Hello again
Please read these instructions very carefully, and follow them in the exact order I have listed. If you don’t understand any part of the fix please ask before proceeding.
You may want to print out these instructions, or copy them into
Notepad.
Please note: Just because you have lack of symptoms it doesn’t mean the problem is gone. Please stay with me until I declare your log’s clean. Thank you.
=====================
1. Close any open browsers.
2. Open
notepad and copy/paste the text in the quotebox below into it:
Quote:
File::
C:\WINDOWS\system32\awtqn.dll
C:\WINDOWS\system32\vtstq.dll
C:\WINDOWS\system32\nqtwa.ini
C:\WINDOWS\system32\sbfwqlhf.ini
C:\WINDOWS\system32\oxafrykn.dll
C:\WINDOWS\system32\gvphmpdh.ini
C:\WINDOWS\system32\mcrh.tmp
Folder::
C:\Documents and Settings\Francois\Shared
C:\Documents and Settings\Francois\Incomplete
C:\Documents and Settings\Francois\Application Data\LimeWire
C:\VundoFix Backups
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{05A73C0A-8DF5-4444-BF95-DF237B76DA77}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0DE0D0A9-1545-40EF-9733-7CD20092AE26}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1A3FC7B6-33A6-4AE8-96BF-02AB8A4D9EF2}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1A589AA6-EDDD-4552-AB9A-4EDFF5CDD7DE}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4DDEB637-D486-4A89-A531-BD9D3854FF70}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5895BE39-EED2-4982-B660-A0FE213A03C0}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6DB58EA0-A933-43EE-A761-C40960F60E43}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7ACE2002-725D-4428-B7C0-8A389404A69B}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7D5B109A-6A3C-44C1-A4A2-CDE0D359B12C}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8539543E-FBD0-4E09-964F-1E92AB75CEFB}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D0242B32-27E4-4E13-84C1-9D1DCBD4F44B}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D635D348-C0E5-4B49-8C42-F06781E62965}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ED94524D-12F8-4350-A8E5-2ACCD2B0134B}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F2B4C1B1-2FB8-43FE-92A9-4D1106F93679}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f4ea1405-b59d-4d76-b5e9-53e0fa1388bf}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FE274981-54DF-4F99-878D-4AC593CD26AD}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\xxyvvvv]
|
Save this as
CFScript.txt, in the same location as ComboFix.exe
Refering to the picture above, drag CFScript into ComboFix.exe
When finished, it shall produce a log for you at
"C:\ComboFix.txt"
**Please Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall**
=====================
Panda Online Scan
Perform an online scan with Internet Explorer with
Panda ActiveScan- Click on
located at the bottom of the page.
- A "pop up" window will appear. * Please ensure that your pop up blocker doesn't block it *
- Enter your e-mail address, country, and state & click "Free Online Scan" *The download of the 8 MB Panda's ActiveX control will take place*
Begin the scan by selecting
- If it finds any malware, it will offer you a report.
- Please ignore any entry it finds and the offer to buy the program to remove the entry, as we will address this later.
- Click on
then click
* You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
* Turn off the real time scanner of any existing antivirus program while performing the online scan
Paste the Panda Scan report here
=====================
Please double click on
Francois.exe and click on
Do a System Scan Only. Check the following entries
(If they still exist, make sure you do not miss any)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
Please remember to close all other windows, including browsers then click Fix checked.
Then click
Scan and
Save log
Please post the log back into this thread.
=====================
Required Logs
In your next reply please include:
- Hijackthis log
- ComboFix.txt
- Panda online scan results
Also how is your system behaving now?