Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware that just won't go away


  • Please log in to reply
3 replies to this topic

#1 Sherri Jackson

Sherri Jackson

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:56 PM

Posted 05 June 2010 - 01:14 PM

Thank you for any assistance. I am currently running the processes found under this topic:
http://www.bleepingcomputer.com/forums/t/310109/unknown-infection-smtp-connections-opened-by-servicesexe/

The individual is being assisted by fireman4it. I wasn't sure as this is my first time if I could simply tie onto his post so am posting a new one in case I have log / help files that need to be sent in. So - if this post was unnecessary please just point me in the right direction.

The problem seems to be pretty much identical - while I thought I had removed the malware there is still something going on - multiple instances of iexplore opening up and very hot running svchost instances as well so I know I'm not clean. Again, our setup is almost identical to the individual in this previously posted topic (Windows XP, wireless connection.


Combox fix is now running as per the instructions in this post noted above. Thanks again, and please let me know what else you might need from me.

Sherri Jackson
Calgary, AB Canada

BC AdBot (Login to Remove)

 


#2 roadclosed

roadclosed

  • Members
  • 138 posts
  • OFFLINE
  •  
  • Local time:05:56 PM

Posted 05 June 2010 - 02:25 PM

It is really not a good idea to follow the isntructions given to another computer user ( which seems to include the running of ComboFix); those instructions with be specific to/for that computer and not for yours ..

Can you give us some more detail about your computer, what problems you are having and what scans you have so far run ?

#3 Sherri Jackson

Sherri Jackson
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:56 PM

Posted 05 June 2010 - 03:10 PM

Certainly - We are running Windows XP SP3 with all Windows updates applied to date. IE 8.0.6001.18702. Wireless connection using a Linksys Router. AVG free. Windows firewall. Scans run were AVG, Stinger, Panda Online and Malware bytes. Today we ran (following the instructions in the other post referred to earlier, and I do realize now I probably should have waited) RKill, ComboFix and OTL. After completion of these I rebooted and the PC now has much better performance with no additional instances of IE running. It definitely "Feels" better if that makes any sense at all.

#4 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,959 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:06:56 PM

Posted 06 June 2010 - 06:52 PM

Hello,

Please follow the instructions in ==>This Guide<== starting at step 6.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Since you have run ComboFix, please include the ComboFix log in the new topic. Please be sure to include a description of your computer issues and what you have done to try to resolve them.

If you cannot produce any of the other logs, then please create the new topic anyway, include the information that you were unable to produce the other logs and why and include the ComboFix log along with a description of your computer issues.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users