I got an infection of some kind

Status
Not open for further replies.
W

wallabing

Posts: 69   +0
So, I went to Fark.com and clicked on a link on news, then AVG antivirus free edition pops up saying a trojan. I scanned with it and It dealt with it, but it gets worse.

I ran Spybot and I got these entry's:

Nat

and the other one that says Win32

http://img378.imageshack.us/my.php?image=cleanhw5.png

No matter how many times I run Spybot, it keeps re-appearing from restart or when I boot up agian. Ad-aware se does not pick it up. AVG antispyware does not pick it up.

I did the cleaning instructions

Any help is really appreciated now!, I'm desperate.
 

Attachments

  • hijackthis.log
    5.2 KB · Views: 5
Actually, the HJT log is clean, except you need to take the HijackThis file and move it to its own directory, i.e. C:\Program Files\HJT. That way when you do a fix, a backup will be saved in its own directory, instead of on the desktop.

The AVG Antispyware log has a few tracking cookies in it. It looks as if AVG Antispyware is set to ignore tracking cookies. It shouldn't be like that, nothing should be on the ignore list. Go start-run, type in "cookies." Delete anthing there relating to 2o7 or tribalfusion.

Now go into C:\Documents and Settings\Blue Power\Application Data\Mozilla\Firefox\Profiles\4b6yihf0.default and delete "cookies.txt".

Did you do that HJT scan in safe mode? If so, I need to see a log from normal mode.

You could have a rootkit there, though, that hides files. Download the AVG Antirootkit programme. Disconnect from the net and install the programme, then restart your computer.
Run the programme and click the "Perform in-depth search." Allow AVG to complete the scan. The AVG scanner will give the "Rootkit path"
* Select the Rootkit Driver by placing a checkmark against it and click "Remove selected items." Next, agree for the terms and conditions that is displayed by AVG and click "OK" to reboot the PC. Reconnect to the net.

Please post here the results of the AVG Antirootkit scan, along with fresh HJT, AVG Antispyware, and ComboFix logs, the latter three posted as attachments.

Regards :)
 
Thanks for all your help. I got the new logs. It still wont go away after all the cleaning in the instructions.

AVG rootkit found nothing
 
Your HJT log is clean.

However, all the results in your AVG Antispyware log say no action taken. This is because you have not followed the instructions correctly for AVG Antispyware.

Run a fresh AVG Antispyware scan and tell it to quarantine the results. See HERE for details.

Post a fresh AVG Antispyware log.

Regards Howard :)

This thread is for the use of wallabing only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
That`s all ok mate.

Turn off system restore.(XP/ME only) See how HERE.

Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard :)

This thread is for the use of wallabing only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
howard_hopkinso said:
That`s all ok mate.

Turn off system restore.(XP/ME only) See how HERE.

Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard :)

This thread is for the use of wallabing only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Click to expand...
Shouldn't there be a re-boot(re-start) listed in there between disabling(turning off) system restore and re-enabling(turning on) system restore, as already stated/suggested here ?
 
Nope, no reboot required. Try it yourself if you need proof. ;)

Regards Howard :)

This thread is for the use of wallabing only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Ok. Will do.

Edited by Moderator: Removed quote. There`s no need to quote the post directly above your own, unless you`re only replying to a specific section, in which case you would only quote that section. ;)
 
Your HJT log is clean.

However, it appears you`re running two antivirus programmes, AVG free and Avast. This is not recommended, will slow your system down and can cause serious conflicts.
Uninstall one of them immediately.

It also appears you`re not running any firewall software. If that`s the case, then you should consider installing some firewall software. These two firewall programmes are both free.

Zonealarm or Kerio.

Regards Howard :)

This thread is for the use of wallabing only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Your HJT log is clean as a whistle mate. However, you haven`t renamed HijackThis_v2.exe to Analyze.exe. Unless you do so, I can`t guarantee your system is clean. See HERE for instructions, then post a fresh HJT log.

Regards Howard :)

This thread is for the use of wallabing only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
I`m pleased to say your HJT log is still clean.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard :)

This thread is for the use of wallabing only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Status
Not open for further replies.

Similar threads

S
Solved I got a lot of viruses, will this solution work?
Replies
11
Views
2K
Broni
Broni
Cal Jeffrey
Steam game Abstractism accused of cryptojacking players' PCs
Replies
2
Views
907
erickmendes
erickmendes
Shawn Knight
iPhone X review round-up: early opinions on Apple's vision of the future
Replies
1
Views
1K
Skidmarksdeluxe
Skidmarksdeluxe

Latest posts

Back