Trying to be sure my system is clean 1/2

Discussion in 'Malware Help (A Specialist Will Reply)' started by AlisenV, Feb 11, 2007.

  1. AlisenV

    AlisenV Private E-2

    Followed all your instructions - logs attached. Panda Active Scan found lots of spyware that was not removed - and I am not sure how to remove it.

    Thanks in advance,
    Alisen
     

    Attached Files:

    AlisenV, Feb 11, 2007
    #1
  2. AlisenV

    AlisenV Private E-2

    Trying to be sure my system is clean 2/2

    I did run counter-spy, but am not seeing an output from it. Should I run it again?

    Thanks in advance,
    Alisen
     

    Attached Files:

    AlisenV, Feb 11, 2007
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Re: Trying to be sure my system is clean 2/2

    Welcome to Majrogeeks!

    Please stay in one thread for your problems! I merged your other message back to your first thread.

    Did it report anything at all? If it does not work for you, uninstall CounterSpy and run AVG Antispyware as requested in the READ & RUN ME.


    You also need to attach the log from ShowNew

    Panda did not find anything that is important and if you had followed the directions in step 1 of the READ ME, it would not have even wasted your time with that misleading information. I quote from the READ ME
    Notice the last bullet item! This is the key. Following the READ ME in the order written and completing all steps will reduce scan time and all log file sizes. However also note that as I already implied, Cookies are not problems!


    Are you or were you having any malware problems?
     
    Last edited: Feb 13, 2007
    chaslang, Feb 12, 2007
    #3
  4. AlisenV

    AlisenV Private E-2

    OK - I went back and started over. I ran CCleaner on both Administrator and Owner accounts - that is all that is on this PC.

    I ran Counter-Spy again, and it found nothing.
    Attaching BitDefender log
    Attaching Panda ActiveScan
    Attaching GetRunKey

    More to follow next reply...
     

    Attached Files:

    AlisenV, Feb 12, 2007
    #4
  5. AlisenV

    AlisenV Private E-2

    Attaching ShowNew
    Attaching Hijack This

    With regard to your other question:

    When I log off, I get an End Program box for a program called Sample. I don't know what that is, and don't see it on add/remove programs. The message says that it is not responding. This happened on Admin account when I closed it (in safe mode)

    There are three other items I saw in startup processes in Spybot that I question as well

    ZCfgSvc.exe
    VersatoMs - MulMouse.exe
    Pronomgr.exe

    The PC has been sluggish, not sure what is causing it, but I think it might be this Sample program, whatever it is.

    Hope this is a bit clearer - wasn't trying to shortcut, just missed the thing about CCleaner and the Admin account. Mea culpa!

    Thanks in advance,
    Alisen
     

    Attached Files:

    AlisenV, Feb 12, 2007
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You don't really have any malware problems!

     
    Last edited: Feb 14, 2007
    chaslang, Feb 14, 2007
    #6
  7. AlisenV

    AlisenV Private E-2

    OK - I'll deal with this later. I do use the wireless connection for this PC. It seems odd that suddenly this "sample" issue would happen, I don't think I changed anything with ProSet. However, the last several times I rebooted following your instructions, I didn't see the error at all. Perhaps it was something else.

    I didn't know that Viewpoint wasn't part of something else, which is why I didn't remove it. I see you added a listing with a hotlink - sorry, that wasn't there the last time I followed your instructions.

    Things look ok. Thank you for your help. You ought to get an assistant - or a raise - as you appear quite busy these days.

    Take care,
    Alisen
     
    AlisenV, Feb 14, 2007
    #7
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    On the contrary! It has been there for almost two years. ;)



    If you are not having any other malware problems, it is time to do our final steps:
    1. If we used Pocket Killbox during your cleanup, do the below
      • Run Pocket Killbox and select File, Cleanup, Delete All Backups
    2. If we used ComboFix you can delete the ComboFix.exe file and associated C:\combofix.txt log that was created.
    3. If we user SDFix you can delete all the SDFix related files and folders from your Desktop or whereever you installed it.
    4. If we used VundoFix, you can delete the VundoFix.exe file and the C:\VundoFix Backups folder and C:\vundofix.txt log that was created.
    5. If we had your run FixWareOut, you can delete the Fixwareout.exe file and the C:\fixwareout folder.
    6. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    7. You can delete the ShowNew.Zip and GetRunkey.Zip files and the files that you extracted from the ZIP files. You can also delete the C:\newfiles.txt and C:\runkeys.txt logs that were created
    8. If you are running Windows XP or Windows ME, do the below:
      • go back to step 8 of the READ & RUN ME to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.
    9. After doing the above, you should work thru the below link:
     
    chaslang, Feb 15, 2007
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds