Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

NEED SERIOUS HELP


  • This topic is locked This topic is locked
38 replies to this topic

#1 THEUNKNOWN666

THEUNKNOWN666

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 02 September 2012 - 03:07 PM

THIS WAS THE QUESTION I ASKED ON YAHOO ANSWERS

Okay I got this file called vidcodec.464783 which downloaded a long time ago from a link some gave me on chatroulette saying they filmed me and it said I had to download vidcodec to play the video I did and ran it nothing happened, still told me to download it on the site (the site recently changed into a web search site for advertising u can find it by typing streamdirect.7uw.net) but I need to know what this is ive tried everything cant find a trojan expect once when emisoft found it as a worm on my laptop (i did it on my laptop to find out wat it was) but is it some sort keylogger plzz help.

I tried to attach the file but wouldn't let me.

BC AdBot (Login to Remove)

 


#2 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:32 PM

Posted 04 September 2012 - 05:59 AM

**In any case where you happen to be busy or unable to give us a reply, we would be grateful if you keep us informed in advance and we will be more than happy to wait. Failure to do so we will have your thread closed in THREE(3) days. :)


Hello there, THEUNKNOWN666

:welcome:

I'm Conspire, I'll be glad to help you with your computer problems.

Please observe these rules while we work:
  • Read the entire procedure
  • It is important to perform ALL actions in sequence.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with me till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.

IMPORTANT NOTE : Please do not delete anything unless instructed to. Remember to backup all your important data(if possible) before moving on.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#3 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:32 PM

Posted 04 September 2012 - 06:01 AM

Hi,

What file are you trying to attach?

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click on Minimal Output at the top
  • Download the following file Custom Scan 2.txt to your Desktop. Click here to download it. You may need to right click on it and select "Save"
  • Double click inside the Custom Scan box at the bottom
  • A window will appear saying "Click OK to load a custom scan from a file or Cancel to cancel"
  • Click the OK button and navigate to the file Custom Scan 2.txt which we just saved to your desktop
  • Select Custom Scan 2.txt and click Open. Writing will now appear under the Custom Scan box
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic
===================================================

Please download aswMBR.exe and save it to your desktop.
  • Double click aswMBR.exe to start the tool. (Vista/Windows 7 users - right click to run as administrator)
  • Allow it to update where necessary
  • Click Scan

  • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
  • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.
===================================================

Download TDSSKiller.exe and save it to your desktop

Execute TDSSKiller.exe by doubleclicking on it.
Press Start Scan
If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

===================================================

On your next reply please post :
OTL log
aswMBR log
MBR.dat (attachment)
TDSS Killer log


Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

Good Day!
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#4 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:32 PM

Posted 07 September 2012 - 10:50 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#5 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:32 PM

Posted 09 September 2012 - 11:22 AM

This topic has been re-opened at the request of the person who originally posted.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#6 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:32 PM

Posted 09 September 2012 - 12:16 PM

Can you open it? If yes, copy the contents inside and paste it on the scripting area.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#7 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:32 PM

Posted 09 September 2012 - 10:27 PM

I'm waiting for the rest of the log :)
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#8 THEUNKNOWN666

THEUNKNOWN666
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 10 September 2012 - 02:08 AM

I will be doing the rest later wont be back for a while

#9 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:32 PM

Posted 10 September 2012 - 03:10 AM

:thumbup2:
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#10 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:32 PM

Posted 10 September 2012 - 10:11 AM

Proceed to TDSS Killer. It will be a lot easier to do this on the thread rather than through PM. Post any questions and logs you have in here.

Thanks
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#11 THEUNKNOWN666

THEUNKNOWN666
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 10 September 2012 - 10:31 AM

ok but i thought i would let you know i have these 2 desktop.ini files on my desktop

#12 THEUNKNOWN666

THEUNKNOWN666
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 10 September 2012 - 11:20 AM

i did the TDSSKiller scan and it found no malicious items but i cant find were that log is you were talking about.

#13 THEUNKNOWN666

THEUNKNOWN666
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 10 September 2012 - 02:15 PM

Just want to let u know ill be back on same time 2morrow

#14 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:32 PM

Posted 10 September 2012 - 11:21 PM

Sure, thanks for informing :thumbup2:

Please read through these instructions to familiarize yourself with what to expect when this tool runs

Refer to the ComboFix User's Guide


Download ComboFix from one of these locations:

Link 1
Link 2



* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================


Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs


====================================================


Double click on combofix.exe & follow the prompts.


When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.

Edited by Conspire, 10 September 2012 - 11:22 PM.

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#15 THEUNKNOWN666

THEUNKNOWN666
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 11 September 2012 - 10:48 AM

i will do scan 2morrow, a lot going on 2day :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users