MajorGeeks Support Forums

Go Back   MajorGeeks Support Forums > ----------= PC, Desktop and Laptop Support =---------- > Malware Removal
Register FAQ Members List Calendar Casino Mark Forums Read

Malware Removal Malware removal forum. Please see the READ ME FIRST thread before you post. Forum is staffed by a small number of volunteers, please be patient.


Reply
 
Thread Tools Display Modes
  #21  
Old 04-26-12, 22:35
chaslang's Avatar
chaslang chaslang is offline
MajorGeeks Admin - Master Malware Expert
 
Join Date: Feb 2004
Location: Northern New Jersey USA
Posts: 80,123
Thanks: 61
Thanked 7,566 Times in 4,067 Posts
Default Re: Is my problem bad enough to be taken to a service/repair shop?

Your TDSSKiller log shows a couple left overs from a TDL infection. Run it again and this time if the below two lines show, Delete them or Quarantine ( which ever is allowed)
Code:
23:56:37.0172 6052 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
23:56:37.0172 6052 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
Then reboot your PC and run TDSSKiller again and attach this new log so we can be sure they were fixed.

Quote:
Originally Posted by fosho14 View Post
A professional technician at a repair/service store probably wouldn't be able to do any further cleaning other than reformatting the hard drive right?
Do you think we are not professsionals? We are much more highly proficient in malware removal then most technicians in PC repair shops. It all depends on how long they have been doing this and many of them actually learn what to do by reading what we do on malware removal forums.
__________________
"There are 10 types of people in this world. Those who understand binary and those who don't."


Support Majorgeeks on Facebook:

Majorgeeks Newsletter
Reply With Quote
Sponsored links
  #22  
Old 04-27-12, 13:56
fosho14 fosho14 is offline
Private E-2
 
Join Date: Apr 2012
Posts: 17
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Is my problem bad enough to be taken to a service/repair shop?

Quote:
Originally Posted by chaslang View Post

Do you think we are not professsionals? We are much more highly proficient in malware removal then most technicians in PC repair shops. It all depends on how long they have been doing this and many of them actually learn what to do by reading what we do on malware removal forums.
I definitely don't doubt your skills, and can clearly see that you are a trained specialist in this area. Just strikes me as ironic that you are doing this for free and are more knowledgeable than the ppl who are charging money who are less knowledgeable. Can't thank you enough though it is very upstanding of you to be doing this. Will attach the logs soon
Reply With Quote
  #23  
Old 04-27-12, 15:08
fosho14 fosho14 is offline
Private E-2
 
Join Date: Apr 2012
Posts: 17
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Is my problem bad enough to be taken to a service/repair shop?

Here is the log after deleting the \Device\Harddisk0\DR0

The 2 other medium risk threats that it picked up that you will see in the log are not harmful to my system and are actually necessary which is why I did not remove them.

The KM service is the activator I use for microsoft office and the sony service is for my e-reader.

Something I hadn't yet mentioned which I believe is extremely important, is the fact that several "important" windows security updates failed to complete. I get error code "80248007" for updates KB2656368 KB2679255 and KB890830

and error code "8024000B" for update KB2675157


That is probably the most concerning thing at this point. How do you think the security of my pc is looking right now?

Cheers
Attached Files
File Type: txt TDSSKiller.2.7.33.0_27.04.2012_12.49.42_log.txt (126.2 KB, 7 views)
Reply With Quote
  #24  
Old 04-28-12, 16:05
fosho14 fosho14 is offline
Private E-2
 
Join Date: Apr 2012
Posts: 17
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Is my problem bad enough to be taken to a service/repair shop?

Is it reasonably safe for me to start online banking again with the changed account information?

Thanks again for all your help so far
Reply With Quote
  #25  
Old 04-28-12, 22:11
chaslang's Avatar
chaslang chaslang is offline
MajorGeeks Admin - Master Malware Expert
 
Join Date: Feb 2004
Location: Northern New Jersey USA
Posts: 80,123
Thanks: 61
Thanked 7,566 Times in 4,067 Posts
Default Re: Is my problem bad enough to be taken to a service/repair shop?

Quote:
Originally Posted by fosho14 View Post
Something I hadn't yet mentioned which I believe is extremely important, is the fact that several "important" windows security updates failed to complete. I get error code "80248007" for updates KB2656368 KB2679255 and KB890830

and error code "8024000B" for update KB2675157
This may be a topic for the Software Forum but give the below a try first.


Download Windows Repair by Tweaking.com and unzip the contents into a newly created folder on your desktop.
  • Now open Repair_Windows.exe
  • Go to Start Repairs tab.
  • Choose "Custom Mode" and press "Start".
  • Create a System Restore point if prompted.
  • In the Custom Mode window, select the following repair options:
    • Reset Registry Permissions
    • Register System Files
    • Repair WMI
    • Remove Policies Set By Infections
    • Repair Winsock & DNS Cache
    • Repair Proxy Settings
    • Repair Windows Updates
  • Now click the Start button.
  • Be patient while the tool repairs the selected items.
  • If asked to reboot the computer for the changes to take affect, make sure other tasks in the program are not still running before accepting to restart.
Quote:
Originally Posted by fosho14 View Post
That is probably the most concerning thing at this point. How do you think the security of my pc is looking right now?
It looks fine and should be safe to use. You may want to consider changing all passwords anyway just to be on the safe side.



