System check found catchme

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by msidea, Jun 1, 2014.

  1. msidea

    msidea Private First Class

    Hi gents & ladies,

    Because it was a bit cumbersome to run, I uninstalled Avast & installed ZoneAlarm Firewall (which I already had) + Antivirus.

    I recently started working for a company where we all work from home in different parts of the country. Files are transferred back and forth on a daily, even an hourly basis. That makes me a little wary.

    My computer has been frustratingly slow sometimes, say over the past 2 weeks. I use Google Chrome 99% of the time, and sometimes, opening a tab could last 30 seconds.

    I always start any system check with Norman Malware Cleaner. It found the ZA installation file to be infected and 2 others. So I went through your steps, which I have not needed to do in quite some time.

    The computer is running better, but my concern now is that RogueKiller (I think, or maybe Hitman) found somethings. Since the instructions in your thread were adamant about not doing anything other than what was indicated, I left it at that.

    Attached are 3 of the logs. I haven't been able to find the other 2, the one for RogueKiller & MBAM.

    Thanks for the awesome work that you do!
     

    Attached Files:

    msidea, Jun 1, 2014
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Hitman found some PUP's, which you can remove, but we really need to see the RogueKiller log, esp. since you said it found things.
     
    TimW, Jun 1, 2014
    #2
  3. msidea

    msidea Private First Class

    Hi Tim,

    I hadn't attached the log because I couldn't find it. RogueKiller puts the log into the Program Data folder which I didn't know to look in.

    In any case, this computer has not be used more than a handful of times since the scan.

    I tried running Hitman but it wouldn't remove the infections saying that the license was expired. Then Google Chrome froze (not sure if it's related), and I closed it all out.

    Thanks for all your help!
     

    Attached Files:

    msidea, Jul 26, 2014
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    [​IMG] Please download Junkware Removal Tool to your desktop.

    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Attach JRT.txt to your next message.


    Then:
    Download Windows Repair by Tweaking.com and unzip the contents into a newly created folder on your desktop.

    • Now run Repair_Windows.exe by double clicking on it ( if you are running Vista or Win 7, use right click and select Run As Administrator)
    • Now select the Start Repairs tab.
    • The click the Start button.
    • Create a System Restore point if prompted.
    • On the next screen, click the Unselect All button to first deselect all repairs.
    • Now select the following repair options:
      • Reset Registry Permissions
      • Reset File Permissions
      • Register System Files
      • Repair WMI
      • Repair Windows Firewall
      • Remove Policies Set By Infections
      • Repair Winsock & DNS Cache
      • Repair Proxy Settings
      • Repair Windows Updates
      • Set Windows Services To Default Startup

    • Now on the lower right side check the box to Restart/Shutdown System When Finished
    • Then make sure the Restart System radio button is enabled.
    • Shutdown any other programs that you are running now before continuing.
    • Now click the Start button.
    • Be patient while the tool repairs the selected items.
    • It should reboot automatically when finished.
     
    TimW, Jul 26, 2014
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    FYI: catchme is not a problem. It is due to you having run Combofix last December.

    And your PC is slow because of the system specs. It is a slow processor and you do not have enough memory to run Windows 7. In fact you have so little free memory that your PC will be extremely slow. From your logs.
    Code:
    Processor Intel(R) Atom(TM) CPU N270   @ 1.60GHz, 1600 Mhz, 1 Core(s), 2 Logical Processor(s) 
 
Installed Physical Memory (RAM) 1.00 GB 
Total Physical Memory 0.99 GB 
Available Physical Memory 72.6 MB
    You need to added another 2GB of memory.
     
    chaslang, Jul 26, 2014
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds