Please read this post:
http://www.techsupportforum.com/secu...ml#post1830849
Quote:
Why we don't ask you to run ComboFix from the onset
As stated by the author of ComboFix:
ComboFix is a very powerful tool which when improperly used may render your machine to a doorstop.
We first need to verify if there's any rootkits present and how they could affect our tools. DDS & GMER are preliminary scans. We use their logs to map our strategy for attack.
With these logs we can determine the infections present & decide whether to deploy ComboFix.
|
Thanks for understanding.
Let's get to work on this...
Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.
It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.
---------------------------------------------------------------------------------------------
- Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
- Open notepad and copy/paste the text in the quotebox below into it:
Quote:
DDS::
uRun: [more mfcd] c:\docume~1\hp_owner\applic~1\progra~1\does acid.exe
mRun: [Love default global mess] c:\documents and settings\all users\application data\great coal love default\Roam List.exe
Registry::
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Folder::
c:\Program Files\Program shim
c:\docume~1\hp_owner\Applic~1\Program shim
c:\docume~1\alluse~1\Applic~1\great coal love default
File::
c:\windows\system32\ascbalon.dll
c:\windows\system32\CreateLog.dll
c:\windows\system32\SysRestore.dll
c:\windows\system32\ConTest.dll
|
Save this as CFScript.txt
Referring to the picture above, drag CFScript.txt into ComboFix.exe
- ComboFix may request an update. Please allow it.
- Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
- When finished, it shall produce a log for you. Post that log in your next reply
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
---------------------------------------------------------------------------------------------
- Ensure your AntiVirus and AntiSpyware applications are re-enabled. A reboot should have done this.
---------------------------------------------------------------------------------------------
__________________
Practice Safe Surfing
Because what you don't know, CAN hurt you.
Proud Member of ASAP since 2005
Proud Member of UNITE since 2006