Download TDSSKiller and save it to your desktop
Execute [b]TDSSKiller.exe[/b] by doubleclicking on it.
[*] Press Start Scan
[*] If Suspicious object is detected, the default action will be Skip, click on Continue.
[*] If Malicious objects are found, select Cure.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example, [b]C:\TDSSKiller.<version_date_time>log.txt[/b]
Please post the contents of that log in your next reply.
============ Next ============
Open notepad and copy/paste the text present inside the code box below:
Folder::
c:\Windows\Installer\{4311bbe4-06d6-fe94-e5d4-6ce1a49a8f07}
FileLook::
c:\Windows\System32\services.exe
ClearJavaCache::
DDS::
Trusted Zone: $talisma_url$
Trusted Zone: att.com\www
Save this as CFScript.txt
http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
Close all browser windows and refering to the picture above.
Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will will re-run. When finished, it will produce a log for you.
Attach the contents of the log in your next reply. (typical location: C:[b]ComboFix.txt[/b] )
============ Next ============
Re-run Zoek.exe as you did before but use this script:
CD \;b
DIR /S /A:L > %USERPROFILE%\Desktop\JunctionPoints.txt;b
Click on RunScript button. When zoek finish his scan, on Desktop you will see JunctionPoints.txt report. Please attach it here.