Jump to content

Conduit search engine virus + friends

TheLee

By TheLee
in Resolved Malware Removal Logs

 Share

Recommended Posts

  • Replies 89
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

It is possible to burn a USB disk I believe if you have one of those available.  Though I've never seen System Recovery not be able to fully scan a hard drive before.

 

Just odd and something I've not seen before.  I've seen it fail from Normal Windows and I've seen it not run or not able to repair certain items, but have never seen it not scan the entire drive.   At this point I don't think there is an infection but without being able to scan and repair the hard drive that is suspicious that maybe you have a hardware issue?

 

Do you have access to another computer where you can take this drive out and hook it to another computer as a slave drive and then scan it and disk check it from another computer?

Link to post
Share on other sites
TheLee

TheLee

Posted
  • Author
Posted

This is the first time where I can not actually delete infected files without them coming back. When I do get infected I run into minor issues. I believe I am still infected because when I first looked at my PC from it being on over night, it was extremely slow. I did a scan for adware and found 5 files. In my past virus issues I would use windows safe mode to run antivirus programs. I had even used combofix in the past on an old PC. That one no longer works. 

 

I will see if I can use my flash drive. I will just transfer everything off it to try this. 

Link to post
Share on other sites
TheLee

TheLee

Posted
  • Author
Posted

Sorry about the delay I have been busy. I started the process but had run into a snag. It said something about no media. So I am trying to locate my windows 7 disc. It is packed away after a recent move. The information says I should have been able to create it from the installed windows program but I guess that is not so in my case. 

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

File in quarantine are not a threat as they've been neutralized.

 

Please try running this again.

 

Please download RogueKiller and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit

  • RogueKiller 32-bit | RogueKiller 64-bit
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes Close the program > Don't Fix anything!
  • Don't run any other options, they're not all bad!!
  • Post back the report which should be located on your desktop.


 

Link to post
Share on other sites
TheLee

TheLee

Posted
  • Author
Posted

Seatools results- the 3 I ran all passed: Short Generic, short drive self test, & smart check. I will run the long generic right before I go to bed. 

 

Bench mark numbers were as follows Disk mark 626, sequential read 72.3, Seq write 96.2, random seek + rw 4.52. 

Link to post
Share on other sites
TheLee

TheLee

Posted
  • Author
Posted

I am not sure why either. Maybe the hole in the wall place put something on it I am unaware of. I remember one time I reformated my hard drive on an old computer and it caused my hard drive to become 2 different drive in the software program. But this was an old pc not this one. 

Link to post
Share on other sites
TheLee

TheLee

Posted
  • Author
Posted

Other than the issue with Combofix never completing and the hard drive not scanning itself completely. I guess the drive is clean.

 

Only issue that appeared was a week ago when I came to my PC it was lagging bad on the desktop (slow mouse movements) and I never had that issue prior. So I shut the system off. I normally leave it on and connected to the net. But I have been disabling the connection to the net now. 

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

You need to always be very careful when installing software and never just click through and install.  Always look for a Custom or Advanced install and then read what it's trying to do or offer and click cancel or say no, etc.

 

Let me have you try running this again.

 

dr_web_cureit_zpse80d87bf.jpg

  1. Please download Dr.Web CureIt! antivirus and save it to your computer. The file size is in excess of 100MB
  2. NOTE: Free usage of Dr.Web CureIt! for business purposes is illegal.
  3. Internet Explorer may show a warning when downloading - the file is safe to download from the provided link.
  4. Shutdown your antivirus to avoid any conflicts while scanning.
  5. Once the scans have completed please re-enable your antivirus.
  6. If using Malwarebytes Anti-Malware PRO you can right click over the tray icon and disable the Protection Modules
  7. If needed you can also temporarily disable it from starting with Windows
  8. Temporarily turn off any other security add-ons or applications you may also have.
  9. Once you have downloaded Dr.Web CureIt! you should right click over it and choose Properties and verify it has a Digital Signature.
  10. If it does not have a Digital Signature then do not run it.
  11. Close all open programs including all Web browsers and then double-click on drweb-cureit.exe to start the installer.
  12. You should have your User Account Control (UAC) enabled for improved security and which should then produce a dialog box asking for approval to run the installer.
  13. Click on the Yes button to start the installer.
  14. Click OK to scan your computer in the Enhanced Protection Mode
  15. Click on the check box to agree to participate in their software improvement program.
  16. Then if needed choose your Language by clicking on the small globe like icon in the upper right corner by the wrench.
  17. Then click on the Continue button and then click on the Select objects for scanning link just below the "Start scanning" button.
  18. Place a check mark on all the items except for Temporary files and System restore points - those items should not have a check mark on them.
  19. Then click on the Start scanning button.
  20. If a threat is found you can click on the Action column in the program.
  21. Your options will be Cure or Ignore
  22. If you see an item that you are absolutely sure is OK, then un-check the check box for that item, otherwise keep it on Cure.
  23. Then click on the Neutralize button.
  24. Once completed click on the green Open Report link. It will open the report in NOTEPAD
  25. Save the report to your desktop. The report will be called Cureit.log
  26. Close Dr.Web Cureit!
  27. Reboot your computer to allow files that were in use to be moved/deleted during reboot.
  28. After reboot, attach the log Cureit.log you saved previously in your next reply.
  29. Re-Enable your antivirus and other security programs when all done.


 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.