WiredWX Christian Hobby Weather Tools
Would you like to react to this message? Create an account in a few clicks or log in to continue.

WiredWX Christian Hobby Weather ToolsLog in

 


Antivirus Soft Demo

2 posters

descriptionAntivirus Soft Demo EmptyAntivirus Soft Demo10th February 2010, 1:34 am

more_horiz
I know there was another thread for this but it didn't help all. It's really frustrating, so I need an expert's help. Sad tearing

descriptionAntivirus Soft Demo EmptyRe: Antivirus Soft Demo10th February 2010, 3:11 pm

more_horiz
Please visit this webpage for a tutorial on downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

See the area: Using ComboFix, and when done, post the log back here.

descriptionAntivirus Soft Demo EmptyRe: Antivirus Soft Demo10th February 2010, 11:01 pm

more_horiz
It worked. Thanks, Jay. Smile...

ComboFix 10-02-10.01 - Stefanie 02/10/2010 14:47:22.2.2 - x86
Microsoft®️ Windows Vista™️ Home Premium 6.0.6001.1.1252.1.1033.18.1978.992 [GMT -8:00]
Running from: c:\users\Stefanie\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\sysReserve.ini
c:\users\Stefanie\AppData\Local\{761304F6-9DA7-4127-8E14-12FB034BD339}
c:\users\Stefanie\AppData\Local\{761304F6-9DA7-4127-8E14-12FB034BD339}\chrome.manifest
c:\users\Stefanie\AppData\Local\{761304F6-9DA7-4127-8E14-12FB034BD339}\chrome\content\_cfg.js
c:\users\Stefanie\AppData\Local\{761304F6-9DA7-4127-8E14-12FB034BD339}\chrome\content\overlay.xul
c:\users\Stefanie\AppData\Local\{761304F6-9DA7-4127-8E14-12FB034BD339}\install.rdf
c:\users\Stefanie\AppData\Local\uiwwht
c:\users\Stefanie\AppData\Local\uiwwht\owepsftav.exe
c:\windows\system32\oem3.inf

.
((((((((((((((((((((((((( Files Created from 2010-01-10 to 2010-02-10 )))))))))))))))))))))))))))))))
.

2010-02-10 22:55 . 2010-02-10 22:55 -------- d-----w- c:\users\Joan\AppData\Local\temp
2010-02-10 22:55 . 2010-02-10 22:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-02-05 03:15 . 2010-02-05 03:41 -------- d-----w- c:\users\Stefanie\AppData\Roaming\gtk-2.0
2010-02-05 03:15 . 2010-02-05 03:15 -------- d-----w- c:\users\Stefanie\.thumbnails
2010-02-05 03:13 . 2010-02-05 04:02 -------- d-----w- c:\users\Stefanie\.gimp-2.6
2010-02-05 03:12 . 2010-02-05 03:12 -------- d-----w- c:\program files\GIMP-2.0
2010-02-03 02:13 . 2010-02-03 02:13 -------- d-----w- c:\program files\iPod
2010-02-03 02:04 . 2010-02-03 02:04 72488 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
2010-01-15 04:11 . 2010-01-15 04:11 -------- d-----w- c:\users\Stefanie\AppData\Roaming\Xilisoft Corporation
2010-01-15 04:08 . 2010-01-15 04:08 -------- d-----w- c:\program files\Xilisoft
2010-01-12 23:43 . 2009-10-19 14:27 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-12 23:43 . 2009-10-19 14:24 72704 ----a-w- c:\windows\system32\fontsub.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-10 22:43 . 2009-06-03 04:17 12 ----a-w- c:\windows\bthservsdp.dat
2010-02-10 01:44 . 2009-08-15 18:30 6756 ----a-w- c:\users\Stefanie\AppData\Local\d3d9caps.dat
2010-02-03 02:14 . 2009-12-02 02:16 -------- d-----w- c:\program files\iTunes
2010-02-03 02:13 . 2009-09-26 15:29 -------- d-----w- c:\program files\Common Files\Apple
2010-01-21 23:36 . 2010-01-09 01:29 120 ----a-w- c:\users\Stefanie\AppData\Local\Ufosusoyaqoxisi.dat
2010-01-21 23:36 . 2010-01-09 01:29 0 ----a-w- c:\users\Stefanie\AppData\Local\Yyitilobakamo.bin
2010-01-20 21:25 . 2009-06-03 06:01 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-14 19:12 . 2009-10-02 20:44 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-13 00:02 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-12-18 13:05 . 2010-01-21 23:45 833024 ----a-w- c:\windows\system32\wininet.dll
2009-12-18 13:01 . 2010-01-21 23:45 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-12-18 10:14 . 2010-01-21 23:45 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-17 03:50 . 2009-12-17 03:50 -------- d-----w- c:\program files\AVCWare
2009-12-15 01:07 . 2009-08-23 02:39 -------- d-----w- c:\programdata\avg8
2009-12-04 18:03 . 2009-12-04 18:03 251376 ----a-w- c:\users\Stefanie\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-06-03 05:00 . 2009-06-03 04:53 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"Google Update"="c:\users\Stefanie\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-08-22 133104]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-09-09 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-09-09 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-09-09 154136]

descriptionAntivirus Soft Demo EmptyRe: Antivirus Soft Demo11th February 2010, 4:11 am

more_horiz
Hi again. Please do these steps in order.

1. Please download TFC by OldTimer to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start
    button to begin the process. Depending on how often you clean temp
    files, execution time should be anywhere from a few seconds to a minute
    or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.


2. Antivirus Soft Demo Mbamicontw5 Please download Malwarebytes Anti-Malware from Malwarebytes.org.
Alternate link: BleepingComputer.com.
(Note: if you already have the program installed, just follow the directions. No need to re-download or re-install!)

Double Click mbam-setup.exe to install the application.

(Note: if you already have the program installed, open Malwarebytes from the Start Menu or Desktop shortcut, click the Update tab, and click Check for Updates, before doing the scan as instructed below!)

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

3. Please visit this webpage for instructions for downloading and running SUPERAntiSpyware (SAS) to scan and remove malware from your computer:

http://www.bleepingcomputer.com/virus-removal/how-to-use-superantispyware-tutorial

Post the log from SUPERAntiSpyware when you've accomplished that.

4. Please run a free online scan with the ESET Online Scanner
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


5. Post the following in your next reply:
  • MBAM log
  • SAS log
  • ESET log

And, please tell me how your computer is doing.

descriptionAntivirus Soft Demo EmptyRe: Antivirus Soft Demo11th February 2010, 4:17 am

more_horiz
I just said it worked and still is. I actually had recommendations from other people to download certain software (including Malwarebytes). So, yeah, thanks again. No way!

descriptionAntivirus Soft Demo EmptyRe: Antivirus Soft Demo11th February 2010, 4:22 am

more_horiz
ok...just trying to make sure it was clean. Goofy

descriptionAntivirus Soft Demo EmptyRe: Antivirus Soft Demo

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum