moderate infection

  1. Pancake

    Pancake Well-Known Member

    Joined:
    Jun 1, 2006
    Posts:
    3,921
    Likes Received:
    5
    Location:
    Victoria, Australia
    Local time:
    05:14
    My System
    Loading...

    I assume you did fix what MBAM found ?


    ========================================

    WARNING these fixes are designed for this user only and may cause damage if run on any other machine.


    Please copy this page to *Notepad* and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.
    It's IMPORTANT to carry out the instructions in the sequence listed below.
    1. Close any open browsers.
    2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    Open *notepad* and copy/paste the the text in the quotebox below into it:
    Save this as CFScript.txt, in the same location as ComboFix.exe which is on the Desktop.

    [​IMG]
    Refering to the picture above, drag CFScript.txt into ComboFix.exe

    When finished, it shall produce a log for you at C:\ComboFix.txt
    Please copy and paste the ComboFix.txt in your next reply please.

    *Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.Altering this script in any way could damage your computer*
  2. meemoe_uk

    meemoe_uk Member Bronze Member

    Joined:
    Jul 25, 2011
    Posts:
    52
    Likes Received:
    1
    Local time:
    20:14
    My System
    Loading...

    Ok, done. Here's the combofix report. And yes, I got MBAM to clean the infections it detected.
  3. Pancake

    Pancake Well-Known Member

    Joined:
    Jun 1, 2006
    Posts:
    3,921
    Likes Received:
    5
    Location:
    Victoria, Australia
    Local time:
    05:14
    My System
    Loading...

    Ok.All done.I see no more malware.Log looks good! All those detections are either in quarantine or system restore, both of which we'll be cleaning out in just a minute. Congratulations, well done.

    Go to :
    Start > Run then copy and paste the following highlighted (blue) text below into the box and click OK.

    ComboFix /uninstall



    Over the course of the fix you've used a variety of special tools to help with the cleaning process - none of these are of any use to you now that you're clean, and it's best not to have them hanging around on your computer. OTC is a small program that removes all the leftover tools and logs from cleanup of malware.

    Please download OTC to your desktop.

    Double-click OTC to run it. (Vista users, please right click on OTC and select "Run as an Administrator")
    Click on the CleanUp! button and follow the prompts.
    You will be asked to reboot the machine to finish the Cleanup process, choose Yes.
    After the reboot all the tools we used should be gone.
    Note: Some more recently created tools may not yet be removed by OTC. Feel free to manually delete any tools it leaves behind.

    Here are some tips to reduce the potential for malware infection in the future; I strongly suggest that you read them and take them to heart so that you don't have to endure the process of cleaning your computer again.
    Afterwork
    Malware Prevention
    How Did I Get Infected
    More Tips on Prevention

    =============================
  4. meemoe_uk

    meemoe_uk Member Bronze Member

    Joined:
    Jul 25, 2011
    Posts:
    52
    Likes Received:
    1
    Local time:
    20:14
    My System
    Loading...

    OK, I've completed the above instructions.
    When I was going thru the afterwork I found to my dismay my firewall was switched off, probably for months, this might be why I was so prone to infection - I've had 2 infestations in 2 months.

    I'm pretty sure another thing that got me in a mess was a 'fake update', a little yellow shield in the bottom right. It's still there, asking to be installed. How do I tell if it's safe?

    3rd, the problem I had with Adobe Reader has ceased, so good.
  5. Pancake

    Pancake Well-Known Member

    Joined:
    Jun 1, 2006
    Posts:
    3,921
    Likes Received:
    5
    Location:
    Victoria, Australia
    Local time:
    05:14
    My System
    Loading...

    The yellow shield is ok.Let it update and also do the same with Adobe if needed.
  6. meemoe_uk

    meemoe_uk Member Bronze Member

    Joined:
    Jul 25, 2011
    Posts:
    52
    Likes Received:
    1
    Local time:
    20:14
    My System
    Loading...

    I upgraded to adobe reader 10. When I used the reader a message saying something like " trusted identities associated with adobe reader want to make changes to your computer, will you allow this ? " , and I flippantly clicked ok. In retrospect, it felt like an odd message. Now adobe is acting up again. When I tried to upgrade my adobe flash player it said it couldn't because adobe flash was in use. But it wasn't! This is what it was doing before while infected.

    Don't know if you deal with minor niggles like this. I will look to see if adobe address this problem on their website.
  7. Crush

    Crush Active Member

    Joined:
    Sep 28, 2008
    Posts:
    4,634
    Likes Received:
    1
    Location:
    New Jersey
    Local time:
    15:14
    My System
    Loading...

    I don't think the two messages are related.

    Did you perhaps have another tab open when updating? Do you continually get the in use error?
  8. JMH

    JMH Guest

    Joined:
    Aug 29, 2010
    Posts:
    88
    Likes Received:
    0
    Local time:
    08:14
    My System
    Loading...

    Re Adobe Reader & Flash Player...
    Suggest you uninstall both.
    Reboot.
    Install them both again.

    FYI re Flash...
    ******
    Make sure you have no windows open as you uninstall the old version of Flash.
    Exit all applications:
    Check the task bar and the system tray to make sure no user applications are running.
    For example, if you see icons for browsers or instant messaging (IM) clients such as AOL Instant Messenger or Yahoo! Messenger, right-click the icon and select either Close or Exit.
    ******
  9. DCiAdmin

    DCiAdmin Well-Known Member

    Joined:
    Sep 30, 2008
    Posts:
    1,907
    Likes Received:
    274
    Local time:
    14:14
    My System
    Loading...

    Hello Meemoo :)

    Do you still desire/require assistance with your Adobe issue? An update would be appreciated!

    Marked as PENDING until you return
Similar Threads
Forum Title Date
System Security Moderate Periodic Computer Hijack Feb 29, 2012
System Security Can't Run Anything Else - Infection Suspects Jun 18, 2014
System Security Suspected Infection Jun 17, 2014
System Security Browser-based infection? Mar 14, 2014