Sign In »
Register Now!
Help
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4667
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13
9/21/2010 8:25:14 PM
mbam-log-2010-09-21 (20-25-14).txt
Scan type: Quick scan
Objects scanned: 147872
Time elapsed: 7 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
KASPERSKY ONLINE SCANNER 7.0: scan report
Wednesday, September 22, 2010
Operating system: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Tuesday, September 21, 2010 23:07:59
Records in database: 4235977
--------------------------------------------------------------------------------
Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes
Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
Scan statistics:
Objects scanned: 175985
Threats found: 2
Infected objects found: 4
Suspicious objects found: 0
Scan duration: 04:23:21
File name / Threat / Threats count
C:\hp\bin\wbug\HPPavillion_Spring06.exe Infected: not-a-virus:AdWare.Win32.WeatherBug.a 1
C:\Qoobox\Quarantine\C\Documents and Settings\HP_Administrator\Local Settings\Application Data\qjpnylpyx\paglegeuqiw.exe.vir Infected: Trojan.Win32.FraudPack.bjxo 1
D:\I386\APPS\APP14197\src\CompaqPresario_Spring06.exe Infected: not-a-virus:AdWare.Win32.WeatherBug.a 1
D:\I386\APPS\APP14197\src\HPPavillion_Spring06.exe Infected: not-a-virus:AdWare.Win32.WeatherBug.a 1
Selected area has been scanned.
Recommended Software
Security Suite
OTL Logs
Back to top
MultiQuote
#17
Rorschach112 
- HJT Team
-
- Group: Managers
- Posts: 425
- Joined: 18-February 08
Posted 23 September 2010 - 05:06 AM
Your logs are clean
Follow these steps to uninstall Combofix and tools used in the removal of malware
Uninstall ComboFix
Remove Combofix now that we're done with it.
Thank you for your patience, and performing all of the procedures requested.
Follow these steps to uninstall Combofix and tools used in the removal of malware
Uninstall ComboFix
Remove Combofix now that we're done with it.
- Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
- Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the "x" and "/")
- Please follow the prompts to uninstall Combofix.
- You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself.
- Open OTL
- Under the Custom Scans/Fixes box at the bottom, paste the following:
:Commands [clearallrestorepoints]
- Click the Run Fix button at the top
- It might ask you to reboot, if so click YES
- Open OTL to run it. (Vista users, right click on OTL and "Run as administrator")
- Click on the CleanUp button.
- Click Yes to begin the cleanup process and remove tools, including this application
- You may be asked to reboot the machine to finish the cleanup process - if so, choose Yes
- Please read my guide on how to prevent malware and about safe computing here
Thank you for your patience, and performing all of the procedures requested.
#18
Albert
- Full Member
-
- Group: Members
- Posts: 38
- Joined: 17-March 08
Posted 24 September 2010 - 09:11 PM
Albert, on 22 September 2010 - 04:39 PM, said:
Rorschach112, on 20 September 2010 - 05:54 PM, said:
Download TFC to your desktop
Please download Malwarebytes' Anti-Malware from Here
Double Click mbam-setup.exe to install the application.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.
Go to Kaspersky website and perform an online antivirus scan.
Click on My Computer under Scan.
Once the scan is complete, it will display the results. Click on View Scan Report.
You will see a list of infected items there. Click on Save Report As....
Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.
- Open the file and close any other windows.
- It will close all programs itself when run, make sure to let it run uninterrupted.
- Click the Start button to begin the process. The program should not take long to finish its job
- Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean
Please download Malwarebytes' Anti-Malware from Here
Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.
Go to Kaspersky website and perform an online antivirus scan.
- Read through the requirements and privacy statement and click on Accept button.
- It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
- When the downloads have finished, click on Settings.
- Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
- Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Mail databases
Seems strange I thought I already posted but here goes again.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4667
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13
9/21/2010 8:25:14 PM
mbam-log-2010-09-21 (20-25-14).txt
Scan type: Quick scan
Objects scanned: 147872
Time elapsed: 7 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
KASPERSKY ONLINE SCANNER 7.0: scan report
Wednesday, September 22, 2010
Operating system: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Tuesday, September 21, 2010 23:07:59
Records in database: 4235977
--------------------------------------------------------------------------------
Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes
Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
Scan statistics:
Objects scanned: 175985
Threats found: 2
Infected objects found: 4
Suspicious objects found: 0
Scan duration: 04:23:21
File name / Threat / Threats count
C:\hp\bin\wbug\HPPavillion_Spring06.exe Infected: not-a-virus:AdWare.Win32.WeatherBug.a 1
C:\Qoobox\Quarantine\C\Documents and Settings\HP_Administrator\Local Settings\Application Data\qjpnylpyx\paglegeuqiw.exe.vir Infected: Trojan.Win32.FraudPack.bjxo 1
D:\I386\APPS\APP14197\src\CompaqPresario_Spring06.exe Infected: not-a-virus:AdWare.Win32.WeatherBug.a 1
D:\I386\APPS\APP14197\src\HPPavillion_Spring06.exe Infected: not-a-virus:AdWare.Win32.WeatherBug.a 1
Selected area has been scanned.
#19
Albert
- Full Member
-
- Group: Members
- Posts: 38
- Joined: 17-March 08
Posted 24 September 2010 - 09:13 PM
KASPERSKY ONLINE SCANNER 7.0: scan report
Wednesday, September 22, 2010
Operating system: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Tuesday, September 21, 2010 23:07:59
Records in database: 4235977
--------------------------------------------------------------------------------
Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes
Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
Scan statistics:
Objects scanned: 175985
Threats found: 2
Infected objects found: 4
Suspicious objects found: 0
Scan duration: 04:23:21
File name / Threat / Threats count
C:\hp\bin\wbug\HPPavillion_Spring06.exe Infected: not-a-virus:AdWare.Win32.WeatherBug.a 1
C:\Qoobox\Quarantine\C\Documents and Settings\HP_Administrator\Local Settings\Application Data\qjpnylpyx\paglegeuqiw.exe.vir Infected: Trojan.Win32.FraudPack.bjxo 1
D:\I386\APPS\APP14197\src\CompaqPresario_Spring06.exe Infected: not-a-virus:AdWare.Win32.WeatherBug.a 1
D:\I386\APPS\APP14197\src\HPPavillion_Spring06.exe Infected: not-a-virus:AdWare.Win32.WeatherBug.a 1
Selected area has been scanned.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4667
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13
9/21/2010 8:25:14 PM
mbam-log-2010-09-21 (20-25-14).txt
Scan type: Quick scan
Objects scanned: 147872
Time elapsed: 7 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Wednesday, September 22, 2010
Operating system: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Tuesday, September 21, 2010 23:07:59
Records in database: 4235977
--------------------------------------------------------------------------------
Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes
Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
Scan statistics:
Objects scanned: 175985
Threats found: 2
Infected objects found: 4
Suspicious objects found: 0
Scan duration: 04:23:21
File name / Threat / Threats count
C:\hp\bin\wbug\HPPavillion_Spring06.exe Infected: not-a-virus:AdWare.Win32.WeatherBug.a 1
C:\Qoobox\Quarantine\C\Documents and Settings\HP_Administrator\Local Settings\Application Data\qjpnylpyx\paglegeuqiw.exe.vir Infected: Trojan.Win32.FraudPack.bjxo 1
D:\I386\APPS\APP14197\src\CompaqPresario_Spring06.exe Infected: not-a-virus:AdWare.Win32.WeatherBug.a 1
D:\I386\APPS\APP14197\src\HPPavillion_Spring06.exe Infected: not-a-virus:AdWare.Win32.WeatherBug.a 1
Selected area has been scanned.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4667
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13
9/21/2010 8:25:14 PM
mbam-log-2010-09-21 (20-25-14).txt
Scan type: Quick scan
Objects scanned: 147872
Time elapsed: 7 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
#20
Albert
- Full Member
-
- Group: Members
- Posts: 38
- Joined: 17-March 08
Posted 24 September 2010 - 09:15 PM
Albert, on 22 September 2010 - 04:39 PM, said:
Rorschach112, on 20 September 2010 - 05:54 PM, said:
Download TFC to your desktop
Please download Malwarebytes' Anti-Malware from Here
Double Click mbam-setup.exe to install the application.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.
