Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Infections In Win Xp


  • Please log in to reply
6 replies to this topic

#1 *A*

*A*

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:39 AM

Posted 24 May 2008 - 08:27 AM

Hi there!

Last weekend my laptop didn't open C: by double click anymore, and when I started My AVG FREE edition, it detected some files like having names like these Trojan Horse psw.onlinegames.z and asked me to heal them, which I did.
Apparently, it still wasn't because when I inserted another external hard disk in the USB drive to copy some files, AVG found the same files on that HD.
I did ONLINE SCAN AT www.bitdefender.com for both hard drive (external and internal) and some Trojans were found and fixed in the hard drive and there were no reported Trojans found in the external hard disk I used.

I still wasn't convinced that everything is fixed though so I tryed to scan with AVG again my two hard disks; AVG found some infected files but it couldn't heal them anymore. :thumbsup:

Now I've read something on the web about COMBOFIX and got the windowsXP pro bootdisk but I dont really know what I have to do.

Thanks in advance for the help

BC AdBot (Login to Remove)

 


m

#2 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:02:39 AM

Posted 24 May 2008 - 01:03 PM

as the HJT section is very busy please tell us your windows version and what other protection programs you have on there?

then see what this program finds and do NOT even attempt to use combofix as to do so unsupervised can render your computer forever unbootable and useless

Superantispyware; guide on how to install and run



If you have not already got a Downloads folder , I suggest you create a new folder in My Documents, and name it Downloads ;

Installing superantispywareSuperantispyware is found here


http://www.superantispyware.com/index.html

Download to the Downloads folder the free exe to superantispyware from here


http://www.superantispyware.com/downloadfi...ANTISPYWAREFREE

you install superantispyware by clicking on the icon in the downloads folder ;
it will launch the installation process;
follow the instructions and I suggest you ask for a default installation ;
ensure it creates a desktop icon for you ;
once the program has been installed it should ask you if you wish to update the program ; say YES

if it does not ask you , you need TO fully update the definitions by opening the program and find the ‘check for updates ‘tab in the bottom left of the menus you see; click on it and it will do the update for you ;
I suggest you ask it to check for updates again once the first update is complete just to be sure


please then reboot your computer ; it is preferable to run the scan in your computers safe mode;

please open this program from the desktop icon
please run the scan while you are OFF line and do not have the computer doing any other work while the scan runs

go to the preferences tab on the right
on the General tab I suggest you disable the scan on start up

on the Hijack protection tab I suggest you tick BOTH items; this enables the program to give you a Hijack home page alert if your home page gets changes ; if you DO get a home page hijack, when you boot up the computer superantispyware will open and tell you the home page has changed and will ask you if this is a legitimate change;

in statistics/logs- go to the bottom and you will see two boxes asking about keeping a log of scanning results and saving empty logs?

Tick both of them

Then go back to the main screen and see the tab that says scan your computer? Do you see that ?

Click on it

A screen will open ;on the left hand side ensure your FIXED drive ( most probably the C drive) is ticked;
Also tick in there any other section that is used and attached .
On the right had side you see three scanning options?; please click the Complete scan option

OK; you are now set to scan

Please then click on the ‘next’ tab and let the scan run please run the scan while you are OFF line and do not have the computer doing any other work while the scan runs

From my experience running this program the complete full scan CAN take many hours to run depending on how much is on your computer so be patient and let it run; maybe go for a cuppa or watch a favourite program while this one runs

Once the scan IS complete you will be presented with a box telling you what the scan has found ( if anything); if harmful objects have been found click on the OK button ; on the next screen all the harmful objects should have a check mark beside them, ; click ‘next’


A notification should appear that

‘quarantine and removal is complete’

click ‘ok’
and then the Finish button to get returned to the main menu


If you have run the scan in computers safe mode you will need to reboot to computer normal mode

If you have run in computer’s normal mode I suggest you reboot to enable the ‘fix’ the program has performed to consolidate

You then need to retrieve the scan result

Open the program and return to the statistics /logs section ; locate the most recent log ; left mouse click on it to highlight it and click the ‘view log’ tab

The log should appear in maybe note pad ; you need to copy and paste that log for examination
Once you have posted the log please close the superantispyware program

thanks

#3 *A*

*A*
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:39 AM

Posted 27 May 2008 - 04:36 PM

thanks a lot for your advice

later I'll try the scan with superantispyware, as you told me, and I'll copy and paste the log here for examination

in the meanwhile I want to tell you that my windows version is WINDOWS XP PROFESSIONAL, VERSION 2002, SERVICE PACK 2 and I have AVG as protection program. Moreover, tryin' to solve these trojan problem I've done two scan with BITDEFENDER and with REMOVE IT V.4

thanks thanks thanks
:thumbsup:

