Can someone please check my logs....

Status
Not open for further replies.
Hi,

Since you've done the steps there you should have known it explicitly requests for only ComboFix, HijackThis and AVG antispyware logs. Apart from that it also states you should let us know the results of the anti rootkit scan.

You have also not stated why you have gone through the steps. Are you experiencing malware related issues and wish to clean? If so, have you read our sticky on the dangers and risks of not cleaning and understood the difference between formatting and cleaning?

Please answer these questions and post the required logs in your next reply.

Regards,
momok
 
I have experienced malware, virus, spyware, etc..and someone told me to use that link to clean my computer. Here's the other logs (attached).

I have read your sticky on the dangers and risks of not cleaning and understood the difference between formatting and cleaning.

I'm also getting this website that keeps popping up when I'm on the internet:

http://scanner.dr-protection-adv.com/scan/?advid=2595 (can I disable this?)
 
Hi,

Download this file HERE and extract the file to desktop. Double click it, and when prompted, click on "Yes" to add information to registry.

Please download and run CCleaner via step 9 of the instructions HERE.

You may wish to copy and paste these instructions on notepad for easier reference later.

  1. Boot into safe mode under your normal user name. See how HERE
  2. Next turn on "Show all files and folders, including hidden and system". See how HERE

  3. After that, run HijackThis and fix the following entries, if found (do this by placing a tick in the check boxes beside these entries and clicking "Fix checked"):

    O4 - HKCU\..\Run: [mule_st_key] C:\Documents and Settings\Ernie\Application Data\m\flec006.exe
    O4 - HKUS\S-1-5-18\..\Run: [mule_st_key] C:\Documents and Settings\Ernie\Application Data\m\flec006.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [mule_st_key] C:\Documents and Settings\Ernie\Application Data\m\flec006.exe (User 'Default user')
    O4 - Global Startup: Digital Line Detect.lnk = ?

    Close HJT.

  4. Open notepad and copy/paste the text in the quote box below into it (all except the word QUOTE):

    File::
    C:\WINDOWS\system32\drivers\C6CF0087-D8DE-490F-8FBC-C2C484C9B972.cxv
    C:\WINDOWS\iun6002.exe
    C:\WINDOWS\system32\679B3A6FF4.sys
    C:\PROGRA~1\COMMON~1\System\D_4362.dll
    C:\Documents and Settings\Ernie\Application Data\m\flec006.exe
    Folder::
    C:\Documents and Settings\Ernie\Application Data\m
    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FDEA2C12-A476-A13C-2B4C-A3BD546315C2}]
    Click to expand...
  5. Save this as CFScript on the desktop.
  6. Referring to the image below, drag CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe.
    CFScript.gif

  7. ComboFix will begin to execute, just follow the prompts. After reboot (in case it asks to reboot), it shall produce a log for you. Post that log (Combofix.txt) in your next reply.

    Note: Do not mouseclick combofix's window while it is running. That may cause your system to hang

  8. Reboot into normal mode and rehide your protected OS files.
Thereafter, please post fresh HJT, ComboFix and AVG Antispyware logs from normal mode as attachments into this thread. Do not copy and paste the logs.


Regards,
momok =)

This thread is for the use of MaximusAmerican only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Status
Not open for further replies.

Similar threads

Daniel Sims
Ethical hackers show how to open millions of hotel keycard locks
Replies
16
Views
225
waclark
W
Cal Jeffrey
Researchers prove they can exploit chatbots to spread AI worms
Replies
3
Views
152
Cal Jeffrey
Cal Jeffrey
midian182
Massive data dump containing millions of passwords sparks security alert: Is your data...
Replies
8
Views
278
p51d007
p51d007

Latest posts

Back