Help: COOL.vbs infected flash drive

[JuliaGB]

When ComboFix finished running, it opened "log.txt" which I attached, plus ComboFix.txt, Just in case they aren't the same thing!

[JuliaGB]

I think it might have worked this time! Is there a way to check if my computer is finally COOL.vbs-free?

[argus]

Open notepad and copy/paste the text present inside the code box below:

Code: [Select]


File::
c:\users\Julia\AppData\Roaming\COOL.vbs
c:\users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\COOL.vbs
c:\users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
COOL.vbs

Save this as CFScript.txt



Close all browser windows and refering to the picture above.

Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will will re-run. When finished, it will produce a log for you.
Attach the contents of the log in your next reply. (typical location: C:\ComboFix.txt )

[JuliaGB]

So what do you say, is it over? 

[argus]

I see no present or active malware.




It is necessary to uninstall ComboFix :

• Click Start (or ) then Run.
  
  
  On Windows7 or Vista you may use Start Search field if Run is not available.
  
  
• In the line of text type in (Copy) the following:

Code: [Select]

ComboFix /Uninstall

Note that there is a space between " ComboFix " and " /Uninstall " .

• then click OK (or press Enter ).

Wait for the uninstall process is complete.






Please download DelFix by "Xplode" to your Desktop.

Run the tool and check the following boxes below;

• Remove disinfection tools
• Create registry backup
• Purge System Restore

Now click on "Run" button. Wait for the programme completes his work.
All the tools we used should be gone.
Tool will create and open an log report (DelFix.txt)
Note: The report will also be stored on C:\DelFix.txt


> I don't need DelFix log report.

[JuliaGB]

All done! Thanks a million!