kepp92 Posted January 9, 2013 ID:631867 Share Posted January 9, 2013 im sorry if this is not correct my pc i running super slowdds.txtattach.txt Link to post Share on other sites More sharing options...
Maniac Posted January 9, 2013 ID:632076 Share Posted January 9, 2013 Hello kepp92! My name is Maniac and I will be glad to help you solve your malware problem.Please note:If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.Make sure you read all of the instructions and fixes thoroughly before continuing with them.Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.Step 1I see you are running Teatimer.I suggest you to disable it because it can interfere with the changes you'll make on your system.When everything is done and your log is clean again, you can enable it again.If teatimer gives you a warning afterwards that some changes were made, allow this instead of blocking it.How to disable TeaTimer <== click me for instructions.After you disabled Teatimer, download ResetTeaTimer.exe to your desktop. Then run ResetTeaTimer.exe.This will only take a few seconds.Step 2Please uninstall the following applications:µTorrentYontoo 1.10.02Step 3Please download Junkware Removal Tool to your desktop.Shut down your protection software now to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.The tool will open and start scanning your system.Please be patient as this can take a while to complete depending on your system's specifications.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next message.Step 4Launch Malwarebytes' Anti-MalwareGo to Update tab and select Check for Updates. If an update is found, it will download and install the latest version. Go to Scanner tab and select Perform Quick Scan, then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.Step 5Download TFC to your desktopOpen the file and close any other windows.It will close all programs itself when run, make sure to let it run uninterrupted.Click the Start button to begin the process. The program should not take long to finish its jobOnce its finished it should reboot your machine, if not, do this yourself to ensure a complete cleanIn your next reply, post the following log files:Junkware Removal Tool logMalwarebytes' Anti-Malware loga new fresh DDS log Link to post Share on other sites More sharing options...
kepp92 Posted January 9, 2013 Author ID:632198 Share Posted January 9, 2013 thank you for your responce is there another way to disable the tea timer i tried to find spybot s&d i could not find it anywhere Link to post Share on other sites More sharing options...
Maniac Posted January 10, 2013 ID:632605 Share Posted January 10, 2013 Please at least temporarily uninstall it. Link to post Share on other sites More sharing options...
kepp92 Posted January 11, 2013 Author ID:632637 Share Posted January 11, 2013 here is the log from malwarebytesMalwarebytes Anti-Malware (Trial) 1.70.0.1100www.malwarebytes.orgDatabase version: v2013.01.10.13Windows 7 Service Pack 1 x64 NTFSInternet Explorer 9.0.8112.16421Chubbs :: CHUBBS-PC [administrator]Protection: Enabled1/10/2013 6:10:35 PMmbam-log-2013-01-10 (18-10-35).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 222222Time elapsed: 7 minute(s), 9 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 2HKCR\Interface\{66666666-6666-6666-6666-660066226658} (Adware.GamePlayLab) -> Quarantined and deleted successfully.HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLab) -> Quarantined and deleted successfully.Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end)JRT.txtdds.txt Link to post Share on other sites More sharing options...
Maniac Posted January 11, 2013 ID:632821 Share Posted January 11, 2013 How are things now? Link to post Share on other sites More sharing options...
kepp92 Posted January 11, 2013 Author ID:632926 Share Posted January 11, 2013 the malwarebytes is still picking up svchost.exe trojan.agent.its not picking as many as before but they are still coming in pretty fast Link to post Share on other sites More sharing options...
Maniac Posted January 12, 2013 ID:633228 Share Posted January 12, 2013 BACKDOOR WARNINGOne or more of the identified infections is known to use a backdoor.This allows hackers to remotely control your computer, steal critical system information and download and execute files.I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:Help: I Got Hacked. Now What Do I Do?Help: I Got Hacked. Now What Do I Do? Part IIHow Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?When Should I Format, How Should I ReinstallWe can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please let me know. Link to post Share on other sites More sharing options...
Maurice Naggar Posted February 1, 2013 ID:642125 Share Posted February 1, 2013 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts