Other > Viruses and worms
pc infected (I don't know how...)
giannirusso:
Hello, while I was browsing I get a virus because at the next boot I wasn't able to get network works correctly (plents of exclamation points).
First I tried to fix (I didn't understand) them reinstalling drivers then I tried run combofix and at the next boot I had network works correctly, except something remote access starts when I try to download files overs web sites.
I don't be sure that my pc is clean and I have seen your clean guide so I did run Malwarebytes, OTL, and aswMBR and I attached the log files.
Thank you for any help.
Gianni
essexboy:
Could you attach the main OTL log please plus the combofix log..
This is the latest variant of sirfef C:\RECYCLER\S-1-5-21-117609710-220523388-839522115-1003\$f11807ef44dc1ea46001f1b0fa80e300
giannirusso:
This is the OTL and Combofix log. I have to disable the system restore point before to do something?
Thank you
Gianni
essexboy:
No leave the restore points for the moment
What problem remain
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
[/list]
--- Code: ---:OTL
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\ffhzell.dll -- (mnbbae)
DRV - [2012/08/30 23.03.41 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\utexnjq4.sys -- (utexnjq4)
IE - HKU\S-1-5-21-117609710-220523388-839522115-1003\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=E5dvYRj_tO_uysYqzDevjme8K2g?q={searchTerms}
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
[2012/08/30 23.03.39 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\utexnjq4.sys
:Files
ipconfig /flushdns /c
netsh int ip reset c:\resetlog.txt /c
ipconfig /release /c
ipconfig /renew /c
:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
--- End code ---
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply. [/list]
giannirusso:
I have attached OTL log after the scan and the log I had after booting the system when the fix finished, if it needs.
Thank you
Gianni
Navigation
[0] Message Index
[#] Next page
Go to full version