Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is My Computer Clean?


  • This topic is locked This topic is locked
4 replies to this topic

#1 BlinkWinkel

BlinkWinkel

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 27 June 2008 - 11:39 PM

Hi! My computer was recently infected by "Vundo" and countless other spywares, for an unknown reason. After some research, I came across the "Vundo Fix" topic on your site, which really helped getting rid of it. I was also able to get rid of most of the remaining threats after doing a full system scan with AVG. What I'd like to know is, is my system safe now? I do not want to battle spywares again, so I'd just like to make sure everything is clean, so I can create a system restore point for later, in case something like this happens again. I attached my "Hijack This" log, as well as my AVG system scan result log.

Thank you very much!

Edit: Ok, looks like I was able to get rid of the two remaining trojans on my previous log of Kaspersky Online Scanner! I scanned my whole system again and it looks clean now! :thumbsup:

Attached Files


Edited by BlinkWinkel, 28 June 2008 - 02:06 PM.


BC AdBot (Login to Remove)

 


m

#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:01:46 AM

Posted 28 June 2008 - 02:23 PM

Hello BlinkWinkel,

Welcome to Bleeping Computer :)

Not too bad. :thumbsup: Let's see what might be left running around in there :

Please run HijackThis! and click "Scan." Place checks next to the following entries, if present:

O2 - BHO: {1acb7f5d-4b1d-588b-f9a4-13468d808064} - {460808d8-6431-4a9f-b885-d1b4d5f7bca1} - C:\WINDOWS\system32\iafxgk.dll (file missing)
O2 - BHO: (no name) - {A98D0065-7326-41B5-B8D9-C5B692CDB82F} - C:\WINDOWS\system32\fccdbCRh.dll (file missing)
O20 - Winlogon Notify: fccdbCRh - fccdbCRh.dll (file missing)


Close all browsers and other windows except for HijackThis!, and click "Fix checked".

Reboot your computer.

Please download Malwarebytes' Anti-Malware from one of these places:
http://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.html
http://www.besttechie.net/tools/mbam-setup.exe

Double Click mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform Quick Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy&Paste the entire report in your next reply along with a fresh HijackThis log.


Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 BlinkWinkel

BlinkWinkel
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 28 June 2008 - 06:48 PM

Thanks for your reply! It seems more malware was lurking in my computer after all. I removed all the detected threats. Thanks a lot for your help! I followed your instructions and created the logs (see attachments)

Attached Files



#4 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:01:46 AM

Posted 28 June 2008 - 07:26 PM

Hello,

You're welcome. :thumbsup:

I take it that means you let MBAM clean the threats after you posted that? I have to ask because it says no action taken. How is it running?

tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#5 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:01:46 AM

Posted 09 July 2008 - 10:39 PM

Since this issue appears resolved ... this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users