Did you delete anything out of the temps while in safe mode? Run combofix once more using the slightly changed script below, like you did before
Click Start, then Run and type Notepad and click OK.
Copy/paste the text in the code box below into notepad:
Code:
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"BMGXXXXXXXX"=3-
"BMGX"=3-
File::
c:\docume~1\Ray\LOCALS~1\Temp\AZULWXOPZZH.exe
c:\docume~1\Ray\LOCALS~1\Temp\BMGX.exe
c:\docume~1\Ray\LOCALS~1\Temp\TSJSRS.exe
c:\docume~1\Ray\LOCALS~1\Temp\ZWKKQGF.exe
Driver::
AZULWXOPZZH
BMGX.exe
TSJSRS.exe
ZWKKQGF.exe
Name the Notepad file CFScript.txt and Save it to your desktop.
Now locate the file you just saved to your desktop (CFScript.txt) and the combofix icon, also on your desktop.
Using your mouse drag the CFScript right on top of the combofix icon and release, combofix will run, reboot and produce a new log
please post the new combofix log in your reply.
After the above download:
Roguekiller.exe
Download & SAVE to Rougekiller to your desktop
Close any running programs
Double click to start
For Vista or Windows 7, right-click and select run as Admin
Once the Prescan has finished click the scan button
Once the scan is done a report.txt will be on your desktop.
Exit Rougekiller by going to File>Quit.
copy/paste the RKreport saved to your DeskTop