Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Please Help with HIJACK Log [Solved]

Started by Lorelle , Sep 20 2009 03:17 PM

  • This topic is locked This topic is locked

#16
Perplexus
Posted 21 September 2009 - 08:16 PM

Perplexus

    Lord of the Geeks

  • Malware Removal
  • 1,185 posts
Plug in your external drives and perform a full scan with MalwareBytes. Make sure and select the external drives too. Post back the log.
  • 0

Advertisements

#17
Lorelle
Posted 23 September 2009 - 09:50 AM

Lorelle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
txt file after Malware scan of externals

Malwarebytes' Anti-Malware 1.41
Database version: 2837
Windows 5.1.2600 Service Pack 3

9/23/2009 11:33:41 AM
mbam-log-2009-09-23 (11-33-41).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Objects scanned: 173221
Time elapsed: 32 minute(s), 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
F:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665 (Trojan.Conficker.H) -> Quarantined and deleted successfully.
H:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665 (Trojan.Conficker.H) -> Quarantined and deleted successfully.
I:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665 (Trojan.Conficker.H) -> Quarantined and deleted successfully.

Files Infected:
F:\autorun.inf (Trojan.Conficker.H) -> Quarantined and deleted successfully.
F:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx (Trojan.Conficker.H) -> Quarantined and deleted successfully.
H:\autorun.inf (Trojan.Conficker.H) -> Quarantined and deleted successfully.
H:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx (Trojan.Conficker.H) -> Quarantined and deleted successfully.
I:\autorun.inf (Trojan.Conficker.H) -> Quarantined and deleted successfully.
I:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx (Trojan.Conficker.H) -> Quarantined and deleted successfully.
  • 0

#18
Perplexus
Posted 23 September 2009 - 09:58 AM

Perplexus

    Lord of the Geeks

  • Malware Removal
  • 1,185 posts
I want to repeat that same scan because the bad files on the F: drive are a repeat of a previous scan and I want to find out if something else is putting them back or if the thumb drive re-infected it before the last scan.

Before the new scan, download and run this:

Download TFC by OldTimer to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.
Note: It is a good idea to run TFC to clear out all your temp files every now and again. This helps to keep your computer running more efficiently. It also can assist in getting rid of files that may contain malicious code that could re-infect your computer.

Then post a new MBAM log with all of the drives plugged in.
  • 0

#19
Lorelle
Posted 23 September 2009 - 11:23 AM

Lorelle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
new Mbam log I will be needing an antivirus ...recommendations

Malwarebytes' Anti-Malware 1.41
Database version: 2837
Windows 5.1.2600 Service Pack 3

9/23/2009 1:22:20 PM
mbam-log-2009-09-23 (13-22-20).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Objects scanned: 170588
Time elapsed: 32 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#20
Perplexus
Posted 23 September 2009 - 11:27 AM

Perplexus

    Lord of the Geeks

  • Malware Removal
  • 1,185 posts
Well done! Your log appears clean! :)

------------------
Step 1:
------------------

We're almost done. We need to do some clean up and get you on your way.

Follow these steps to uninstall Combofix
  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    Posted Image
(This will remove all restore points to rid your machine of saved infected files and create a new restore point)

------------------
Step 2:
------------------

We need to remove all the tools that you have used. This is so that should you ever be re-infected, you will download updated versions.

  • Run OTL.exe
  • Click the Clean Up button in top right corner.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
Now delete any logs that you have left over on your desktop.


------------------
Step 3:
------------------

It is very important that you get all of the critical updates for your Operating System and Internet Explorer. Keeping your OS and browser up to date will help make you less susceptible to attacks by Trojans and viruses. Windows Updates are constantly being revised to combat the newest hacks and threats. Microsoft releases security updates that help your computer from becoming vunerable.

Please go to Microsoft's Windows Update and download all the critical updates to help prevent possible re-infection.

It is best if you have these set to download automatically.

Automatic Updates for Windows
  • Click Start.
  • Select Settings and then Control Panel.
  • Select Automatic Updates.
  • Click Automatic (recommended)
  • Choose a day and a time when you know the computer will be on and connected to the internet.
  • Click Apply then OK.

---------------------------------------------------------------------------------------------

This is a good time to set up protection against further attacks. Read our How Did I Get Infected In The First Place?. You need an antivirus that is continually updated, a good firewall, a spyware blocker, and a real time spyware program to prevent malware intrusions. Be very wary with any security software that is advertised in popups or in other ways. They are not only usually of no use, but often have malware in them.

---------------------------------------------------------------------------------------------

Anti Spyware

Anti Spyware helps to eliminate certain types of infections. I would recommend getting these and running the scans at least twice a month. Also a real-time protector is beneficial to stop infections before they start. SpywareGuard is an excellent choice here.
  • Posted ImageSUPERAntiSpyware is a powerful tool that can eliminate nasties that make it onto your machine.
  • Posted ImageSpywareBlaster to help prevent spyware from installing in the first place. A tutorial can be found here.
  • Posted ImageSpywareGuard to catch and block spyware before it can execute. A tutorial can be found here.
Note: If you find your system slows down after installing any of these, just uninstall it, or disable it from running at startup.

---------------------------------------------------------------------------------------------

Safer Web Browser

Internet Explorer is not the most secure tool for browsing the web. It has been known to be very susceptible to infection, and there are some good free alternatives:
All are faster, safer, more powerful and functional free alternatives to Internet Explorer. It's definitely worth the short period of adjustment to start using one of these.

If you choose FireFox, here are a couple of addons that I recommend:
  • NoScript - for blocking ads and other potential website attacks
  • McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must have if you do alot of Google searches.

---------------------------------------------------------------------------------------------

Other Recommendations

FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated. Its important to keep programs up to date so that malware doesn't exploit any old security flaws.

Take Care and Happy Surfing! :)
  • 0

#21
Perplexus
Posted 23 September 2009 - 11:29 AM

Perplexus

    Lord of the Geeks

  • Malware Removal
  • 1,185 posts
And here are my recommendations for antivirus and firewall applications:

Anti Virus Programs

One AntiVirus is a must have! But never more than one, as this can and will cause conflicts and false readings. It is imperative that you have an antivirus program installed on your computer to browse safely in the world of today's internet. Antivirus programs will find and delete any malicious files on your computer as well as protecting your computer from such files in the first place. The best of your antivirus program options are these:

---------------------------------------------------------------------------------------------

Personal Firewalls

Firewalls help to prevent unauthorized access both to and from the internet or your local network. A firewall is considered a first line of defense in protecting private information. Below are some free firewalls to choose from, if you do not already have one. Note: You only need one firewall one your system.

  • 0

#22
Lorelle
Posted 23 September 2009 - 12:17 PM

Lorelle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Thank you for all of your help, it is truly appreciated!
  • 0

#23
Perplexus
Posted 23 September 2009 - 12:24 PM

Perplexus

    Lord of the Geeks

  • Malware Removal
  • 1,185 posts
You are very welcome. Glad we could help! :)
  • 0

#24
Perplexus
Posted 23 September 2009 - 12:25 PM

Perplexus

    Lord of the Geeks

  • Malware Removal
  • 1,185 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP