Jump to content

SVCHOST.exe infected with Trojan.Agent


Recommended Posts

New OTL log:

OTL logfile created on: 4/15/2012 2:34:42 PM - Run 2

OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Brian\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 2.61 Gb Available Physical Memory | 43.55% Memory free

11.99 Gb Paging File | 8.33 Gb Available in Paging File | 69.45% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 578.44 Gb Total Space | 454.35 Gb Free Space | 78.55% Space Free | Partition Type: NTFS

Drive D: | 17.43 Gb Total Space | 2.82 Gb Free Space | 16.18% Space Free | Partition Type: NTFS

Drive E: | 99.34 Mb Total Space | 92.75 Mb Free Space | 93.37% Space Free | Partition Type: FAT32

Computer Name: BRIAN-PC | User Name: Brian | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

< End of report >

Link to post
Share on other sites

  • Replies 57
  • Created
  • Last Reply

Top Posters In This Topic

I haven't seen any of the Brosive.com or TheRugged.com tabs pop up yet. Those usually only popped up once or twice a day. The computer seems to be running fine other than those popups once in awhile now. I will monitor things over the next day or so and see what happens.

Link to post
Share on other sites

Everything seems fine so far. I haven't encountered any issues in the last few days so I think maybe we got it all cleaned. I downloaded a copy of GMER and ran a rootkit scan using it and it didn't detect anything either. Hopefully we got it for good. I really appreciate all your help MrCharlie, thanks a bunch. :)

Link to post
Share on other sites

OK, a little clean up to do:

Please Uninstall ComboFix:

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

cf2.jpg

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

---------------------------------

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any other programs or logs you can manually delete.

----------------------------

You have out date Java on the system, older versions are vulnerable to malware.

Please go to your control panels add/remove programs and uninstall these:

Java™ 6 Update 20

Then go Java (in control panel) > Update Tab > Update Now

Java™ 6 Update 30 <----should be 31

------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.