Tech Stocking Stuffers: 18 awesome gifts under $50

Computer Infected - Help needed, logs attached

By willydawg · 9 replies
Apr 26, 2009
  1. Hi,
    Looks like this computer is infected again. I did the 8 steps from this forum and here are the logs. Any help would be much appreciated....

    Thanks in advance!
  2. B00kWyrm

    B00kWyrm TechSpot Paladin Posts: 1,436   +37

  3. willydawg

    willydawg TS Rookie Topic Starter Posts: 26

    I'll repost new logs when it gets done scanning everything tonight...Thanks!

    I redid the 8 steps after removing AVG and installing Avira. Attached are the logs requested.
    Thanks again!

  4. touch

    touch TS Rookie Posts: 978

    You have some remnants from Symantec, which I´ll suggest we remove -

    Download the Norton Removal Tool (SymNRT) to your Desktop.
    Once downloaded please close ALL open browsers, also save any work because this may require a restart.

    Go to your desktop and double click on the removal tool and then click Setup.
    Once open Click Next
    Accept the license agreement and click Next
    Type in the letters/numbers that you see into the text box then click Next.
    Then click Next and the tool will start running.
    Once finished restart the PC and run the tool again to ensure everything has been removed.
    Delete Nortonremoval tool from your Desktop.


    You also have viewpoint on your computer ->

    Viewpoint is considered foistware and is not needed on your computer.

    Download and unzip to own folder on Desktop -

    Run ViewpointKiller.exe


    Please download Combofix:

    And save to the desktop.

    Open notepad and copy/paste the text in the quotebox below into it:
    Name the file as CFScript
    and Save it on the desktop

    Once saved, refering to the picture above, drag CFScript.txt into ComboFix.exe.

    Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post

    Do not mouseclick combofix's window whilst it's running. That may cause it to stall
  5. willydawg

    willydawg TS Rookie Topic Starter Posts: 26

    Just finished...

    Thank you Touch!

    I removed Norton & Viewpoint and ran Combofix. Here's the CF log as well as an updated hjt log.

  6. touch

    touch TS Rookie Posts: 978

    Great :)

    The log files looks clean. How are things running now ?
  7. willydawg

    willydawg TS Rookie Topic Starter Posts: 26

    Everything is working smooth. I really appreciate it!
    Quick question: What firewall do you prefer? I'm running Kerio right now.

    Thanks again!
  8. touch

    touch TS Rookie Posts: 978

    Great :)

    That´s "funny" as I would recommed Kerio Firewall. It is one of the best Free firewall´s.

    You should Create a New Restore Point to prevent possible reinfection from an old one.
    The easiest and safest way to do this is:
    Go to Start > All Programs > Accessories > System Tools > System Restore
    Select Create a restore point, and Ok it.
    Next, go to Start > Run and type in cleanmgr
    Select the More options tab
    Choose the option to clean up system restore and OK it.

    This will remove all restore points except the new one you just created.

    Please download OTCleanIt
    Save it to desktop.
    This will remove all the tools we used to clean your computer.
    Double-click OTCleanIt.exe. Click CleanUp. Say Yes to the "Begin cleanup Process?"
    When asked if you want to proceed with the cleanup process, click Yes. Restart your computer when prompted.
    Please note. It will NOT remove Mbam, Ccleaner and SuperAntispyware.

    To learn more about how to protect yourself while on the internet, please read Tony Klein´s guide:
    How did I get infected in the first place

    Keep safe :wave:
  9. willydawg

    willydawg TS Rookie Topic Starter Posts: 26

    Great, thanks again for all your help. Working like a charm over here!

  10. touch

    touch TS Rookie Posts: 978

    My pleasure :)
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...