@
mikaelrask Thank you for nice words. But I'm always here, if nothing else, watching from background.
@
Raz89The main work is done. This is now just polishing.
Also, we checking some deleted files, if they are legitimate we have to restore them.
Open notepad and copy/paste the text present inside the code box below:
Folder::
c:\windows\Installer\{c0689ee4-1979-c1cb-dac6-97c6d8bbc156}
ClearJavaCache::
FileLook::
C:\Qoobox\Quarantine\c\windows\TEMP\Temporary ASP.NET Files\root\7e973a63\6fd0db9\App_Code.0neyz3el.dll.vir
C:\Qoobox\Quarantine\c\windows\TEMP\Temporary ASP.NET Files\root\7e973a63\6fd0db9\assembly\dl3\ef939465\00f465cb_3a95cc01\WinTVExtender.EXE.vir
Save this as
CFScript.txt Close all browser windows and refering to the picture above.
Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will will re-run. When finished, it will produce a log for you.
Attach the contents of the log in your next reply. (typical location: C:\
ComboFix.txt )