Secruity System Warning

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by stevodevo, Apr 5, 2008.

  1. stevodevo

    stevodevo Private E-2

    Hi,

    I had a secruity system warning message that kept popping up with the alert details:

    File: C\Windows\wml.exe
    Threat: Abebot

    I have gone through the steps for removing malware and I was hoping you could look at the logs to see if I still have the problem.

    Thanks in advance,
    Stephen
     

    Attached Files:

    stevodevo, Apr 5, 2008
    #1
  2. abri

    abri MajorGeek

    Hi stevodevo,
    Welcome to Major Geeks!

    Do you know what the following folder is? You can open it up and look if you don't know, but don't open any files. Let me know if it's something you know of or if not, what's in it.

    C:\ProgramData\xzohxxkt

    That's the only questionable thing I can see. Your logs look find otherwise. You can go ahead and run the final cleanup instructions:please do the final cleanup instructions in the box:
    abri
     
    abri, Apr 6, 2008
    #2
  3. abri

    abri MajorGeek

    Hi stevodevo,

    Sorry, I missed a couple of things, so I want to post you some more instructions. If you haven't done the final cleanup, please wait until you do the following. If not, you'll need to reinstall the MGTools so you can run HijackThis (analyse.exe).

    1) Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

    O4 - HKLM\..\Run: [PC-Antispyware] "C:\Program Files\PC-Antispyware\PC-Antispyware.exe" hide

    After you click fix, just close hijackthis.

    2) Now download The Avenger by Swandog46, and save it to your Desktop.
    • Extract avenger.exe from the Zip file and save it to your desktop
    • Run avenger.exe by double-clicking on it.
    • Check the 'Input script manually' box.
    • Click on the magnifying glass icon.
    • Copy everything in the Quote box below, and paste it in the box that opens:
    • Now click the 'Done' button.
    • Click on the traffic light icon and OK the prompt.
    • You will be prompted to restart, OK the prompt and your PC should reboot, if not, reboot it yourself.
    • A log file from Avenger will be produced at C:\avenger.txt


    3) Now run CCleaner at the default setting with the Windows tab as the top one.


    There's one other thing that needs to be corrected and that is some policy settings. Do you know anything about how the following got set? I'll get back to you about these, but wondered if you remember anything you've installed that could have caused these settings.
    4) Please run C:\MGtools\GetLogs.bat and attach the fresh MGlogs.zip it generates along with the Avenger log.


    abri
     
    abri, Apr 6, 2008
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds