ChrisOK
Members-
Posts
19 -
Joined
-
Last visited
Reputation
0 Neutral-
Caught something nasty...please help!
ChrisOK replied to ChrisOK's topic in Resolved Malware Removal Logs
Cool. I don't think an online scan is neccessary if you think everything is good. What do you recommend I use for protection going forward? Thanks again for all your help! -
Caught something nasty...please help!
ChrisOK replied to ChrisOK's topic in Resolved Malware Removal Logs
Malwarebytes' Anti-Malware 1.41 Database version: 2794 Windows 5.1.2600 Service Pack 3 9/13/2009 10:25:50 PM mbam-log-2009-09-13 (22-25-50).txt Scan type: Full Scan (C:\|F:\|H:\|) Objects scanned: 232267 Time elapsed: 1 hour(s), 56 minute(s), 19 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 2 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 13 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Windows Police Pro (Rogue.WindowsPolicePro) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Win Police Pro (Rogue.WindowsPolicePro) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: C:\Qoobox\Quarantine\C\blyuwrjl.exe.vir (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\AdvancedVirusRemover\PAVRM.exe.vir (Rogue.Installer) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\kbiwkmxnjtpxvp.dll.vir (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\bubeguto.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\eventlog.dll.vir (Trojan.Sirefef) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\kbiwkmirmmneps.dll.vir (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\kufefele.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\uacav.dll.vir (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\winupdate.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\yoharaje.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\yokagumo.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\kbiwkmkmewfnmx.sys.vir (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GFI4Y4OH\file[1].exe (Trojan.Dropper) -> Quarantined and deleted successfully. -
Caught something nasty...please help!
ChrisOK replied to ChrisOK's topic in Resolved Malware Removal Logs
Any recommendations on what I can do to keep this from happening again? McAfee is provided free by my ISP, but it seems worthless for catching anything before it's too late. -
Caught something nasty...please help!
ChrisOK replied to ChrisOK's topic in Resolved Malware Removal Logs
MBAM and Hijackthis are both working now. I was able to update mbam and I'm currently running a full scan.log.txt -
Caught something nasty...please help!
ChrisOK replied to ChrisOK's topic in Resolved Malware Removal Logs
Sounds good. Thanks! -
Caught something nasty...please help!
ChrisOK replied to ChrisOK's topic in Resolved Malware Removal Logs
No problem. Thanks for taking time out of your weekend to help me out. Log is attached. log.txt -
Caught something nasty...please help!
ChrisOK replied to ChrisOK's topic in Resolved Malware Removal Logs
Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item. -
Caught something nasty...please help!
ChrisOK replied to ChrisOK's topic in Resolved Malware Removal Logs
Still can't run or rename mbam. McAfee isn't working. System is pretty slow. -
Caught something nasty...please help!
ChrisOK replied to ChrisOK's topic in Resolved Malware Removal Logs
Sent. -
Caught something nasty...please help!
ChrisOK replied to ChrisOK's topic in Resolved Malware Removal Logs
I registered, but it says I don't have access to that section of the site. -
Caught something nasty...please help!
ChrisOK replied to ChrisOK's topic in Resolved Malware Removal Logs
Seems like everything is working albeit a bit slow. -
Caught something nasty...please help!
ChrisOK replied to ChrisOK's topic in Resolved Malware Removal Logs
The latest log is attached. ComboFix.txt -
Caught something nasty...please help!
ChrisOK replied to ChrisOK's topic in Resolved Malware Removal Logs
Alright, everything ran. I've even got my desktop back now. I never got a msg box along with the combofix log, so I ran it a second time. Still not msg box. I've attached both logs. Win32kDiag.txt ComboFix.txt ComboFix2.txt hijackthis.txt -
Caught something nasty...please help!
ChrisOK replied to ChrisOK's topic in Resolved Malware Removal Logs
Unfortunately i won't be able to drag and drop as my desktop never shows up. I just get a black screen. I've been doing everything from the command prompt, and I've only been able to access that by hitting ctl-alt-del to pull up task manager and using File->Run. Is there any way to accomplish this drag and drop from the command prompt? -
Caught something nasty...please help!
ChrisOK replied to ChrisOK's topic in Resolved Malware Removal Logs
Logs were too long, so they are attached. Thanks! ComboFix.txt hijackthis.txt