TheBruce1

Hello again

Please follow all instructions and in which order they come,if you have any questions,please ask before proceeding.

=======================================================

Copy/paste these instructions to Notepad,then disconnect from the internet

=======================================================

Click start>run>copy/paste command below into box:

sc stop SymWSC

Click ok

Click start>run>copy/paste command below into box:

sc delete SymWSC

Click ok.

======================================================

Click > Start > Control Panel > Add / Remove Programs and uninstall the following programs:

Creative PlayCenter
Creative RecorderSee Here for information on Creative Labs.

=======================================================

Open HijackThis and click on 'Do a System Scan Only'. Check the following entries (If they still exist, make sure you do not miss any)

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
03 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)
O3 - Toolbar: (no name) - {987D027C-F0EF-40fa-9A1A-C45007F1F36F} - (no file)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O15 - Trusted Zone: *.wwe.com
O15 - Trusted Zone: *.adgate.info (HKLM)
O15 - Trusted Zone: *.elitemediagroup.net (HKLM)
O15 - Trusted Zone: *.systemdoctor.com (HKLM)
O16 - DPF: {FCF289D4-0AC8-4ED8-BE31-E8AF09606AB5} - http://static.35mb.com/applet/applet_o.cab
O23 - Service: Viewpoint Manager Service - Unknown owner - C:\Program Files\Viewpoint\Common\ViewpointService.exe (file missing)

Please remember to close all other windows, including browsers then click Fix checked.

====================================================

Open notepad and copy/paste the text in the quotebox below into it:

Save this as CFscript




Refering to the picture above, drag CFscript into ComboFix.exe

Follow the prompts, and post the resulting log, C:\ComboFix.txt

Warning:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

======================================================

Reconnect to the internet

=======================================================

Establish an internet connection & perform an online scan with Internet Explorer at Kaspersky Online Scanner

Answer Yes, when prompted to install an ActiveX component.

• The program will then begin downloading the latest definition files.
• Once the files have been downloaded click on NEXT
• Locate the Scan Settings button & configure to:
  • Scan using the following Anti-Virus database:
    • Extended
  • Scan Options:
    • Scan Archives
    • Scan Mail Bases
• Click OK & have it scan My Computer
• Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
• Click the Save as Text button to save the file to your desktop so that you may post it in your next reply

* Turn off the real time scanner of any existing antivirus program while performing the online scan

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license has been accepted, reset to 100%.

=====================================================

Open HijackThis and click on 'Do a System Scan and save a Logfile'. Save the log file and post it here.

=======================================================
Logs Required
C:\Combofix.txt
Kaspersky scan report
Hijackthis log