8 steps done, submit logs

Status
Not open for further replies.
Hi have a windows home edition version 2002 service pk 3, pentium 4 , dell demsion 3000.originally started this because of explorer pop ups while using firefox, have done the 8 steps installed comodo antivirus and firewall discovered windows fiirewall wasnt off yet. have turned off now ready to submit info after 8 steps. here it is - Then what?-
 

Attachments

  • hijackthis.log
    9 KB · Views: 5
Please download Combofix:
http://subs.geekstogo.com/ComboFix.exe

And save to the desktop.


Open notepad and copy/paste the text in the quotebox below into it:
Name the file as CFScript
and Save it on the desktop

Killall::

Snapshot::

File::
C:\WINDOWS\system32\fijovopo.dll
C:\WINDOWS\system32\kogoyane.dll
c:\windows\system32\sefediga.dll
c:\windows\system32\siteseke.dll
c:\windows\system32\soporobe.dll

http://img.photobucket.com/albums/v6...FScriptB-4.gif

Once saved, refering to the picture above, drag CFScript.txt into ComboFix.exe, and post/attach back the resulting report.

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
 
It looks clean :)

Update malwarebyte, run a complete scan. Have it to fix what it find.

Then please attach malwarebyte log, along with new hijackthis log, and tell how things are running ?
 
Comodo Anti Virus did a scan last nite after I did the combo fix results this is what it came up with- see Attachment I quarentined all of it. Thanks Britou

Here is the malware and the hijack this logs you asked for, thank you so much for the help -Brian
 

Attachments

  • comodo scan virus after combofix results.txt
    616 bytes · Views: 5
Good job - Clean log files :)

We will empty SystemVolume Information_restore now, and C:WINDOWS\NIRCMD.exe is a combofix file which will also be removed ->

Go to Start > All Programs > Accessories > System Tools > System Restore
Select Create a restore point, and Ok it.
Next, go to Start > Run and type in cleanmgr
Select the More options tab
Choose the option to clean up system restore and OK it.

This will remove all restore points except the new one you just created.




Please download OTCleanIt
Save it to desktop.
This will remove all the tools we used to clean your computer.
Double-click OTCleanIt.exe. Click CleanUp. Say Yes to the "Begin cleanup Process?"
When asked if you want to proceed with the cleanup process, click Yes. Restart your computer when prompted.
Please note. It will NOT remove Mbam, Ccleaner and SuperAntispyware.

To learn more about how to protect yourself while on the internet, please read Tony Klein´s guide:
How did I get infected in the first place

If you have any comments or questions, feel free to post back.

Otherwise - Keep Safe :wave:
 
Before clean restore files

Hey touch does it matter if when my comodo antivirus ran and picked up those files that I Quarentined them? will Otcleanup still find and remove them? or do they need to be removed from quarintine?Here is something from my research I hope you enjoy Study it, It can bring you better life- A note pad .txt atatchment. Thanks- Brian
 
There can be other infected files hiding in SystemVolume Information_restore, that´s why I suggest you should clean up system restore
 
quarentined files?

So Otcleanit.exe will find and clean the files even though they are in comodo's quarentine?
 
Status
Not open for further replies.
Back