TechSpot

Whataboutadog.com infection

By chiman
Nov 5, 2007
  1. Hello guys,

    I was infected by b.whataboutadog.com for a few days and finally found this site for help. I followed the instructions on the sticky and got a clean log after option 3. Can you please look at my lastest AWF log and HJT log to see if I have any more malwares?

    Thanks!

    Chi-Hang
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Both log files are clean.

    Have HJT fix this unnecessary entry.

    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

    I`d like to have a quick check for any other malware.

    Download combofix.exe. Double click combofix.exe & follow the prompts. A window will open with a warning. Type "Y" (and Enter) to start the fix. When the scan completes it will open a text window. Please attach that log back here together with a fresh HJT log. Caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop.

    Combofix will automatically save the log file to C:\combofix.txt. Please attach that log file back here.

    Regards Howard :wave: :wave:

    This thread is for the use of chiman only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  3. chiman

    chiman TS Rookie Topic Starter

    Hello Howard and thanks for you prompt reply. Here are my new HJT log and the combofix log.
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Your HJT log is clean.

    Open notepad and copy/paste the text in the code box below into it:
    NOTE* make sure to only highlight and copy what is inside the quote box nothing out side of it.
    Also ..

    Pay particular attention to this :-

    Make sure the word File:: is on the first line of the text file you save (no blank line above it, & no space in front of it)
    Code:



    Save this as CFScript.txt

    Then drag the CFScript.txt into ComboFix.exe as you see in the screenshot below.

    [​IMG]

    This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply.

    Regards Howard :)

    This thread is for the use of chiman only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  5. chiman

    chiman TS Rookie Topic Starter

    Hello Howard,

    Here's my new Combofix log. The first time I followed your instructions, combofix rebooted the computer but Norton Antivirus interfered after the restart. So I had to manually restart the computer, turn off Norton and follow your instructions again. The second time Combofix didn't reboot my computer, I hope that's okay.

    Chiman
     
  6. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    That`s now clean.

    Delete the following folder.

    C:\qoobox.

    Turn off system restore.(XP/ME only) See how HERE.

    Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.

    Go HERE, download and install the latest version of Java.

    Once it`s installed, go to add remove programmes in your control panel and uninstall all previous versions of Java, except version 6 update 3. Close Control panel.

    If you have any further virus/spyware problems, please post in this thread.

    Regards Howard :)

    This thread is for the use of chiman only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  7. chiman

    chiman TS Rookie Topic Starter

    Thank you for your help! Your support is simply exceptional! :cool: I'll monitor my computer for a few days and if nothing strange comes up, I'll mark this thread as solved.

    Edit: The computer has been fine these two days, you can mark this thread as solved now.:grinthumb
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...