Logs from READ and RUN First guide - Please Help

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by bigbadwoooooof, Jul 24, 2011.

  1. bigbadwoooooof

    bigbadwoooooof Private E-2

    I just ran the READ & RUN ME Guide, and I have the log files from the different programs. I noticed that one of the items in the RootRepeal log was named catchme.sys, and I've read about the catchme virus before, but I don't remember how to remove it, and I still have this file in my computer. I also noticed these two unsigned files: dump_dumpata.sys and dump_msahci.sys, which was interesting to me, because I have been getting a blue screen every now and then for the past two weeks that says something like 'Cdump'...

    Anyway, I would appreciate if someone would take a look at my logs, and help me solve whatever issues remain in my computer. I have made repeated attempts to fix my computer over the past month... and I'm about ready to bash it with a hammer :-|. This is the first time I have posted on a forum for assistance, but I feel that it is necessary, because whatever is wrong with my computer appears to be beyond me. On a side note... I've been using spyware doctor, and it appears to be getting rid of the same files every single day, and sometimes on back-to-back scans... most of them are tracking cookies, so I have set my browser so it asks permission to download any cookies ever, which is terribly annoying, but it seems necessary.
     

    Attached Files:

    bigbadwoooooof, Jul 24, 2011
    #1
  2. bigbadwoooooof

    bigbadwoooooof Private E-2

    This is the Malwarebytes log that I couldn't fit in the last post.
     

    Attached Files:

    bigbadwoooooof, Jul 24, 2011
    #2
  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Please use add/remove programs to uninstall:
    Java(TM) 6 Update 7

    Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
    After clicking Fix, exit HJT.

    Please download The Avenger by Swandog469, and save it to your Desktop.

    * Extract+ avenger.exe from the Zip file and save it to your desktop

    Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

    * Run avenger.exe by double-clicking on it.
    * -Do not change any check box options!!
    * Copy everything in the Quote box below, and paste it into the Input script here: part of the window:

    * Now click the Execute button.
    * Click Yes to the prompt to confirm you want to execute.
    * Click Yes to the Reboot now? question that will appear when Avenger finishes running.
    * Your PC should reboot, if not, reboot it yourself.
    * A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

    Now download and install:
    Java Runtime 6

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

    Then attach the below log:

    • C:\MGlogs.zip

    Make sure you tell me how things are working now!
     
    TimW, Jul 24, 2011
    #3
  4. bigbadwoooooof

    bigbadwoooooof Private E-2

    I did everything that you told me. My computer is running fantastic, thank you :D... the only problem I had, was that I couldn't get the last log you wanted. I put C:\MGtools\GetLogs.bat in my computer search, and then right clicked it and clicked 'run as administrator' and it is just starting up and then disappearing.
     
    bigbadwoooooof, Jul 24, 2011
    #4
  5. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Please click Start, All Program, Accessories and you will see ( among other things ) a Command Prompt entry.

    • Right click the Command Prompt entry and select Run As Administrator.
      • It is critical that you run it this way.

    • If you do this properly, a command prompt window will open with a title of Administrator Command Prompt.
    • Enter the below commands at the command prompt each followed by the enter key. The bold black are commands. The purple/brown is merely informational.

    cd \MGtools <-- this changes to the MGtools folder and the prompt should change to C:\MGtools>
    GetRunKey<-- this will try to run all one scan from MGtools. Tell me what error messages, if any, you see.
    ShowNew<-- this will try to run all one scan from MGtools. Tell me what error messages, if any, you see.
     
    TimW, Jul 24, 2011
    #5
  6. bigbadwoooooof

    bigbadwoooooof Private E-2

    I didn't have any error messages. It said this after mgtools ran:

    Adding newfiles.txt (160 bytes security) (deflated 80%)
    Adding ffdata.txt (160 bytes security) (deflated 75%)
    Adding winfiles.txt (160 bytes security) (deflated 88%)

    I don't know if that is useful or not...
     
    bigbadwoooooof, Jul 25, 2011
    #6
  7. dr.moriarty

    dr.moriarty Malware Super Sleuth Staff Member

    Was a MGTools.zip file created? If so, please attach it for TimW to review.
     
    dr.moriarty, Jul 26, 2011
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds