Kenny94

Thanks guys! David, thank you for putting together the registry script at Here Nice!

Hi, Appears this happen after a download? Please visit this webpage and read the ComboFix User's Guide: Once you've read the article and are ready to use the program you can download it directly from the link below.Important! - Please make sure you save combofix to your desktop and do not run it from your browserDirect download link for: ComboFix.exePlease make sure you disable your security applications before running ComboFix.Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.Please attach that log file to your next reply.If

Hi neeeneee and welcome to Malwarebytes! Let's take look before we remove software or run any scans. Scan with Farbar Recovery Scan Tool Please download Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same dire

Download ComboFix.exe to your desktop. But do Not run it. Click on Start->Run, and copy-paste the following command (the bolded text) into the "Open" box, and click OK. "%userprofile%\Desktop\combofix" /uninstall This will remove folder C:\Qoobox and the ComboFix.exe icon.

Follow these steps to uninstall Combofix and all of its files and components. Go to Start ---> Run ---> Type ComboFix /uninstall and press Enter. Make sure there's a space between Combofix and / Then hit enter.

You should change all passwords with the infection your PC had. Avast is another excellent AV. Yes you should remove Avira before you install Avast. As for your the Boot folder it has some system files and it's best to leave it. You can remove Qoobox this belongs ComboFix and is not need it anymore.

Your Computer is Clean Some final items: Follow these steps to uninstall Combofix and tools used in the removal of malware To remove all of the tools we used and the files and folders they created, please do the following: Please download OTC.exe by OldTimer: Save it to your Desktop. Double click OTC.exe. Click the CleanUp! button. If you are prompted to Reboot during the cleanup, select Yes. The tool will delete itself once it finishes. Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually. Make your Internet Explorer more

Run OTL Under the Custom Scans/Fixes box at the bottom, paste in the following :OTL IE - HKU\S-1-5-21-3786737421-1029651582-3655982258-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [bcwext] rundll32.exe "C:\Users\shinyaku\AppData\Local\Temp\bcwext.dll",SteamAPI_RestartApp File not found O4:64bit: - HKLM..\Run: [mandh] rundll32.exe ",ConvertMeshSubsetToSingleStrip File not found O4 - HKU\S-1-5-21-3786737421-1029651582-3655982258-1000..\Run: [ctfmon.exe] C:\windows\syst

Hi, I'm reviewing your log and will have some more instructions for you in a short while. Thanks for your patience!

Lets get a deeper look into the system and see if something shows up.The dialouge box that pops up means there's still malware present. Download OTL to your Desktop Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted. Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post the

We need to Re-run Eset scan one more time.To see if those entries (that ComboFix removed) will be recreated.. But Re-run Eset as in the below: Please run a free online scan with the ESET Online Scanner Note: You will need to use Internet Explorer for this scan. Tick the box next to YES, I accept the Terms of Use. Click Start When asked, allow the ActiveX control to install Click Start Make sure that the options Remove found threats and the option Scan unwanted applications is checked Click Scan Wait for the scan to finish Use Notepad to open the logfile located at C:\Program Files\EsetOnlin

Okay, lets make sure all is cleaned one more time. Drag ComboFix to the recycle bin and grab the latest version before trying to scan again (use the same link and as before. Note: No need to rename ComboFix this time around. Post log updated log please.

Let me ask someone on bcwext.dll. I can't find anything on this..... I'll get back to you in the next few days.

Hi, The dialouge box that pops up "The specified module could not be found" is it still present? Also, any other problems with this PC?

Okay, Please double-click OTM.exe to run it. (Vista users, please right click on OTM.exe and select "Run as an Administrator") Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy): :Processes :Services :Reg :Files C:\dnload\Games\PC\Battlefield 2 full game MP - SP Fixed v_1.5 -=AviaRa=-\Battlefield 2\key-generator.exe C:\dnload\Program\Fruity.Loops.Studio.9.Producer.Edition.XXL.rar C:\dnload\Program\gamebooster2.1EN.exeC:\dnload\Program\Nero-7.10.1.0_eng_full.exeC:\Users\Public\Hadoken should bla