READ & RUN ME FIRST help

Discussion in 'Malware Help (A Specialist Will Reply)' started by 00420, Jan 21, 2008.

  1. 00420

    00420 Private E-2

    Malware Removal

    ---------------------------------------------------------
    AVG Anti-Spyware - Scan Report
    ---------------------------------------------------------
    :cry
    thx for the help guys
    + Created at: 12:50:14 PM 1/21/2008

    + Scan result:



    C:\System Volume Information\_restore{ED1AD764-6EE8-45D8-B9BD-559926E4C6F0}\RP314\A0059493.exe -> Adware.Comet : Cleaned with backup (quarantined).
    C:\Program Files\McAfee.com\Agent\mcupdate.exe -> Worm.Bobic.cx : Cleaned with backup (quarantined).


    ::Report end
     

    Attached Files:

    00420, Jan 21, 2008
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Re: Malware Removal

    Why doesn't any of your logs show an anti-virus program? Did you uninstall McAfee?

    Please use add/remove programs to uninstall:
    Java 2 Runtime Environment, SE v1.4.2_03"
    Java(TM) 6 Update 2"
    Java(TM) SE Runtime Environment 6 Update 1

    Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

    Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
    After clicking Fix, exit HJT.

    Now tell me what problems you are having.
     
    TimW, Jan 22, 2008
    #2
  3. 00420

    00420 Private E-2

    Re: Malware Removal

    mcafee was uninstalled befor i came to use the computer its my gurlfriends
    i will be adding one today

    uninstalled

    done....

    the internet was running really slow as it where bogged down by unwanted programs.
     
    00420, Jan 22, 2008
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Re: Malware Removal

    You may wish to use a Startup Manager

    Have you tried using a different browser?
     
    TimW, Jan 23, 2008
    #4
  5. 00420

    00420 Private E-2

    so when running combofix i get this

    please wait.
    combofix is preparing to run.
    access violation at address 76f2258f. read of address 00200064


    and it just sets there........... do i go too step 2 ( spybot - s&d ) ?
     
    00420, Feb 8, 2008
    #5
  6. 00420

    00420 Private E-2

    ok so i was able to get it to run here's my log's
     

    Attached Files:

    00420, Feb 8, 2008
    #6
  7. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    I've merged your two threads....Am I to assume we are still on the same computer ...and are we having the same problems? What was the point in running AVG if you didn't have it fix anything?

    I'm leaving work and will look at your logs later ....
     
    TimW, Feb 8, 2008
    #7
  8. 00420

    00420 Private E-2

    new avg scan....... i dont know why i did not have it fix ....
     

    Attached Files:

    00420, Feb 8, 2008
    #8
  9. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Still not seeing any anti-virus software ....and the only things that need fixing are these in the HJT log:

    O4 - HKLM\..\RunOnce: [SpybotDeletingA1567] command /c del "C:\ProgramData\ZangoSA\ZangoSAAbout.mht"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC510] cmd /c del "C:\ProgramData\ZangoSA\ZangoSAAbout.mht"
    O4 - HKLM\..\RunOnce: [SpybotDeletingA1736] command /c del "C:\ProgramData\ZangoSA\ZangoSAEULA.mht"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC9526] cmd /c del "C:\ProgramData\ZangoSA\ZangoSAEULA.mht"
    O15 - Trusted Zone: http://*.ruenscape.com
    O15 - Trusted Zone: http://*.runescape.com

    You may wish to post in the software section regarding other issues not related to malware.
     
    TimW, Feb 9, 2008
    #9
  10. 00420

    00420 Private E-2

    items fixed that you listed...


    and no this is my laptop not the same pc we where working on that one had a power supply go out thats why i have not aswered back on that thread....

    i will try posting on the software fourm....
    i was guessing it was malware on this being that my brother owed it befor me and has limewire installed..... 50-60% of my ram is runnign from the bootup
    it shows 50-60 programs runnign but i cant get any of them to stop even with a startup manager...
     
    00420, Feb 9, 2008
    #10
  11. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    List them when you post in software ...so that you can be advised.
     
    TimW, Feb 9, 2008
    #11

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds