check my logs please

Discussion in 'Malware Help (A Specialist Will Reply)' started by lordd466b, Mar 7, 2009.

  1. lordd466b

    lordd466b Private E-2

    first i tried the malware removal guide and my ccleaner opens but just for 3 secs i think then i uninstalled my AV because it wont open when i try to install it the installer closes and my task manager , regedit , add and remove programs are not working they close when i open them

    then i tried windows xp cleaning procedure
    everything went fine except for spybot it won continue open only in loading bar
     

    Attached Files:

    lordd466b, Mar 7, 2009
    #1
  2. lordd466b

    lordd466b Private E-2

    here's the other log
     

    Attached Files:

    lordd466b, Mar 7, 2009
    #2
  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Why am I not seeing any anti-virus program installed on this computer?

    Now let's use ComboFix to remove a bunch of malware files.

    * Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
    o If it is not on your Desktop, the below will not work.
    * Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):
    Code:
    KILLALL::


Drivers::
VC
VOEOTWDY
FYEPYWBJJWQB
BFFBPGBJDAARQ

File::
C:\gi2ky.exe
C:\wx8o0bt1.com
G:\errast.exe
G:\9yqusig.bat
G:\scvshosts.exe
C:\WINDOWS\TEMP\kabhaw.exe
C:\WINDOWS\TEMP\utflpk.exe
C:\Documents and Settings\Administrator\7ZS884.TMP

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47009a2a-dcf4-11dc-8daa-0019212b1a6c}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d10b6ce-f5de-11dd-8ff3-0019212b1a6c}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6451bf79-a233-11dd-8fb6-0019212b1a6c}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a249d1bc-efe9-11dc-8deb-0019212b1a6c}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bfb53136-ed3d-11dd-8ff0-0019212b1a6c}]
    * Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
    * At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
    * You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
    If it asks you to overide the prvevious file with the same name, click YES.
    * Now use your mouse to drag CFscript.txt on top of ComboFix.exe
    http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
    * Follow the prompts.
    * When it finishes, a log will be produced named c:\combofix.txt
    * I will ask for this log below

    Note:

    Do not mouseclick combofix's window while it is running. That may cause it to stall.

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created by running this and also attach the log from Combo.
     
    TimW, Mar 9, 2009
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds