Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Can't run any anti-malware programs properly


  • Please log in to reply

#16
MacBoznyII

MacBoznyII

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
VirSCAN.org Scanned Report :
Scanned time : 2011/09/14 21:29:56 (CDT)
Scanner results: Scanners did not find malware!
File Name : hidserv.dll
File Size : 21504 byte
File Type : PE32 executable for MS Windows (DLL) (console) Intel 80386 3
MD5 : 9376e6893e52b368abc6255bf54f0b28
SHA1 : 1e4107372ad0e3afb49b753b4740c8e3d45c870a
Online report : http://r.virscan.org...5d674f3234c2b42

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 5.1.0.3 20110914231619 2011-09-14 0.28 -
AhnLab V3 2011.09.15.00 2011.09.15 2011-09-15 2.22 -
AntiVir 8.2.6.60 7.11.14.204 2011-09-14 0.29 -
Antiy 2.0.18 20110915.12513023 2011-09-15 0.02 -
Arcavir 2011 201109061639 2011-09-06 2.41 -
Authentium 5.1.1 201109141739 2011-09-14 1.45 -
AVAST! 4.7.4 110914-1 2011-09-14 0.01 -
AVG 8.5.850 271.1.1/3897 2011-09-15 0.26 -
BitDefender 7.90123.9111500 7.39020 2011-09-15 4.42 -
ClamAV 0.97.1 13618 2011-09-15 0.01 -
Comodo 5.1 10116 2011-09-14 1.80 -
CP Secure 1.3.0.5 2011.09.12 2011-09-12 0.04 -
Dr.Web 5.0.2.3300 2011.09.15 2011-09-15 14.81 -
F-Prot 4.6.2.117 20110914 2011-09-14 0.78 -
F-Secure 7.02.73807 2011.09.14.06 2011-09-14 0.20 -
Fortinet 4.2.257 14.129 2011-09-14 0.10 -
GData 22.2018 20110915 2011-09-15 0.11 -
ViRobot 20110914 2011.09.14 2011-09-14 0.37 -
Ikarus T3.1.32.20.0 2011.09.15.79367 2011-09-15 4.91 -
JiangMin 13.0.900 2011.09.14 2011-09-14 1.58 -
Kaspersky 5.5.10 2011.09.15 2011-09-15 0.13 -
KingSoft 2009.2.5.15 2011.9.15.9 2011-09-15 0.93 -
McAfee 5400.1158 6469 2011-09-14 10.34 -
Microsoft 1.7604 2011.09.14 2011-09-14 3.65 -
NOD32 3.0.21 6463 2011-09-14 0.00 -
Norman 6.07.11 6.07.00 2011-09-14 18.02 -
Panda 9.05.01 2011.09.14 2011-09-14 3.37 -
Trend Micro 9.500-1005 8.428.12 2011-09-14 0.03 -
Quick Heal 11.00 2011.09.14 2011-09-14 1.05 -
Rising 20.0 23.75.02.02 2011-09-14 2.24 -
Sophos 3.23.2 4.69 2011-09-15 4.12 -
Sunbelt 3.9.2500.2 10477 2011-09-14 0.69 -
Symantec 1.3.0.24 20110914.004 2011-09-14 0.23 -
nProtect 20110914.01 12726925 2011-09-14 6.92 -
The Hacker 6.7.0.1 v00296 2011-09-13 0.50 -
VBA32 3.12.16.4 20110914.0956 2011-09-14 4.16 -
VirusBuster 5.3.0.4 14.0.212.0/61664052011-09-14 0.00 -
  • 0

Advertisements


#17
MacBoznyII

MacBoznyII

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
VirSCAN.org Scanned Report :
Scanned time : 2011/09/14 21:33:45 (CDT)
Scanner results: Scanners did not find malware!
File Name : MFC7b8f6.rra
File Size : 1060864 byte
File Type : PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bi
MD5 : f35a584e947a5b401feb0fe01db4a0d7
SHA1 : 664dc99e78261a43d876311931694b6ef87cc8b9
Online report : http://r.virscan.org...38264f2a24fd023

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 5.1.0.3 20110914231619 2011-09-14 0.31 -
AhnLab V3 2011.09.15.00 2011.09.15 2011-09-15 2.40 -
AntiVir 8.2.6.60 7.11.14.204 2011-09-14 0.28 -
Antiy 2.0.18 20110915.12513023 2011-09-15 0.02 -
Arcavir 2011 201109061639 2011-09-06 2.44 -
Authentium 5.1.1 201109141739 2011-09-14 1.51 -
AVAST! 4.7.4 110914-1 2011-09-14 0.08 -
AVG 8.5.850 271.1.1/3897 2011-09-15 0.26 -
BitDefender 7.90123.9111500 7.39020 2011-09-15 4.40 -
ClamAV 0.97.1 13618 2011-09-15 0.19 -
Comodo 5.1 10116 2011-09-14 1.77 -
CP Secure 1.3.0.5 2011.09.12 2011-09-12 0.42 -
Dr.Web 5.0.2.3300 2011.09.15 2011-09-15 14.95 -
F-Prot 4.6.2.117 20110914 2011-09-14 0.80 -
F-Secure 7.02.73807 2011.09.14.06 2011-09-14 11.63 -
Fortinet 4.2.257 14.129 2011-09-14 0.10 -
GData 22.2018 20110915 2011-09-15 0.11 -
ViRobot 20110914 2011.09.14 2011-09-14 0.33 -
Ikarus T3.1.32.20.0 2011.09.15.79367 2011-09-15 4.80 -
JiangMin 13.0.900 2011.09.14 2011-09-14 1.56 -
Kaspersky 5.5.10 2011.09.15 2011-09-15 0.11 -
KingSoft 2009.2.5.15 2011.9.15.9 2011-09-15 0.82 -
McAfee 5400.1158 6469 2011-09-14 9.83 -
Microsoft 1.7604 2011.09.14 2011-09-14 3.53 -
NOD32 3.0.21 6463 2011-09-14 0.00 -
Norman 6.07.11 6.07.00 2011-09-14 18.02 -
Panda 9.05.01 2011.09.14 2011-09-14 2.01 -
Trend Micro 9.500-1005 8.428.12 2011-09-14 0.03 -
Quick Heal 11.00 2011.09.14 2011-09-14 1.45 -
Rising 20.0 23.75.02.02 2011-09-14 2.35 -
Sophos 3.23.2 4.69 2011-09-15 3.88 -
Sunbelt 3.9.2500.2 10477 2011-09-14 0.72 -
Symantec 1.3.0.24 20110914.004 2011-09-14 0.32 -
nProtect 20110914.01 12726925 2011-09-14 1.19 -
The Hacker 6.7.0.1 v00296 2011-09-13 0.55 -
VBA32 3.12.16.4 20110914.0956 2011-09-14 4.50 -
VirusBuster 5.3.0.4 14.0.212.0/61664052011-09-14 0.00 -
  • 0

#18
MacBoznyII

MacBoznyII

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Thanks a lot for your help so far. I didn't notice anything wrong with it before "Security Protection" and Google Chrome not working. Chrome works now but except for that I'm not sure if it works any better or not. I do, however, have a few inquiries. Before I ran the second OTL fix and I believe after the first fix, all of my files were displaying the file extensions in the names (e.g. hat.jpg) but after the second scan they were gone. Also, if I download Limewire again is there any way for me to know for sure what files to and not to download?
  • 0

#19
MacBoznyII

MacBoznyII

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
There is one thing I've noticed besides the above. For some reason I keep getting the blue screen of death for seemingly NO REASON. I would be in the middle of something and all of a sudden a blue screen would pop up on my screen saying "Fatal error.....". It has happened about 4 times now and I've had to restart my computer every time.
  • 0

#20
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Hello

Before I ran the second OTL fix and I believe after the first fix, all of my files were displaying the file extensions in the names (e.g. hat.jpg) but after the second scan they were gone.

There's nothing to worry about this.

Also, if I download Limewire again is there any way for me to know for sure what files to and not to download?

No, you can't. Even if you scan it first and it comes clean, it still might be undetected (from your antivirus engine) malware.
You can't trust a file that you don't know its origin.

Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.



Next:

Click on the Avast ball from the taskbar
click on Scan Computer
click on Boot-Time Scan
click on Settings
A window will open and near the bottom you will see Ask, click the down arrow and select Move to Chest
Click OK then Schedule Now.
Reboot and let it run a scan. It may take hours.

Then post the log. It should be located here:

C:\Documnets and Settings\All Users\Application Data\AVAST Software\Avast\report\aswBoot.txt
or
C:\Documents and Settings\Malcolm Hayles\Application Data\AVAST Software\Avast\report\aswBoot.txt





Next:

Go here and install any available updates for you. One of these should be Service Pack 3.
When all updates are finished downloading and installing, go again to that site and make sure that no other update is available
  • 0

#21
MacBoznyII

MacBoznyII

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7730

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

9/16/2011 5:19:31 PM
mbam-log-2011-09-16 (17-19-30).txt

Scan type: Quick scan
Objects scanned: 209579
Time elapsed: 10 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

#22
MacBoznyII

MacBoznyII

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
09/16/2011 18:27
Scan of all local drives

File C:\Program Files\EarthLink Setup\Windows\access\SpywareBlocker.msi|>Data1.cab|>ElShowSpyAbout.exe|>[UPX] is infected by Win32:Malware-gen, Move to chest: Error 42111 {The operation is not supported for this type of archive.}
File C:\Qoobox\Quarantine\C\WINDOWS\system32\msiexec.exe.vir is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP27\A0011626.sys is infected by Win32:Alureon-AJI [Rtk], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP27\A0011627.ini is infected by Win32:Malware-gen, Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP28\A0011656.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP28\A0011657.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP28\A0011658.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP28\A0011659.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP28\A0011660.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP28\A0011661.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP28\A0011662.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP28\A0011663.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP28\A0011664.sys is infected by Win32:Alureon-AJI [Rtk], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP28\A0011665.ini is infected by Win32:Malware-gen, Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP29\A0011685.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP29\A0011686.sys is infected by Win32:Alureon-AJI [Rtk], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP29\A0011687.ini is infected by Win32:Malware-gen, Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP30\A0011697.sys is infected by Win32:Alureon-AJI [Rtk], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP30\A0011698.ini is infected by Win32:Malware-gen, Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP30\A0012697.sys is infected by Win32:Alureon-AJI [Rtk], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP30\A0012698.ini is infected by Win32:Malware-gen, Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP30\A0013697.sys is infected by Win32:Alureon-AJI [Rtk], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP30\A0013698.ini is infected by Win32:Malware-gen, Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP31\A0014008.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP32\A0014036.sys is infected by Win32:Alureon-AJI [Rtk], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP32\A0014037.ini is infected by Win32:Malware-gen, Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP32\A0014051.sys is infected by Win32:Alureon-AJI [Rtk], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP32\A0014052.ini is infected by Win32:Malware-gen, Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP32\A0015051.sys is infected by Win32:Alureon-AJI [Rtk], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP32\A0015052.ini is infected by Win32:Malware-gen, Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP32\A0016051.sys is infected by Win32:Alureon-AJI [Rtk], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP32\A0016052.ini is infected by Win32:Malware-gen, Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP32\A0016063.sys is infected by Win32:Alureon-AJI [Rtk], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP32\A0016064.ini is infected by Win32:Malware-gen, Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP33\A0016145.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP33\A0016146.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP33\A0016147.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP33\A0016573.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP33\A0016574.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP33\A0016575.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP33\A0016576.exe is infected by Win32:Kryptik-EQX [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP33\A0018231.sys is infected by Win32:Alureon-AJI [Rtk], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP33\A0018232.ini is infected by Win32:Malware-gen, Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP34\A0018353.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP34\A0018354.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP34\A0018355.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP34\A0018780.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP34\A0018781.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP34\A0018782.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP34\A0018783.exe is infected by Win32:Kryptik-EQX [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP34\A0020435.sys is infected by Win32:Alureon-AJI [Rtk], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP34\A0020436.ini is infected by Win32:Malware-gen, Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP34\A0020697.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP34\A0020698.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP34\A0020741.sys is infected by Win32:Alureon-AJI [Rtk], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP34\A0020742.ini is infected by Win32:Malware-gen, Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP34\A0020760.sys is infected by Win32:Alureon-AJI [Rtk], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP34\A0020761.ini is infected by Win32:Malware-gen, Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP34\A0020816.sys is infected by Win32:Alureon-AJI [Rtk], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP34\A0020817.ini is infected by Win32:Malware-gen, Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP38\A0020897.sys is infected by Win32:Alureon-AJI [Rtk], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP38\A0020898.ini is infected by Win32:Malware-gen, Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP39\A0020925.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP39\A0021095.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP39\A0021096.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP43\A0021319.ini is infected by Win32:Malware-gen, Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP46\A0023345.ini is infected by Win32:Malware-gen, Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP46\A0023356.old is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP46\A0023367.old is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP47\A0023405.sys is infected by Win32:Alureon-AJI [Rtk], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP47\A0023490.rbf is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP47\A0023529.rbf is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP48\A0023588.sys is infected by Win32:Alureon-AJI [Rtk], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP48\A0023751.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP60\A0024712.msi|>Data1.cab|>ElShowSpyAbout.exe|>[UPX] is infected by Win32:Malware-gen, Move to chest: Error 42111 {The operation is not supported for this type of archive.}
File C:\_OTL\MovedFiles\09132011_174002\C_Documents and Settings\All Users\Application Data\qwerty.exe is infected by Win32:Kryptik-EQX [Trj], Moved to chest
File C:\_OTL\MovedFiles\09132011_174002\C_Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe is infected by Win32:Patched-WQ [Trj], Moved to chest
File C:\_OTL\MovedFiles\09132011_174002\C_WINDOWS\3425845141:1791020339.exe is infected by Win32:Tiny-AMB [Rtk], Moved to chest
File C:\_OTL\MovedFiles\09132011_175848\C_Documents and Settings\Malcolm Hayles\Local Settings\Temp\1316.tmp is infected by Win32:Kryptik-EQX [Trj], Moved to chest
File C:\_OTL\MovedFiles\09132011_175848\C_Documents and Settings\Malcolm Hayles\Local Settings\Temp\1317.tmp is infected by Win32:Kryptik-EQX [Trj], Moved to chest
File C:\_OTL\MovedFiles\09132011_175848\C_Documents and Settings\Malcolm Hayles\Local Settings\Temp\1318.tmp is infected by Win32:Kryptik-EQX [Trj], Moved to chest
File C:\_OTL\MovedFiles\09142011_211613\C_WINDOWS\system32\c_12502.nl_|>P2P.V2.dll is infected by Win32:Alureon-AJI [Rtk], Moved to chest
Number of searched folders: 9746
Number of tested files: 378144
Number of infected files: 82
  • 0

#23
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
That's good

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Files
    C:\Program Files\EarthLink Setup\Windows\access\SpywareBlocker.msi

    :Commands
    [purity]
    [EMPTYFLASH]

  • Then click the Run Fix button at the top
  • Let the program run unhindered



Next:

Please answer these questions so we can proceed:

Are there any other problems with your computer? How is it working?
  • 0

#24
MacBoznyII

MacBoznyII

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
It might be a while before I can respond to this but thank you for your help and patience.
  • 0

#25
MacBoznyII

MacBoznyII

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Thank you for waiting. The comp is running great now. Thanks for all the help.
  • 0

Advertisements


#26
michaelg9

michaelg9

    Trusted Helper

  • Malware Removal
  • 2,949 posts
Happy to hear that you're clean finally :yes:

Congratulations! Your logs are clean! :) Now that you are clean, please follow these precautions in order to keep safe:


Over the course of the fix you've used a variety of special tools to help with the cleaning process - none of these are of any use to you now that you're clean, and it's best not to have them hanging around on your computer.


Next:


Uninstall ComboFix from your computer:
  • Click on Start > Run
  • Type Combofix /Uninstall in the run box and click Ok. Note the space between the x and the /u, it needs to be there.
    Posted Image

Next:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [CLEARALLRESTOREPOINTS]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL for the last time and hit the cleanup button. It will remove all the programs we have used plus itself.

Next:

Note: If you are using Firefox I would suggest the use of these add-ons:
  • NoScript - for blocking ads and other potential website attacks.
  • McAfee SiteAdvisor - this tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling.


Next:


Automatic Updates for Windows
  • Click Start.
  • Select Settings and then Control Panel.
  • Select Automatic Updates.
  • Click Automatic (recommended)
  • Choose a day and a time when you know the computer will be on and connected to the internet.
  • Click Apply then OK.



Next:


Additional security programs - For additional security, the use of these tools is important:
  • Malwarebytes Anti-Malware. - Update the free version and scan with it often. It is an excellent scanning tool to have on your side.
  • The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer. This little program packs a powerful punch as it block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers. For information on how to download and install, please read this tutorial

Next:

Upgrading Java:
  • Go here and click Do I have Java
  • It will check your current version and then offer to update to the latest version, if there are any.


Next:


Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.


Next:


Keep a backup of your important files to prevent future data loss.


Happy safe computing !! :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP