Suspected worm.im.sohanad infection

msapi · Sep 17, 2008

Hi,

I have gone through your Read and Run Me First thread. Below are my progress so far.

Step 1: House Cleaning & Setup
Unable to uninstall malware, check Java version because no access to Control Panel
Unable to check msconfig because no access to Start 'run'
I ran CCleaner

Step2: Enabled viewing of hidden file

Step3: Windows XP Cleaning
Ran SuperAntiSpyware and attached log
Ran Spybot Search and Destroy
Ran Malwarebyte's Anti-Malware and attached log

I can now access Control Panel and Start 'run'
I tried running ComboFix from desktop, but only the ComboFix small window comes up and then nothing happens
I checked, and now my Control Panel has dissapeared but Start 'run' is still there.
Should I continue with MGtools or wait for your guys feedback?

Please help me out. Thank you.

TimW · Sep 18, 2008

Please continue with the MGTools and attach the resulting C:\MGLogs.zip.

msapi · Sep 19, 2008

unable to run mgtools. it says windows cannot find the file.
i see the mgtools folder created after clicking on it, but I can't run any of those 3 .bat files.
it's the same with combofix.

TimW · Sep 19, 2008

Please be more specific....windows can't find what file? Did you download it to the C drive?

Did you download ComboFix to the desktop?

What error messages are you getting? What happened when you double clicked the MGTools.exe or the combofix.exe?

msapi · Sep 20, 2008

I downloaded ComboFix to the desktop. But when I ran the app, only the progress bar comes up, then nothing happens.
I downloaded mgtools to C:\ drive. When I ran the app, Windows says it cannot find the file, which is strange. The mgtools folder is extracted but I cannot run any of the .bat files.

TimW · Sep 20, 2008

HAve you tried doing both in safe mode? Can you get on the internet with that computer?

If so you can try this:

Now go to Bitscan link: agree to the license and then select Scan. DO NOT CHANGE THE OPTIONS TO SHOW ALL FILES SCANNED. That will make your logs huge and we don't need to see clean files. Once Bitdefender completes the scan:

Click-on the Detected Problems tab. Then select Click here to export the scan report

When the window comes up to save the report, change the Save as type: box to Text (Tab Delimited) (*.txt) and then in the File name box enter change to bdscan then click save. This will save a file named bdscan.txt in whatever folder you are currently in when you save the file (take notice of where you are at so you can find it later). This bdcan.txt file will actually contain HTML code that we can easily view later while reviewing your log. All we have to do is rename the file to bdscan.html.

msapi · Sep 22, 2008

I tried running both app in soft mode but to no avail.
I had to format the computer as I needed to get working correctly. Thanks for all your help.

TimW · Sep 22, 2008

Sorry to hear that......you may wish to read How to Protect yourself from malware!

Good luck and safe surfing.

Log in or Sign up

Suspected worm.im.sohanad infection

msapi Private E-2

Attached Files:

SUPERAntiSpyware Scan Log - 09-18-2008 - 01-55-36.log

mbam-log-2008-09-18 (02-20-45).txt

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

msapi Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

msapi Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

msapi Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member