The ComboFix log showed some malicious entries, and we need to get rid of them.
Be sure to continue temporarily disabling your protective software.
Now, open Notepad (Start > Run, in the Open field type: notepad)
Copy/paste all the following text below to Notepad:
c:\documents and settings\User\Application Data\oooobF44pm5sQ7E
c:\documents and settings\User\Application Data\aA00uvvS2o
Save as CFScript.txt
Change the 'Save as type' to: All Files (*.*)
Save it to the Desktop
(Both the ComboFix icon and the CFScript.txt must be on the Desktop.)
Left click and drag the CFScript.txt file over to the ComboFix icon. Then, 'drop' it over CF.
This triggers ComboFix to run another scan where it carries out the commands of CFScript.
CF may reboot when it finishes. This is normal.
Do not mouse-click ComboFix while it is running, as iIt may cause a stall!
When finished, a log is produced: ComboFix.txt
Please upload the contents of the 'new ComboFix.txt' to the Uploading website:
In: Select files to upload, click 'Browse', and 'Look in' the Desktop.
Select the ComboFix report, and click on 'Open'
You will see the following:
Your file has been uploaded successfully: (Name and size of the file)
Please copy the 'Download link', and provide it in your reply.
Also, please submit the following file for analysis to VirusTotal:
Use the 'Browse' button to navigate to the location of the file.
Click on the file Then, click the 'Open' button.
The file is now displayed in the Submit Box.
Scroll down and click 'Send File', and wait for the results
If you get a message saying: 'File has already been analyzed', click 'Reanalyze file now'
Once scanned, please provide the link to the results page in your reply.
Retired - Doin' Dis, Dat, and slapping malware.
Malware Eliminator/Member of UNITE and the
Alliance of Security Analysis Professionals