Hello Jade_Dragon,
Take a look at the files that are infected. The file sharing that is going on is the source of the rootkit you previously sustained as well as the latest infections as shown by Kaspersky.
I urge you to read our sticky topic
Perils of P2P file sharing
Please copy this page to
Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.
It's IMPORTANT to carry out the instructions in the sequence listed below.
***************************************************
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
---------------------------------------------------------------------
Open
notepad and copy/paste the text in the code box below into it:
Quote:
File::
C:\Documents and Settings\Jordan\Incomplete\T-3877629-kanye west - love locked down (1).mp3
C:\Documents and Settings\Jordan\Incomplete\T-460090-what would you do city high sexy girl has shaking orgasm during sex.mp3
C:\Documents and Settings\Jordan\Shared\extacy techno.mp3
C:\Documents and Settings\Jordan\Shared\when im gone rockell.mp3
C:\WINDOWS\system32\scui.cpl
Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\StubInstaller.exe"=-
|
Save this as
CFScript.txt, in the same location as ComboFix.exe
Refering to the picture above, drag CFScript into ComboFix.exe
When finished, it shall produce a log for you at
C:\ComboFix.txt
Please return with the
C:\ComboFix.txt for further review.
__________________
Member of ASAP since 2005
Member of UNITE since 2006
"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."