TechSpot

8 steps done, submit logs

By Britou
Apr 7, 2009
  1. Hi have a windows home edition version 2002 service pk 3, pentium 4 , dell demsion 3000.originally started this because of explorer pop ups while using firefox, have done the 8 steps installed comodo antivirus and firewall discovered windows fiirewall wasnt off yet. have turned off now ready to submit info after 8 steps. here it is - Then what?-
     

    Attached Files:

  2. touch

    touch TS Rookie Posts: 978

    Please download Combofix:
    http://subs.geekstogo.com/ComboFix.exe

    And save to the desktop.


    Open notepad and copy/paste the text in the quotebox below into it:
    Name the file as CFScript
    and Save it on the desktop

    http://img.photobucket.com/albums/v6...FScriptB-4.gif

    Once saved, refering to the picture above, drag CFScript.txt into ComboFix.exe, and post/attach back the resulting report.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall
     
  3. Britou

    Britou TS Rookie Topic Starter

    Combo fix results

    I am very thank full for your help, the results are attached-
     
  4. touch

    touch TS Rookie Posts: 978

    It looks clean :)

    Update malwarebyte, run a complete scan. Have it to fix what it find.

    Then please attach malwarebyte log, along with new hijackthis log, and tell how things are running ?
     
  5. Britou

    Britou TS Rookie Topic Starter

    Comodo Anti Virus did a scan last nite after I did the combo fix results this is what it came up with- see Attachment I quarentined all of it. Thanks Britou

    Here is the malware and the hijack this logs you asked for, thank you so much for the help -Brian
     

    Attached Files:

  6. touch

    touch TS Rookie Posts: 978

    Good job - Clean log files :)

    We will empty SystemVolume Information_restore now, and C:WINDOWS\NIRCMD.exe is a combofix file which will also be removed ->

    Go to Start > All Programs > Accessories > System Tools > System Restore
    Select Create a restore point, and Ok it.
    Next, go to Start > Run and type in cleanmgr
    Select the More options tab
    Choose the option to clean up system restore and OK it.

    This will remove all restore points except the new one you just created.




    Please download OTCleanIt
    Save it to desktop.
    This will remove all the tools we used to clean your computer.
    Double-click OTCleanIt.exe. Click CleanUp. Say Yes to the "Begin cleanup Process?"
    When asked if you want to proceed with the cleanup process, click Yes. Restart your computer when prompted.
    Please note. It will NOT remove Mbam, Ccleaner and SuperAntispyware.

    To learn more about how to protect yourself while on the internet, please read Tony Klein´s guide:
    How did I get infected in the first place

    If you have any comments or questions, feel free to post back.

    Otherwise - Keep Safe :wave:
     
  7. Britou

    Britou TS Rookie Topic Starter

    Before clean restore files

    Hey touch does it matter if when my comodo antivirus ran and picked up those files that I Quarentined them? will Otcleanup still find and remove them? or do they need to be removed from quarintine?Here is something from my research I hope you enjoy Study it, It can bring you better life- A note pad .txt atatchment. Thanks- Brian
     
  8. touch

    touch TS Rookie Posts: 978

    There can be other infected files hiding in SystemVolume Information_restore, that´s why I suggest you should clean up system restore
     
  9. Britou

    Britou TS Rookie Topic Starter

    quarentined files?

    So Otcleanit.exe will find and clean the files even though they are in comodo's quarentine?
     
  10. touch

    touch TS Rookie Posts: 978

    No, If you want to empty comodo's quarentine, you´ll have to do it manually
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.