2nd time user

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by mrcolin1, Mar 12, 2005.

  1. mrcolin1

    mrcolin1 Private E-2

    Hey, I just got rid of a bunch of spyware on my computer. I'm at my uncle's now, helping with his computer. Ready for the Logs. I've done the preliminary scans.
     
    mrcolin1, Mar 12, 2005
    #1
  2. jarcher

    jarcher I can't handle a title

    jarcher, Mar 12, 2005
    #2
  3. mrcolin1

    mrcolin1 Private E-2

    I've done everything.
    Attachted is the log. Would it make a difference if I had my system restore disabled or not.
     

    Attached Files:

    mrcolin1, Mar 12, 2005
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You said you did everything! It does not sound like it or look like it.
    The first step in the READ ME FIRST is to disable system restore. Later in the READ ME we also have mandatory online scans that must be run. You have not run both of them. Is there a reason you skipped these scans? Exactly what steps from the READ ME have you done. ALL steps are to be run (unless they do not apply as indicated in the READ ME).
     
    chaslang, Mar 12, 2005
    #4
  5. mrcolin1

    mrcolin1 Private E-2

    In fact I have done them, the only reason I asked about system restore because they mention it at the start and I didn't know whether to restore it or not. As with the online scans, I ran them and found nothing, as I did with my own computer. I then ran logs to the guy that helped me, and my computer is doing super right now. But, I'm running another FULL scan now, and will do a new log and post.
     
    mrcolin1, Mar 12, 2005
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    The Trend Micro scan was not run! You only ran the Symantec scan.

    I don't need another log, I just wanted to know if you were having any problems! You log is clean (other then a very larger amount of processes being loaded and running).
     
    chaslang, Mar 12, 2005
    #6
  7. mrcolin1

    mrcolin1 Private E-2

    Can you tell me how to edit things at startup?
     
    mrcolin1, Mar 12, 2005
    #7
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You first need to decide what things you do not need to run at all and then remove them. And then you need to decide which items you only need to load when you want to run them. Part of your mess is due to all the stuff McAfee and Roxio load.
     
    chaslang, Mar 12, 2005
    #8
  9. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Just to give you an idea of what I mean. Look at all the stuff in your log related to McAfee:

    C:\progra~1\mcafee\MCAFEE~1\MssSrv.exe
    C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
    C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
    C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
    C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\progra~1\mcafee\MCAFEE~1\MssCli.exe
    C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    c:\progra~1\mcafee.com\vso\mcvsftsn.exe
    C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    C:\PROGRA~1\McAfee.com\Agent\mcupdui.exe
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    O4 - HKLM\..\Run: [_AntiSpyware] c:\progra~1\mcafee\MCAFEE~1\MssCli.exe
    O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
    O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
    O23 - Service: McAfee AntiSpyware Real-Time Scanner (McAfeeAntiSpyware) - McAfee, Inc. - c:\progra~1\mcafee\MCAFEE~1\MssSrv.exe
    O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
    O23 - Service: McAfee SpamKiller Server (MskService) - Networks Associates Technology. Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.e
     
    chaslang, Mar 12, 2005
    #9

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds