-
Hi,
Just want to do doublecheck and make sure these are gone.
Redownload Combofix and rename as you did before, then do this.
Open Notepad Go to Start> All Programs> Assessories> Notepad ( this will only work with Notepad )and copy all the text inside the Codebox by highlighting it all and pressing CTRL C on your keyboard, then paste it into Notepad, make sure there is no space before and above File::
Code:
Driver::
geyekrwdaulytl.sys
Rootkit::
C:\WINDOWS\system32\drivers\geyekrwdaulytl.sys
C:\WINDOWS\system32\geyekrtqktotxl.dll
C:\WINDOWS\system32\geyekrxyunkoqc.dll
C:\WINDOWS\system32\geyekrdwivjaxl.dat
C:\WINDOWS\system32\geyekriosfoonb.dat
Save this as CFScript to your desktop.
Then drag the CFScript into ComboFix.exe as you see in the screenshot below.
http://i24.photobucket.com/albums/c3...FScriptB-4.gif
This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThis log.