Very persistent malware problem

Discussion in 'Malware Help (A Specialist Will Reply)' started by Sgt_Hoax, Aug 15, 2009.

  1. Sgt_Hoax

    Sgt_Hoax Private E-2

    ok... where to begin.

    about a week or 2 ago AVG detected something. this was around the same time one of my favourite world of warcraft news sites reported a flash vulnerability (Link to article found here) in one of its blue-tracker features (something that I do use regularly)

    as a result my world of warcraft account was hacked. on the recommendation of a friend, I installed AVG and installed Kaspersky on a 30 day trial version.

    since then an attempt was made on my account again just today (about 5 - 6 hours as of posting this)

    luckily a trusted friend was on hand to assist not only with a full lock-down of my account, but also a major bug hunt with heavy assistance from these very forums (great stuff here by the way)

    results were... interesting...

    instructions from Malware Removal FAQ were followed closely with my friend giving technical assistance for one where applicable.

    logs are as followed:

    SuperAntiSpyware - failed. "The System Administrator has set policies to prevent this installation"
    all attempts to by-pass this, including walking me through a DOS prompt registry change failed.

    Malwarebytes Anti-Malware - Logs available

    ComboFix - failed. spectacularly. Combofix completed all 50 stages, but upon attempting to reset one encountered a blue screen of death. one being a total nub assumed this was part of the "plan" as ones friend had described Combofix as a rather "wild ride". after about 15 min, PC reset but was thus unable to find its operating system. after much panic this was eventually solved by a simple power-on/off restart.

    C:\ComboFix.txt does not exists and thus no log can be given for this program. one does not know if one was successful or not with combofix and was advised not to try again. (Combofix scares me ._.)

    RootRepeal - Log available

    MGtools - Logs available; however, ones fried commented that MGtools finished rather quickly.




    we were both left unsure what to do, but fairly certain something nasty is still lurking. awaiting your advisement - a concerned gamer.
     

    Attached Files:

    Sgt_Hoax, Aug 15, 2009
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Other than what has already been removed by the cleaning procedure, your logs are clean. The only thing you need to do is get Java updated per the READ & RUN ME.

    Uninstall the below old versions of software:
    J2SE Runtime Environment 5.0 Update 6
    Java(TM) 6 Update 11
    Java(TM) 6 Update 5
    Java(TM) 6 Update 7


    After a reboot, install the current version of Sun Java from: Sun Java Runtime Environment
     
    chaslang, Aug 18, 2009
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds