Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

BAGLE [RESOLVED]


  • This topic is locked This topic is locked

#31
Jimmy2012

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello toyma,

No luck this time either. It downloaded the Fsecure program, and the moment it started scanning, it rebooted.

Ok, lets try this scanner before trying something else.


Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
  • Doubleclick the drweb-cureit.exe file and Allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, mark the drives that you want to scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, in the menu, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.

  • 0

Advertisements


#32
toyma

toyma

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
Hi Jimmy,

Here is the report from Dr Web.

Thanks again!!


Combo-Fix.exe\327882R2FWJFW\psexec.cfexe;C:\Documents and Settings\Thelma\Desktop\Combo-Fix.exe;Program.PsExec.171;;
Combo-Fix.exe;C:\Documents and Settings\Thelma\Desktop;Archivo comprimido contiene objetos infectados;Movido.;
Fpxxdugd.exe;C:\Program Files\Asistente Prodigy;probablemente DLOADER.Trojan;Eliminado.;
RemTecAcc.exe;C:\Program Files\Asistente Prodigy;Program.RemoteAdmin.origin;Eliminado.;
A0000358.exe\327882R2FWJFW\psexec.cfexe;C:\System Volume Information\_restore{645791E1-4C45-45E5-B2F9-87E480DAD5CA}\RP8\A0000358.exe;Program.PsExec.171;;
A0000358.exe;C:\System Volume Information\_restore{645791E1-4C45-45E5-B2F9-87E480DAD5CA}\RP8;Archivo comprimido contiene objetos infectados;Movido.;
A0000361.EXE;C:\System Volume Information\_restore{645791E1-4C45-45E5-B2F9-87E480DAD5CA}\RP8;Program.PsExec.170;Eliminado.;
A0007469.exe\327882R2FWJFW\psexec.cfexe;C:\System Volume Information\_restore{645791E1-4C45-45E5-B2F9-87E480DAD5CA}\RP9\A0007469.exe;Program.PsExec.171;;
A0007469.exe;C:\System Volume Information\_restore{645791E1-4C45-45E5-B2F9-87E480DAD5CA}\RP9;Archivo comprimido contiene objetos infectados;Movido.;
A0007478.exe;C:\System Volume Information\_restore{645791E1-4C45-45E5-B2F9-87E480DAD5CA}\RP9;Probably DLOADER.Trojan;Deleted.;
A0007479.exe;C:\System Volume Information\_restore{645791E1-4C45-45E5-B2F9-87E480DAD5CA}\RP9;Program.RemoteAdmin.origin;Deleted.;
  • 0

#33
Jimmy2012

Jimmy2012

    Trusted Helper

  • Retired Staff
  • 6,238 posts
Hello toyma,
Your logs look clean. :)
Just a few more things to do.


Follow these steps to uninstall Combofix and tools used in the removal of malware
  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    Posted Image





Please download OTCleanIt and save it to your Desktop.
  • Double-click OTCleanIt.exe
  • Click the CleanUp! button to begin removing tools used to clean your computer
  • If you are prompted to Reboot during the cleanup, please select Yes

Please remove any leftover tools used to clean your computer.


The following is a list of tools and utilities that I like to suggest to people. This list is full of great tools and utilities to help you understand how you got infected and how to keep from getting infected again.

1. Spywareguard: Is realtime protection from spyware.

2. Spywareblaster: Helps protect against any bad ActiveX from installing on your computer.

3. SuperAntiSpyware: Use this program to remove any spyware that may have gotten on your computer.

4. FireFox: This is a great alternate browser over Internet Explorer. Firefox is much more secure then Internet Explorer and also has a bulilt in pop up blocker.

5. ATF Cleaner: This program cleans out your temporary files. This is a great tool that can help speed your computer up.

6. Trillian or Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)

7. Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.


To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein
  • 0

#34
toyma

toyma

    Member

  • Topic Starter
  • Member
  • PipPip
  • 83 posts
Hello Jimmy,

So far, so good! I've done everything you suggested and I'm downloading all the updates from Microsoft. I'll check on it tomorrow and let you know.

Thanks again for all the patience and help :) !!!!
  • 0

#35
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP