Jump to content

tocoin

Members
  • Posts

    12
  • Joined

  • Last visited

Reputation

0 Neutral
  1. OK, thanks...I deleted the FRST, JRT and MBAR logs and programs from my desktop and uninstalled Combofix. I uninstalled adwcleaner. I followed the instructions on setting IE properties. I downloaded/ran TFC. I'll read through the other info/material you have recommended. Thanks for all the help! Regards,
  2. Thanks. I updated to the latest version of the Adobe reader, and de-installed JAVA and reinstalled the latest version. I re-ran a quick scan on MalwareBytes and there were no problems detected. I have no other problems that have occurred or popped up, so I believe I am all set. Thank you very much for all your assistance and guidance. Regards,
  3. OK, thanks....I have attached the Combfix log to this reply. The systems appears to be running well at this point. Just want to make sure I am clean! Thanks. Combofixlog.txt
  4. OK, followed the steps you suggested, running a) JRT, b) AdWcleaner, c)MalwareBytes scan, d) ESET scan. All of the requested log files and reports are attached to this reply. I also have a couple other notes/comments. 1) In step c) while Malwarebytes was running, I got a pop up from McAfee AV that a Trojan was detected and removed: RDN/Generic.dx!c2i quarantined from C:\users\tocoin\appdata\local\temp\synsxrc\stiumrv\wow.dll. Also, a question: Your instructions were to unclick the option for ESET to remove any threats found. ESET identified seven threats, all various Trojans. Why not have ESET remove them? Now that ESET finished, are they still there? Should I run it again and remove them? Again, thanks for sticking with me on the problem ESETSCAN.txt mbam-log-2013-06-08 (13-52-05).txt AdwCleanerS1.txt JRT.txt
  5. May have been unrelated, power surge or something, was able to restore internet service working with provider Verizon....will try your last suggested steps this evening and post back afterwards.
  6. OK, I had to be away, but am back to this and will try. PC seemed OK for a few days, but now Internet access is down on it, so I will be back looking at it later today. If I can get Internet access, I will try the final steps you recommended in your last post. I fear it was not clean and Internet access got disabled by what was still on PC. Wireless router/DSL Modem has all green lights, looks clean.
  7. OK, I Created a system restore point, and then downloaded and ran mbar.exe (anti-rootkit). It ran to completion and reported the system was clean after the scan, so a clean up and re-boot was not required. I have attached the two requested files to this reply. "mbar-log-2013-06-02 (10-53-44).txt" and "system-log.txt". I had paused a McAfee scan, and restarted it after this completed. It reported one Trojan discovered and quarantined, so once that scan finished, I will be re-scanning with MalwareBytes and re-running mbar.exe just to make sure I am clean. My Internet service seems to be operating normally, and I will check my Windows Updates and Windows firewall and report back again. Thanks, mbar-log-2013-06-02 (10-53-44).txt system-log.txt
  8. Ran Combofix.exe as instructed. I have attached the log file to this reply. I will note that even as the Combofix log was completed, I got 1 message each from Malwarebytes and McAfee about Trojans that were caught and quarantined. Malwarebytes caught C:\users\tocoin\Appdata\roaming\Mozilla\Winde34.exe, and McAfee caught and quarantined C:\users\tocoin\Appdata\local\netscape\gwujweuu.dll Should I have disconnected myself from the Internet while I was running the cleanup programs and combofix? Not sure if I am clean or if it still lingers. Again, thanks for the help and advise. ComboFix.txt
  9. I have run FRST64 as requested and clicked on FIX. It completed successfully and I then rebooted. Reboot was very slow, but finally completed. I have attached the Fixlog.txt file as requested. Fixlog.txt
  10. Also, I re-ran Malwarebytes after being on-line to do the task above in my reply. While it was running, it displayed a messasge indicating Trojan was removed, and after it had run, the report indicated Trojan.Agent had been quarantined: Registry Value: HKCU\Software\Microsoft\Windows\CurrentVersion\RunlwabEventSupport16 File: C:\Users\tocoin\AppData\Roaming\wabEventSupport16\wabEventSupport16.dll Memory Module: Same C:\... file path as above in File: Regards,
  11. Thanks. I did as you asked and downloaded and ran FARBAR/FRST. I have attached the two files/reports that were produced to this reply, FRST.txt and Addition.txt I appreciate you advise/help. Regards, Addition.txt FRST.txt
  12. Hello. I have a Windows 7 Dell system. I use McAfee Security Center v11.6. Started getting Google (and Chrome) search re-directs. Could not solve/clean with McAfee. Installed Malwarebytes. Found/removed "Trojan.Ransom.Rel", but I continue to get messages like the following: "Malwarebytes blocked access to dangerous site 109.236.82.107 port 49648 (also has come up with other port numbers like 49556, 49578, 49551, 51850), process iexplore.exe". I followed the instructions and downloaded/ran DDS.scr and created DDS.txt and Attach.txt and I have attached them here. I would appreciate whatever help/advise you can provide on getting rid of this completely. Thank you very much. Attach.txt DDS.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.