• 
  [1]. Close any open browsers.
  [2]. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  [3]. Open notepad and copy/paste the text in the code below into it:

Code:

File::
c:\windows\Oxuyu.dat
c:\windows\Bqapuja.bin
c:\windows\system32\drivers\mjsoa.sys 
c:\windows\system32\drivers\srlximpu.sys 
c:\program files\Viewpoint\Common\ViewpointService.exe

Folder::

Registry::

Driver::
odlv
yvmxnjkl
Viewpoint Manager

Save this as CFScript.txt, in the same location as ComboFix.exe


Referring to the picture above, drag CFScript into ComboFix.exe

When finished, it will produce a log for you at C:\ComboFix.txt . Please attach to your next reply.

Let me know what problems remain.
__________________

Will you please attach the CF log made after the changes. And one more check with Eset online scanner. If they are clean, I'll have you remove the cleaning tools and old restore points.

I missed a couple of entries:

• 
  [1]. Close any open browsers.
  [2]. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  [3]. Open notepad and copy/paste the text in the code below into it:

Code:

File::
c:\windows\system32\drivers\mjsoa.sys
c:\windows\system32\drivers\srlximpu.sys
 
Folder::
c:\documents and settings\Diana\Application Data\Real\Update\setup3.10

Registry::

Driver::
odlv
yvmxnjk
Viewpoint Manager Service

Save this as CFScript.txt, in the same location as ComboFix.exe


Referring to the picture above, drag CFScript into ComboFix.exe

When finished, it will produce a log for you at C:\ComboFix.txt . Please attach to your next reply.

You also need to empty the Java cache:
Control Panel> KJava> General tab> Temporary internet files> Settings> Delete.
Then click on Update tab> Uncheck 'check automatically check for updates'> answer Yes when asked to cofirm> Apply> OK.

I'll check this report when done. If all has been handled, I'll have you remove the cleaning tools and old restore points.

You might want to consider removing Real Player and getting Real Alternative 2.0.2 instead. This will allpw you to do the same thing as Real Player but won't bloat the system while doing it.

The system should be a lot lighter now with all those Real Player entries gone!

Evoni, there is a file and a driver that is refusing to leave. I can't identify it, so I'm going to ask you to submit it for identification:

Please go to http://www.virscan.org/

Suspicious file(s) to scan:
c:\windows\system32\drivers\srlximpu.sys
and
yvmxnjkl

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Please paste or attach the report that it gives you.
Also, are you having any of the original problems now? Are there any new or related problems?

Please let me know if you require additional help. If you do not, I'll close the thread.