Malware Removal Logs to Check

Discussion in 'Malware Help (A Specialist Will Reply)' started by gingerninja, Nov 17, 2010.

  1. gingerninja

    gingerninja Private E-2

    Hi,

    I discovered a couple of days ago that my Antivirus had stopped updating itself and I was having trouble doing it manually. After a couple of reboots I eventually managed to update and then performed a scan. The scan discovered three items of Hacking Tools going under the name Exploit/ByteVerify and were found in the java deployment folder ( more specifically they were dev/s/LoaderX.class, dev/s/DyesyasZ.class, and dev/s/AdgredY.class ).

    The files were quarentined and then removed from there as instructed in the Read & Run me First instructions.

    I've followed that thread through the logs are attached. I believe all progs ran as expected apart from RootRepeal and I've attached the error log that was produced there (something o do with a driver missing I think).

    Also on double clicking MGTools.exe (which I could only save to the desktop) the prog seemed to perform a scan. I will attach a log from a second scan that I performed after selecting to "run as administrator" - I can attach the first log if needed too.

    Hopefully someone can tell me if my system is now clean or if there are further steps to perform.

    Any information as to the nature of the Malware would be appreciated too. I learned yesterday that my bank card has been cloned and am presuming that the Malware has allowed access to information on my pc. I therefore need to inow what steps to take to prevent this happening again.

    Many thanks

    GingerNinja
     

    Attached Files:

    gingerninja, Nov 17, 2010
    #1
  2. gingerninja

    gingerninja Private E-2

    And the MGTools Log
     

    Attached Files:

    gingerninja, Nov 17, 2010
    #2
  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    It looks like the scans took care of any malware that was on your system. Tell me what issues you are still having, if any.
     
    TimW, Nov 17, 2010
    #3
  4. gingerninja

    gingerninja Private E-2

    Thanks TimW,

    I'm not experiencing any issues that I can see, so hopefully all is well. I was just wary of there being anything lurking on my system that may still be undetected by the scans done so far. All being well though the problem's been resolved.

    Cheers to all at Majorgeeks!

    Gingerninja :)
     
    gingerninja, Nov 17, 2010
    #4
  5. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Good to know.

    If you are not having any other malware problems, it is time to do our final steps:

    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real time protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.We recommend them for doing backup scans when you suspect a malware infection.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /uninstall
        • Notes: The space between the combofix" and the /uninstall, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.


    3. Go back to step 6 of the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
    4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    7. Go to add/remove programs and uninstall HijackThis.
    8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures pointed to by step 7 of the READ ME
        for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.

    10. After doing the above, you should work thru the below link:




    Support MajorGeeks with Geek Wear!
     
    TimW, Nov 17, 2010
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds