I see you also tried to run ComboFix. As noted in our pre-posting topic...
Quote:
Why we don't ask you to run ComboFix from the onset
As stated by the author of ComboFix:
ComboFix is a very powerful tool which when improperly used may render your machine to a doorstop.
We first need to verify if there's any rootkits present and how they could affect our tools. DDS & GMER are preliminary scans. We use their logs to map our strategy for attack.
With these logs we can determine the infections present & decide whether to deploy ComboFix.
|
Your infection is a prime example. Let's see if we can get the gmer scan.
Open Notepad and copy/paste the contents in the code box below, into Notepad.
Quote:
@copy /y gmer.exe gamer.exe
@Start gamer.exe -protect
|
Save this as
owned.bat Choose to "Save type as - All Files"
It should look like this:
Place the batch next to gmer & double click to launch it.
Remember to configure and carry out the scan as follows:
- Extract the contents of the zipped file to desktop.
- Double click GMER.exe. If asked to allow gmer.sys driver to load, please consent .
- If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
Click the image to enlarge it
- In the right panel, you will see several boxes that have been checked. Uncheck the following ...
- Sections
- IAT/EAT
- Drives/Partition other than Systemdrive (typically C:\)
- Show All (don't miss this one)
- Then click the Scan button & wait for it to finish.
- Once done click on the [Save..] button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
- Save it where you can easily find it, such as your desktop
**Caution**
Do NOT take any action on any "<--- ROOKIT" entries
Please attach the ark.txt in your next reply
__________________
Member of ASAP since 2005
Member of UNITE since 2006
"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."