Is computer clean now?

Discussion in 'Malware Help (A Specialist Will Reply)' started by nstickels, Jul 13, 2008.

  1. nstickels

    nstickels Private E-2

    I was having a lot of problems with general slowness on one of my kids computers, so I did several windows updates, etc. While doing that, I noticed at one point, there was a process glbb.tmp running. After looking it up on google, it said that this was malware, so I came here to run everything to get it clean. Things seem to be running better now, but I was hoping you could verify that the computer is clean now.

    Thanks,
    Neil
     

    Attached Files:

    nstickels, Jul 13, 2008
    #1
  2. nstickels

    nstickels Private E-2

    Posting mglogs.zip now.
     

    Attached Files:

    nstickels, Jul 13, 2008
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Your logs are clean, however, ComboFix has removed files for CyberSitter which I assume you knowingly installed to monitor your kids internet use. I'm not sure why you feel you need CyberSitter when you already have Parental Controls in your ZoneAlarm Security Suite.

    If you wish to repair what ComboFix has done to CyberSitter. Go to the below folder:

    C:\QooBox\Quarantine\C\WINDOWS\system32\

    And you will see the below files:
    Code:
    bnrfil~1.vir  Jun 20 2008         100  "bnrfil.dll.vir"
bsnlst~1.vir  Jun 20 2008         400  "bsnlst.dll.vir"
igefil~1.vir  Jun 20 2008         194  "igefil.dll.vir"
lastup~1.vir  Jun 20 2008          18  "lastupdate.dll.vir"
macfil~1.vir  Jun 20 2008          34  "macfil.dll.vir"
mp3fil~1.vir  Jun 20 2008         670  "mp3fil.dll.vir"
nfildl~1.vir  Jun 20 2008         116  "nfil.dll.vir"
oeminf~1.vir  Apr 13 2005         372  "OEMINFO.INI.vir"
picsfi~1.vir  Jun 20 2008         306  "picsfil.dll.vir"
snetfi~1.vir  Jun 20 2008         652  "snetfil.dll.vir"
srchfr~1.vir  Jun 20 2008         540  "srchfrgn.dll.vir"
srchou~1.vir  Jun 20 2008         258  "srchout.dll.vir"
    Rename all of then above files to just remove the secondary .vir extension that was added.

    Example: bnrfil.dll.vir should be bnrfil.dll

    Then copy or move all of the files back to your C:\WINDOWS\system32 folder.
     
    chaslang, Jul 14, 2008
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds