|
Post by stinger on Oct 28, 2014 15:08:58 GMT -8
Yeah, I deleted everything in the scan list. The symptoms are gone! I'll continue to monitor it, but I think it's gone I'm still not sure about the address, but since DNS hijacking effects the whole network, and none of our computers are showing symptoms, I don't think that's an issue. Unfortunately, I think my other computer was infected with Poweliks, so I'm going to start a new thread for that as well.
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Oct 28, 2014 20:16:35 GMT -8
We can only do one system at a time per user otherwise it gets confusing
Quads
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Oct 28, 2014 22:50:50 GMT -8
You may want to read carefully all of this message first before starting the steps. NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemDownload the script attached, needs to be the same file name as well (fixlist.txt), have it on the Desktop, so that fixlist.txt is next to FRST64.exe, DO NOT DRAG AND DROP to download the script, it won't work for FRST (Right click on the attachment link (not the normal left click) and from the menu choose Save As or Save Link as.)
The script tells FRST what to do. Start FRST that is on the desktop
When the tool opens click Yes to disclaimer. (if it still does) Press the Fix button just once and wait.The tool will make a log on the Desktop (Fixlog.txt) please post it to your reply (attach or paste) Quads Attachments:fixlist.txt (5.2 KB)
|
|
|
Post by stinger on Oct 30, 2014 11:27:11 GMT -8
Are you sure? It's been 2-3 days, and I've had no problems. I was going to report that I thought the fix was successful.
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Oct 30, 2014 23:36:05 GMT -8
Yes as FRST is targeting more than Roguekiller does including the ransomware
Quads
|
|
|
Post by stinger on Oct 31, 2014 0:06:53 GMT -8
Ok, here's the log. This is run from a user account, not the admin. Fixlog.txt (21.37 KB)
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Oct 31, 2014 20:13:38 GMT -8
You are going to have to switch to a account with admin rights to run a script
Quads
|
|
|
Post by stinger on Oct 31, 2014 22:37:34 GMT -8
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Oct 31, 2014 23:38:03 GMT -8
Read carefully
Download Adwcleaner www.bleepingcomputer.com/download/adwcleaner/ on to your desktop The Blue Download Now @bleeping Computer button and run a scan ( Scan Button). It will create a log after. Or there is a Report button, ONE SCAN ONLY
Attach or paste the log back here Quads
|
|
|
Post by stinger on Nov 1, 2014 0:28:26 GMT -8
Does this need to be run on an admin account?
|
|