ryanzoo06
-
Posts
26 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by ryanzoo06
-
-
Went through the cleanup - it appears I have gotten everything, the only application I had to delete by simple rt click and delete was security check appl.
Ran the MBAR program. It came up clean, no malware found so it does not appear to have produced any logs (actually ran it twice cause I thought I might have missed something). Anything else? It is late and no problem not answering til tomorrow. Thanks
-
-
here's the checkup file.....
-
Seems like everything is doing well, at least the problem of freezing from previous is not happening since we started this latest round. Where does this leave us?
-
O.k., here's the next two logs.....
mbam-log-2012-11-09 (15-28-40).txtRKreport8_S_11092012_02d1540.txt
-
Ok., here's today's first round......
-
Sounds good - thanks, The post at Norton, I posted both there and here same time, I figured either one should respond, malwarebytes because it detected it but couldn't clean it, and nortons because they need to know they missed it. But they didn't get back to me when we got started and I haven't checked back with them as we've been busy enough here. Til Tomorrow
-
Here's the next round of files. No file came up as malicious on this round, Just 3 suspect.....
-
Sorry got pulled away -
So we are kind of back to square 1, well 2 maybe. Any thoughts why? I'll do the tdsskiller in just a moment. And why did you ask about if I was getting additional help?
-
Here's the next batch of reports: #4 post scan, #5 after deletion? #6 post second scan.
After clicking on files in the registry tab, when I went to the files tab I couldn't click on anything - they all were listed with FOUND in the first column. Also when running roguekiller I assume it's from another company because a foriegn language webpage kept trying to load so I turned off the wireless while running.
RKreport4_S_11082012_02d1955.txtRKreport5_D_11082012_02d1959.txtRKreport6_S_11082012_02d2013.txt
-
ps, when I got back to the laptop to read your latest reply norton 360 had thrown up a threat detected window, listing 26 or so cookies. Here's the report if you wanted it.
-
You're it. Here's the latest roguekiller, the zero access was flashing after the scan again, fyi
-
-
It'll be a couple hours before I can work on this again, just as a heads up, let you know when I get through the next batch, thanks for being patient.
-
overall seems good, responsive, haven't had a internet glitch yet. However, since we did the adwcleaner run-through (and technically the checkup run), the one glitch that has happened several times is when the laptop is shut off and restarted, both automatically or even if off for a while, the laptop starts up ok, gets through login window but when reaches main screen it freezes with the circle loading system running and won't do anything, even with ctrl+alt+del hit repeatedly. Once i kill it with power button and restart it loads all the way and is fine. This has happened 3 times now ..... ?? Thoughts?
-
ok, updated above with exception of IE8 to 9. Still need to do that one. Here's another adwcleaner run (not sure if you actually requested it again or not)......
-
Here's the security checkup file and the second run adwcleaner file...... and yes it's getting late and expect to not hear back until tomorrow. thanks for being patient.
-
O.k., here's the adwcleaner log....
-
O.k., re-enabled norton 360 and malwarebytes. Norton went into immediate auto-protect and detected/removed two trojans, Turned out to be the two files tdsskiller had put into quarantine. I included that detection log and a quick scan from norton, as well as the most recent log from tdsskiller. I realize the norton's scan may not be much use to you, but.......
next?
-
Well, combfix seems to have run ok anyway and getting a reply from beeping computer was going to be a while. Here's the combofix log.....
-
Trouble running combofix, I disabled norton 360 and malwarebytes and confirmed them to be off, but combofix continues to say norton 360 is still active. Tried contacting the bleeper website to ask but not sure my post made it. Will check again in a little while unless you have any suggestion.
-
ok, ran tdsskiller, and I'm attaching the files. when the scan finished and the report log opened it didn't look like it had completed in the notes, so I ran it a second time. First time had the pihar listed as malicious and 4 suspicious files, second time the scan only showed the 4 suspicious ones, sorry about the extra step, although as skip was chosen for the 4 nothing really changed on the second one correct?
TDSSKiller.2.8.15.0_07.11.2012_11.02.21_log.txtTDSSKiller.2.8.15.0_07.11.2012_11.08.05_log.txtTDSSKiller.2.8.15.0_07.11.2012_11.16.01_log.txt
-
Sounds fine, I will run the tdsskiller and post back......
-
Thanks for such promptness. I am not opposed to a re-install. Oddly enough I had just done a reinstall of windows about 3 months ago. My question is if I do this verse trying to clean the computer, can I still run the usual backups and system images to allow reconfiguring of laptop once done with install, or is there a chance of the backups/system image of becoming infected?
Thanks again,
Mark
Another request to help remove svchost.eve trojan.agent
in Resolved Malware Removal Logs
Posted
Excellent job then, and thank you very much for all your efforts. So, then if this were your computer, and you recall your concern with the initial threat being a backdoor virus and permanently compromising the laptop - you are comfortable with the level of cleaning at this point without an immediate need of uninstalling and installing windows?
Thank you again for spending the last three days combined helping clean this up.
Mark