MajorGeeks Support Forums

Go Back   MajorGeeks Support Forums > ----------= PC, Desktop and Laptop Support =---------- > Malware Removal
Register FAQ Members List Calendar Casino Mark Forums Read

Malware Removal Malware removal forum. Please see the READ ME FIRST thread before you post. Forum is staffed by a small number of volunteers, please be patient.


Reply
 
Thread Tools Display Modes
  #1  
Old 04-12-09, 14:12
Captain Jazz's Avatar
Captain Jazz Captain Jazz is offline
Private E-2
 
Join Date: Jan 2009
Location: Grand Junction, CO
Posts: 24
Thanks: 2
Thanked 0 Times in 0 Posts
Default Possible Malware Infection

Howdy,

I ran through your process a few weeks ago and seem to have been fine. Now I'm having problems again so I reinstalled the malware programs and ran logs which are attached. Could you run through them to be sure I'm not missing something?

Note: I cannot get Malwarebytes to run correctly so no log is attached. In the past I have gotten blue screen memory dumps but today the system just froze. It stopped 10 seconds in after having scanned 4638 files, 0 infections, and th file displayed was C:\windows\system32.

Thanks very much!
Attached Files
File Type: txt SAS log 04 11 09.txt (465 Bytes, 2 views)
File Type: txt CF log.txt (20.1 KB, 2 views)
File Type: zip MGlogs.zip (108.8 KB, 1 views)
__________________
"All of you who are telekinetic, raise my hand."
Reply With Quote
Sponsored links
  #2  
Old 04-12-09, 14:24
Captain Jazz's Avatar
Captain Jazz Captain Jazz is offline
Private E-2
 
Join Date: Jan 2009
Location: Grand Junction, CO
Posts: 24
Thanks: 2
Thanked 0 Times in 0 Posts
Default Re: Possible Malware Infection

And by the way, if it helps, one of the problems I was having was with Internet Explorer 7. When loaded it would not connect and finally stopped responding. It took several time to end the program with Task Manager.

Thanks again!
__________________
"All of you who are telekinetic, raise my hand."
Reply With Quote
  #3  
Old 04-15-09, 15:40
TimW's Avatar
TimW TimW is offline
MajorGeeks Administrator - Jedi Malware Expert
 
Join Date: Jan 2005
Location: The recesses of my mind!
Posts: 46,905
Thanks: 452
Thanked 4,701 Times in 4,438 Posts
Default Re: Possible Malware Infection

Let's do this first:

Use windows explorer to find and delete:
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\content\ffjcext\ffjcext.xul

C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome\content\ffjcext\ffjcext.xul

Tell me what issues you still have...and run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file.
__________________
Major cake licker.
YCLAHTW, BYCMHD!!

Major Geeks on Facebook

Major Geeks Newsletter
Reply With Quote
  #4  
Old 04-23-09, 14:48
Captain Jazz's Avatar
Captain Jazz Captain Jazz is offline
Private E-2
 
Join Date: Jan 2009
Location: Grand Junction, CO
Posts: 24
Thanks: 2
Thanked 0 Times in 0 Posts
Default Re: Possible Malware Infection

Thanks, Tim. Sorry it took me so long to reply, a family thing came up. Deleted the files you requested and ran MGTools again, log attached. We were still having problems with IE 7 with freezing on startup (would not connect and had to use Task Manager to get the sucker to close) but I haven't tried it since we killed those files. I'll mess with it while you check the MGTolls log and let you know. Thanks for your help!
Attached Files
File Type: zip MGlogs.zip (111.0 KB, 1 views)
__________________
"All of you who are telekinetic, raise my hand."
Reply With Quote
  #5  
Old 04-27-09, 16:17
TimW's Avatar
TimW TimW is offline
MajorGeeks Administrator - Jedi Malware Expert
 
Join Date: Jan 2005
Location: The recesses of my mind!
Posts: 46,905
Thanks: 452
Thanked 4,701 Times in 4,438 Posts
Default Re: Possible Malware Infection

Your logs are clean. Whatever issues you are still having with IE7 should be addressed in the software section.

If you are not having any other malware problems, it is time to do our final steps:
  1. We recommed you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real time protection. They are useful as backup scanners. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
  2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
    • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
    • "%userprofile%\Desktop\combofix" /u
      • Notes: The space between the combofix" and the /u, it must be there.
      • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.

    • Delete the C:\combofix folder from combofix (if it exists)

  3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
  4. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
  5. Go to add/remove programs and uninstall HijackThis.
  6. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
  7. If you are running Vista, Windows XP or Windows ME, do the below:
    • Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
    • Then reboot and Enable System Restore to create a new clean Restore Point.

  8. After doing the above, you should work thru the below link:

__________________
Major cake licker.
YCLAHTW, BYCMHD!!

Major Geeks on Facebook

Major Geeks Newsletter
Reply With Quote
Sponsored links
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
I have to believe that this IS from Malware Infection - ? grc123 Software 11 05-27-08 18:10
Possible Malware infection yarafie Malware Removal 4 12-03-07 02:38
Help - Malware Infection dalama32 Malware Removal 20 11-01-07 12:15
Malware infection BA_09 Malware Removal 11 05-08-07 21:30
Please help with malware-infection! nille12 Malware Removal 2 12-14-05 07:43


All times are GMT -5. The time now is 18:03.

MajorGeeks.Com Menu

MajorGeeks.Com \ All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ NEW! PC Games \ System Tools \ Macintosh \ Demonews.Com \ Top Downloads

MajorGeeks.Com \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds


All content Copyright MajorGeeks.com source code Powered by vBulletin® Version 3.8.4
Copyright © 2009 vBulletin Solutions, Inc. All rights reserved.
Ad Management by RedTyger