Ried

Hello sohil,

This system is in really bad shape. You may want to back up your data and consider a reformat and reinstall.

Is your McAfee current?

Please copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.

It's IMPORTANT to carry out the instructions in the sequence listed below.

***************************************************

1. Disconnect from the internet.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

---------------------------------------------------------------------

Open HijackThis and click on 'Do a System Scan Only'. 'Check' the following entries:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {F70231A8-C197-496B-A3E5-CF62FB5C246C} - C:\PROGRA~1\bho\DIEMON~1.DLL
O4 - HKLM\..\Run: [psajvbfe] D;]XJOEPXT]tztufn43]Svoemm43/fyf!D;]XJOEPXT]tztufn43]deoqsi/emm!Tubsu
O4 - HKLM\..\Run: [upxdnd] C:\WINDOWS\upxdnd.exe
O4 - HKLM\..\Run: [TIMHost] C:\WINDOWS\TIMHost.exe
O4 - HKLM\..\RunOnce: [CPushSetup] "C:\WINDOWS\system32\regsvr32.exe" /s "C:\Program Files\Common Files\CPUSH\cpush.dll"

Click 'Fix Checked' and close HijackThis.

--------------------------------------------------------------------

Open notepad and copy/paste the text in the quotebox below into it:

Save this as CFScript.txt, in the same location as ComboFix.exe




Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

--------------------------------------------------------------------

Please download Dr.Web CureIT

Alternate Download Site http://www.majorgeeks.com/Dr.Web_CureIT_d4783.html

• Doubleclick the "drweb-cureit.exe" and click "OK" in the prompt window that will open.
• Then click "start the express scan now". It will first make a quick scan of your system so let it clean what it finds and when it says "done" click on the Green Screwdriver-ActionsTab, Adware-Dialers-Riskware-Hacktools and use dropdown menu and select "Delete"
• Click on the drive(s) you want to scan.
• A red dot * will mark the selected drive(s) then hit the green arrow in lower right corner.
• It will now scan your drive(s) so say YES to ALL.

---------------------------------------------------------------
Download Deckard's System Scanner (DSS) to your Desktop.

What DSS will do:

• create a new System Restore point in Windows XP and Vista.
• clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
• check some important areas of your system and produce a report for your analyst to review.
• DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.

Note: You must be logged onto an account with administrator privileges.

1. Close all applications and windows.
2. Double-click on dss.exe to run it, and follow the prompts.
3. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt in your next reply.
5. Please attach extra.txt to your post.

To attach a file to a new post, simply

1. Click the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
2. copy and paste the following into the "Upload File from your Computer" box:

   C:\Deckard\System Scanner\extra.txt
   

3. Click Upload.

-----------------------------------------------------------------

Please include the following in your next reply:

C:\ComboFix.tx
DrWeb results
main.txt
an attached extra.txt