Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan Virus | PC running slow | Internet connection breaking off


  • This topic is locked This topic is locked

#16
kingfisher3210

kingfisher3210

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5797

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

2/18/2011 8:45:29 PM
mbam-log-2011-02-18 (20-45-29).txt

Scan type: Quick scan
Objects scanned: 158832
Time elapsed: 7 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

Advertisements


#17
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
good :D

but i still need the online scanner results too
  • 0

#18
kingfisher3210

kingfisher3210

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
[email protected] as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=6.00.2900.5512 (xpsp.080413-2105)
# OnlineScanner.ocx=1.0.0.6419
# api_version=3.0.2
# EOSSerial=6159e5d84ed9444ebbd994ba2067c48d
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-02-18 05:16:25
# local_time=2011-02-18 10:46:25 (+0530, India Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 812194 812194 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=64810
# found=7
# cleaned=7
# scan_time=5030
C:\System Volume Information\_restore{D20A7056-D6A8-4C46-9BF6-3C7EAAC9C631}\RP45\A0059577.sys a variant of Win32/Rootkit.Kryptik.CN trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{D20A7056-D6A8-4C46-9BF6-3C7EAAC9C631}\RP45\A0059588.sys a variant of Win32/Rootkit.Kryptik.CN trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{D20A7056-D6A8-4C46-9BF6-3C7EAAC9C631}\RP45\A0060595.exe a variant of Win32/Injector.CQD trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{D20A7056-D6A8-4C46-9BF6-3C7EAAC9C631}\RP48\A0061237.sys a variant of Win32/Bubnix.BH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
D:\Downloads\CIATP46 (1)\CIATP46\tpw.exe a variant of Win32/Packed.Themida application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
D:\Downloads\CIATP46 (2)\CIATP46\tpw.exe a variant of Win32/Packed.Themida application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
D:\_OTL\MovedFiles\02102011_100009\C_RECYCLER\S-1-5-21-6109066214-9338792590-022010046-8386\sjbsi2d.exe a variant of Win32/Injector.CQD trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
  • 0

#19
kingfisher3210

kingfisher3210

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Thanks ali.B. I appreciate your expertise.

Computer is running good. ESET reported few viruses which it fixed while Malwarebytes found my computer virus free.

Sometimes my wireless internet connection breaks off, otherwise computer running good.

Please let me know anything else to be done.

Thanks once again for your valuable time.
  • 0

#20
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi

sorry for the delay i had some power problems.

Congratulations your logs appear clean :D

Reset and Re-enable your System Restore

The following will implement some cleanup procedures as well as reset System Restore points:
  • Click START then RUN
  • Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.

    Posted Image

NEXT

  • Open OTL to run it. (Vista users, right click on OTL and "Run as administrator")
  • Click on the CleanUp button.
  • Click Yes to begin the cleanup process and remove tools, including this application
  • You may be asked to reboot the machine to finish the cleanup process - if so, choose Yes


Recommendations

See Here for a list of recommendations for free Antivirus\AntiSpyware applications.


  • Keep Your windows up to date by regularly checking their website at:
    http://windowsupdate.microsoft.com/

  • SpywareBlaster protects against bad ActiveX, it immunizes your PC against them.

  • SpywareGuard offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program ( eg : TeaTimer, Windows Defender ) or there will be a conflict.

  • Make Internet Explorer more secure
    • Click Start > Run
    • Type Inetcpl.cpl & click OK
    • Click on the Security tab
    • Click Reset all zones to default level
    • Make sure the Internet Zone is selected & Click Custom level
    • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
    • Next Click OK, then Apply button and then OK to exit the Internet Properties page.


  • MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.

  • Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more
    secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop up
    blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from
    Here

    If you choose to use Firefox, I highly recommend these add-ons to keep your PC even more secure.
    • NoScript - for blocking ads and other potential website attacks
    • McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling

  • Click Here to learn how to keep a backup of your important files

  • FileHippo Update Checkker is an extremely helpful program that will tell you which of your programs need to be updated. Its important to keep programs up to date so that malware doesn't exploit any old security flaws.


Thank you :D
  • 0

#21
kingfisher3210

kingfisher3210

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Many Thanks
  • 0

#22
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :D

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP