Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus!!!


  • This topic is locked This topic is locked
23 replies to this topic

#1 MrZapparin

MrZapparin

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:42 AM

Posted 16 August 2014 - 10:17 AM

Greetings bleepingcomputer

 

Ran Microsoft Security Essentials : Threat detected:Exploit:java/cve-2013-0422

                                                                        Trojan:win32/comame!gmb

                                                                            pws:win32/fareit 

 

Computer runs on Vista,internet explorer runs very slow,been hijacked and does damage to programs,it is difficult to operate the system,cannot deal with the issue myself



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:05:42 AM

Posted 16 August 2014 - 10:29 AM

Hello 

MrZapparin

,

  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
      
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
      
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

      
  • Finally, please reply using the Post  button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  •   I will be analyzing your log. I will get back to you with instructions.

 

 

1.

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool .
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer.
  • After the scan has finished...
  • Click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

 

2.

  •    
  • Download RogueKiller on the desktop
       
  • Close all the running processes
       
  • Under Vista/Seven, right click -> Run as Administrator
       
  • Otherwise just double-click on RogueKiller.exe
       
  • When prompted, Click Scan 
       
  • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
       
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 MrZapparin

MrZapparin
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:42 AM

Posted 17 August 2014 - 07:54 AM

Copypasted AdwCleaner & RogueKiller logs but computer freezes when posting,tried option "More Reply Options",do not know if successful



#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:05:42 AM

Posted 17 August 2014 - 04:41 PM

Can you attach the logs? Try again to copy and paste


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 MrZapparin

MrZapparin
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:42 AM

Posted 17 August 2014 - 07:48 PM

Ran AdwCleaner & RogueKiller after having checked out the site,before posting the topic,then tried usung GoogleChrome instead of Int.Explorer,then trouble started again

Attached Files



#6 MrZapparin

MrZapparin
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:42 AM

Posted 17 August 2014 - 07:53 PM

After running programs they cannot run again,receive message AdwCleaner: AutoITError etc



#7 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:05:42 AM

Posted 17 August 2014 - 07:55 PM

You attached the AdwCleaner log twice. Can you post the Roguekiller log?


Edited by fireman4it, 17 August 2014 - 07:56 PM.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#8 MrZapparin

MrZapparin
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:42 AM

Posted 17 August 2014 - 08:21 PM

I hope this is it,WinRAR placed on desktop began unzipping unto desktop and computer difficult to operate, had to delete files through two start-ups,unwanted and deleted Desktop icons started reappearing after deletion,deleted manually  

Attached Files



#9 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:05:42 AM

Posted 18 August 2014 - 10:07 PM

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#10 MrZapparin

MrZapparin
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:42 AM

Posted 19 August 2014 - 06:09 AM

FRST Log:

Attached Files

  • Attached File  FRST.txt   67.74KB   4 downloads


#11 MrZapparin

MrZapparin
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:42 AM

Posted 19 August 2014 - 06:10 AM

Addition Log:

Attached Files



#12 MrZapparin

MrZapparin
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:42 AM

Posted 19 August 2014 - 06:12 AM

Shortcut Log:

Attached Files



#13 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:05:42 AM

Posted 19 August 2014 - 06:21 PM

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

 

Attached File  fixlist.txt   9.59KB   1 downloads

 

 

 


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#14 MrZapparin

MrZapparin
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:42 AM

Posted 19 August 2014 - 08:28 PM

Fixlog:

Attached Files



#15 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:05:42 AM

Posted 19 August 2014 - 08:43 PM

How is the computer running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users