Click Start>Run and type cmd then hit enter to open a command window. Type or paste the following bolded line into the window and hit enter, after...
Please see if there is a log named ComboFix.txt in C: and post it if present. Also, if the folder C:\Qoobox is present, see if there is a file...
That log does show me what I wanted to see. C:\setup_exe.vir Worm/Generic.AHA action=Cleaned C:\Program Files\Common Files\Microsoft...
You need to get an antivirus application installed, now. If you're not going to purchase something right now, get AVG or Avast as a free...
You did right click ComboFix.exe and select 'Run as Administrator'? Could you elaborate on the reg tweak?
Hi thebat1 :) Did you get that dss scan done?
I'd like to see the results of the Kaspersky scan I recommended in my last post before determining whether your computer is now clean.
Running ATF Cleaner was an important step, however you may be in the clear anyway. Please delete the following file. C:\setup_exe.vir If you...
Download ComboFix by sUBs from here, saving the file to your desktop. It's best disable realtime protection applications as they sometime...
Welcome to WindowsBBS iakona724 :) Download Deckard's System Scanner (dss.exe) and save it to your desktop. Close all applications and...
Vicki, it was a pleasure helping you. You're most welcome! I'd say start a new topic if other issues arise. I'll mark this one resolved.
Those are infected System Restore points. We'll clean those up in these next steps. Click Start>Run and type ComboFix /u then hit Enter to...
Scan again with HijackThis and place a check next to the followig entries, close all other windows then click Fix Checked. O2 - BHO: (no name)...
Start your computer and immediately begin tapping the F8 key. You should be presented with a 'toolbox' with various options. Select System Restore...
Thanks Stuart! What is the C:\Program Files\XAC program? I think the svcdll folder may be associated with it. Recommend you do an online...
Looks good. How's the computer performing now? If all is OK, we can tidy up.
Well done Vicki! :) That is the Service Pack 2 setup file we extracted to get the i386 folder. You can delete it, along with everything else you...
Hi Bruce, Your summation is right on, RE: deleted emails and backups. Below is the list of backups after stripping down. ===== Infected...
Please check your private messages in the User Control Panel for instructions.
Scan again with HijackThis and place a check next to the following entries, close all other windows, then click Fix Checked. O3 - Toolbar: My...
Separate names with a comma.
