|
Answer» Hi
Been attacked today, well annoyed. Spend nearly all afternoon running the Malware tutorial (THANKS!!)
Here are the logs as requested, I guess I await a response?
If this all works I cant thank you enough, major SNOWED under at work, last thing I need is this.
Details: It started this morning, I was searching for sound bites of Ray Lamontagnes new album so I could listen before purchasing online. I came across what looked like mp3 files and clicked to listen, this is when it all went a bit mental. Kept getting a virus notification pop up asking me to click and download repair etc. It didnt look right so I ignored it and then more kept appearing. I closed everything down and rebooted straight away. I then went straight here (I only registered today but browse every now and then). I followed the method posted by evilfantasy, the sticky one at the top of the FORUM. Took an age but found lots of trojans etc. 30 in all!!
If the logs can be reviewed and more help given that would be great.
cheers
john
[Saving space - attachment deleted by admin]Hi
Have any of the assembled experts managed to review the log files? Just got back into work and worried about my PC
Thanks in advance
John
Hi
The scheduled daily AVG scan has just completed with worrying results
I followed all the steps and posted my log files above, has it still not cleaned my PC then?
Log from today:
"Scan ""Scheduled scan"" was finished."
"Infections found:";"18"
"Infected objects removed or healed:";"18"
"Not removed or healed:";"0"
"Spyware found:";"0"
"Spyware removed:";"0"
"Not removed:";"0"
"Warnings count:";"0"
"Information count:";"0"
"Scan started:";"20 October 2008, 09:00:00"
"Scan finished:";"20 October 2008, 10:11:27 (1 hour(s) 11 minute(s) 27 second(s))"
"Total object scanned:";"639122"
"User who launched the scan:";"SYSTEM"
"Infections"
"File";"Infection";"Result"
"C:\System Volume Information\_restore{FB5FA32D-5C3A-4BE6-8D4F-AD3604E18D96}\RP409\A0027525.exe";"Trojan horse Downloader.Zlob.AFBM";"Moved to Virus Vault"
"C:\System Volume Information\_restore{FB5FA32D-5C3A-4BE6-8D4F-AD3604E18D96}\RP409\A0027530.exe";"Trojan horse Downloader.Zlob.AFBM";"Moved to Virus Vault"
"C:\System Volume Information\_restore{FB5FA32D-5C3A-4BE6-8D4F-AD3604E18D96}\RP409\A0027531.dll";"Trojan horse Downloader.Zlob_r.CW";"Moved to Virus Vault"
"C:\System Volume Information\_restore{FB5FA32D-5C3A-4BE6-8D4F-AD3604E18D96}\RP410\A0027534.exe";"Trojan horse Adload_r.CZ";"Moved to Virus Vault"
"C:\System Volume Information\_restore{FB5FA32D-5C3A-4BE6-8D4F-AD3604E18D96}\RP410\A0027535.exe";"Trojan horse Downloader.Zlob.AFBM";"Moved to Virus Vault"
"C:\System Volume Information\_restore{FB5FA32D-5C3A-4BE6-8D4F-AD3604E18D96}\RP411\A0027633.exe";"Trojan horse Downloader.Zlob.AFBM";"Moved to Virus Vault"
"C:\System Volume Information\_restore{FB5FA32D-5C3A-4BE6-8D4F-AD3604E18D96}\RP411\A0027638.exe";"Trojan horse Downloader.Zlob.AFBM";"Moved to Virus Vault"
"C:\System Volume Information\_restore{FB5FA32D-5C3A-4BE6-8D4F-AD3604E18D96}\RP411\A0027639.dll";"Trojan horse Downloader.Zlob_r.CW";"Moved to Virus Vault"
"C:\System Volume Information\_restore{FB5FA32D-5C3A-4BE6-8D4F-AD3604E18D96}\RP411\A0027640.exe";"Trojan horse Adload_r.CZ";"Moved to Virus Vault"
"C:\System Volume Information\_restore{FB5FA32D-5C3A-4BE6-8D4F-AD3604E18D96}\RP412\A0027644.exe";"Trojan horse Adload_r.CZ";"Moved to Virus Vault"
"C:\System Volume Information\_restore{FB5FA32D-5C3A-4BE6-8D4F-AD3604E18D96}\RP412\A0027645.exe";"Trojan horse Downloader.Zlob.AFBM";"Moved to Virus Vault"
"C:\System Volume Information\_restore{FB5FA32D-5C3A-4BE6-8D4F-AD3604E18D96}\RP412\A0027649.dll";"Virus found Downloader.Zlob";"Moved to Virus Vault"
