8 steps completed - logs attached

By Phocks
Dec 28, 2008
Topic Status:
Not open for further replies.
  1. I am getting constant pop ups from Avira Guard.

    Pop Ups attached.

    I have run the 8 steps however the propblem still persists. (Logs attached)

    Since following the 8 steps it has only been the first on the pop up list that continues to pop up.

    Would someone please help me and let me know what I need to do from here.

    Thanks in advance for your time and help.

    Brad (Phocks)
  2. rf6647

    rf6647 TechSpot Maniac Posts: 931

    The first listed "popup" in the file refers to a System Restore folder. All appearances are that the infection was handled.

    • Update MBAM & SAS.
    • Rescan with MBAM & SAS until they report clean or something that cannot be cleared. Post logs showing infections.

    • Next, obtain ComboFix & scan. Diagnostic info will add more understanding to the 'desktop' aspects from this infection.

    • Restart the computer & scan with HJT.
    • Post logs & describe findings & how things appear to be running.


    Additional Information
  3. Phocks

    Phocks Newcomer, in training Topic Starter Posts: 26

    Combofix Log and update Hijack This Log

    Hey,

    Thanks for your help.

    I have run the scans as per your advice.

    MBAM found no infections on the first scan.

    SAS I had to run 3 times with the third scan being clean (2 infected logs attached)

    ComboFix and Hijack This log also attached.

    One thing, while running Combofix a pop up box come saying I did not have 'windows recovery cosole' and I should install one....is this something I need to look into??

    Thanks again for your help.

    Please let me know if I am clean or there is anything else I should do.

    Thanks

    Brad (Phocks)
  4. BlkHeartWolf

    BlkHeartWolf Newcomer, in training Posts: 160

    CLEAN
    only 2 dead keys in your registery and if you run Hijack this it should remove them also just check them


    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
  5. Phocks

    Phocks Newcomer, in training Topic Starter Posts: 26

    Thanks heaps.

    Should I keep all the programs that I downloaded through this poccess???

    Are there any recommended methods to reduce the risk of any further virus???

    Thanks again for your help.

    Cheers

    Brad (Phocks)
  6. rev_olie

    rev_olie TechSpot Maniac Posts: 598

    I would now:


    • Uninstall Malwarebytes through Add/remove programs


    • Keep SuperantiSpyware but disable it on start up
      Go Start>Run an type "MSCONFIG".Then go to he start up tab and uncheck Superantispyware.

    • Also you can remove Hijackthis now as probably next time you come to use it it will be out of date

    Finally keep scanning with superantispyware and Avira and you should stay clean.

    Create a new thread if you need more help in the future.
  7. rf6647

    rf6647 TechSpot Maniac Posts: 931

    Thanks for providing the ComboFix log. This gives me a perspective on the capability of the standard tools. The major finding was ‘work space’ used by one of the trojans, and was no longer an active part of any infection.

    Recovery Console
    I recommend installing it. It is ‘cheap’ insurance against disaster. The mere cost is a startup boot screen with every restart. This cost can be kept to a minimum by setting display timeout to between 2-6 seconds. And if you should ever need ‘safe mode’, this avoids the need to tap F8 at precisely the correct moment.

    Setting the timeout -
    Start > run > control sysdm.cpl,,3 > Startup and Recovery settings

    Internet Security
    I would add a firewall. ‘8-steps’ recommends two choices. For more reading see the link referenced in the following quote.

    Cleanup
    Uninstall ComboFix
    Establish clean System Restore point
    Use the [​IMG] inside the quote box for entire 'sticky' note.

    Periodic Maintenance
    Once or twice a month, I scan with MBAM & SAS to confrim my security applications are being effective. No single application is 100% effective.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.