Jump to content

jeffce

Malware Removal Team
  • Content Count

    179
  • Joined

  • Last visited

Everything posted by jeffce

  1. I agree with Siketa. Having more than one antivirus program running at the same time can seriously degrade the performance of your system. As a rule of thumb, one should run one firewall, one antivirus program in memory, and one antispyware utility in memory. It's fine to have other security tools available on an as-needed or on-demand basis, but when multiple tools simultaneously perform the same function, you're asking for trouble.
  2. Due to lack of feedback, this topic will now be closed. If you are the original poster and you still require help, please start a new thread. -------------------
  3. Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance. If you are the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
  4. Hi and welcome! My name is Jeff. Please download DDS from either of these links LINK 1 LINK 2 and save it to your desktop. Disable any script blocking protection Right-click and Run as Administrator dds to run the tool. When done, two DDS.txt's will open. Save both reports to your desktop. --------------------------------------------------- Please include the contents of the following in your next reply: DDS.txt Attach.txt ---------- AdwCleaner Close all open programs and internet browsers. Double click on adwcleaner.exe to run the tool. Click on Delete. Confirm each time
  5. Providing there are no other malware related problems... IT APPEARS THAT YOUR LOGS ARE NOW CLEAN SO LET'S DO SOME CLEANUP. This infection appears to have been cleaned, but I can not give you any absolute guarantees. As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection. ------------ The following will implement some cleanup procedures as well as reset System Restore points: Press the Windows key + R and this will open the Run box. Copy/paste the following text into the Run box as shown and click OK. Combofix /Uninstall
  6. Sorry for any delay.... ComboFix Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the box below: ClearJavaCache:: File:: C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric1.zip Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop. Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before foll
  7. Hi, Good job! I see that your Java software is out of date. Please go to Start >> Control Panel >> Programs and Features >> uninstall all versions of Java. Now download and install the newest version from here >> http://java.com/en/download/index.jsp ------------- Clear Java Cache See this page for instructions on how to clear java's cache. Go into the Control Panel and double-click the Java Icon. (looks like a coffee cup) Under Temporary Internet Files, click the Delete Files button. There are three options in the window to clear the cache - Leave A
  8. Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance. If you still require assistance, please start here and one of our experts will be happy to assist you with analyzing your malware logs.
  9. ComboFix Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the box below: Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop. Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Referring to the screenshot above, drag CFScript.txt into ComboFix.exe. ComboFix may
  10. Great!! Good to hear that WE got it. You are more than welcome and glad that I could help.
  11. Hi, Yes you still have some malware on your system that needs to be removed.... Please download DDS from either of these links LINK 1 LINK 2 and save it to your desktop. Disable any script blocking protection Right-click and Run as Administrator dds to run the tool. When done, two DDS.txt's will open. Save both reports to your desktop. --------------------------------------------------- Please include the contents of the following in your next reply: DDS.txt Attach.txt ----------
  12. Providing there are no other malware related problems... IT APPEARS THAT YOUR LOGS ARE NOW CLEAN SO LET'S DO SOME CLEANUP. This infection appears to have been cleaned, but I can not give you any absolute guarantees. As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection. ---------- The following will implement some cleanup procedures as well as reset System Restore points: Press the Windows key + R and this will open the Run box. Copy/paste the following text into the Run box as shown and click OK. Combofix /Uninstall
  13. Open notepad and copy/paste the text in the quotebox below into it: Save this as "CFScript.txt", and as Type: All Files (*.*) in the same location as ComboFix.exe Refering to the picture above, drag CFScript.txt into ComboFix.exe When finished, it shall produce a log for you. Post that log in your next reply. **Note** When ComboFix finishes running, the ComboFix log will open along with a message box--do not be alarmed. With the above script, ComboFix will capture files to submit for analysis. Ensure you are connected to the internet and click OK on the message box. Please let
  14. You did? Ok. So just to clarify...you don't need our help any longer?
  15. Hi, I need to check on something but will return as soon as I can.
  16. Hi, Very interesting... Please download SystemLook from one of the links below and save it to your Desktop. Download Mirror #1 Download Mirror #2 Right-click and Run as Administrator SystemLook.exe to run it. Copy the content within the following codebox into the main textfield: :filefind csc.sys Click the Look button to start the scan. When finished, a notepad window will open with the results of the scan. Please post this log in your next reply. Note: The log can also be found on your Desktop entitled SystemLook.txt
  17. Thanks....there is one of those that is already quarantined so it is not a problem. Please do the following... Please go to: VirusTotal On the page you'll find a "Choose File" button. Click on the Choose File button. In the Choose File to Upload window which opens, copy and paste this into the File Name box. C:\Windows\winsxs\x86_microsoft-windows-offlinefiles-core_31bf3856ad364e35_6.1.7601.17514_none_a04fb2d2ba296321\csc.sys Next, click the Open button. Then click the "Scan It!" button just below. This will scan the file. Please be patient. If you get a message saying File has al
  18. Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below: Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop. Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Referring to the screenshot above, drag CFScript.txt into ComboFix.exe. ComboFix may requ
  19. Hi there, It will only effect this one and has been cleaned....at least the major infection has been. Java Please go to Start > Control Panel > Programs and Features > uninstall all the Java Programs you see, now download the latest Java from the following link and install it: http://java.com/en/download/index.jsp ---------- See this page for instructions on how to clear java's cache. Go into the Control Panel and double-click the Java Icon. (looks like a coffee cup) Under Temporary Internet Files, click the Delete Files button. There are three options in the windo
  20. Please go to: VirusTotal On the page you'll find a "Choose File" button. Click on the Choose File button. In the Choose File to Upload window which opens, copy and paste this into the File Name box. c:\windows\system32\drivers\csc.sys Next, click the Open button. Then click the "Scan It!" button just below. This will scan the file. Please be patient. If you get a message saying File has already been analyzed: click Reanalyze file now Once scanned, copy and paste the link to the results page in your next reply. ----------
×
×
  • Create New...