"C:\System Volume Information\_restore{FB5FA32D-5C3A-4BE6-8D4F-AD3604E18D96}\RP412\A0027651.exe";"Trojan horse Downloader.Zlob_r.CX";"Moved to Virus Vault"
"C:\System Volume Information\_restore{FB5FA32D-5C3A-4BE6-8D4F-AD3604E18D96}\RP412\A0027652.dll";"Trojan horse Downloader.Zlob_r.CW";"Moved to Virus Vault"
"C:\System Volume Information\_restore{FB5FA32D-5C3A-4BE6-8D4F-AD3604E18D96}\RP413\A0031278.dll";"Trojan horse Downloader.Zlob_r.CW";"Moved to Virus Vault"
"C:\System Volume Information\_restore{FB5FA32D-5C3A-4BE6-8D4F-AD3604E18D96}\RP413\A0031281.exe";"Trojan horse Downloader.Zlob.AFBM";"Moved to Virus Vault"
"C:\System Volume Information\_restore{FB5FA32D-5C3A-4BE6-8D4F-AD3604E18D96}\RP413\A0031295.exe";"Trojan horse Downloader.Zlob.AFBM";"Moved to Virus Vault"
"C:\System Volume Information\_restore{FB5FA32D-5C3A-4BE6-8D4F-AD3604E18D96}\RP413\A0031302.dll";"Trojan horse Downloader.Zlob_r.CW";"Moved to Virus Vault"
Help would be most appreciated.
cheers
John
What problems, if any, are you still noticing?Hi evilfantasy
Thanks for response, appreciated.
PC is fine today, was there anything in the 3 logs I posted origionally or in yesterdays that are a concern? My last post was because the scheduled AVG scan found lots more after the full procedure was done hence the concern.
Think I will do another full scan now.
cheers
John
HI again,
Just CHECKED my virus scan log, it scanned whilst I was out of the office this morning, and its completely clear.
Fingers crossed all is OK Sounds good to me.
Set a New Restore Point to prevent possible reinfection from an old one
Setting a new restore point AFTER cleaning your system will enable your computer to roll-back to a clean working state if needed.
- Go to Start > Programs > Accessories > System Tools and click System Restore
- Choose the radio button marked Create a Restore Point on the first screen then click Next Give the Restore Point a name then click Create.
- The new restore point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
- Next go to Start > Run and type Cleanmgr
- Click OK
- Click the More Options Tab.
- Click Clean Up in the System Restore section to remove all previous restore points except the newly created clean one.
You can find instructions on how to enable and re-enable system restore here:
Windows XP System Restore Guide or Windows Vista System Restore Guide
.
----------
Use the Secunia Software Inspector to check for out of date software.
- Click Start Now
- Check the box next to Enable thorough system inspection.
- Click Start
- Allow the scan to finish and scroll down to see if any updates are needed.
- Update anything listed.
.
----------
Go to Microsoft Windows Update and get all critical updates.
----------
Here are some great FREE tools to help you keep from getting infected again. These tools use little or no resources so won't slow down your PC.
Concerned about Browser Security? Consider using Mozilla Firefox 3.0 with Adblock Plus and NoScript
To prevent unknown applications from being installed on your computer install WinPatrol 2008
* Using Winpatrol to protect your computer from malicious software
I suggest using SiteAdvisor. SiteAdvisor rates sites on business PRACTICES and spam. Safety ratings from McAfee SiteAdvisor are based on automated safety tests of Web sites.
SpywareBlaster - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here
Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.
Also see Slow Computer? It May Not Be Malware for free cleaning/maintenance tools to help keep your computer running smooth.
|
