Jump to content

SpySentinel

Honorary Members
 View Profile  See their activity

  • Posts

    1,847

  • Joined

  • Last visited

 Content Type 

Posts posted by SpySentinel

    Annoyed to the bone

    in Resolved Malware Removal Logs

    Posted

    For help with your graphics and sound card, I recommend you post a new thread in our PC Help forum where we deal with hardware, software, and networking issues:

    http://forums.malwarebytes.org/index.php?showforum=6

    But first, to finish cleaning up your computer:

    Your log looks clean, Great Job! :)

    Follow these steps to uninstall Combofix and tools used in the removal of malware

    • Click START then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
      CF_Uninstall-1.jpg


      Now for some cleanup..
      Please download OTC and save it to Desktop.
      • Please make sure you are connecting to the Internet
      • Double-click OTC.exe
      • Click the CleanUp! button.
      • Select Yes when the "Begin cleanup Process?" prompt appears.
      • If you are prompted to Reboot during the cleanup, select Yes

    Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

    1. Disable and Enable System Restore. - Set a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which sometimes can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.
      The easiest and safest way to do this is:
      • Go to Start > Programs > Accessories > System Tools and click "System Restore".
      • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
      • Then go to Start > Run and type: Cleanmgr
      • Click "OK".
      • Click the "More Options" Tab.
      • Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.

    [*]Make your Internet Explorer more secure - This can be done by following these simple instructions:

    1. From within Internet Explorer click on the Tools menu and then click on Options.
    2. Click once on the Security tab
    3. Click once on the Internet icon so it becomes highlighted.
    4. Click once on the Custom Level button.


      2. Next press the Apply button and then the OK to exit the Internet Properties page.


      3. Update your AntiVirus Software - It is imperative that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
      4. Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.
        Please only choose one.

    [*]Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

    [*]Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.

    [*]Install SpywareGuard - SpywareGuard offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program or there will be a conflict.

    [*]Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

    [*] Update Non-Microsoft Programs - It is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities. You can check these by visiting Secunia Software Inspector and Calendar of Updates.

    Follow this list and your potential for being infected again will reduce dramatically.

    Here are some additional utilities that will enhance your safety

    • Norton Safe Web <= Norton Safe Web protects your browser against malicious sites and warns you when you go to one.
    • MVPS Hosts file <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your coputer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer

    Change the Download signed ActiveX controls to Prompt
    Change the Download unsigned ActiveX controls to Disable
    Change the Initialize and script ActiveX controls not marked as safe to Disable
    Change the Installation of desktop items to Prompt
    Change the Launching programs and files in an IFRAME to Prompt
    Change the Navigate sub-frames across different domains to Prompt
    When all these settings have been made, click on the OK button.
    If it prompts you as to whether or not you want to save the settings, press the Yes button.

    Annoyed to the bone

    in Resolved Malware Removal Logs

    Posted

    From the recent logs, it appears your computer is clean of malware. It is just the aftermath of that nasty rootkit that may be still present.

    i remember we used the tool defogger it is still on disabled maybe that could cause the problem?

    You could try and see if it helps.

    Annoyed to the bone

    in Resolved Malware Removal Logs

    Posted

    You had a very nasty rootkit that infected your system MBR, and was why you were experiencing all those issues. The issue you are having with your game is more than likely an after affect of the rootkit.

    I like to have you run one more scan to see if we completely got rid of the rootkit.

    Please read carefully and follow these steps.

    • Download TDSSKiller and save it to your Desktop.
    • Extract its contents to your desktop.
    • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
      TDSSKillermain.png
    • If an infected file is detected, the default action will be Cure, click on Continue.
      TDSSKillerMal-1.png
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
      tdsskiller2.png
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
      TDSSKillerCompleted.png
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Re-Direct Virus Won't Go Away

    in Resolved Malware Removal Logs

    Posted

    Hi stuckinthemiddle,

    Welcome to the Malwarebytes Forum :)

    My name is Matt and I will be assisting you.

    Please run a Quick scan with Malwarebytes' Anti-Malware again, and this time, be sure to click Remove after it finds the infected objects. Post the log here once it is finished.

    Also,

    • Download OTL to your desktop.
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Minimal Output.
    • Check the boxes beside LOP Check and Purity Check.
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

    Please help me remove click.giftload

    in Resolved Malware Removal Logs

    Posted

    Your log looks clean, Great Job! :)

    Follow these steps to uninstall Combofix and tools used in the removal of malware

    • Click START then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
      CF_Uninstall-1.jpg


      Now for some cleanup..
      Please download OTC and save it to Desktop.
      • Please make sure you are connecting to the Internet
      • Double-click OTC.exe
      • Click the CleanUp! button.
      • Select Yes when the "Begin cleanup Process?" prompt appears.
      • If you are prompted to Reboot during the cleanup, select Yes

    Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

    1. Disable and Enable System Restore. - Set a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which sometimes can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.
      The easiest and safest way to do this is:
      • Go to Start > Programs > Accessories > System Tools and click "System Restore".
      • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
      • Then go to Start > Run and type: Cleanmgr
      • Click "OK".
      • Click the "More Options" Tab.
      • Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.

    [*]Make your Internet Explorer more secure - This can be done by following these simple instructions:

    1. From within Internet Explorer click on the Tools menu and then click on Options.
    2. Click once on the Security tab
    3. Click once on the Internet icon so it becomes highlighted.
    4. Click once on the Custom Level button.


      2. Next press the Apply button and then the OK to exit the Internet Properties page.


      3. Update your AntiVirus Software - It is imperative that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
      4. Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
      5. Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.
      6. Install SpywareGuard - SpywareGuard offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program or there will be a conflict.
      7. Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
      8. Update Non-Microsoft Programs - It is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities. You can check these by visiting Secunia Software Inspector and Calendar of Updates.

        Follow this list and your potential for being infected again will reduce dramatically.
        Here are some additional utilities that will enhance your safety
        • Norton Safe Web <= Norton Safe Web protects your browser against malicious sites and warns you when you go to one.
        • MVPS Hosts file <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your coputer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer

    Change the Download signed ActiveX controls to Prompt
    Change the Download unsigned ActiveX controls to Disable
    Change the Initialize and script ActiveX controls not marked as safe to Disable
    Change the Installation of desktop items to Prompt
    Change the Launching programs and files in an IFRAME to Prompt
    Change the Navigate sub-frames across different domains to Prompt
    When all these settings have been made, click on the OK button.
    If it prompts you as to whether or not you want to save the settings, press the Yes button.

    XP home security 2011-virus removal

    in Resolved Malware Removal Logs

    Posted

    Download ComboFix from one of these locations:

    Link 1

    Link 2

    * IMPORTANT !!! Save ComboFix.exe to your Desktop

    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
    • Double click on ComboFix.exe & follow the prompts.
    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

    RcAuto1.gif

    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    whatnext.png

    Click on Yes, to continue scanning for malware.

    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

    Purchase ?

    in Malwarebytes for Windows Support Forum

    Posted

    It will automatically protect your computer, but make sure that protection is in fact enabled.

    Please Open Malwarebytes' Anti-Malware, and then go to the protection tab. Make sure that you can see a green box that says Protection enabled and that all of the check boxes below it are checked.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.