Please Help with HIJACK Log [Solved]
Started by
Lorelle
, Sep 20 2009 03:17 PM
#16
Posted 21 September 2009 - 08:16 PM
#17
Posted 23 September 2009 - 09:50 AM
txt file after Malware scan of externals
Malwarebytes' Anti-Malware 1.41
Database version: 2837
Windows 5.1.2600 Service Pack 3
9/23/2009 11:33:41 AM
mbam-log-2009-09-23 (11-33-41).txt
Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Objects scanned: 173221
Time elapsed: 32 minute(s), 49 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 6
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
F:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665 (Trojan.Conficker.H) -> Quarantined and deleted successfully.
H:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665 (Trojan.Conficker.H) -> Quarantined and deleted successfully.
I:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665 (Trojan.Conficker.H) -> Quarantined and deleted successfully.
Files Infected:
F:\autorun.inf (Trojan.Conficker.H) -> Quarantined and deleted successfully.
F:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx (Trojan.Conficker.H) -> Quarantined and deleted successfully.
H:\autorun.inf (Trojan.Conficker.H) -> Quarantined and deleted successfully.
H:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx (Trojan.Conficker.H) -> Quarantined and deleted successfully.
I:\autorun.inf (Trojan.Conficker.H) -> Quarantined and deleted successfully.
I:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx (Trojan.Conficker.H) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.41
Database version: 2837
Windows 5.1.2600 Service Pack 3
9/23/2009 11:33:41 AM
mbam-log-2009-09-23 (11-33-41).txt
Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Objects scanned: 173221
Time elapsed: 32 minute(s), 49 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 6
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
F:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665 (Trojan.Conficker.H) -> Quarantined and deleted successfully.
H:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665 (Trojan.Conficker.H) -> Quarantined and deleted successfully.
I:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665 (Trojan.Conficker.H) -> Quarantined and deleted successfully.
Files Infected:
F:\autorun.inf (Trojan.Conficker.H) -> Quarantined and deleted successfully.
F:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx (Trojan.Conficker.H) -> Quarantined and deleted successfully.
H:\autorun.inf (Trojan.Conficker.H) -> Quarantined and deleted successfully.
H:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx (Trojan.Conficker.H) -> Quarantined and deleted successfully.
I:\autorun.inf (Trojan.Conficker.H) -> Quarantined and deleted successfully.
I:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx (Trojan.Conficker.H) -> Quarantined and deleted successfully.
#18
Posted 23 September 2009 - 09:58 AM
I want to repeat that same scan because the bad files on the F: drive are a repeat of a previous scan and I want to find out if something else is putting them back or if the thumb drive re-infected it before the last scan.
Before the new scan, download and run this:
Download TFC by OldTimer to your desktop
Then post a new MBAM log with all of the drives plugged in.
Before the new scan, download and run this:
Download TFC by OldTimer to your desktop
- Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
- It will close all programs when run, so make sure you have saved all your work before you begin.
- Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
- Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.
Then post a new MBAM log with all of the drives plugged in.
#19
Posted 23 September 2009 - 11:23 AM
new Mbam log I will be needing an antivirus ...recommendations
Malwarebytes' Anti-Malware 1.41
Database version: 2837
Windows 5.1.2600 Service Pack 3
9/23/2009 1:22:20 PM
mbam-log-2009-09-23 (13-22-20).txt
Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Objects scanned: 170588
Time elapsed: 32 minute(s), 51 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Malwarebytes' Anti-Malware 1.41
Database version: 2837
Windows 5.1.2600 Service Pack 3
9/23/2009 1:22:20 PM
mbam-log-2009-09-23 (13-22-20).txt
Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Objects scanned: 170588
Time elapsed: 32 minute(s), 51 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
#20
Posted 23 September 2009 - 11:27 AM
Well done! Your log appears clean!
------------------
Step 1:
------------------
We're almost done. We need to do some clean up and get you on your way.
Follow these steps to uninstall Combofix
------------------
Step 2:
------------------
We need to remove all the tools that you have used. This is so that should you ever be re-infected, you will download updated versions.
------------------
Step 3:
------------------
It is very important that you get all of the critical updates for your Operating System and Internet Explorer. Keeping your OS and browser up to date will help make you less susceptible to attacks by Trojans and viruses. Windows Updates are constantly being revised to combat the newest hacks and threats. Microsoft releases security updates that help your computer from becoming vunerable.
Please go to Microsoft's Windows Update and download all the critical updates to help prevent possible re-infection.
It is best if you have these set to download automatically.
Automatic Updates for Windows
---------------------------------------------------------------------------------------------
This is a good time to set up protection against further attacks. Read our How Did I Get Infected In The First Place?. You need an antivirus that is continually updated, a good firewall, a spyware blocker, and a real time spyware program to prevent malware intrusions. Be very wary with any security software that is advertised in popups or in other ways. They are not only usually of no use, but often have malware in them.
---------------------------------------------------------------------------------------------
Anti Spyware
Anti Spyware helps to eliminate certain types of infections. I would recommend getting these and running the scans at least twice a month. Also a real-time protector is beneficial to stop infections before they start. SpywareGuard is an excellent choice here.
---------------------------------------------------------------------------------------------
Safer Web Browser
Internet Explorer is not the most secure tool for browsing the web. It has been known to be very susceptible to infection, and there are some good free alternatives:
All are faster, safer, more powerful and functional free alternatives to Internet Explorer. It's definitely worth the short period of adjustment to start using one of these.
If you choose FireFox, here are a couple of addons that I recommend:
---------------------------------------------------------------------------------------------
Other Recommendations
FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated. Its important to keep programs up to date so that malware doesn't exploit any old security flaws.
Take Care and Happy Surfing!
------------------
Step 1:
------------------
We're almost done. We need to do some clean up and get you on your way.
Follow these steps to uninstall Combofix
- Click START then RUN
- Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.
------------------
Step 2:
------------------
We need to remove all the tools that you have used. This is so that should you ever be re-infected, you will download updated versions.
- Run OTL.exe
- Click the Clean Up button in top right corner.
- You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
------------------
Step 3:
------------------
It is very important that you get all of the critical updates for your Operating System and Internet Explorer. Keeping your OS and browser up to date will help make you less susceptible to attacks by Trojans and viruses. Windows Updates are constantly being revised to combat the newest hacks and threats. Microsoft releases security updates that help your computer from becoming vunerable.
Please go to Microsoft's Windows Update and download all the critical updates to help prevent possible re-infection.
It is best if you have these set to download automatically.
Automatic Updates for Windows
- Click Start.
- Select Settings and then Control Panel.
- Select Automatic Updates.
- Click Automatic (recommended)
- Choose a day and a time when you know the computer will be on and connected to the internet.
- Click Apply then OK.
---------------------------------------------------------------------------------------------
This is a good time to set up protection against further attacks. Read our How Did I Get Infected In The First Place?. You need an antivirus that is continually updated, a good firewall, a spyware blocker, and a real time spyware program to prevent malware intrusions. Be very wary with any security software that is advertised in popups or in other ways. They are not only usually of no use, but often have malware in them.
---------------------------------------------------------------------------------------------
Anti Spyware
Anti Spyware helps to eliminate certain types of infections. I would recommend getting these and running the scans at least twice a month. Also a real-time protector is beneficial to stop infections before they start. SpywareGuard is an excellent choice here.
- SUPERAntiSpyware is a powerful tool that can eliminate nasties that make it onto your machine.
- SpywareBlaster to help prevent spyware from installing in the first place. A tutorial can be found here.
- SpywareGuard to catch and block spyware before it can execute. A tutorial can be found here.
---------------------------------------------------------------------------------------------
Safer Web Browser
Internet Explorer is not the most secure tool for browsing the web. It has been known to be very susceptible to infection, and there are some good free alternatives:
All are faster, safer, more powerful and functional free alternatives to Internet Explorer. It's definitely worth the short period of adjustment to start using one of these.
If you choose FireFox, here are a couple of addons that I recommend:
- NoScript - for blocking ads and other potential website attacks
- McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must have if you do alot of Google searches.
---------------------------------------------------------------------------------------------
Other Recommendations
FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated. Its important to keep programs up to date so that malware doesn't exploit any old security flaws.
Take Care and Happy Surfing!
#21
Posted 23 September 2009 - 11:29 AM
And here are my recommendations for antivirus and firewall applications:
Anti Virus Programs
One AntiVirus is a must have! But never more than one, as this can and will cause conflicts and false readings. It is imperative that you have an antivirus program installed on your computer to browse safely in the world of today's internet. Antivirus programs will find and delete any malicious files on your computer as well as protecting your computer from such files in the first place. The best of your antivirus program options are these:
---------------------------------------------------------------------------------------------
Personal Firewalls
Firewalls help to prevent unauthorized access both to and from the internet or your local network. A firewall is considered a first line of defense in protecting private information. Below are some free firewalls to choose from, if you do not already have one. Note: You only need one firewall one your system.
Anti Virus Programs
One AntiVirus is a must have! But never more than one, as this can and will cause conflicts and false readings. It is imperative that you have an antivirus program installed on your computer to browse safely in the world of today's internet. Antivirus programs will find and delete any malicious files on your computer as well as protecting your computer from such files in the first place. The best of your antivirus program options are these:
- Avira AntiVir PersonalEdition is an excellent free AV.
- avast! 4 Home Edition, yet another good free AV.
- AVG AntiVirus version 8.5 is free for personal use.
---------------------------------------------------------------------------------------------
Personal Firewalls
Firewalls help to prevent unauthorized access both to and from the internet or your local network. A firewall is considered a first line of defense in protecting private information. Below are some free firewalls to choose from, if you do not already have one. Note: You only need one firewall one your system.
- Outpost Firewall is another free firewall
- Online Armor (Free edition) personal firewall.
- Sunbelt Personal Firewall is an excellent firewall.
#22
Posted 23 September 2009 - 12:17 PM
Thank you for all of your help, it is truly appreciated!
#23
Posted 23 September 2009 - 12:24 PM
You are very welcome. Glad we could help!
#24
Posted 23 September 2009 - 12:25 PM
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users