need to remove some bad stuff...

Discussion in 'Malware Help (A Specialist Will Reply)' started by joshuamjohnson, May 1, 2009.

  1. joshuamjohnson

    joshuamjohnson Private E-2

    I have read other posts and I downloaded MGTools and ran it. I attached the logs zip file.

    would you please help me move from here to get clean?

    I am unable to run spybot even... when I go to "my computer\C:\" it is apparently trying to access an http path. It looks pretty ugly.

    any help is appreciated.

    thanks,

    -josh
     

    Attached Files:

    joshuamjohnson, May 1, 2009
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Forget about Spybot, I would also like for you to attach the logs from running the following, then we can continue to work up a fix for you.


    SUPERantispyware <--- C:\Documents and Settings\GabrielleL\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Logs\SUPERAntiSpyware Scan Log - 04-28-2009 - 13-10-51.log

    Malware Bytes <--- C:\Documents and Settings\GabrielleL\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2009-04-28 (16-51-21).txt

    ComboFix <--- C:\Combofix.txt
     
    Kestrel13!, May 4, 2009
    #2
  3. joshuamjohnson

    joshuamjohnson Private E-2

    Thanks for getting back to me. After reading through the Malware Removal forum, I went through the complete procedure of steps to remove the crap.

    It looks like all is working well now and I have installed some suggested anti virus software to keep me protected this time.

    I apologize for just posting a log file and expecting someone else to give me a solution without me being thorough first.

    The removal steps were so easy to follow.

    thank you for your support!

    -josh
     
    joshuamjohnson, May 4, 2009
    #3
  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    It may seem like things are working well now but we still have some issues to attend to, & your logs show signs of a wareout infection and we need to fix this.

    I will post back to you a set of instructions shortly if you wish to continue with the cleaning of this machine, but do bear with me and be patient because I am still working under supervision and will get back to you as soon as I can.

    Thanks
    Kestrel13!
     
    Kestrel13!, May 4, 2009
    #4
  5. joshuamjohnson

    joshuamjohnson Private E-2

    Kestrel13!

    Thanks for your follow-up...

    The first zip file that I sent was before I went through the cleanup process.

    The files attached to this post are my most recent scans.

    It would be great if you could let me know if I am clean once again.

    thanks!

    -josh
     

    Attached Files:

    joshuamjohnson, May 4, 2009
    #5
  6. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Oh I see :) Okay... well it's kinda late here in the UK but first thing in the morning I'll review your logs and once I have permission will post you a response.

    Also I reccomend using something other than Panda stand alone anti virus. This was not in our How to protect yourself from malware thread as one of our recommended.

    Thanks
    Kes
     
    Last edited: May 4, 2009
    Kestrel13!, May 4, 2009
    #6
  7. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    @joshuamjohnson

    The log you attached as MBAM is a combo log, not the MBAM log.

    I am not seeing that it was run in your MGLogs.

    If it was run, please attach it.
     
    TimW, May 4, 2009
    #7
  8. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Seems CF took care of things...


    I don't see any protection on this machine other than possibly Spyware Doctor if it is a pay version. I need to determine if it is a pay version, does it include an antivirus? Let us know.

    You also need a third party firewall installed!



    1. If you do not use Windows Messenger Run this Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

    2. Is your copy of Spyware Doctor 6.0 paid for software or just a useless trial that wont fix what it finds anyway? If just a trial, you may as well uninstall it.

    3. Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

    Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

    After clicking Fix exit HJT.


    4. Now run Ccleaner

    5. Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created by running this.

    6. Let us know of any problems you may have encountered with the above instructions and also let me know how things are running now.
     
    Kestrel13!, May 5, 2009
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds