Jump to content

Change Mode

Hello my friends,,I'm back


MOMBO
 Share

Recommended Posts

Hello Dakeyras!Ok I/m back on my xp sys,,,I ran PCloud,,the results below,,,

 

1> 1 malware $ pups found--(reg entries 2)--0 files

2> 12 unknown files $ suspicious policies--(reg entries 10) 2 files

3> 2 system cleaning---570 files ---45 mb

----------------------------------------------------------------------------

Unknown. FILE: C:\WINDOWS\SYSTEM32\DRIVERS\CDUDF_XP.SYS to be deleted.
Unknown. REGKEY: HKLM\SYSTEM\CurrentControlSet\Services\cdudf_xp. Key to be deleted.
Unknown. FILE: C:\WINDOWS\SYSTEM32\DRIVERS\PWD_2K.SYS to be deleted.
Unknown. REGKEY: HKLM\SYSTEM\CurrentControlSet\Services\pwd_2K. Key to be deleted.
Malware. REGKEY: HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND. Value: (null) To be changed to: C:\Program Files\Internet Explorer\iexplore.exe.
Malware. REGKEY: HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND. Value: (null) To be changed to: D:\FPROGR~1\Firefox\firefox.exe.
Suspicious Policy. POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[sTART_SHOWRECENTDOCS] to be changed to: 1
Suspicious Policy. POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[sTART_SHOWMYCOMPUTER] to be changed to: 1
Suspicious Policy. POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[sUPERHIDDEN] to be changed to: 0
Suspicious Policy. POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[HIDEFILEEXT] to be changed to: 0
Suspicious Policy. POLICY: HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER[ANTIVIRUSDISABLENOTIFY] to be changed to: 0
Suspicious Policy. POLICY: HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER[FIREWALLDISABLENOTIFY] to be changed to: 0
Suspicious Policy. POLICY: HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER[uPDATESDISABLENOTIFY] to be changed to: 0
Suspicious Policy. POLICY: HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER[ANTIVIRUSOVERRIDE] to be changed to: 0
-----------------------------------------------------------------------------------------------

should I let it clean all this?there are alot of things that I know about in this like the SECURITY CENTER??

I don't want to mess anything up here so I will wait for your reply....Thank you!!!!

Link to comment
Share on other sites

Hi. :)

 

should I let it clean all this?

No need as the results are actually favourable. All that has been detected are a few false positives and some specific settings which we have discussed about prior you stated changed yourself etc.

 

Congratulations your computer appears to be malware free!

 

Clean-Up with DelFix:

 

Please download DelFix to your desktop

  • Double-click on delfix_10.8.exe to launch the application.
  • Referring to the image below, select all available options:(Activate UAC will be greyed out as you have a XP machine)
DelFix.gif
  • Then click on Run.
  • Once it has finished processing, a notepad file named DelFix.txt will open. Post the contents in your next reply for my review.
  • The log can also be located at the root of the system drive, C:\DelFix.txt.
  • After you have posted the aforementioned DelFix.txt, delete it and empty the Recycle Bin.
Now some advice for on-line safety:

 

The below are worth reading/bookmarking for future reference:

 

Computer Security - a short guide to staying safer online

 

Windows XP - The Elephant In The Room

 

Next:

 

Any questions? Feel free to ask, if not stay safe!

Link to comment
Share on other sites

Ok will do,,,xp runs great,,,funny I have to stop that (instup.exe)avast process when I connect,,,I don't notice that on win 8 though,,I like avast ,I been a user of it for 8 yrs,,my win 8 system is excellent,I got a pretty rigged up gaming machine and win 8 loves it...I just can't get my sister off it,,,do you need a date?...haahehe!!!...Thanks for your help again,,,!!! I will run this tonight,,,

Link to comment
Share on other sites

Hello my friend,,done the clean,,here r the results,,,it wiped all my restore points,,created a new 1...

---------------------------------------------------------------------------------------------------------------------------

# DelFix v10.8 - Logfile created 28/09/2014 at 20:49:08
# Updated 29/07/2014 by Xplode
# Username : Owner - MAD
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\HijackThis
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #86 [system Checkpoint | 09/22/2014 06:04:57]
Deleted : RP #87 [Restore | 09/22/2014 06:06:02]
Deleted : RP #88 [avast! antivirus system restore point | 09/22/2014 06:41:33]
Deleted : RP #89 [avast! antivirus system restore point | 09/22/2014 18:22:10]
Deleted : RP #90 [avast! antivirus system restore point | 09/23/2014 17:36:17]
Deleted : RP #91 [avast! antivirus system restore point | 09/24/2014 00:41:36]
Deleted : RP #92 [avast! antivirus system restore point | 09/24/2014 05:22:59]
Deleted : RP #93 [avast! antivirus system restore point | 09/24/2014 15:47:43]
Deleted : RP #94 [avast! antivirus system restore point | 09/25/2014 04:27:26]
Deleted : RP #95 [beforereg | 09/25/2014 19:25:00]
Deleted : RP #96 [OTL Restore Point - 9/25/2014 12:30:05 PM | 09/25/2014 19:30:11]
Deleted : RP #97[avast! antivirus system restore point | 09/25/2014 23:06:27]
Deleted : RP #98 [avast! antivirus system restore point | 09/25/2014 23:23:51]
Deleted : RP #99 [system Checkpoint | 09/27/2014 01:28:12]
Deleted : RP #100 [Removed Quake 4 | 09/27/2014 06:01:15]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########

Edited by MOMBO
Link to comment
Share on other sites

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

 

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

 

Everyone else please begin a New Topic.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

×
×
  • Create New...