Quote:
|
"Are you trying to run CFs script? CFs is spelt wrong"
|
Did you name the file incorrectly? It's supposed to be named
CFScript. It musn't be named differently.
Let's try that one more time.
Open
NOTEPAD and copy/paste the text in the quotebox below into it:
Code:
FILE::
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\20461FBF.sys
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2EFF3764.com
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3E05766F.dll
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3E0B4A67.exe
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3E0B4A67.sys
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\55AC7FA6.sys
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\648E6E06.dll
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\648E6E06.exe
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\64911803.sys
c:\windows\f49f4daa.dat
c:\windows\Fonts\mytypeoffont.zip
c:\windows\Fonts\poke.zip
Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4757140d-d2fe-11dc-be73-001c238ca086}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{992cc9ac-1bed-11dd-be8f-001c238ca086}]
FOLDER::
C:\SDFix
Save this as "
CFScript"
Referring to the picture above, drag CFScript.txt into ComboFix.exe
When finished, it shall produce a log for you, C:\ComboFix.txt. Post that log in your next reply.