[Closed] Please read my logs after doing 6 steps of removing a virus

By plan32 ยท 8 replies
Aug 26, 2011
  1. Can't open any antivirus sites
    Can't install antivirus
    Blue screen on Safemode

    All due to virus

    Thank You!

    Attached Files:

  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Welcome to TechSpot! I'll be glad to review your logs. But you missed this in our directions:

    Once you get the logs pasted in, I'll review them.
    My Guidelines: please read and follow:
    • Be patient. Malware cleaning takes time and I am also working with other members while I am helping you.
    • Read my instructions carefully. If you don't understand or have a problem, ask me.
    • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
    • Follow the order of the tasks I give you. Order is crucial in cleaning process.
    • File sharing programs should be uninstalled or disabled during the cleaning process..
    • Observe these:
      [o] Don't use any other cleaning programs or scans while I'm helping you.
      [o] Don't use a Registry cleaner or make any changes in the Registry.
      [o] Don't download and install new programs- except those I give you.
    • Please let me know if there is any change in the system.

    If I don't get a reply from you in 5 days, the thread will be closed. If your problem persist, you can send a PM to reopen it.
  3. plan32

    plan32 TS Rookie Topic Starter

    MBAM logs

    OK ill do it immediately. Thank you again.
  4. plan32

    plan32 TS Rookie Topic Starter

    MBAM log

    THank you for your time
  5. plan32

    plan32 TS Rookie Topic Starter

    GMER log

    THank you for your time
  6. plan32

    plan32 TS Rookie Topic Starter

    DDS log

    THank you for your time
  7. plan32

    plan32 TS Rookie Topic Starter

    attach log

    THank you for your time
  8. plan32

    plan32 TS Rookie Topic Starter

    Thnak you for your time.

    Dear helper,

    I have solved my problem by myself. thank for your time.
    Now I just don't know how to close this post.

    Thank You!
  9. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    Thank you for the update. Be advised tha this is what you have:

    Not good news- you have a Sality virus infection: This is the malware that exploits the .lnk vulnerability.

    Sality is a family of file infecting viruses that spread by infecting exe and scr files. The virus also includes an autorun worm component that allows it to spread to any removable or discoverable drive. In addition, Sality includes a downloader trojan component that installs additional malware via the Web

    It then creates and starts a service to load the driver. The driver blocks access to a variety of security software vendor web sites.The virus then disables security software services and ends security software processes. It also disables registry editing and the task manager.


    Windows fails to correctly parse shortcut files, identified by the ".lnk" extension. The flaw has been exploited most frequently using USB flash drives. By crafting a malicious .lnk file, hackers can hijack a Windows PC with little user interaction: All that's necessary is that the user views the contents of the USB drive with a file manager like Windows Explorer.

    Tests showed that the exploit works even when AutoRun and AutoPlay -- two functions that have previously been used by attackers to commandeer PCs using infected flash drives -- are disabled. The rootkit also bypasses all security mechanisms in Windows, including the User Account Control (UAC) prompts in Vista and Windows 7, ...
    Worm is named Win32/Stuxnet.A.

    Because of these actions, We recommend you do a reformat/reinstall. Attempts to clean this virus to include the backdoor capability usually fail.

    You will find excellent reformat/reinstall instructions here:
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...