#4 *A*

*A*
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:39 AM

Posted 27 May 2008 - 06:48 PM

hi
here is the log as you told me to do

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/28/2008 at 01:42 AM

Application Version : 4.1.1046

Core Rules Database Version : 3468
Trace Rules Database Version: 1459

Scan type : Complete Scan
Total Scan Time : 00:24:11

Memory items scanned : 428
Memory threats detected : 0
Registry items scanned : 5814
Registry threats detected : 0
File items scanned : 17186
File threats detected : 13

Adware.Tracking Cookie
C:\Documents and Settings\ale\Cookies\ale@2o7[2].txt
C:\Documents and Settings\ale\Cookies\ale@adopt.euroclick[2].txt
C:\Documents and Settings\ale\Cookies\ale@cgi-bin[1].txt
C:\Documents and Settings\ale\Cookies\ale@statse.webtrendslive[1].txt
C:\Documents and Settings\ale\Cookies\ale@mediaservices.myspace[2].txt
C:\Documents and Settings\ale\Cookies\ale@doubleclick[2].txt
C:\Documents and Settings\ale\Cookies\ale@mediaplex[1].txt
C:\Documents and Settings\ale\Cookies\ale@serving-sys[1].txt
C:\Documents and Settings\ale\Cookies\ale@ads.techguy[2].txt
C:\Documents and Settings\ale\Cookies\ale@bs.serving-sys[1].txt
C:\Documents and Settings\ale\Cookies\ale@atdmt[2].txt
C:\Documents and Settings\ale\Cookies\ale@data.coremetrics[1].txt
C:\Documents and Settings\ale\Cookies\ale@msnportal.112.2o7[1].txt
.adopt.euroclick.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
adopt.euroclick.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.bs.serving-sys.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
ads.revsci.net [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
www.googleadservices.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.socialmedia.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.socialmedia.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.microsoftwga.112.2o7.net [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.xiti.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.mediaplex.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.tradedoubler.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.tradedoubler.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.overture.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
statse.webtrendslive.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.perf.overture.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.indextools.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
s4.shinystat.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
s4.shinystat.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.adrevolver.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.adrevolver.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
media.adrevolver.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.hitbox.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.hitbox.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
ad.zanox.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
ad.zanox.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
zbox.zanox.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.ehg-xerox.hitbox.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.ehg-xerox.hitbox.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.ehg-xerox.hitbox.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
s2.shinystat.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
s2.shinystat.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
media.intelia.it [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
www.googleadservices.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.ice.112.2o7.net [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
stat.onestat.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
stat.onestat.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.psicomedia.blogspot.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.psicomedia.blogspot.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.phg.hitbox.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.ehg-kingstontechnology.hitbox.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.weborama.fr [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.adtech.de [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.apmebf.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
sales.liveperson.net [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
sales.liveperson.net [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
.gettyimages.122.2o7.net [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]
www.googleadservices.com [ C:\Documents and Settings\ale\Dati applicazioni\Mozilla\Firefox\Profiles\7yk6i7af.default\cookies.txt ]


let me know how I have to proceed...
thanks a lot
alessia

Edited by *A*, 27 May 2008 - 06:49 PM.


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:39 PM

Posted 27 May 2008 - 11:14 PM

Follow up with these....

Please download ATF Cleaner by Atribune & save it to your desktop.
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main "Select Files to Delete" choose: Select All.
  • Click the Empty Selected button.
  • If you use Firefox browser click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera browser click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.
Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".


Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
  • Make sure you are connected to the Internet.
  • Double-click on Download_mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 *A*

*A*
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:03:39 AM

Posted 31 May 2008 - 06:13 AM

hi
sorry for my late answer

i listened to your advices and this is the log..sorry but I have chosen Italian in the setting tab so the log is in italian... :thumbsup: sorry for my mistake

DO you mind it? if you want I can do it again, in English language! anyway, to what I have undestood, the scan didn't find anything infected...

Malwarebytes' Anti-Malware 1.14
Versione del database: 807

13.05.56 31/05/2008
mbam-log-5-31-2008 (13-05-56).txt

Tipo di scansione: Scansione completa (C:\|E:\|)
Elementi scansionati: 228277
Tempo trascorso: 1 hour(s), 40 minute(s), 24 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 0
Chiavi di registro infette: 0
Valori di registro infetti: 0
Elementi dato del registro infetti: 0
Cartelle infette: 0
File infetti: 0

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
(Nessun elemento malevolo rilevato)

Chiavi di registro infette:
(Nessun elemento malevolo rilevato)

Valori di registro infetti:
(Nessun elemento malevolo rilevato)

Elementi dato del registro infetti:
(Nessun elemento malevolo rilevato)

Cartelle infette:
(Nessun elemento malevolo rilevato)

File infetti:
(Nessun elemento malevolo rilevato)


THANKS FOR YOUR HELP---

Edited by *A*, 31 May 2008 - 06:16 AM.


#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,564 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:39 PM

Posted 31 May 2008 - 07:22 AM

AVG found some infected files but it couldn't heal them

Did AVF provide a specific file name associated with these and if so, where is it located (full file path) at on your system?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users