Solve : Some virus problems? – InterviewSolution

InterviewSolution

1.	Solve : Some virus problems?
Answer» You need to let MBAM fix those. Open HijackThis and SELECT Do a system scan only Place a check mark next to the following ENTRIES: (if there) - O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm - O9 - Extra \'Tools\' menuitem: Show &AMP;Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm Important: Close all open windows except for HijackThis and then click Fix checked. Once completed, exit HijackThis. ---------- Please run TDSSKiller per the below steps: * Go to TDSSKiller and Download TDSSKiller.zip to your Desktop * Extract its contents to your Desktop so that you have TDSSKiller.exe directly on your Desktop and not in any sub-folder of the Desktop. * Click Start &GT; Run and copy/paste the following Red text into Run box and hit Enter on your keyboard. "%userprofile%\Desktop\TDSSKiller.exe" -v * Follow the instructions to type in "delete" when it asks you what to do when if finds something. * When done, a log file should be created on your C: drive called 'TDSSKiller.txt' please add this log to your next reply.Done, TDSSkiller came up with nothing. and saved no logfile.Update: I am now having trouble clicking things in my browser window, I can't open links or click buttons. I am only able to post this by going through history and finding the history link to me posting from before Okay this is strange. sometimes I can't click links, highlite text, or click buttons like post/modify. but if I minimize then maximize I can then do the previously mentioned, however I can't switch tabs. I minimize and maxmize and its back to the first problemTry this. Download Rooter.exe to your desktop. * Double click Rooter.exe to start the tool. * A DOS window will appear and show the scan progress. * Once complete a notepad file containing the report will open. * Copy & paste the results in your next reply. * Close notepad and Rooter will close. A log will also save at C:\Rooter.txtRooter.exe (v1.0.2) by Eric_71 . SeDebugPrivilege granted successfully ... . Windows XP Home Edition (5.1.2600) Service Pack 1 [32_bits] - x86 Family 6 Model 7 Stepping 6, GenuineIntel . [wscsvc] STOPPED (state:1) : Security Center -> Disabled ! [SharedAccess] RUNNING (state:4) . Internet Explorer 6.0.2800.1106 Mozilla Firefox 3.5.7 (en-US) . A:\ [Removable] C:\ [Fixed-NTFS] .. ( Total:68 Go - Free:32 Go ) D:\ [CD_Rom] E:\ [Fixed-NTFS] .. ( Total:139 Go - Free:114 Go ) F:\ [Fixed-NTFS] .. ( Total:229 Go - Free:222 Go ) . Scan : 18:04.46 Path : C:\Documents and Settings\Mark\Desktop\Rooter.exe User : Mark ( Administrator -> YES ) . ----------------------\\ Processes . Locked [System Process] (0) ______ System (4) ______ \SystemRoot\System32\smss.exe (968) ______ \??\C:\WINDOWS\system32\csrss.exe (1024) ______ \??\C:\WINDOWS\system32\winlogon.exe (1048) ______ C:\WINDOWS\system32\services.exe (1096) ______ C:\WINDOWS\system32\lsass.exe (1108) ______ C:\WINDOWS\system32\svchost.exe (1304) ______ C:\WINDOWS\system32\svchost.exe (1464) ______ C:\WINDOWS\System32\svchost.exe (1608) ______ C:\WINDOWS\System32\svchost.exe (1900) ______ C:\WINDOWS\System32\svchost.exe (1932) ______ C:\WINDOWS\system32\spoolsv.exe (220) ______ C:\Program Files\Avira\AntiVir Desktop\sched.exe (312) ______ C:\WINDOWS\Explorer.EXE (576) ______ C:\WINDOWS\V0410Mon.exe (772) ______ C:\Program Files\Razer\Lachesis\razerhid.exe (784) ______ C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (792) ______ C:\WINDOWS\System32\devldr32.exe (828) ______ C:\WINDOWS\System32\alg.exe (876) ______ C:\Program Files\Java\jre6\bin\jqs.exe (948) ______ C:\WINDOWS\System32\svchost.exe (1112) ______ C:\Program Files\Razer\Lachesis\OSD.exe (1816) ______ C:\Program Files\Razer\Lachesis\razertra.exe (188) ______ C:\Program Files\Razer\Lachesis\razerofa.exe (404) ______ C:\WINDOWS\RTHDCPL.EXE (496) ______ C:\WINDOWS\SOUNDMAN.EXE (2184) ______ C:\Program Files\Avira\AntiVir Desktop\avguard.exe (1908) ______ C:\Program Files\Mozilla Firefox\firefox.exe (3852) ______ C:\Documents and Settings\Mark\Desktop\Rooter.exe (3068) . ----------------------\\ Device\Harddisk0\ . \Device\Harddisk0 [Sectors : 63 x 512 Bytes] . \Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:32256 \| Length:74052163584) \Device\Harddisk0\Partition0 (Start_Offset:74052195840 \| Length:246018124800) \Device\Harddisk0\Partition2 (Start_Offset:74052228096 \| Length:246018092544) . ----------------------\\ Scheduled Tasks . C:\WINDOWS\Tasks\desktop.ini C:\WINDOWS\Tasks\SA.DAT . ----------------------\\ Registry . . ----------------------\\ Files & Folders . ----------------------\\ Scan completed at 18:04.47 . C:\Rooter$\Rooter_2.txt - (07/02/2010 \| 18:04.47) It looks like Malwarebytes got everything. Although you will want to run this next scan. Be sure you have time to let it finish as it can take up to 3 hours or more. Run the F-Secure Online Scanner for Viruses, Spyware and Rootkits. Note: This Scanner is for Internet Explorer Only! * Place a check mark next to I have read and accepted the license terms and then click Install * Accept the warning to install the F-Secure Control in Internet Explorer. * Click Start once the control is installed. * Choose the Full Scan option and then click Start * Once the download completes,the scan will begin automatically. * The scan will take some time to finish so please be patient. * When the scan completes, choose the Automatic cleaning (recommended) button then click Next and let the scanner finish cleaning. * Click the Show Report button. (this will open an Internet Explorer window containing the report) * Copy & Paste the entire report in your next reply. canning Report Sunday, February 7, 2010 20:12:08 - 20:36:25 Computer name: MARK-47805DC06C Scanning type: Scan system for malware, spyware and rootkits Target: C:\ E:\ F:\ 3 malware found TrackingCookie.2o7 (spyware) * System (Disinfected) TrackingCookie.Atdmt (spyware) * System (Disinfected) TrackingCookie.Doubleclick (spyware) * System (Disinfected) Statistics Scanned: * Files: 22294 * System: 2718 * Not scanned: 6 Actions: * Disinfected: 3 * Renamed: 0 * Deleted: 0 * Not cleaned: 0 * Submitted: 0 Files not scanned: * C:\PAGEFILE.SYS * C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT * C:\WINDOWS\SYSTEM32\CONFIG\SAM * C:\WINDOWS\SYSTEM32\CONFIG\SECURITY * C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE * C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM All that found was 3 cookies which are not a threat. Looks like you are clean.... again. How is the computer running now?It seems to be running alright, after the repair install i'm back on SP 1. I have tried to upgrade to SP2 but I get stuck at 'creating cabinets'. been there for about 40 min now.Ignore that last post, problem taken care of. Thank you so much for your help Evil.

Discussion

No Comment Found

Related InterviewSolutions