My pc was infected by worm.Win32.net.booster

You should not be getting a CFScript error unless you are trying to drag a CFScript file on top of the ComboFix executable. Are you just double clicking on the ComboFix.exe file on your Desktop or are you doing something else? Also make sure you shutdown your antivirus and antispyware programs before running ComboFix. Try again.

Also please run MGtools and attach the requested log even if you still cannot run ComboFix.

This is just due to ComboFix not running properly thru to completion.

You can fix your clock from Control Panel ->Regional and Language Options and then on the Regional Options tab click the Customize button then on the next form click the Time tab. Then change the Time format to what you want. It explains there what the lower case and upper case letters will do. Upper case H is giving you 24 hour clock settings.


Also are you still having malware problems?

 

You did not answer my question! Are you still having problems???

And here is a new question: Why are you running your PC with NO protection?


You are supposed to be saving ComboFix.exe and the Microsoft file for the Recovery Console to your Desktop not the C:\Program Files folder. In fact you should not have any of the below files where you currently have them. You should move them somewhere else if you wish to save them or you should delete them.

Code:

"C:\Program Files\"
7z457.exe     Aug 11 2008      860391  "7z457.exe"
bootrepe.zip  Aug 24 2008      744401  "bootrepe.zip"
ccsetu~1.exe  Oct  2 2008      872264  "ccsetup212_slim.exe"
combofix.exe  Oct  4 2008     2889194  "ComboFix.exe"
driver~1.exe  Sep  8 2008     5213928  "DriverDetective.exe"
driver~2.exe  Sep 24 2008     2105312  "DriverScanner.exe"
ep_rub~1.exe  Sep 24 2008    38435112  "ep_rub_w01_ENU.exe"
firefo~1.exe  Aug 31 2008     7499056  "Firefox Setup 3.0.1.exe"
flv2mp3.zip   Sep 27 2008     2492173  "flv2mp3.zip"
hjtsetup.exe  Oct  1 2008      812344  "HJTsetup.exe"
mb.exe        Oct  2 2008     2189800  "mb.exe"
ogaplu~1.exe  Oct  1 2008      473120  "OGAPluginInstall.exe"
ooo_24~1.exe  Sep  7 2008   133227519  "OOo_2.4.1_Win32Intel_install_wJRE_en-US.exe"
pysolf~1.exe  Sep 13 2008     7228153  "PySolFC-Setup.exe"
rminst~1.exe  Oct  2 2008     7507296  "rminstall.exe"
setup.msi     Sep 22 2008     7886336  "setup.msi"
silver~1.exe  Oct  2 2008     1440832  "Silverlight.exe"
spybot~1.exe  Oct  2 2008    15083520  "spybotsd160.exe"
supera~1.exe  Oct  2 2008     6637592  "SUPERAntiSpyware.exe"
window~1.exe  Oct  1 2008     1536552  "WindowsXP-KB905474-ENU-x86-Standalone.exe"
wmp11-~1.exe  Sep  8 2008    25740144  "wmp11-windowsxp-x86-enu.exe"
xpsp3_~1.iso  Oct  2 2008   571322368  "xpsp3_5512.080413-2113_usa_x86fre_spcd.iso"
 

So put ComboFix and the other file on your Desktop and try again. If it still does not work, just double click the ComboFix.exe file and let it run the scan. Attach the log after it finishes.

 

This is something you should work out in the Software Forum.

I have a few more things for you to do here but you still did not address why you have no protection software installed. You did have Norton 360 installed but it not install properly anymore and needs to be cleaned up. Please run the below then reboot. After reboot run it one more time.

Norton Removal Tool (SymNRT)


Uninstall the below old versions of software:
Java(TM) 6 Update 4

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - ?p=ZRfox000
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)

After clicking Fix, exit HJT.



Now download The Avenger by Swandog46, and save it to your Desktop.

• Extract avenger.exe from the Zip file and save it to your desktop
• Run avenger.exe by double-clicking on it.
• Do not change any check box options!!
• Copy everything in the Quote box below, and paste it into the Input script here: part of the window:

• Now click the Execute button.
• Click Yes to the prompt to confirm you want to execute.
• Click Yes to the Reboot now? question that will appear when Avenger finishes running.
• Your PC should reboot, if not, reboot it yourself.
• A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.

Now run Ccleaner!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).


Then attach the below logs:

• C:\avenger.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

Sorry about that. That was my mistake. I forgot to put some of those into a separate patch because Avenger does not work on the HKCU keys. I will modify the fix so rerun it from the Avenger point to the end.