Infection reappears after Trend Micro scan; weird firewall problems

Status
Not open for further replies.
How long has it been since you've visited the windows update website ?

From the links you included...I think the 3rd problem is due to not having one of the .NET framework updates from Microsoft

I believe the second problem is due to your internet explorer settings being below recommended levels, go into the IE properties and reset the security settings to default level

and as to the first problem, I honestly have no idea
 
Hi,

Often times a simple scan will not do the trick. In fact you'll find a simple scan from perhaps two or more different sources will still not do it. I strongly suggest you follow our Viruses/Spyware/Malware, preliminary removal instructions and follow the steps given.

Thereafter, please post fresh HijackThis, AVG Antispyware and Combofix logs as attachments into this thread. Do not copy and paste your logs if not it will be ignored and/or removed.

Also, please let me know the results of the AVG Antirootkit scan


Regards,
Your friendly momok =)

This thread is for the use of maniac_lonstar only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
I already did HiJack this, no signs of problems. But can I use the free version of AVG and Combofix?

Edited by Moderator: Removed quote. There's no need to quote the post directly above your own, unless you're only replying to a specific section, in which case you would only quote that particular section.
 
Hi,

Please post the requested logs, including HijackThis, for me to check thoroughly. AVG Antispyware and ComboFix are both free, so yes, you may use it. In fact I would recommend it. Do go through the steps required.


Regards,
Your friendly momok =)

This thread is for the use of maniac_lonestar only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Hi,

Take your time with the scans to do them properly. When the scans are all done, post all remaining required logs as attachments and I'll provide you instructions on how to proceed from then.

Regards,
Your friendly momok =)

This thread is for the use of maniac_lonestar only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Hi,

I noticed that your AVG log displays 'Ignored' for all the files detected.
I suggest you run AVG again and quarantine the files. Pictorial instructions HERE.

Please post your HijackThis log too in your next reply.


Regards,
Your friendly momok =)

This thread is for the use of maniac_lonestar only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Hi,

The recommended action is to quarantine. This would create a backup in the AVG AS quarantine folder, in the case (very very rarely) there is a false positive.

Please post a fresh log with the above actions done, and also a HijackThis log. Also post a fresh ComboFix log. This may sound paranoid, but I have no idea if the infection has gotten worse or installed new files on your system or how many times you have rebooted your system in the time since your first few posts. Do not stagger your log posts. Post them all at one go please.


Regards,
Your friendly momok =)

This thread is for the use of maniac_lonestar only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Hi,

Have HijackThis fix the following entries:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} - (no file)

Navigate to the following file and delete it.
C:\WINDOWS\iun6002.exe

Thereafter, please post fresh HJT, ComboFix and AVG Antispyware logs from normal mode as attachments into this thread. Do not stagger your log post replies.


Regards,
Your friendly momok =)

This thread is for the use of maniac_lonestar only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Hi,

I had requested for HijackThis, ComboFix and AVG Antispyware logs. By do not stagger, I meant do not post each log in its own post, rather, post all of them at one go in a single post.

Please post all requested logs in your next reply.


Regards,
Your friendly momok =)

This thread is for the use of maniac_lonestar only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Hi,

Your HijackThis log is now clean. With regards to the other two however,

As from my instructions, I mentioned that I required to see fresh logs. The ComboFix and AVG Antispyware logs were from the previous posts.

By fresh logs, I mean you need to do like what you did with HijackThis, run a new scan, and perform the required actions, then save the log. That would be a fresh log.

For AVG, pictorial instructions for the steps to quarantining and saving the log can be found HERE.

Thus, in your next reply, I would expect to see 2 more logs: AVG Antispyware and ComboFix, both from a new scan.


Regards,
Your friendly momok =)

This thread is for the use of maniac_lonestar only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
I'm scanning right now. I still get these cookies. I thought I installed Net Framkework 2.0, but I guess I didn't shall I proceed before or after this virus/ware operation?
 
I also got "ComboFix-quarantined-files" but it's the same one, regenerated. I can't upload it.

Ok um, Sorry dude but the scans keep getting me these cookies, but I am surfing Datpiff.com and techspot.

I'm installing .NET Framework 2.0 Right Now.

Ok I installed .NET Framework...Big mistake:
http://img356.imageshack.us/img356/6461/afterinstallingnetframemj6.jpg
http://img237.imageshack.us/img237/2449/afterinstallingnetframelg2.jpg
http://img180.imageshack.us/img180/7098/afterinstallingnetframefb3.jpg
 
Hi,

Please download and run CCleaner via step 9 of the instructions HERE. That will fix those cookies.

However, there are two entries I see in that AVG log that are not cookies and shows 'no action taken'. Have you actually quarantined those? If not, please run a rescan and quarantine everything found. Also attach the log (after you have performed the quarantine) in your next reply.
Pictorial instructions HERE.

Your Combofix log is also clean now.

Delete all files in AVG Antispyware Quarantine folder. (located in C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Quarantine)

Turn off system restore (XP/ME only). Learn how to do that HERE.
This will remove all the remaining nasties from your old restore points.

After that turn system restore back on.
This would have created a new safe and clean restore point for your system.

Often times, an infection can occur again not due to the incompetence of programs, but because of user habits.
May I recommend you to read this article.
This can help to prevent future infections.

With regards to the trend micro scan, please see HERE for some insight on the issue. I'm not sure if they have fixed those issues already.
If you follow the advice in the article recommended, you shouldn't face much problems in the future anyway.

Should you have any further problems, please post in this thread.


Regards,
Your friendly momok =)

This thread is for the use of maniac_lonestar only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Hi,

With regards to the trend micro scan, please see HERE for some insight on the issue. I'm not sure if they have fixed those issues already.
If you follow the advice in the article recommended, you shouldn't face much problems in the future anyway.
Click to expand...
Have you read this in my post? As I mentioned earlier, your logs are all clean.


Regards,
Your friendly momok =)

This thread is for the use of maniac_lonestar only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Status
Not open for further replies.

Latest posts

Back