Scan log files

[alyxstar]

Hello,

I've followed all the steps in the preliminary removal instructions. Attached are my HJT, AVG anti-spyware, and ComboFix logs. (I can add the other logs -- VBG etc. -- if it will be helpful.) AVG anti-rootkit indicated there were no installed rootkits on my computer.

(I can see from the AVG log the probable root of my problems. Ugh. I've learned my lesson in that department...)

Thanks in advance for your help!

 

[momok]

Hi,

Very Important: Malware infections can possibly lead to identity theft, stolen bank funds, misuse of credit card information etc. Therefore I strongly encourage you to please read this thread HERE before deciding what course of action to take regarding your infection.

Let me know your decision (whether to clean or format your system)


Regards,
Your friendly momok =)

This thread is for the use of alyxstar only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[alyxstar]

I have already read the thread. I would love to reformat; however, that is not an option at the moment for several reasons. So I will have to go with the cleaning option, take what precautions I can in terms of changing passwords etc, hope that any information I had on the computer has not already been compromised, and be smarter in the future.

ETA: Sorry, in rereading this I realized I might have come across as a little snippy -- not my intention! I'm just too busy sitting over here kicking myself...

So, to rephrase: I've read the thread, and I acknowledge the risks in cleaning rather than reformatting, but I am still going to go for the cleaning option. Thanks again for any help you can provide.

 

[momok]

Hi,

You may wish to copy and paste these instructions on notepad for easier reference later.

Download the attached "CFScript.txt" (from my attachment) and save it to the same folder as Combofix.

Boot into safe mode under your normal user name. See how HERE
Next turn on "Show all files and folders, including hidden and system". See how HERE

1. Please run HijackThis and fix the following entries, if found (do this by placing a tick in the check boxes beside these entries and clicking "Fix checked"):
   
   O2 - BHO: (no name) - {1368F15A-B0C4-4033-8835-90857E81A135} - C:\WINDOWS\system32\vtsqo.dll (file missing)
   
   O2 - BHO: (no name) - {AED2B9D5-21D8-4F42-BD7E-0045CF07ABFD} - C:\WINDOWS\system32\mljjj.dll (file missing)
   
   O2 - BHO: (no name) - {B160C1AE-876B-4A37-81B3-4F8769199089} - C:\WINDOWS\system32\pmnnn.dll (file missing)
   
   O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - C:\WINDOWS\system32\bkukitdv.dll
   
   O2 - BHO: (no name) - {e7f99678-f107-4c01-aa23-ad7ed161ea60} - C:\WINDOWS\system32\hxfsoax.dll
   
   O4 - Global Startup: Digital Line Detect.lnk = ?
   
   Close HJT.
   
   
2. Referring to the image below, drag the CFScript.txt that you downloaded earlier over on to Combofix.exe and release.
   
   
   
   
   
   This will ask Combofix to execute the instructions within my file. Let Combofix run normally and do its job. Attach the resultant log in your reply.
   
   
3. Reboot into normal mode and rehide your protected OS files.

Thereafter, please post fresh HJT, ComboFix and AVG Antispyware logs from normal mode as attachments into this thread.


Regards,
Your friendly momok =)

This thread is for the use of alyxstar only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[alyxstar]

Thanks, momok! Here are the fresh logs.