Nolan we seem to be loosing ground
COMBOFIX-Script
Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:
Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.
Then drag this script and drop on top of ComboFix.
ComboFix will now run a scan on your system.
It may reboot your system when it finishes. This is normal.
When finished, it will create a log. Attach the log back to us.
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
Post its log followed by another ComboFix without the Script!
No reboot!
Then go back we you got Norman and DrWeb and do Kaspersky.
After this if not successful, I hate to say, we may be looking at a format!
Mike
COMBOFIX-Script
Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:
Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.
Code:
File::
c:\windows\mqcd.dbt
c:\windows\system32\rkoq.pxf
c:\windows\system32\odjan.wa
c:\windows\system32\kei1w.an
c:\windows\system32\kdoqmn.sr
c:\windows\system32\doqkm.zt
c:\windows\system32\drivers\cmudaxu.sys.bak
c:\windows\adobe.bat
c:\windows\DUMP856c.tmp
c:\documents and settings\Nolan Brassard\Application Data\ipomoqeb.reg
c:\program files\Common Files\sazunep.inf
c:\documents and settings\Nolan Brassard\Application Data\awelifu.sys
c:\documents and settings\Nolan Brassard\Application Data\kixad.pif
c:\program files\Common Files\ymuko.dll
c:\documents and settings\Nolan Brassard\Application Data\ovusov.bat
c:\documents and settings\Nolan Brassard\Application Data\ozej.pif
c:\program files\Common Files\ovahawaj.sys
c:\documents and settings\Nolan Brassard\Application Data\kyfykeb.com
c:\program files\Common Files\ajab.com
c:\documents and settings\Nolan Brassard\Application Data\imaxuda.com
c:\documents and settings\Nolan Brassard\Application Data\wagehi.dat
c:\program files\Common Files\elupepiw.dat
c:\program files\Common Files\kabos.dat
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\a.exe]
"Debugger"=c:\windows\system32\alg.exe
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\matrix31290.exe]
"Debugger"=c:\windows\system32\alg.exe
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\~tmpa.exe]
"Debugger"=c:\windows\system32\alg.exe
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\~tmpb.exe]
"Debugger"=c:\windows\system32\alg.exe
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\~tmpc.exe]
"Debugger"=c:\windows\system32\alg.exe
ComboFix will now run a scan on your system.
It may reboot your system when it finishes. This is normal.
When finished, it will create a log. Attach the log back to us.
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
Post its log followed by another ComboFix without the Script!
No reboot!
Then go back we you got Norman and DrWeb and do Kaspersky.
After this if not successful, I hate to say, we may be looking at a format!
Mike