TechSpot

HELP, the doginhispen and in my computer!

By Brewhaha
Nov 10, 2007
  1. I have followed your directives on pre sub, so attached are the following logs:
    HJT, AVG, Combofix, Smitfraudfix, SDfix, and Vundofix

    I ran Panda and was clear, so there is not a report.

    The problems started with sluggish browser, then a three click redirect (you would get redirected three times before you got to your page, and then the pop ups started.

    I ran all the scans as suggested in you post and that is where I am now. At some point in safe mode one the scans removed a file from Outlook and now Outlook doesn't connect to the internet? I guess back up, uninstall and reinstall?

    Thanks,

    Bruce
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Your system is infected with a trojan called Downloader.Agent.awf. It replaces legitimate files that are common on most computers with an infected file. Then, it moves the legitimate files to a bak or backup folder.

    Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

    If after reading the above, you wish to clean your system, do the following.

    Go and read this thread HERE and follow all the instructions exactly.

    Post the requested log files once done.

    Regards Howard :wave: :wave:

    This thread is for the use of Brewhaha only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  3. Brewhaha

    Brewhaha TS Rookie Topic Starter

    Help, doginhispen and in my computer round 1

    TS Special Forces,

    thanks for your service to the unwilling and unknowing!

    I think I followed your directions correctly with findawf program and am attaching the requested logs.

    Thanks again for your help!

    Bruce
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    I don`t know why you found it necessary to open a new thread for this, but I have merged it into this one.

    Your awf.txt and HJT log are both clean.

    Please post a fresh Combofix log.

    Regards Howard :)

    This thread is for the use of Brewhaha only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  5. Brewhaha

    Brewhaha TS Rookie Topic Starter

    My bad

    I thought I read on a post to start a new thread with results, sorry
     
  6. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    No problem mate.

    Just post the fresh Combofix log, just so I can make sure your system is clean.

    Regards Howard :)

    This thread is for the use of Brewhaha only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  7. Brewhaha

    Brewhaha TS Rookie Topic Starter

    Combofix results

    here is the results of that run
     
  8. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    That looks good to me.

    Turn off system restore.(XP/ME only) See how HERE.

    Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.


    If you have any further virus/spyware problems, please post in this thread.

    Regards Howard :)

    This thread is for the use of Brewhaha only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  9. Brewhaha

    Brewhaha TS Rookie Topic Starter

    Thanks for your help

    if you are ever in Annapolis, MD email me, crabs and beer are on me!

    This thread is now closed: If you need this thread unlocking, please pm a moderator with a link to the thread.

    Only the original thread starter can do this. Anyone else, will be ignored.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...