|
Post by tonydown on Oct 20, 2014 20:14:01 GMT -8
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Oct 20, 2014 20:23:06 GMT -8
You did not read my instructions!!!!!!
I did say something about going into Normal Mode , you are still scanning in Safe Mode with Networking!!
Quads
|
|
|
Post by tonydown on Oct 20, 2014 20:34:02 GMT -8
You're correct - will fix that now
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Oct 20, 2014 20:37:52 GMT -8
I want the "lzykcqispud.exe" to load so I can see it's path(s) and loaded modules.
Quads
|
|
|
Post by tonydown on Oct 20, 2014 21:15:54 GMT -8
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Oct 20, 2014 21:40:30 GMT -8
You can go back to Safe Mode now.
The correct data I wanted has showed for me to script for.
Quads
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Oct 20, 2014 22:04:53 GMT -8
You may want to read carefully all of this message first before starting the steps.
NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Download the script attached, needs to be the same file name as well (fixlist.txt), have it on the Desktop, so that fixlist.txt is next to FRST64.exe,
DO NOT DRAG AND DROP to download the script, it won't work for FRST (Right click on the attachment link (not the normal left click) and from the menu choose Save As or Save Link as.)
The script tells FRST what to do.
Start FRST that is on the desktop When the tool opens click Yes to disclaimer. (if it still does)
Press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) please post it to your reply (attach or paste)
Quads
|
|
|
Post by tonydown on Oct 21, 2014 4:59:01 GMT -8
|
|
|
Post by tonydown on Oct 21, 2014 5:35:07 GMT -8
Restarted system in normal mode - appears to be working normally - is there an explanation (in small words) for what caused the problem?
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Oct 21, 2014 15:17:39 GMT -8
Where you got your dropper(s) from is a shugb shoulders, but you did have more than one family of malware and there is a number of systems like this so quite possibly the families (with the variants) are purposely working together Read carefully
Download Adwcleaner www.bleepingcomputer.com/download/adwcleaner/ on to your desktopThe Blue Download Now @bleeping Computer button and run a scan ( Scan Button). It will create a log after. Or there is a Report button ONE SCAN ONLY
Attach or paste the log back here Quads
|
|