also @ TechSpot: Check your bill: AT&T adds new 'administrative fee' to wireless bills

Computer freeze

Discussion in 'Other Hardware' started by jalba, Nov 18, 2008.

Page 3 of 3

  1. mflynn Newcomer, in training Posts: 2,793

    No that is OK! I knew about C: I only wanted to know that the other drives were USB external dirves.

    Your Flash drive is likely infected but we need to do 1 thing at a tme so remove the flash drive and do not put it back until we are clean on the HD C: drive then we will disinfect the Flash drive.

    So shut down and remove it! boot back up and I will add steps here in a few moments.

    OK its ok to send HJT from other computer but make sure it is named so as not to be confused with this one.

    Just because the screen is back to normal you still have many problems so don't stop now.

    First UPDATE and run.

    1. MBAM send log
    2. SAS send log
    3. MBAM again if log from #1. above had found and removed items
    4.SAS again if log from #2. above had found and removed items

    Goal is to get Clean logs.

    Then reboot rerun ComboFix the SDFix. Get me these logs.

    Without the Flash drive we may be able to get you clean.

    Mike
    mflynn, Dec 18, 2008
    #41

  2. jalba TechSpot Enthusiast Posts: 177

    ok. i will handle that tomorrow when i get to work (which is my last day before i go on vacation :) ).
    Anyhu here's my hijack log from home.:)
    jalba, Dec 18, 2008
    #42

  3. mflynn Newcomer, in training Posts: 2,793

    HJT Scan only Select and remove the below.

    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
    O16 - DPF: {BDEE1959-AB6B-4745-A29B-F492861102CC} -
    O20 - Winlogon Notify: artm_newreg - C:\WINDOWS\
    O21 - SSODL: SysTray.Exbt - {5368D5FC-6F6C-4f5b-B564-E67214F67552} - (no file)
    O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/msoclip1/01/clip_image001.jpg

    Some of the above will not go until the cleaners are run.

    Mike
    mflynn, Dec 18, 2008
    #43

  4. jalba TechSpot Enthusiast Posts: 177

    ok...here's an updated list.
    jalba, Dec 18, 2008
    #44

  5. mflynn Newcomer, in training Posts: 2,793

    HJT log is clean but it is not the final word!

    I would still do the 8 Steps.

    Mike
    mflynn, Dec 18, 2008
    #45

  6. jalba TechSpot Enthusiast Posts: 177

    here's the latest logs that you requested from the office computer.
    Merry early xmas!!!!
    jalba, Dec 19, 2008
    #46
     

  7. mflynn Newcomer, in training Posts: 2,793

    We are getting close now!

    OK do the below:

    COMBOFIX-Script
    Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

    Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.

    Code:
    File::
C:\2fiji.com
C:\39lpji.com
C:\83fgj.com
C:\invwft2h.com
C:\jdhc2x2.com
C:\jk.exe
C:\ogcikeq.com
C:\ph.com
C:\r2nl.com
C:\rdsfk.com
C:\tknapl.exe
C:\uis.com
    Then drag this script and drop on top of ComboFix.

    ComboFix will now run a scan on your system.

    It may reboot your system when it finishes. This is normal.

    When finished, it will create a log. Attach the log back to us.

    CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

    Mike
    mflynn, Dec 19, 2008
    #47
Page 3 of 3
Topic Status:
Not open for further replies.

Add New Comment

Social Login & Guest Posting

TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.