Infected with "System Check"

By TessaB
Mar 1, 2012
  1. I have been infected with the "System Check" malware. The infection is actually on a user login that is my child's and is limited. I have been using my husband's login to download the programs and do the scans. This shouldn't matter right? Or do I have to use the login that is infected? I have followed the preliminary 5-step process. Thank you in advance for any help!

    Here are the logs:

    I can't seem to get a log from Malwarebytes Anti-Malware actually because the process freezes up when "deleting" or quarantining the threats so I end up having to shut the program down before it can create a log. However, when I view the quarantine, the threats have been removed.

    From GMER:

    GMER -
    Rootkit quick scan 2012-02-29 22:02:20
    Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2 WDC_WD1600BEVS-22UST0 rev.01.01A01
    Running: kshg0s61.exe; Driver: C:\Users\Tessa\AppData\Local\Temp\uwtyrpod.sys

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \Driver\tdx \Device\Ip cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
    AttachedDevice \Driver\tdx \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
    AttachedDevice \Driver\tdx \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
    AttachedDevice \Driver\tdx \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
    AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)

    ---- EOF - GMER 1.0.15 ----
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    I'll help with the malware. But please follow these steps to run the additional scans: Preliminary Virus and Malware Removal.

    How are you viewing the quarantined files in Mbam if there is no log?

    NOTE: If you already have any of the scanning programs on the computer, please remove them and download the versions in these links.

    When you have finished, leave the logs for review in your next reply .
    NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.
    My Guidelines: please read and follow:
    • Be patient. Malware cleaning takes time. I am also working with other members while I am helping you.
    • Read my instructions carefully. If you don't understand or have a problem, ask me. Follow the order of the tasks I give you. Order is crucial in cleaning process.
    • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
    • File sharing programs should be uninstalled or disabled during the cleaning process..
    • Observe these:
      [o] Don't follow directions given to someone else
      [o] Don't use any other cleaning programs or scans while I'm helping you.
      [o] Don't use a Registry cleaner or make any changes in the Registry.
      [o] Don't download and install new programs- except those I give you.

    If I haven't replied back to you within 48 hours, you can send a PM with your thread link in it as a reminder. Do not include technical problems from your thread. Support is given only in the forum.
    Threads are closed after 5 days if there is no reply.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...