iexplore.exe problem maybe fixed (log attached)

Discussion in 'Malware Help (A Specialist Will Reply)' started by syciec, Aug 22, 2010.

  1. syciec

    syciec Private E-2

    Hello, first of all thanks a ton for your help (I read the READ & RUN FIRST thread) it helped me a lot in removing this REALLY ANNOYING virus/trojan/whatever.

    iexplore.exe kept popping up in processes, with some random stupid .exe that wouldn't go away when I deleted it in registry/manually etc.

    I downloaded SUPERAntiSpy and it took like 2 hours 40 mins to completely scan my computer but I think it was worth it. It got rid of the files that I knew were viruses, and some others that I had no idea about.

    Some of the ones I didn't know about were named similarly to normal Windows files, but with spaces before the period. So instead of KBD.exe it was KBD .exe and that made me suspicious but I was scared to delete them.

    Here is a log, and hopefully somebody can benefit from this in case they are experiencing the same problem. I followed the instructions to a tee. Also I will do the other 2 scans tomorrow with the other programs just to be safe.



    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 08/23/2010 at 01:33 AM

    Application Version : 4.41.1000

    Core Rules Database Version : 5391
    Trace Rules Database Version: 3203

    Scan type : Complete Scan
    Total Scan Time : 02:45:22

    Memory items scanned : 375
    Memory threats detected : 1
    Registry items scanned : 7105
    Registry threats detected : 6
    File items scanned : 38664
    File threats detected : 7

    Trojan.Agent/Gen-Virut
    C:\HP\KBD\KBD.EXE
    C:\HP\KBD\KBD.EXE
    [KBD] C:\HP\KBD\KBD.EXE
    [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    C:\WINDOWS\SMINST\RECGUARD.EXE
    C:\PROGRAM FILES\QUICKTIME\QTTASK.EXE
    C:\WINDOWS\FONTS\6JBMTV.COM

    Adware.AdRotator
    HKLM\SOFTWARE\Classes\AppID\{84C3C236-F588-4c93-84F4-147B2ABBE67B}
    HKLM\SOFTWARE\Classes\AppID\{84C3C236-F588-4c93-84F4-147B2ABBE67B}\apps
    HKLM\SOFTWARE\Classes\AppID\{84C3C236-F588-4c93-84F4-147B2ABBE67B}\apps\{38061EDC-40BB-4618-A8DA-E56353347E6D}
    HKLM\SOFTWARE\Classes\AppID\{84C3C236-F588-4c93-84F4-147B2ABBE67B}\apps\{7B6A2552-E65B-4a9e-ADD4-C45577FFD8FD}

    Trojan.Agent/Gen-OnlineGames
    C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\H506YAQP.EXE
    C:\WINDOWS\Prefetch\H506YAQP.EXE-25D1E6D0.pf

    Trojan.Agent/Gen-Falofn
    C:\WINDOWS\SYSTEM32\FIREWALL.EXE




    Thanks again, I hope this helps somebody,
    Carl
     
    syciec, Aug 22, 2010
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Actually you did not. You should not have posted an inline log and you should have completed all of the READ & RUN ME before posting and then you should have attached all 5 logs.


    There are 4 other scans not 2. You need to complete all of them and attach all of the logs.
     
    chaslang, Aug 22, 2010
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds