Hi highergroove,
Everything looks much better now. There isn't much lurking now, but you have some programs installed which has questionable practices.
Please uninstall these programs:
Dealio Toolbar v4.0
Search Settings 1.2.1
After uninstalling these programs, please disable Spybot Teatimer temporarily.
- Right click the Spybot Icon in the system tray near the clock (looks like a blue/white calendar with a padlock symbol).
- Click once on Resident Protection, then right click the Spybot icon again and make sure Resident Protection is now Unchecked. The Spybot icon in the System tray should now be now colorless.
- Go to Start > All Programs > Spybot - Search & Destroy > Spybot Search & Destroy.
- Click on Mode > Advanced Mode. When it prompts you, click Yes.
- On the left hand side, click on Tools.
- Check (tick) this box if it is not yet ticked: Resident.
- You will notice that Resident is now added under Tools. Click on Resident.
- Uncheck (untick) this box: Resident "TeaTimer" (Protection of over-all system settings) active.
- Exit Spybot Search & Destroy.
- Restart your computer for the changes to take effect.
Next, please open Notepad and copy and paste the following in the Code box into Notepad:
Code:
Folder::
c:\documents and settings\Owner\Application Data\Dealio
c:\documents and settings\Owner\Application Data\Search Settings
c:\program files\Search Settings
c:\program files\Dealio Toolbar
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SearchSettings"=-
DeQuarantine::
C:\Qoobox\Quarantine\D\Desktop.ini.vir
Click on
File >
Save As....
In the File Name field, copy and paste in
CFScript.txt.
Do not change the file name.
Click
Save.
Referring to the picture below, drag CFScript into Combofix.
Combofix will start running. When done, a log will be produced. Please post this log in your next reply.
Do not mouse click on Combofix while it is running. That may cause it to stall.