Computer Hope
Software => Computer viruses and spyware => Topic started by: Randy1887 on February 09, 2010, 10:26:45 PM
-
here is the logs for Malwarebytes' and Hijack This, SuperAntispyware did not create a log
[Saving space, attachment deleted by admin]
-
Please visit this webpage for a tutorial on downloading and running ComboFix:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
See the area: Using ComboFix, and when done, post the log back here.
-
I will look into this ComboFix tonight and get back with you
-
Ok so I ran ComboFix and it created a log which I am now uploading. When it finished I decided to give my web browser another shot and it is working great! :) I guess combo fix done the trick! ;D Please look over the log for me though and let me know for sure if ComboFix was what fixed it! Thanks A million!!!! computerhope and you saved me $130.00!!!!!!!!!
[Saving space, attachment deleted by admin]
-
Please run a free online scan with the ESET Online Scanner (http://www.eset.com/onlinescan/)
- Tick the box next to YES, I accept the Terms of Use
- Click Start
- When asked, allow the ActiveX control to install
- Click Start
- Make sure that the options Remove found threats and the option Scan unwanted applications is checked
- Click Scan (This scan can take several hours, so please be patient)
- Once the scan is completed, you may close the window
- Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
- Copy and paste that log as a reply to this topic
-
ESET Did not create a log ??? It did however find a worm whick i allowed it to remove
-
(http://img233.imageshack.us/img233/7729/mbamicontw5.gif) Please download Malwarebytes Anti-Malware from Malwarebytes.org (http://www.malwarebytes.org/mbam/program/mbam-setup.exe).
Alternate link: BleepingComputer.com (http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe).
(Note: if you already have the program installed, just follow the directions. No need to re-download or re-install!)
Double Click mbam-setup.exe to install the application.
(Note: if you already have the program installed, open Malwarebytes from the Start Menu or Desktop shortcut, click the Update tab, and click Check for Updates, before doing the scan as instructed below!)
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Full Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
- Please save the log to a location you will remember.
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy and paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
-
Malwarebytes' Anti-Malware 1.44
Database version: 3769
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882
2/21/2010 2:58:58 AM
mbam-log-2010-02-21 (02-58-58).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 324648
Time elapsed: 1 hour(s), 5 minute(s), 48 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 7
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\System Volume Information\{36a401cc-1c16-11df-9898-0016ea6bc556}{3808876b-c176-4e48-b7ae-04046e6cc752} (Malware.Packer.Gen) -> Delete on reboot.
C:\Windows\010112010146114101.xxe (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\Windows\01011201014650115.xxe (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\Windows\rdr_1266215756.exe (Worm.Koobface) -> Quarantined and deleted successfully.
C:\Windows\rdr_1266215937.exe (Worm.Koobface) -> Quarantined and deleted successfully.
C:\Windows\rdr_1266216211.exe (Worm.Koobface) -> Quarantined and deleted successfully.
C:\Windows\rdr_1266216232.exe (Worm.Koobface) -> Quarantined and deleted successfully.
-
Please run a free online scan with the ESET Online Scanner (http://www.eset.com/onlinescan/)
- Tick the box next to YES, I accept the Terms of Use
- Click Start
- When asked, allow the ActiveX control to install
- Click Start
- Make sure that the options Remove found threats and the option Scan unwanted applications is checked
- Click Scan (This scan can take several hours, so please be patient)
- Once the scan is completed, you may close the window
- Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
- Copy and paste that log as a reply to this topic
-
I ran ESET but once again it did not creat a log, however it did say there was no infected files
-
Does your web browser work yet?
-
Yes. After I ran Combo-Fix it works fine. I tried to upload a copy of Combo-Fix's report but I don't know if it uploaded or not. If you want me to upload it again I can. Thank You soooooooooooooo much for your help!!!!!!!
-
No biggie. Let's clean up. :)
To manually create a new Restore Point- Go to Control Panel and select System and Maintenance
- Select System
- On the left select Advance System Settings and accept the warning if you get one
- Select System Protection Tab
- Select Create at the bottom
- Type in a name i.e. Clean
- Select Create
Now we can purge the infected ones
- Go back to the System and Maintenance page
- Select Performance Information and Tools
- On the left select Open Disk Cleanup
- Select Files from all users and accept the warning if you get one
- In the drop down box select your main drive i.e. C
- For a few moments the system will make some calculations
- Select the More Options tab
- In the System Restore and Shadow Backups select Clean up
- Select Delete on the pop up
- Select OK
- Select Delete
You are now done
To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC.exe (http://oldtimer.geekstogo.com/OTC.exe) by OldTimer:
- Save it to your Desktop.
- Double click OTC.exe.
- Click the CleanUp! button.
- If you are prompted to Reboot during the cleanup, select Yes.
- The tool will delete itself once it finishes.
Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
==
Please download TFC by OldTimer (http://oldtimer.geekstogo.com/TFC.exe) to your desktop
- Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
- It will close all programs when run, so make sure you have saved all your work before you begin.
- Click the Start
button to begin the process. Depending on how often you clean temp
files, execution time should be anywhere from a few seconds to a minute
or two. Let it run uninterrupted to completion.
- Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.
==
Download Security Check by screen317 from SpywareInfoforum.org (http://screen317.spywareinfoforum.org/SecurityCheck.exe) or Changelog.fr (http://screen317.changelog.fr/SecurityCheck.exe).- Save it to your Desktop.
- Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
- A Notepad document should open automatically called checkup.txt; please post the contents of that document.