Jump to content

Recommended Posts

I have attempted to do everything on the malware forum at Geeks to Go and it landed me here.

I read about the different viruses and their symptoms and have nothing like the suggested logos in my taskbar.

absolutely every download attempt is deemed to be infected and consiquently destroyed. This pertains to statements, invoices, attachments and also all the attempts to download MBAM.

When I took my computer tower to the store where it was purchased to have it cleaned of any viruses etc as well as a literal cleaning, they gave it a clean bill of health and talked me into the NEW IMPROVED NORTON

360. after multiple issues with it and a tech that was very difficult to understand and a few weeks of delays and their attempt to use logmein to uninstall and download they gave me my money back because they were unable to use their removal tool to get everything out to let the comp do a clean installation/download. wanted to do it this way in case their disk the store sold me had a problem. Subsequently, i was able to use Recuva uninstaller to locate and remove the previously hidden from their tech files and bits. **I am not telling you this to bash the company just thought it might be helpful and perhaps i had not found all of the files.

also, I am wondering if this can have anything to do with having updated to Internet Explorer 9 with the weekly updates.

so sorry if i am putting too much info in here and confusing the issue.

Link to post
Share on other sites

Oh thank you so so very much for responding.

There is a "bar" at the bottom of the page that asks if i want to run, save or cancel.

So, whether I CHOOSE RUN OR SAVE at the end of the countdown, a message with the border of the mesage board changes to red and says that the download had a virus and has been deleted. There is a red jewel like smaller than a dime sized logo on the (L) side of the message. I have tried to capture this to include it in a message and it has yet to work.

One time the message said that Security Scan had determined that there was a virus and the downloaded message had been deleted.

I have tried to do a search for the Security Scan to see if it was something i could modify or delete. No success.

I have also looked in downloads to see if anything had made it to that file despite the messages.

I have tried to do the steps in malware forum but nothing will download.

I do have spyware but nothing has been detected.

Again, thank you so much for responding.

Link to post
Share on other sites

  • Staff

Hi,

That's what I meant by download; transfer with a flash drive.

Please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

Link to post
Share on other sites

Hi,

That's what I meant by download; transfer with a flash drive.

Please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

I was going to use the flash drive for the ComboFix but am not sure if this is ok. also, i was going to try the MBAM with the flash drive. should i bypass that and go for the CommboFix only??? Thank you so much for getting back with me. not sure what i would do if i did not have the laptop for backup BUT it does not have my work accounting program on here so I REALLY REALLY appreciate this.

Link to post
Share on other sites

Hi,

That's what I meant by download; transfer with a flash drive.

Please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317Malwarebytes' Anti-Malware 1.51.0.1200

www.malwarebytes.org

Database version: 6705

Windows 6.0.6002 Service Pack 2

Internet Explorer 9.0.8112.16421

04/06/2011 10:17:46 AM

mbam-log-2011-06-04 (10-17-46).txt

Scan type: Full scan (C:\|L:\|)

Objects scanned: 331148

Time elapsed: 35 minute(s), 26 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 2

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 3

Files Infected: 9

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\Error Fix (Rogue.ErrorFix) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Error Fix (Rogue.ErrorFix) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

c:\Users\Brenda\AppData\Roaming\error fix (Rogue.ErrorFix) -> Quarantined and deleted successfully.

c:\Users\Brenda\AppData\Roaming\error fix\Logs (Rogue.ErrorFix) -> Quarantined and deleted successfully.

c:\Users\Brenda\AppData\Roaming\error fix\Results (Rogue.ErrorFix) -> Quarantined and deleted successfully.

Files Infected:

c:\program files\fast browser search\IE\fastbrowsersearchprotection.exe (PUP.Fbsearch) -> Not selected for removal.

c:\program files\fast browser search\IE\fbssearchprotectionuninstall.exe (PUP.Fbsearch) -> Not selected for removal.

c:\program files\fast browser search\IE\update.exe (PUP.Fbsearch) -> Not selected for removal.

c:\Users\Brenda\AppData\Roaming\error fix\spy_ignore.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.

c:\Users\Brenda\AppData\Roaming\error fix\Logs\2010-10-22 15-39-380.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.

c:\Users\Brenda\AppData\Roaming\error fix\Results\Evidence.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.

c:\Users\Brenda\AppData\Roaming\error fix\Results\Junk.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.

c:\Users\Brenda\AppData\Roaming\error fix\Results\Registry.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.

c:\Users\Brenda\AppData\Roaming\error fix\Results\Update.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.

THIS IS THE MBAM RESUKTS. I have the ComboFix on a flash drive but have to take care of MIL's errands etc for her today.

I have another question about combofix-- I noticed remarks about having to redo the internet etc. Not sure how to get things worked out if there will not be an internet connection after ComboFix runs. ?? Guess I am doing what i do best - worry.Can you tell if this looks good compared with the previous reports ??

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.