8 Steps completed - Help a chick out yeah?

Status
Not open for further replies.
Hello all~!
Earlier today I ended up getting a nice little present from zee interwebz. I had gotten the Virtumonde Malware/Trojan, I couldn't get to many sites to find fixes but i was able to get to here, I followed the 8 steps and it seems to have fixed it up nicely but I just want to make sure :) Attached are my .logs and .txt's

-Cheers
 
--UPDATE--

I hadn't done a google search yet and when I did (in FireFox ver.3.0.5) it seems to pop up an old browser i never use anymore called Maxthon2. It seems to input the text i was searching for in this website: upliftsearch . com/ or sagipsul . com -->(which brings up a 404 message)

Also another tab comes up as well that usually has a random IP address (mostly in the 70.38.x.x range) plus my search text.
 
It sounds like you still have some "baddies". Try running this and then repost your logs if that problem persists.

(btw, I didn't look at your logs yet, I just recognize the symptoms)

I just took a *really* quick look and you still have malware. Run that program and then report back.
 
ComboFreak-me-out-while-running Done~!

It sounds like you still have some "baddies". Try running this and then repost your logs if that problem persists.

(btw, I didn't look at your logs yet, I just recognize the symptoms)

I just took a *really* quick look and you still have malware. Run that program and then report back.

alrighty~ ComboFix has been run and the log file is attached. It seems to no longer be doing the popups when i search but i'm currently in the process of running other scans just to make sure :D

=====UPDATE======

I finished running MBAB & SAS and they both found nothing~ HUZZA!
I'm attaching my latest HijackThis log :)
 
Delete these files:

2008-12-31 12:48 . 2008-12-31 12:48 82,944 --a------ c:\windows\system32\bgl.exe

Go to a command prompt and type in the following:

sc delete seneka <enter>

In Hijackthis, after you do a scan, place a check beside this entry:

O20 - AppInit_DLLs: bsgffm.dll

Then delete it.
 
Oh.. Crappy. I forgot.. Post an HJT log when you're finished so we can see what we've got left, if anything.
 
Fail

Sorry about the delay i had to go eat dinner. :eek:

I was able to successfully delete c:\windows\system32\bgl.exe but when i went to cmd it gave me the following error:

[SC] OpenService FAILED 1060:

The specified service does not exist as an installed service.

-------------------------

also when i ran HijackThis i went ahead and checked O20 - AppInit_DLLs: bsgffm.dll and attached is the latest log file :)
 
Ok.. For the Seneka service... Maybe I named it wrong.

To fix that, go to Start > Run. Alternatively, hold down the Windows key and press R. Type in Services.msc and click ok.

When the services come up, scroll down to the Seneka service and double click on it. A properties window will pop up. Under the General tab you will see a service name.

In the command prompt, type in sc delete <service name> and then press "Enter".
 
Oh.. wait a second.. The Service doesn't show up in the HJT log.. Maybe it's already gone. Please advise.

Other than that, it lookth thimply fabulouth. :p
 
me thinketh you're the bestest~!

YaY~! xD the service isn't there when i checked services.msc

Thank you soooo much for the help! *huuuuugg* O(≧∇≦)O
 
Status
Not open for further replies.
Back