Jump to content

ukash virus

Chris1

By Chris1
in Resolved Malware Removal Logs

 Share

Recommended Posts

Chris1

Chris1

Posted
  • Author
Posted

Looks Good.....

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Computer has been running file even before downloaded the combofix and still is.

Here is the log for Malwarebytes Anti-Malware:

Malwarebytes Anti-Malware 1.65.1.1000

www.malwarebytes.org

Database version: v2012.12.27.06

Windows 7 x64 NTFS

Internet Explorer 9.0.8112.16421

Chris :: CHRIS-VAIO [administrator]

29/12/2012 10:23:56 AM

mbam-log-2012-12-29 (10-23-56).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 213663

Time elapsed: 2 minute(s), 38 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Good............

Please download AdwCleaner from here and save it on your Desktop.

  1. Right-click on adwcleaner.exe and select Run As Administrator (for XP just double click) to launch the application.
  2. Now click on the Search tab.
  3. Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

Please look over what was found, we're going to delete it all in the next step....if there's something you may want to keep...please let me know and I'll explain to why it shouldn't be on your system.

MrC

Link to post
Share on other sites
Chris1

Chris1

Posted
  • Author
Posted

# AdwCleaner v2.103 - Logfile created 12/29/2012 at 10:41:13

# Updated 25/12/2012 by Xplode

# Operating system : Windows 7 Home Premium (64 bits)

# User : Chris - CHRIS-VAIO

# Boot Mode : Normal

# Running from : C:\Users\Chris\Desktop\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

Folder Found : C:\ProgramData\Partner

***** [Registry] *****

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}

Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v7.0.1 (en-GB)

File : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\5wasone5.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1009 octets] - [29/12/2012 10:41:13]

########## EOF - C:\AdwCleaner[R1].txt - [1069

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Some adware found....lets clear it out.....

  1. Please re-run AdwCleaner
  2. Click on Delete button.
  3. Confirm each time with OK if asked.
  4. Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.

Then...........

Lets check your computers security before you go and we have a little cleanup to do also:

Download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!

MrC

Link to post
Share on other sites
Chris1

Chris1

Posted
  • Author
Posted

# AdwCleaner v2.103 - Logfile created 12/29/2012 at 10:58:38

# Updated 25/12/2012 by Xplode

# Operating system : Windows 7 Home Premium (64 bits)

# User : Chris - CHRIS-VAIO

# Boot Mode : Normal

# Running from : C:\Users\Chris\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Partner

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v7.0.1 (en-GB)

File : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\5wasone5.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1138 octets] - [29/12/2012 10:41:13]

AdwCleaner[R2].txt - [1198 octets] - [29/12/2012 10:57:34]

AdwCleaner[R3].txt - [1258 octets] - [29/12/2012 10:58:25]

AdwCleaner[s2].txt - [1197 octets] - [29/12/2012 10:58:38]

########## EOF - C:\AdwCleaner[s2].txt - [1257 octets] ##########

Link to post
Share on other sites
Chris1

Chris1

Posted
  • Author
Posted

Opps, never even saw that.

Here is the copied report from notepad:

Results of screen317's Security Check version 0.99.56

Windows 7 x64 (UAC is enabled)

Out of date service pack!!

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

AVG Anti-Virus Free Edition 2011

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.65.0.1400

Java 6 Update 18

Java version out of Date!

Adobe Flash Player 10 Flash Player out of Date!

Adobe Reader 9 Adobe Reader out of Date!

Mozilla Firefox (7.0.1)

````````Process Check: objlist.exe by Laurent````````

AVG avgwdsvc.exe

AVG avgtray.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 3%

````````````````````End of Log``````````````````````

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted
Windows 7 x64 (UAC is enabled)

Out of date service pack!! <---for an update

Malwarebytes Anti-Malware version 1.65.0.1400 <------out of date should be 1.70 > check for a program update

Java™ 6 Update 18 <----uninstall from add/remove programs

Java version out of Date! <-------Download and install the latest version from Here

Adobe Flash Player 10 Flash Player out of Date! <---check for an update

Adobe Reader 9 Adobe Reader out of Date! <----check for an update

You have out dated programs on the system which are vulnerable to malware.

Please update or uninstall them

Info on doing that can be found in my Preventive Maintenance

~~~~~~~~~~~~~~~~~~~~~

A little clean up to do....

Please Uninstall ComboFix: (if you used it)

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

cf2.jpg

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall)

---------------------------------

Please download OTL from one of the links below: (you may already have OTL on the system)

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com

http://www.itxassoci...T-Tools/OTL.exe

Save it to your desktop.

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any other programs or logs you can manually delete.

IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST, MBAR, etc....AdwCleaner > just run the program and click uninstall.

-------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted
Out of date service pack!! <---for an update

For this you have to go to Windows Update

http://www.update.mi...t.aspx?ln=en-us

~~~~~~~~~~~~~~~~~~~~~~~

Malwarebytes Anti-Malware version 1.65.0.1400 <------out of date should be 1.70 > check for a program update

Right click on the icon in your system tray and choose "Check for Updates"

~~~~~~~~~~~~~~~~~~~

Java™ 6 Update 18 <----uninstall from add/remove program

Just as it says > go to your control panels add/remove programs > double click on it to uninstall

~~~~~~~~~~~~~~~~~~~~~~~~

Java version out of Date! <-------Download and install the latest version from Here

Just as it says

Adobe Flash Player 10 Flash Player out of Date! <---check for an update

(uninstall old version first)

http://www.adobe.com...re/flash/about/

~~~~~~~~~~~~~~~~~~~~

Adobe Reader 9 Adobe Reader out of Date! <----check for an update

(uninstall old version first)

http://get.adobe.com/reader/

MrC

Link to post
Share on other sites
Chris1

Chris1

Posted
  • Author
Posted

2 things,

1) I uninstalled java 6 update 18. Then you say "update from here" but there is no link??

2) I still don't know how to uninstall some of the stuff we put on my desktop like secuity check and some of the mbar reports. I'm guessing for the reports I can just right click and delete? I did something got rid of the icons for the other like rouge killer combo fix but I don't know if I just deleted the icons or actually uninstalled t hem.

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

There's instructions in my link:

http://forums.malwar...ndpost&p=628425

-----------------------------------

Download and run OTL > click on the "Clean-up" button.

That will clean up a lot of it.

-------------------------------------

There was a specific way to uninstall ComboFix, I hope you followed it.

------------------------------------

Anything else you can just right click on it and choose "Delete"

-----------------------------------

Java is here:

http://www.java.com/...load/manual.jsp

MrC

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.