Hi,
ComboFix log doesn't seem to be complete. Please run ComboFix again and after that re-run DDS too. Post logs back here.
Hi,
ComboFix log doesn't seem to be complete. Please run ComboFix again and after that re-run DDS too. Post logs back here.
Microsoft Windows Insider MVP 2016-2019
Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
If you have problems create a thread in the forum, please.
Malware removal instructions are for the correspondent user's case only.
That's because I ran combofix, it got to the log generating part and just hung out there for +30 minutes. I eventually quit out and grabbed the log.
I'll try it again, but this is what has happened every time I've ran it so far.
Try to give it a run in safe mode if needed.
Microsoft Windows Insider MVP 2016-2019
Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
If you have problems create a thread in the forum, please.
Malware removal instructions are for the correspondent user's case only.
Safe mode indeed.
Open notepad and copy/paste the text in the quotebox below into it:
Code:DDS:: dRun: [Update] rundll32.exe "C:\Windows\system32\config\systemprofile\AppData\Roaming\Adobe\Adobe\klzgc.dll",DllRegisterServer dRun: [3gkb] C:\Windows\system32\config\systemprofile\AppData\Roaming\3gkb.exe dRun: [modegdi] C:\Windows\system32\config\systemprofile\AppData\Roaming\modegdi.exe RegLockDel:: [HKEY_USERS\S-1-5-21-2055685184-3404046546-893769538-1000_Classes\Wow6432Node\CLSID\{3e925816-e035-4419-a30a-a7536a6a55a0}] [HKEY_USERS\S-1-5-21-2055685184-3404046546-893769538-1000_Classes\Wow6432Node\CLSID\{5b4321bc-3d43-4a80-848d-f42a6ce89888}] [HKEY_USERS\S-1-5-21-2055685184-3404046546-893769538-1000_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] [HKEY_USERS\S-1-5-21-2055685184-3404046546-893769538-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
Save this as
CFScript
A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine. This tool is not a toy and not for everyday use.
Close all browser windows and refering to the picture above, drag CFScript into ComboFix.exe (let the tool to update itself if prompted).
Then post the resultant log + fresh dds logs.
Microsoft Windows Insider MVP 2016-2019
Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
If you have problems create a thread in the forum, please.
Malware removal instructions are for the correspondent user's case only.
I ran combofix with that script in safe mode. I had C: open at the time and when the log was generated the entire combofix folder deleted itself. Not to the recycle bin mind you, just flat out vanished.
I ran a search to make sure it didn't just hide itself somewhere.
Hi,
Download fresh copy of ComboFix to your desktop and run it. Post back the log + fresh dds logs.
Microsoft Windows Insider MVP 2016-2019
Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
If you have problems create a thread in the forum, please.
Malware removal instructions are for the correspondent user's case only.
Should I run it with the same script?
Let's try without the script this time.
Microsoft Windows Insider MVP 2016-2019
Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
If you have problems create a thread in the forum, please.
Malware removal instructions are for the correspondent user's case only.
Sorry, I know this took a minute but here it is.
