Thread: HJT Log - Computer Deranged
View Single Post
Old 08-13-2007, 05:47 AM   #4 (permalink)
sUBs
Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy
 
sUBs's Avatar
 
Join Date: May 2005
Posts: 24,331
OS: N/A


Re: HJT Log - Computer Deranged
Open notepad and copy/paste the text in the quotebox below into it:

Code:
File::
C:\WINDOWS\system32\utstv.bak1
C:\WINDOWS\system32\iieldknh
C:\WINDOWS\system32\ijjlm.bak1
C:\WINDOWS\system32\rstwa.bak1
C:\WINDOWS\system32\ccbeg.bak1
C:\WINDOWS\system32\wycdd.bak1
C:\WINDOWS\system32\ilnmp.bak1
C:\WINDOWS\system32\mlkkj.bak1
C:\WINDOWS\system32\wvvwa.bak1
C:\WINDOWS\system32\klnmp.bak1
C:\WINDOWS\system32\xyadd.bak1
C:\WINDOWS\system32\ehhkj.bak1
C:\WINDOWS\system32\prutv.bak1
C:\WINDOWS\system32\tstwa.bak1
C:\WINDOWS\system32\jjkmp.bak1
C:\WINDOWS\system32\cbadd.bak1
C:\WINDOWS\system32\acbeg.bak1
C:\WINDOWS\system32\ayadd.bak2
C:\WINDOWS\system32\ayadd.bak1
C:\WINDOWS\system32\xxywxyv.dll.vir
C:\WINDOWS\system32\kjkkj.bak1
C:\WINDOWS\system32\yyadd.bak1
C:\WINDOWS\system32\nqstv.bak1
C:\WINDOWS\system32\nqtwa.bak1
C:\WINDOWS\system32\gfhkj.bak1
C:\WINDOWS\system32\ttvwa.bak1
C:\WINDOWS\system32\egjlm.bak1
C:\WINDOWS\system32\pqstv.bak2
C:\WINDOWS\system32\pqstv.bak1
C:\WINDOWS\system32\winlvv32.dll
Folder::
C:\Program Files\Ayykklql
C:\Program Files\mbsfapsx
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\rgbozwpq]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SC2]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\smgr]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uins]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
Save this as "CFScript"




Refering to the picture above, drag CFScript.txt into ComboFix.exe

When finished, it shall produce a log for you, C:\ComboFix.txt. Post that log in your next reply.


---------------


Click here perform an online scan >> Online Scanner


---------------


In your next post, please include fresh logs from:
  1. Fresh Hijackthis log taken just before replying
  2. Online scan
  3. ComboFix's log
Please provide details of any problems you encountered whilst performing the above steps & update us on how the computer behaves now
__________________

Question - what have you done for the community today?
sUBs is offline