WiredWX Hobby Weather ToolsLog in

 


Trojan horse taken my rights and registry, can't do anything

2 posters

descriptionTrojan horse taken my rights and registry, can't do anything - Page 2 EmptyRe: Trojan horse taken my rights and registry, can't do anything

more_horiz
Ooops! Here is log.
MBRCheck, version 1.1.1
(c) 2010, AD

\\.\C: --> \\.\PhysicalDrive0
\\.\D: --> \\.\PhysicalDrive0

Size Device Name MBR Status
-----------------------------------------------------------

93 GB \\.\PhysicalDrive0 Windows XP MBR code detected

Done! Press ENTER to exit...

descriptionTrojan horse taken my rights and registry, can't do anything - Page 2 EmptyRe: Trojan horse taken my rights and registry, can't do anything

more_horiz
Good thing we cleaned that.

Please re-open Malwarebytes, click the Update tab, and click Check for Updates. Then, click the Scanner tab, select Perform Quick Scan, and press Scan. Remove selected, and post the log in your next reply.

descriptionTrojan horse taken my rights and registry, can't do anything - Page 2 EmptyRe: Trojan horse taken my rights and registry, can't do anything

more_horiz
Here is new Malware log.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4339

Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.11

7/22/2010 3:04:27 PM
mbam-log-2010-07-22 (15-04-27).txt

Scan type: Quick scan
Objects scanned: 144057
Time elapsed: 14 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

descriptionTrojan horse taken my rights and registry, can't do anything - Page 2 EmptyRe: Trojan horse taken my rights and registry, can't do anything

more_horiz
ESET Online Scan

Please run a free online scan with the ESET Online Scanner
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic

descriptionTrojan horse taken my rights and registry, can't do anything - Page 2 EmptyRe: Trojan horse taken my rights and registry, can't do anything

more_horiz
Okay, I will post after the above is completed.

descriptionTrojan horse taken my rights and registry, can't do anything - Page 2 EmptyRe: Trojan horse taken my rights and registry, can't do anything

more_horiz
It has finally finished and here is the log.

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=7.00.6000.17055 (vista_gdr.100414-0533)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=cb29a115dc63a74eb508b3cf0fe2ca2d
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-07-22 11:36:49
# local_time=2010-07-22 06:36:49 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=1024 16777175 100 0 15802216 15802216 0 0
# compatibility_mode=5121 16776537 100 85 106365530 112918173 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=115291
# found=0
# cleaned=0
# scan_time=8710

descriptionTrojan horse taken my rights and registry, can't do anything - Page 2 EmptyRe: Trojan horse taken my rights and registry, can't do anything

more_horiz
Are you gaining control over your computer again?

Let me know of any other issues.

descriptionTrojan horse taken my rights and registry, can't do anything - Page 2 EmptyRe: Trojan horse taken my rights and registry, can't do anything

more_horiz
It appears all is well. Is there anything else I need to do?

descriptionTrojan horse taken my rights and registry, can't do anything - Page 2 EmptyRe: Trojan horse taken my rights and registry, can't do anything

more_horiz
Your logs appear to be clean. If there are no more issues, then we shall clean up!

Clean up System Restore

Now, to get you off to a clean start, we will be creating a new Restore Point, then clearing the old ones to make sure you do not get reinfected, in case you need to "restore back."
  • Select Start > All Programs > Accessories > System tools > System Restore.
  • On the dialogue box that appears select Create a Restore Point
  • Click NEXT
  • Enter a name e.g. Clean
  • Click CREATE

You now have a clean restore point, to get rid of the bad ones:
  • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  • In the Drop down box that appears select your main drive e.g. C
  • Click OK
  • The System will do some calculation and the display a dialogue box with TABS
  • Select the More Options Tab.
  • At the bottom will be a system restore box with a CLEANUP button click this
  • Accept the Warning and select OK again, the program will close and you are done


Run OTC to remove our tools

To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC.exe by OldTimer:
  • Save it to your Desktop.
  • Double click OTC.exe.
  • Click the CleanUp! button.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

Purge old temporary files

Please download TFC by OldTimer to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start
    button to begin the process. Depending on how often you clean temp
    files, execution time should be anywhere from a few seconds to a minute
    or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.


Security Check

Please download Security Check by screen317 from SpywareInfoforum.org or Changelog.fr.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Tell me in your next reply, if you have completed these tasks:
  • Cleaned System Restore
  • Ran OTC
  • Ran TFC
  • Ran Security Check

Also, let me know how your computer is running, and don't forget to post the contents of the Security Check log.

descriptionTrojan horse taken my rights and registry, can't do anything - Page 2 EmptyRe: Trojan horse taken my rights and registry, can't do anything

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum