No longer infected but still issues

Discussion in 'Malware Help (A Specialist Will Reply)' started by Honeymaid, May 26, 2009.

  1. Honeymaid

    Honeymaid Private E-2

    I ran the cleaning procedures and the Run& readme and the removal tools as the logs show and nothing seems to be left over;

    But I still have an issue where my WesternDigital MyBook Home Edition (500G) will connect for a short while but then suddenly un-mount itself and I'm pretty sure this is a PC-side issue as the cables used dont matter and it seems to connect fine to OTHER computers so I'm thinking I either still have something left over or something malicious edited something so external drives wont stay connected, I also had to reset my browsers to not use a proxy to connect which I never did so i'm guessing that was a last resort of ONE of the malware I dealt with?

    Please help!!

    All other USB devices work fine, if that matters?
     

    Attached Files:

    Honeymaid, May 26, 2009
    #1
  2. Honeymaid

    Honeymaid Private E-2

    Edit: Apparently not, ran Spybot just in case and it found Win32.Agent.pz which NONE of the other tools seem to have detected, should I run SDFix.exe like other places seem to suggest?
     
    Honeymaid, May 26, 2009
    #2
  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    The MBAM log indicates that you didnt fix what it found. May I assume that you saved that log before you had the program fix those item?

    You can do so additional cleanup...but first you have to disable teatimer as requested in the R and R. You also need to set msconfig back to normal start up.

    I strongly advise you to cleanup your Desktop. Remove everything but links to run programs. Do not download and save programs here and definitely do not use it for long term storage. You need to keep ComboFix.exe here for now as we need it, but we will be removing it when we are finished with your cleanup. A cluttered Desktop is malware's playground and it can also cause performance degradation especially when you start saving large files here like you are doing.

    The after you have done the above:

    Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
    After clicking Fix, exit HJT.

    Now use windows explorer to find and delete:
    c:\windows\system32\121973
    C:\Documents and Settings\All Users\Application Data\96363746.ini

    You can run SDFix and attach that log....but you need to tell me exactly what Spybot is detecting. The exact path.

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

    Then attach the below logs:

    * C:\MGlogs.zip
     
    TimW, May 29, 2009
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds