Help on Vista Cleaning Procedure. I ran it.

Discussion in 'Malware Help (A Specialist Will Reply)' started by lazybomb, Oct 4, 2010.

  1. lazybomb

    lazybomb Private E-2

    I need a little help with checking the logs.
    Before the procedure I was experiencing crypt trojans that just kept coming back with each removal.
    I don't know if it's still here after running the vista cleaning procedure.
    I skipped the Combofix and Rootrepeal steps because I have 64 bit.
     

    Attached Files:

  2. dr.moriarty

    dr.moriarty Malware Super Sleuth Staff Member

    Welcome to MajorGeeks, lazybomb

    Please update the database definitions for both Malwarebytes & SUPERAntiSpyware and re-run them, as they were outdated.

    Now download Sophos Anti-Rootkit 1.5 and save to a location you will be able to find such as your desktop
    1. Run sar_15_sfx by double clicking on it.
    2. Click Accept to agree to the EULA
    3. Click Install (if you wish to change the default installation location do so here but remember where you install to, the default is C:\SOPHTEMP)
    4. Once it finishes copying files, exit the installer

    Running the scan
    1. Navigate to the location that you installed the software to (Default: C:\SOPHTEMP)
    2. Run the sargui Application by double clicking on it. (Note: if using Vista or Windows 7, use right click and select Run As Administrator).
    3. Ensure that all three of the options are checked
    4. Click Start Scan
    5. Once the scan is complete, close Sophos Anti-Rootkit by closing the scan window and clicking Exit in the main window

    Do NOT click 'CLEAN UP CHECKED ITEMS' or attempt to have Sophos Anti-Rootkit fix anything unless specifically instructed.

    Finding the logs
    1. Click on Start --> Run
    2. Type in %TEMP%\sarscan.log and press enter
    3. The log file will open in the default editor (probably Notepad)
    4. Click File --> Save As and save the file to your desktop or other location for easy retrieval.

    Then run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Windows 7, use right click and select Run As Administrator).

    Please attach the below logs to your next reply:
    • updated C:\MGlogs.zip
    • updated MBAMlog.txt
    • updated SASlog.txt
    • sarscan.log

    * Make sure you tell me if you had any problems running this procedure; and answer this - "What malware problems are you still experiencing?"

    dr.m
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds