Eisenwand Posted November 27, 2012 ID:617499 Share Posted November 27, 2012 My Fiancees Computer has a REALLY annoying JS/Medfos.b virus that we cannot get rid of despite running malwarebytes and MSE in both normal and safe modes. Please help us. Thanks in advance, let me know what else you need!attach.txtdds.txt Link to post Share on other sites More sharing options...
kevinf80 Posted November 27, 2012 ID:617504 Share Posted November 27, 2012 I`m checking your logs will reply shorly... Link to post Share on other sites More sharing options...
kevinf80 Posted November 27, 2012 ID:617505 Share Posted November 27, 2012 Hello again,You have three security systems installed, Norton IS, AVG and Microsoft Security Essentials, that is not good and will cause major problems for your system. You must UNinstall two of those immediately. I recommend you remove Norton and AVG, keep MSE and make sure window Firewall is also active.You can remove NIS and AVG via start > control panel > UNinstall a Program. Or use specific removal toolsNIS here - https://www-secure.symantec.com/norton-support/jsp/help-solutions.jsp?ct=us&docid=20080710133834EN&lg=en&product=home&pvid=f-ho&version=1AVG here - http://www.avg.com/us-en/utilitiesWhen the Security is sorted out run the following and post the logs....Please download AdwCleaner by Xplode onto your Desktop. Please close all open programs and internet browsers. Double click on Adwcleaner.exe to run the tool. Click on Delete. Confirm each time with OK. Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply. You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.Please post the log.Next,Please download RogueKiller to your desktop Quit all running programs For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe Wait until Prescan has finished... Click on ScanPost the log.....Let see both logs,Kevin Link to post Share on other sites More sharing options...
Eisenwand Posted November 27, 2012 Author ID:617522 Share Posted November 27, 2012 Ok lets see if I did this right, I didnt get a log after I did the Rogue Killer, did I do something wrong?AdwCleanerR1.txt Link to post Share on other sites More sharing options...
Eisenwand Posted November 27, 2012 Author ID:617525 Share Posted November 27, 2012 Ok I found the RK report... Im just a total technoidiot and didnt realize that I actually had the log on my desktop... forgive me all you computer savvy folks out there!RKreport4_S_11262012_02d2045.txt Link to post Share on other sites More sharing options...
kevinf80 Posted November 27, 2012 ID:617548 Share Posted November 27, 2012 The scan with AdwCleaner has been done with the "Search" function, I told you to use the "Delete" function, also you are attaching logs, they should be copied and pasted direct into your reply, not added as attachment.Re-run AdwCleaner as initially requested, when complete do the following:Delete any versions of Combofix that you may have on your Desktop, download a fresh copy from the following link :-Combofix Ensure that Combofix is saved directly to the Desktop <--- Very important Disable all security programs as they will have a negative effect on Combofix, instructions available Here if required. Be aware the list may not have all programs listed, if you need more help please ask. Close any open browsers and any other programs you might have running Double click the icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator) Instructions for running Combofix available Here if required. If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes. When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" for further review****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read Here why disabling autoruns is recommended.*EXTRA NOTES* If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so. If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)Post the logs from AdwCleaner and Comfix in next reply please...Kevin Link to post Share on other sites More sharing options...
kevinf80 Posted December 1, 2012 ID:618794 Share Posted December 1, 2012 Still with us? Link to post Share on other sites More sharing options...
LDTate Posted December 2, 2012 ID:619064 Share Posted December 2, 2012 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts