Computer Hope

Software => Computer viruses and spyware => Topic started by: needsvirushelp on August 18, 2008, 04:46:37 PM

Title: LOGS- SAS, Malwarebytes' anti-malware, and HijackThis.
Post by: needsvirushelp on August 18, 2008, 04:46:37 PM

please help me with this problem...... here are the logs you asked for I hope they help.
some backround info on how I got the virus is I was surfing the internet and suddenly I was infected... I managed to remove two or three trojan programs on my own, but I hope we can fully solve the problem.
Any advice would be great, sorry I can't really add anymore details than this.
Thanks for all the help so far!

[recovering disk space -- attachment deleted by admin]

Title: Re: LOGS- SAS, Malwarebytes' anti-malware, and HijackThis.
Post by: CBMatt on August 18, 2008, 06:00:16 PM

It sounds like it shouldn't be too serious, but I will gladly take a look at your logs in just a couple of minutes.

Title: Re: LOGS- SAS, Malwarebytes' anti-malware, and HijackThis.
Post by: CBMatt on August 18, 2008, 07:13:09 PM

Well, your HJT log looks relatively clean, but you should uninstall XP Antivirus, as it is a malicious program.  I would also strongly suggest uninstalling Spyzooka.  Neither of these are trustworthy programs that you should have.  Go ahead and uninstall these through Add/Remove Programs.

After that, download ComboFix (http://download.bleepingcomputer.com/sUBs/ComboFix.exe) and save it to your desktop.  Run the program and read its disclaimer (it's fairly short) and make sure you really pay attention to what it says.  Follow the prompts and when finished, it will produce a log at C:\ComboFix.txt.  Go ahead and post that here.  Note: Don't click on the window while it's running; this may cause stalls.




Also, you're vulnerable without a firewall, so you should look into getting either ZoneAlarm (http://www.zonelabs.com/store/content/catalog/products/sku_list_za.jsp?lid=dbtopnav_za), Kerio Personal Firewall (http://www.sunbelt-software.com/Kerio.cfm), or Comodo (http://www.personalfirewall.comodo.com).  They're all good free firewalls.  Just be sure you only have one installed at a time!  Download the firewall of your choice, disconnect from the internet, disable Windows Firewall, and install your new firewall.

You also don't appear to have any sufficient anti-virus protection, which is a big no-no. If you surf the internet without a full arsenal, you will get infected. Until you get some protection, it would be pointless to advise you any further, as you will simply become infected again. Download AVG Free (http://free.grisoft.com/freeweb.php/doc/2), install it, and reboot.


Once you have done everything here, please post back with a Combofix log and a new HijackThis log.  We will then manually take care of whatever Combofix doesn't find.