Step1
Open notepad and copy/paste the text present inside the code box below:
DirLook::
c:\programdata\Windows0
FileLook::
c:\windows\SysWow64\FlashPlayerInstaller.exe
DDS::
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
RegNull::
[HKEY_USERS\S-1-5-21-99025561-3686630580-3834059694-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2BE4664E-BD90-5E5C-3562-FA893F5396AE}*]
"haalhmgkeomhmndo"=hex:6b,61,68,67,6b,67,62,65,63,62,6c,65,6a,67,67,63,6e,67,
65,6d,6f,62,00,00
"iakmnajpeeejlbacjg"=hex:6b,61,68,67,6b,67,62,65,63,62,6c,65,6a,67,67,63,6e,67,
65,6d,6f,62,00,00
RegLockDell::
[HKEY_USERS\S-1-5-21-99025561-3686630580-3834059694-1000_Classes\CLSID\{DA96FDE6-2CED-B445-96A2-47D08FB5E217}]
@Denied: (A 4) (Everyone)
Save this as CFScript.txt
http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
Close all browser windows and refering to the picture above.
Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will will re-run. When finished, it will produce a log for you.
Attach the contents of the log in your next reply. (typical location: C:[b]ComboFix.txt[/b] )
.
Step2
Download TDSSKiller and save it to your desktop
Execute [b]TDSSKiller.exe[/b] by doubleclicking on it.
[*] Press Start Scan
[*] If Suspicious object is detected, the default action will be Skip, click on Continue.
[*] If Malicious objects are found, select Cure.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example, [b]C:\TDSSKiller.<version_date_time>log.txt[/b]
Please post the contents of that log in your next reply.