Multiple Issues

By Taters123ICE · 10 replies
Jun 7, 2009
  1. First I need to thank this forum for helping me out so far. It started with the WinPC Antivirus that was locking down my Pastor's home computer. I made multiple attempts to download "Free" fixes and being ignorant, I downloaded a few rogue programs and made the problem worse.
    At last, with reading up and the issues here, I was able to remove the WinPc Antivirus along with the rogue programs. Where I am now is that I have completed the 8 steps and am posting the logs for your review. My last issue was that SuperAnitSpyware would beep several times at start up proclaiming trojans at work. I "deny access" and got the scan, removal, and log. The other issue is when using Internet Explorer I was being directed to the wrong site if I clicked a link within Google, or any other web site.
    Please take a look at these logs and let me know how I should proceed.
    I have 2 SuperAntiSpyware logs as the first run was huge and the second was significantly smaller.
    View attachment 49190

    View attachment 49191

    View attachment 49192

    View attachment hijackthis.log
  2. touch

    touch TS Rookie Posts: 978

    Hello Taters123ICE

    Please download combofix here ->

    Before Saving it to Desktop, please rename it to to stop malware from disabling it.

    Now, please make sure no other programs are running, close all other windows.

    Please double click on the file you downloaded. Follow the onscreen prompts to start the scan.
    Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall.
    It may take a while to complete scanning and this is normal.

    You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after
    scanning has completed.

    Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post
  3. Taters123ICE

    Taters123ICE TS Rookie Topic Starter

    Touch, First let me thank you for your help!

    I ran the Combo fix and at the reboot my Avira and spybot S&D started up, not sure if that affects this or not, but please see the attached log from combo fix...
  4. touch

    touch TS Rookie Posts: 978

    it looks clean. Please attach new hijackthis log, and tell how things are running ?
  5. Taters123ICE

    Taters123ICE TS Rookie Topic Starter

    New HJT log

    Here is the new log. I am currently running another Avira scan as that was the last place that gave me an "infection" notice. If that and the HJT logs are clean then are we good to go?
    I had someone else test the problem I was experiencing with the redirecting of the internet links and it appears to be ok.
  6. touch

    touch TS Rookie Posts: 978

    Seems to me, you are good to go :)

    You should Create a New Restore Point to prevent possible reinfection from an old one.
    The easiest and safest way to do this is:
    Go to Start > All Programs > Accessories > System Tools > System Restore
    Select Create a restore point, and Ok it.
    Next, go to Start > Run and type in cleanmgr
    Select the More options tab
    Choose the option to clean up system restore and OK it.

    This will remove all restore points except the new one you just created.

    Click START then RUN
    Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    The above procedure will:
    Delete the following:
    ComboFix and its associated files and folders.
    Reset the clock settings.
    Hide file extensions, if required.
    Hide System/Hidden files, if required

    To learn more about how to protect yourself while on the internet, please read Tony Klein´s guide:
    How did I get infected in the first place?
  7. Taters123ICE

    Taters123ICE TS Rookie Topic Starter

    Avira found this...

    Thanks Touch. I'll make sure my Pastor knows the How did I get infected... link that you provided.

    I just ran an Avira scan and came up with 5 "viruses or unwanted programs. 4 are TR/TRASH.GEN and 1 is TR/rootkit.GEN. Should I worry about that? It has come up with all the scans from Avira.
  8. touch

    touch TS Rookie Posts: 978

    Where are - TR/TRASH.GEN and 1 is TR/rootkit.GEN - located, filename and path ?
  9. Taters123ICE

    Taters123ICE TS Rookie Topic Starter

    Here is my Avira log. I quarantined and ran 2 more scans and no infections were found after this log. I am assuming it is clean then?
  10. touch

    touch TS Rookie Posts: 978

    It is clean, and the infections were found in combofix, deleted infections, folder.

    Delete - C:\Qoobox - folder
  11. Taters123ICE

    Taters123ICE TS Rookie Topic Starter

    My last post.

    Many thanks for your assistance! What a blessing you have been.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...