ICE Cyber Crimes Virus

Dragged CFScript to ComboFix and it started running. It said there was a newer version which I downloaded and it ran
producing the attached report.
 

Attachments

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.

    55mm8w.jpg

  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
 
When I clicked on the link above, it took me to a site to download 7-Zip to download Farbar.
The download loaded asked if I wanted other items also downloaded. I declined the other items
and continued. It then loaded 7-zip, slo-pc fighter and then tried to open internet explorer and
proceeded to hang in a loop with a window titled "wecarereminder' and the box stated that
it could not find the Reminder Helper window. It kept duplicating that window constantly and I
could not cancel it. I rebooted my system and it loaded slo-pc fighter and then got into the same
IE and wecarereminder loop. I rebooted my system again and deleted 7-zip and the slo-pc fighter
programs, but my system still gets in the wecare loop.
 
I ran FRST in safe mode. The FRST.txt iss attached. It did not produce an addition.txt.
 

Attachments

Download attached fixlist.txt on the same location as FRST (otherwise the fix won't work)

Open FRST, and click Fix. Attach me that report after it is finished.
 

Attachments

Not good, you attached fresh scan, and I wanted fix. Is my instruction really so hard to understand?
 
Last edited:
Your directions are clear. I'm not computer savvy and didn't pay attention. Sorry.
Fixlog is attached.
 

Attachments

In normal windows mode, I still get the "wecarereminder" box when I try to connect to the internet
via internet explorer. As I incated before this came up when I tried to download FRST and I got a
prompt to download 7-zip.
When this happens, it keeps displaying multiple boxes and I have to shut down the system manually.
 
I took a picture with my camera. I don't know if there is a way to save the screen.
The picture is attached.
 

Attachments

  • 0123141750a.jpg
    0123141750a.jpg
    244.2 KB · Views: 98
Please download zoek.zip or zoek.rar by smeenk (
Zoek_icon.png
) from here or here and save it to your Desktop.
Unpack the archive...
  • Close any open browsers
  • Temporarily disable your AntiVirus program. (If necessary)
    If you are unsure how to do this please read this or this Instruction.
  • Double click on zoek.exe to run the tool .
    Please wait while the tool does not start...
  • Copy the text present inside the code box below and paste it into the large window in the zoek tool:

    Code: 
    createsrpoint; 
StandardSearch; 
emptyfolderscheck; 
installer-list; 
installedprogs; 
uninstall-list;
  • Click on
    Run%20Script%20by%20zoek.png
    button.
    Please wait until a logreport will open (this can be after reboot)
  • Save notepad to your Desktop and attach here zoek-results.log
    Note: It will also create a log in the C:\ directory named "zoek-results.log"
 
> Re-run zoek with this script and attach here fresh zoek log results.


Code: 
autoclean;
emptyclsid;
emptyalltemp;
emptyfolderscheck;delete 
shortcutfix; 
resetIEproxy; 
netsh int ip reset >> %temp%\log.txt;b 
ipconfig /flushdns >> %temp%\log.txt;b 
resethosts;
iedefaults;
 
Reran zoek with new script. Fresh zoek log results attached.
Running from windows normal mode. Internet Explorer loaded
OK without the "wecarereminder" hangup.
Thank you.
 

Attachments

You may also like...