Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Malware has Destroyed my PC! Please Help!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Malware has Destroyed my PC! Please Help!

Unread postby kiss0fdeath » March 12th, 2008, 1:38 am

I tried again but still cannot get a log to open after the scan. