Ameana Blackworm Removal

Discussion in 'Malware Help (A Specialist Will Reply)' started by rustybst, Jul 27, 2006.

  1. rustybst

    rustybst Private E-2

    A few days ago I contracted a rather nasty version of malware that all my google searches point to calling the ameana blackworm, due to the fact that the popups associated with the malware take you to ameana.com. I have been able to disable most of it and my system is running very close to where it was before the infection however some popups still remain. A have run HijackThis and the only thing strange that I notice running is a randomly named file with a Doggy Icon in my C:\windows\temp directory. I am unable to delete this file in normal mode and in safe mode the file is hidden and cannot be found. This file renames itself everytime I reboot my system and if I do successfully remove it (which I have several times) it recreates itself in the same directory with a different name. I have attached my most current HijackThis log in the hopes that someone out there may know what steps I need to take next.
     

    Attached Files:

    rustybst, Jul 27, 2006
    #1
  2. matt.chugg

    matt.chugg MajorGeek

    Welcome to MajorGeeks rustybst ;)

    - Please run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

    Make sure you check version numbers and get all updates.



    After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:


    Downloading, Installing, and Running HijackThis


    When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)

    Bitdefender
    Panda Scan
    HijackThis

    Good Luck!:)
     
    matt.chugg, Jul 27, 2006
    #2
  3. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    rustybst,

    As previously requested from Matt you must run the steps listed in the READ ME, mainly run the online scans in step 6. Also, please see the thread on Hijack This, you need to rename and relocate your HJT.

    Downloading, Installing, and Running HijackThis
    Once you have completed the steps in the READ ME and followed the HJT article please see the below thread.

    Look2Me VX2 Removal

    Once you have completed the READ ME, HJT sticky and the Look2Me/VX2 Removal you should attach four logs to your next post. You should attach a fresh HJT log, Bit Defender Log, Panda Scan Log and the Look2Me-Destroyer Log. Matt will check your logs and post a fix when you are done.

    Good Luck! :)
     
    bjgarrick, Jul 27, 2006
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds