Not sure I got it all..

Discussion in 'Malware Help (A Specialist Will Reply)' started by therealstarlette, Mar 31, 2009.

  1. therealstarlette

    therealstarlette Private E-2

    Was downloading a file on 3-28, been down hill since then..

    I got an instant popup asking to do a scan, an internet scan.. tried to close it right away.. didnt work had to ctrl alt del, killed the process..

    didnt think anything of it.. throughout the weekend i kept getting popups started driving me nuts.. came here started with the Read Me..

    I already had CCleaner and ran that along with spybot. i removed everything they found.. the rest of this i did over the next 2-3 days..

    i moved on to :

    -no malware found in ad/remove control panel
    -java updated
    -msconfig set to normal startup.
    -quarantine folders emptied
    -ccleaner run
    -SUPERAntiSpyware i noticed when this toook foreevverr that i had used the internet again and hadnt run CCleaner again, so i ran it again after this
    -ccleaner run again
    -Malwarebytes Anti-Malware I ran this one twice as it rebooted and said to rescan. so there is 2 logs
    -combofix.exe

    I dont seem to be having problems at the moment.. but just wanted someone to take a peek at my logs to see if i need to do anything else.

    Thanks,
    Starlette

    ill be making a second post to attatch the combofix log...
     

    Attached Files:

    therealstarlette, Mar 31, 2009
    #1
  2. therealstarlette

    therealstarlette Private E-2

    combo fix log attachment.. ok well... i tried to attach it but it says its to large.. is there a part of it i can delete to make it so i can attach it??

    didnt want to delete something that might be needed..


    ok.. so i just copy and pasted it into 2 txt files..
     

    Attached Files:

    Last edited: Mar 31, 2009
    therealstarlette, Mar 31, 2009
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    It is too large because you ran it in the past ( 2008-05-27 ) and never uninstalled it afterwards.

    You only have some minor left overs to remove and then final instructions.

    Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

    O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

    After clicking Fix, exit HJT.


    Your logs will be clean after doing the above. If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    3. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /u
        • Notes: The space between the combofix" and the /u, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
      • Delete the C:\combofix folder from combofix (if it exists)
    4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    5. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    6. Go to add/remove programs and uninstall HijackThis.
    7. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
    8. If you are running Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures in step 3 the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.
    9. After doing the above, you should work thru the below link:
     
    chaslang, Apr 2, 2009
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds