Had an infection not sure if its gone or not

Discussion in 'Malware Help (A Specialist Will Reply)' started by Borsung, Mar 6, 2009.

  1. Borsung

    Borsung Corporal

    Greetings fellow geeks!

    I recently snagged up a rather small spyware bug, where it changed my desktop into some "*DANGER* Your computer has been infected with trojans, pass(something) and other spyware please click this link to remove the problems"(dunno where the linkw ent, im not dumb enough to click on it lol)

    Anyway i ran all the steps in the procedures, i use to have a icon in the task bar that told me my computer was infected, thats now gone, and that background on my desktop is gone to, but instead its just a blue screen(im aware that probably re-applying a desktop background would make it go away) but i fiugred i would leave it and see if it would go away on its own(a indicator that maybe i got rid of all the malware) Upon doing the first few steps i was getting a tab open in firefox about some antivirus windows 2009 or something, but it never connected and kept getting an error and to try again.

    I dont see other problems other than the desktop still being blue, was wondering if you could pin-point if i missed something or if my system looks clean here are the logs attatched below:

    Thanks again!
     

    Attached Files:

    Borsung, Mar 6, 2009
    #1
  2. Borsung

    Borsung Corporal

    last log attached below

    again thanks for the help!

    Im gonna keep the blue desktop till told otherwise :p

    EDIT: i have noticed another problem and thats images coming up in certain apps. I.E.: my version of AIM usually has some "advertisement" that shows above my buddy list, now its just a box, a little "icon" in the top left corner and the words "Advertisement" in blue letters next to it.

    I just ran "Warhammer:Age of Reckoning" video game and the same thing happened on the patcher screen where normally some picture would show up, its just a blank with that icon in the top left.
     

    Attached Files:

    Last edited: Mar 6, 2009
    Borsung, Mar 6, 2009
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You have some more to fix.

    Your MGlogs.zip file is incomplete. Which normally means you did not allow it to finish running or you did not click twice on the HijackThis license agreement. When we get new logs, you need to make sure you run the steps properly.


    Uninstall the below software:
    Ask Toolbar <-- should have been uninstalled in step 1 of the READ ME
    Java(TM) 6 Update 7
    Viewpoint Media Player <-- should have been uninstalled in step 1 of the READ ME


    Now we need to use ComboFix
    • Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
      • If it is not on your Desktop, the below will not work.
    • Open Notepad and copy/paste the text in the below quote box into it:
    • Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
    • At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
    • You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
    • Now use your mouse to drag CFscript.txt on top of ComboFix.exe
    • Follow the prompts.
    • When it finishes, a log will be produced named c:\combofix.txt
    • I will ask for this log below
    Note:

    Do not mouseclick combofix's window while it is running. That may cause it to stall.


    After reboot, now install the current version of Sun Java from: Sun Java Runtime Environment

    Now run Ccleaner!

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). Makes sure you allow it to finish running and also make sure you click twice on the Accept button to agree to the TrendMicro HijackThis license agreement.


    Then attach the below logs:
    • C:\ComboFix.txt
    • C:\MGlogs.zip
    Make sure you tell me how things are working now!
     
    chaslang, Mar 9, 2009
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds