Open Spybot and make sure teatimer is disabled, we will re-enable afterwards. To do so do the following
Click mode
click Advanced mode
if you get a warning answer "yes"
click tools
click resident
uncheck resident "teatimer" and SDHelper if installed
click allow change
reboot
Go to add/remove programs and uninstall the following, if found
Rabio
Cool Open HJT, run a system scan only, check mark these lines if present
Close all other browsers/windows, click fix, close HJT.
Open a new Notepad session (Do not use a Word Processor or WordPad). Click "Format" and be certain that Word Wrap is not enabled.
Copy and paste all the text in the quote box below into Notepad.
Click File, Save as..., and set the location to your Desktop, and enter (including quotation marks) as the filename: "CFscript.txt" . Using your mouse left button, drag the new file CFscript.txt and drop it on the ComboFix.exe icon as shown at the bottom of this post.
File::
C:\LOG2E.tmp
Folder::
C:\WINDOWS\system32\nGpxx01
C:\Documents and Settings\All Users\Application Data\Rabio
C:\Temp\isgTi19
DirLook::
C:\Program Files\RABCO
This will start ComboFix again.
Close all browser/windows first. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HJT log.
After you post the new logs, you can do this. Old java can be exploited by malware.
Open an Internet Explorer (only) window and go to
http://java.sun.com/javase/downloads/index.jsp > Scroll down to
"Java Runtime Environment (JRE) 6 Update 4...allows end-users to run Java applications".
Click the download button on the right.
> If Information Bar pop-ups up, right-click on it and say it's OK to display the blocked content.
You do not have to install the Java Web Start ActiveX Control Accept the license agreement > Click on Windows (XP,Vista, .etc) Offline Installation, Multi-language and Save the file
jre-6u4-windows-i586-p.exe to your desktop;
do not Run it. When the download is complete, Open Control Panel > Add/Remove Programs:
Uninstall anything that says Sun Java, Java JRE, or similar.
Close Add/Remove Programs.
In Windows Explorer, navigate to C:\Program Files\Java <=this folder, if found. Delete any subfolders it may contain.
Do
NOT delete C:\Program Files\
JavaVM <=this folder, if found!
Reboot your computer.
Double-click on the saved file to install the update.
Delete the downloaded installation file after completing the above procedure and reboot if not prompted to do so.
