Jump to content

plfaded

Members
  • Posts

    5
  • Joined

  • Last visited

Everything posted by plfaded

  1. MBAM and TDSS Killer picked up no threats. I'm just going to nuke the drive. Thanks for the assistance though.
  2. I'm not sure if the log shows it... but attached is an image with the processes still running. gmer.log
  3. I ran your fixlist exactly as requested and restarted. Attached are new logs from the Farbar Recovery Tool, ran after the reboot. One thing to note - The 10.0.0.248 and 10.0.0.249 lines were from my VPN for work. I can always fix that later if needed though. No more porn popup, which is awesome. I guess it caught it with the line -> Task: {15B7B964-C159-49EB-ADA1-91E802416DC1} - System32\Tasks\MS => hxxp://gangnamgame.org I ran a quick check with GMER though and it now SEES the rootkit on scan, which it didn't before, along with the processes. I didn't run any extra cleanup, fixes, or do anything other than scan with GMER. Per your instructions, I'm waiting on your suggestions instead of going off on my own. I'm still worried about the rootkit portion of it though. Attached are screenshots. Addition.txt FRST.txt
  4. Thanks for the fast reply! FRST.txt Addition.txt
  5. I'm definitely infected. I get the clear sign of random porn popups with Russian text occasionally just on boot and every so often after booted... kind of crazy anime stuff o_O I'd screenshot but it's pretty horrid. MBAM, Super Anti Spyware, and Hitman Pro all fail to find the malware. I ran full scans on the all with the latest definitions. All logs are attached. Hijack this logs is also attached and I can't seem to find a trace of it anywhere on there. My host files are fine. I downloaded gmer. It would crash out. I had to rename it iexplore.exe and run it to get it to go. The scan doesn't find it from what I can see... although maybe I'm missing it in the log. I've attached it. The processes scan can see it though. I kill the processes outlined and the popups stop and my computer runs normally fast again. I tried to find these processes in normal task manager and Microsoft's process explorer... neither can see the processes when ran. I run Windows 10 so combofix was not an option. It boots and runs ok... except a bit slow and the boot up is really slow. Oh, and the crazy Russian porn popups. hijackthis.log HitmanPro_20151223_1941.log SUPERAntiSpyware Scan Log - 12-23-2015 - 20-36-58.log
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.