Rapidly Spreading Virus

SpiritOfJazz · Aug 28, 2010

Hi there,
my father discovered a virus on his pc and has attempted to get me to deal with it. Though it's worth saying I'm not too tech savy myself, only possessing greater googling abilities.

In short it seems to be a very server problem which has developed in a very short amount of time; yesterday he was having problems getting Mozilla to work, today he's unable to get onto Dreamweaver which is an issue as he designs websites. I managed to look up a few programs the virus scanner discovered and it seems to be a very serious problem (desktoplayer was the name I believe).

However, as I mentioned I'm as useless as he is. I just finished following the steps on the forums so the logs are attached. At the moment I'm fearing for the worst so I'd be grateful for anything you guys can do.

chaslang · Aug 29, 2010

Welcome to Major Geeks!

Please immediately do the below. You must do this immediately and you must complete all 3 scans one after the other with only the delay to post logs in between. DO NOT use your PC for anything else but these instructions.

Run this Using ESET's Online Scanner and immediately attach the log.

Then run the Eset scan a second time and attach the 2nd log.

Then run the Eset scan a third time and attach the 3rd log.

After attaching the 3rd log, if any Ramnet infections were found by Eset, try to repeat the above until it comes up clean. The only infections of Ramnet you can ignore, are ones that may be found in the System Volume Information folder which is System Restore and cannot be cleaned. We will remove them later by disabling System Restore.

SpiritOfJazz · Aug 29, 2010

Thanks for the swift response. I followed the steps however the 2nd scan found no threats and each scan took over 5 hours. So I thought I'd post the 1st log before I go to bed and if you want me to carry out a 3rd I'll do so tomorrow.

However my fathers growing impatient, would formatting be a safe solution if he wanted to save time?

chaslang · Aug 30, 2010

SpiritOfJazz said: ↑

However my fathers growing impatient, would formatting be a safe solution if he wanted to save time?
Click to expand...

Looks like you may already be clean. Just disable system restore to remove infected restore points. Then reboot your PC and reenable System Restore.

B]Uninstall the below old versions of software:[/B]
J2SE Runtime Environment 5.0
Java(TM) 6 Update 19

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista or Win 7, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

After clicking Fix, exit HJT.
Now install the current version of Sun Java from: Sun Java Runtime Environment

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

C:\ComboFix.txt

C:\MGlogs.zip

Are you actually still having any malware proiblems?

Log in or Sign up

Rapidly Spreading Virus

SpiritOfJazz Private E-2

Attached Files:

log.txt

SUPERAntiSpyware Scan Log - 08-28-2010 - 21-37-07.log

mbam-log-2010-08-28 (22-05-29).txt

MGlogs.zip

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

SpiritOfJazz Private E-2

Attached Files:

esetscan1.txt

chaslang MajorGeeks Admin - Master Malware Expert Staff Member