If you are not having any other malware problems, it is time to do our final steps:
  1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
  2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
    • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
    • "%userprofile%\Desktop\combofix" /uninstall
      • Notes: The space between the combofix" and the /uninstall, it must be there.
      • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
  3. Go back to step 6 oof the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
  4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
  5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
  6. If running Vista or Win 7, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
  7. Go to add/remove programs and uninstall HijackThis.
  8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders
    related to MGtools and some other items from our cleaning procedures.
  9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
    • Refer to the cleaning procedures pointed to by step 7 of the READ ME
      for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
    • Then reboot and Enable System Restore to create a new clean Restore Point.
  10. After doing the above, you should work thru the below link:
__________________
"There are 10 types of people in this world. Those who understand binary and those who don't."


Support Majorgeeks on Facebook:

Majorgeeks Newsletter
Reply With Quote
Sponsored links
  #26  
Old 04-29-12, 19:38
fosho14 fosho14 is offline
Private E-2
 
Join Date: Apr 2012
Posts: 17
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Is my problem bad enough to be taken to a service/repair shop?

Thanks, thats good to hear, I will start using my pc again. I just noticed on my tune up utilities program that there was a suggestion to disable administrative shares, because otherwise hackers can gain network access. Do you think it's a good idea to disable administrative shares?
Reply With Quote
  #27  
Old 04-30-12, 21:19
chaslang's Avatar
chaslang chaslang is offline
MajorGeeks Admin - Master Malware Expert
 
Join Date: Feb 2004
Location: Northern New Jersey USA
Posts: 80,123
Thanks: 61
Thanked 7,566 Times in 4,067 Posts
Default Re: Is my problem bad enough to be taken to a service/repair shop?

Quote:
Originally Posted by fosho14 View Post
Do you think it's a good idea to disable administrative shares?
Not if you really need them? And if you need them, just make sure that they are password protected to make it more difficult on hackers. Shared folders or drives should not use the same passwords as for your user accounts too.

But you need to realize something significant, if you are logging into your PC with a user account that has administrator priviledges and you get hacked, they already have full permissions and can change passwords and permissions to anything they want. This is a reason why one security method commonly recommended is not to use an admin type account to do any surfing. Only use Restricted User Accounts. Obviously this has some down sides too but it is more secure.
__________________
"There are 10 types of people in this world. Those who understand binary and those who don't."


Support Majorgeeks on Facebook:

Majorgeeks Newsletter
Reply With Quote
  #28  
Old 05-01-12, 01:15
fosho14 fosho14 is offline
Private E-2
 
Join Date: Apr 2012
Posts: 17
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Is my problem bad enough to be taken to a service/repair shop?

Shit, I have been using an account with administrative privileges this entire time from the beginning :O I'm sure it's not very safe for me to be using this computer but at this point and after everything ive been through, I'll take the risk (I have bills to pay and transactions that must be processed). It's a fairly expensive computer that a family friend built part by part so im not gonna just buy a new one and i don't really want to buy an external hard drive to wipe it clean and re-load. Thanks for all your help hopefully things work out okay for me based on the scans that we performed together. The amount of time you donated to me was very much appreciated.

Cheers
Reply With Quote
  #29  
Old 05-01-12, 18:18
chaslang's Avatar
chaslang chaslang is offline
MajorGeeks Admin - Master Malware Expert
 
Join Date: Feb 2004
Location: Northern New Jersey USA
Posts: 80,123
Thanks: 61
Thanked 7,566 Times in 4,067 Posts
Default Re: Is my problem bad enough to be taken to a service/repair shop?

You're welcome. Surf safely.
__________________
"There are 10 types of people in this world. Those who understand binary and those who don't."


Support Majorgeeks on Facebook:

Majorgeeks Newsletter
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Base Filtering Engine Service repair resolution g264 Malware Removal 1 12-17-11 02:20
Computer Repair Shop Zack Magee The Lounge 56 03-20-11 20:23
Broderbund Movie Shop 6.5 PROBLEM KSU4TC Software 0 01-27-06 10:15
Printing problem w/ XP SP2 and Print Shop JimU Software 2 03-04-05 11:46
Paint Shop Pro Verse Photo Shop...... vestalmiss Software 5 11-04-04 18:25


All times are GMT -5. The time now is 23:22.

MajorGeeks.Com Menu

MajorGeeks.Com \ All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ NEW! PC Games \ System Tools \ Macintosh \ Demonews.Com \ Top Downloads

MajorGeeks.Com \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds


Powered by vBulletin® Version 3.8.4
Copyright © 2009 vBulletin Solutions, Inc. All rights reserved.
Ad Management by RedTyger