiveX controls (8 MB size).
* Begin the scan by selecting My Computer.
* If it finds any malware, it will offer you a report. Ignore any entry it finds (since it wants you to buy the program for removal) as we will address this later.
* Click on see report. Then click Save report.
* Post that log in your next reply.

We can perform a more thorough inspection if you follow the remaining instructions here. Skip any that you have already done.
  • 0

#11
adummi

adummi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Here's the Activescan report. "Congratulations! You have no infections today" or somesuch.

Still no other incidents of redirection. I've enabled NoScript in Firefox, which I'd had disabled for a while, just in case it happens again.





;***************************************************************************************************
********************************************************************************
ANALYSIS: 2009-03-24 11:07:47
PROTECTIONS: 1
MALWARE: 0
SUSPECTS: 0
;***************************************************************************************************
********************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================
================================================================================
Avira AntiVir PersonalEdition 8.0.1.30 No Yes
;===================================================================================================
================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================
================================================================================
;===================================================================================================
================================================================================
SUSPECTS
Sent Location
;===================================================================================================
================================================================================
;===================================================================================================
================================================================================
VULNERABILITIES
Id Severity Description
;===================================================================================================
================================================================================
182048 HIGH MS07-069
;===================================================================================================
================================================================================
  • 0

#12
greyknight17

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
We can close this topic if you feel everything is ok. Otherwise, you may run the further scans indicated in the sticky topic link I provided you.
  • 0

#13
adummi

adummi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Go ahead and close it. If anything goes amiss in the next few days I'll ask to have it reopened.

Thanks for helping me, greyknight :)
  • 0

#14
greyknight17

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP