Possible Virus/Malware Ect

[Burgh24]

Hello,

I recently was infected with the SMGR.exe virus. I thought I had removed the virus, however I am still noticing my computer is running slow. I also still recieve many pop ups. I have attached my log file. Please let me know if you notice anything suspicous.

Thank you very much for the help!!

 

[howard_hopkinso]

Hello and welcome to Techspot.

Your system has a nasty vundo infection.

Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

Also, let me know the results of the AVG Antirootkit scan.

Regards Howard :wave: :wave:

This thread is for the use of Burgh24 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Burgh24]

Thank You Howard. I am almost done with the instructions I hope to finish tonight after work and give you an updated HJT log. Thanks again for your help!

 

[howard_hopkinso]

No problem mate, we`ll see if we can get you sorted out.

Just remember to post all the requested log files.

Regards Howard

This thread is for the use of Burgh24 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Burgh24]

Hi Howard,

I have finished all of the steps. here are my logs.

HJT:


AntiRootKit found nothing.

Let me know what you think.

Thanks,

Brian

 

[howard_hopkinso]

All items in your AVG Antispyware log say "No Action Taken". That`s because you haven`t told AVG Antispyware to quarantine it`s results as per the instructions. See this pictorial guide.

I requested you post a Combofix log, please do so in your next reply.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O20 - Winlogon Notify: gebca - C:\WINDOWS\system32\gebca.dll (file missing)

O20 - Winlogon Notify: qomjkii - qomjkii.dll (file missing)

Click on the fix checked button.

Close HJT and reboot your system.

Post fresh HJT, Combofix and AVG Antispyware logs as attachments

Regards Howard

This thread is for the use of Burgh24 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Burgh24]

I have attached the updated logs.

Thanks again for your help.

 

[howard_hopkinso]

Everything looks fine there.

Unless you`re still having problems, you should be good to go.

If your problems are solved, do the following.

Turn off system restore.(XP/ME only) See how HERE.

Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard

This thread is for the use of Burgh24 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Burgh24]

Thank you for all of your help!

Do you have a suggestion as far as anitvirus/spyware program that I should use?

I would like to consilidate and only use one program if possible

 

[howard_hopkinso]

Please find a list of recommended software below.

AVG free or Avast antivirus programmes.

Zonealarm Kerio or Comodo free firewall programmes.

Spybot Search & Destroy.

Ad-Aware se personal.

Spyware Blaster.

AVG Antispyware.

Ccleaner.

Regards Howard

This thread is for the use of Burgh24 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.