Hello Sohil,
We have a bit more work to do.
Please copy this page to
Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.
It's IMPORTANT to carry out the instructions in the sequence listed below.
***************************************************
1. Disconnect from the internet
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Insert your flash drive
------------------------------------------------------------------
Open
notepad and copy/paste the text in the quotebox below into it:
Quote:
File::
E:\uusetup.exe
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dbrj"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2f4023ce-e368-11da-8eeb-001422dea26f}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{36256a30-ee8e-11db-91b6-001422dea26f}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{67ab00af-e6fc-11db-91a8-001422dea26f}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{82d571c6-5f61-11da-8dd3-00038a000015}]
|
Save this as
CFScript.txt, in the same location as ComboFix.exe
Refering to the picture above, drag CFScript into ComboFix.exe
When finished, it shall produce a log for you at
C:\ComboFix.txt
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
--------------------------------------------------------------------
lease run this online scan to search for any remnants. It can take some time, so please be patient and allow it to run it's full course:
Perform an online scan with Internet Explorer with
Panda ActiveScan- Click on
located at the bottom of the page.
- A "pop up" window will appear. * Please ensure that your pop up blocker doesn't block it *
- Enter your e-mail address, country, and state & click "Free Online Scan" *The download of the 8 MB Panda's ActiveX control will take place*
Begin the scan by selecting
- If it finds any malware, it will offer you a report.
- Please ignore any entry it finds and the offer to buy the program to remove the entry, as we will address this later.
- Click on
then click 
* You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
* Turn off the real time scanner of any existing antivirus program while performing the online scan
--------------------------------------------------------------------
Please download
HijackThis to your desktop. (If you don't already have it)
Alternate link
Make sure you close down
EVERY open window and close
ALL browser windows. The only thing that should be open is the HijackThis program.
Double-click on the file you just downloaded.
Click on the "Install" button to install. It will by default install to the directory -
C:\Program Files\Trend Micro\HijackThis
Upon install,
HijackThis should open for you.
Should it not open, navigate to C:\Program Files\Trend Micro\HijackThis and double click on HijackThis.exe
- If it gives you an intro screen, just choose 'Do a system scan and save a log file'.
- If not, run a scan and save the log file.
- Copy the text file (Ctrl+A then Ctrl+C) and paste it (Ctrl+V) in a new thread in the HJT Forum
- Do not fix any entries in HijackThis since they may be harmless.
- Make sure to include the System information at the top of the log as well.
--------------------------------------------------------------------
Please include the following in your next reply:
C:\ComboFix.txt
Panda results
New HijackThis log
__________________
Member of ASAP since 2005
Member of UNITE since 2006
"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."