TheSentinel Posted September 25, 2009 Author ID:132940 Share Posted September 25, 2009 Alright. Full scan found five. Just rebooted to finish removal of one. Umm, don't see the circle in the toolbar. Not connected to Internet yet, but I'll run a quick scan. Gotta be out by 8:15 for college Link to post Share on other sites More sharing options...
mountaintree16 Posted September 26, 2009 ID:133313 Share Posted September 26, 2009 Did you update and rescan after wards to see if they were successfully removed? Or rather, are you going to?I think we should stop talking about this in here soon, though. Someone should be along to assist you in the HJT forum as soon as they are available.Yes, its a good idea to keep it off the internet until this is resolved, except when you are working on the problem, of course.oh, and, FP = False Positive, sorry, I should have stated that Link to post Share on other sites More sharing options...
TheSentinel Posted September 26, 2009 Author ID:133362 Share Posted September 26, 2009 Its back online, um I think the last scan found one heuristic, or whatever it's called. Was successfully removed. Might be something another one. Just healed another. Running another scan Link to post Share on other sites More sharing options...
mountaintree16 Posted September 26, 2009 ID:133364 Share Posted September 26, 2009 K.was it heuristics.malware by any chance?Post your new logs in the thread that you started in HJT - that would be helpful for whomever will be helping you.paste them into the same post, if possible. Let me know if you need help locating the logs after removal of items. Link to post Share on other sites More sharing options...
mountaintree16 Posted September 26, 2009 ID:133383 Share Posted September 26, 2009 TheSentinelEr, I had meant that you should post the new logs or any additional information in the SAME HJT post you made originally, NOT make a new one. You shouldn't post there twice for the same problem, just an FYI. Link to post Share on other sites More sharing options...
TheSentinel Posted September 26, 2009 Author ID:133395 Share Posted September 26, 2009 Whoops, that's 4 mistakes. Ok, Trojan horse SHeur2.BGMV. Found in System Volume Information\_restore.....Also, Trojan.FakeAlert in the HKEY_CURRENT_USER\SOFTWARE in registry keys. Updated database to 2861 Link to post Share on other sites More sharing options...
mountaintree16 Posted September 26, 2009 ID:133398 Share Posted September 26, 2009 It's okay, not a huge deal, I should have been clearer.Hmm. Well, don't worry too much about system volume information_restore; thats in your System Restore files from what I understand. Don't take it from me though, let your helper advise you on that or not, I am no expert by any means.Its a good idea to clear out your system restore points once in a while though, especially if you have been infected, as this can be a hiding place for malware and viruses, as you can see from your results.Do you currently have an anti-virus installed on your system? Link to post Share on other sites More sharing options...
TheSentinel Posted September 26, 2009 Author ID:133402 Share Posted September 26, 2009 Used to have McAfee, but recently it was the free AOL one, so SpyWare Protect 2009 came in around January or so, about the time Conficker C came out. I've got MBAM, and AVG Free-updated-that's going to start scanning the computer in about 5 minutes. So, that's all my antivirus stuff-now that I think about it, the Mcafee virus scan was removed for AVG and MBAM Link to post Share on other sites More sharing options...
mountaintree16 Posted September 26, 2009 ID:133403 Share Posted September 26, 2009 Oo, were you infected with Conficker and Spyware Protect 2009 then? Have one or both of those been sitting on your system all this time? When did you first use mbam?I'm glad that you have AVG at least I would recommend Avira free to you though, when you are done with your cleanup. I can provide you with the link for that when you're all done cleaning up your system For now, do NOT download any more programs or anything to help you clean this up. Just continue to update mbam and scan with that if you like and your AV, but nothing else. (Other than whatever your helper asks you to download and use, of course).We should really stop this conversation here or very soon, as I am not an expert by any means, and you have posted your logs in the HJT forum. As I believe I told you before, they are busy in there, but someone should be with you as soon as they are able.I just wanted to point you in the right direction and guide you the best I could with using Malwarebytes, and check and see if you had a current AV.Feel free to link this thread in your HJT post so whoever is helping you can see it if they think it would be helpful.Good luck! You are most definitely in good hands here Link to post Share on other sites More sharing options...
Recommended Posts