Hi,
We still have some staff to do …
- Open notepad and copy/paste the text present inside the code box below:
FileLook::
c:\users\Mauser\AppData\Roaming\Microsoft\Installer\{BCD55450-77AC-4347-B24F-654B1189F8D4}\IconF7A21AF7.exe
c:\windows\system32\Services.exe
KillAll::
DirLook::
C:\sh4ldr
Folder::
c:\windows\Installer\{c60d1430-734f-fd1d-2598-d70c97516b7c}
ClearJavaCache::
DDS::
Trusted Zone: mosw.com\free-game-downloads
Firefox::
FF - ProfilePath - c:\users\Mauser\AppData\Roaming\Mozilla\Firefox\Profiles\3g2ataa6.default\
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B6b9123fe-bdf5-4f2b-bc65-5648b77dbcb3%7D&mid=3a5e5a934301bd39a44e3702a87ebf83-b37e62b12a406af088f0833ac2f61dab295adc9e&ds=AVG&v=11.1.0.7&lang=nl&pr=fr&d=2011-12-03%2017%3A13%3A03&sap=ku&q=
Save this as CFScript.txt
- Again, temporaly disable your AVG antivirus
http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
- Close all browser windows and refering to the picture above.
Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will will re-run. When finished, it will produce a log for you.
Attach the contents of the log in your next reply. (typical location: C:[b]ComboFix.txt[/b] )
============= Next ============
zoek however i've been unable to run. It gave an error that it is for 32 bit computers (i have 64 bit).
I need additional check:
Can you please try to run zoek one more time using this script.
Download fresh zoek.exe and try to run. Or try with zip-ed.
installedprogs;
bhghfmljekyiaiiglvwiohfyuywprpci;a
C:\Users\Mauser\AppData\Local\Programs;vs
C:\Windows\SysWOW64\MPG4ds32.ax;i
C:\Windows\SysWOW64\msadds32.ax;i
mswsock.dll;z
filesrcm;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
Attach log here.
If you fail to run zoek, then run this tool:
Please download Farbar Recovery Scan Tool and save it to your desktop.
[color=green]Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.
[*]Double-click to run it. When the tool opens click Yes to disclaimer.
[*]Under Optional Scan ensure “List BCD” and “Driver MD5” are ticked.
[*]Press Scan button.
[*]It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
[*]The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.