Go to Kaspersky website and perform an online antivirus scan.
Click on My Computer under Scan.
Once the scan is complete, it will display the results. Click on View Scan Report.
You will see a list of infected items there. Click on Save Report As....
Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.
- Open the file and close any other windows.
- It will close all programs itself when run, make sure to let it run uninterrupted.
- Click the Start button to begin the process. The program should not take long to finish its job
- Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean
Please download Malwarebytes' Anti-Malware from Here
Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.
Go to Kaspersky website and perform an online antivirus scan.
- Read through the requirements and privacy statement and click on Accept button.
- It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
- When the downloads have finished, click on Settings.
- Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
- Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Mail databases
#21
Albert
- Full Member
-
- Group: Members
- Posts: 38
- Joined: 17-March 08
Posted 24 September 2010 - 09:16 PM
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4667
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13
9/21/2010 8:25:14 PM
mbam-log-2010-09-21 (20-25-14).txt
Scan type: Quick scan
Objects scanned: 147872
Time elapsed: 7 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
KASPERSKY ONLINE SCANNER 7.0: scan report
Wednesday, September 22, 2010
Operating system: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Tuesday, September 21, 2010 23:07:59
Records in database: 4235977
--------------------------------------------------------------------------------
Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes
Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
Scan statistics:
Objects scanned: 175985
Threats found: 2
Infected objects found: 4
Suspicious objects found: 0
Scan duration: 04:23:21
File name / Threat / Threats count
C:\hp\bin\wbug\HPPavillion_Spring06.exe Infected: not-a-virus:AdWare.Win32.WeatherBug.a 1
C:\Qoobox\Quarantine\C\Documents and Settings\HP_Administrator\Local Settings\Application Data\qjpnylpyx\paglegeuqiw.exe.vir Infected: Trojan.Win32.FraudPack.bjxo 1
D:\I386\APPS\APP14197\src\CompaqPresario_Spring06.exe Infected: not-a-virus:AdWare.Win32.WeatherBug.a 1
D:\I386\APPS\APP14197\src\HPPavillion_Spring06.exe Infected: not-a-virus:AdWare.Win32.WeatherBug.a 1
Selected area has been scanned.
www.malwarebytes.org
Database version: 4667
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13
9/21/2010 8:25:14 PM
mbam-log-2010-09-21 (20-25-14).txt
Scan type: Quick scan
Objects scanned: 147872
Time elapsed: 7 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
KASPERSKY ONLINE SCANNER 7.0: scan report
Wednesday, September 22, 2010
Operating system: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Tuesday, September 21, 2010 23:07:59
Records in database: 4235977
--------------------------------------------------------------------------------
Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes
Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
Scan statistics:
Objects scanned: 175985
Threats found: 2
Infected objects found: 4
Suspicious objects found: 0
Scan duration: 04:23:21
File name / Threat / Threats count
C:\hp\bin\wbug\HPPavillion_Spring06.exe Infected: not-a-virus:AdWare.Win32.WeatherBug.a 1
C:\Qoobox\Quarantine\C\Documents and Settings\HP_Administrator\Local Settings\Application Data\qjpnylpyx\paglegeuqiw.exe.vir Infected: Trojan.Win32.FraudPack.bjxo 1
D:\I386\APPS\APP14197\src\CompaqPresario_Spring06.exe Infected: not-a-virus:AdWare.Win32.WeatherBug.a 1
D:\I386\APPS\APP14197\src\HPPavillion_Spring06.exe Infected: not-a-virus:AdWare.Win32.WeatherBug.a 1
Selected area has been scanned.