Hi
No, that is not needed
You might need to re-install certain startup programs as they were infected and deleted.
Open notepad and copy/paste the text in the quotebox below into it:
Code:
RenV::
----a-w 67,128 2008-01-21 00:01:52 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
----a-w 1,694,208 2008-01-21 05:29:33 C:\Program Files\Messenger\msmsgs .exe
</pre>
File::
C:\WINDOWS\SYSTEM32\fueknnwm.ini
C:\WINDOWS\SYSTEM32\hmnxctde.ini
C:\WINDOWS\SYSTEM32\RCX315.tmp
C:\WINDOWS\SYSTEM32\bfhgqssn.ini
C:\WINDOWS\mrofinu572.exe.tmp
Folder::
C:\WINDOWS\SYSTEM32\xv2
C:\WINDOWS\SYSTEM32\edcA01
C:\WINDOWS\SYSTEM32\ap3
C:\Temp\Ryuan1
Driver::
jswmidin
MSControlService
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ktg"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqomjj]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aida]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IST Service]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TBPS]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinTools]
Save this as "CFScript"
Then drag the CFScript into ComboFix.exe as you see in the screenshot below.
This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThis log.
Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
If that happened we want to know, and also what process you had to end.