Hello again
Open notepad and copy/paste the text in the quotebox below into it:
Quote:
http://www.techsupportforum.com/security-center/hijackthis-log-help/310890-browser-redirects-hijacks-etc.html
Collect::
c:\windows\system32\bibijiwo.dll.vir
c:\windows\system32\zidajaji.dll.vir
c:\windows\system32\tutedolu.dll
c:\windows\system32\wibigejo.dll
c:\windows\system32\zarasane.dll
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"bobozomeze"=-
"CPM57bdb8af"=-
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"SSODL"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=""
|
Save this as
CFscript
Refering to the picture above, drag CFscript into ComboFix.exe
Follow the prompts, and post the resulting log,
C:\ComboFix.txt
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.
Warning:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
When CF finishes running, the ComboFix log will open along with a message box--do not be alarmed. With the above script, ComboFix will capture a file to submit for analysis.
Ensure you are connected to the internet and click OK. A browser will open. Simply follow the instructions to copy/paste/send the requested file(s).
=========
Open HijackThis and click on 'Do a System Scan and save a Logfile'. Save the log file and post it here.
=========
Logs Required
C:\Combofix.txt
Hijackthis Log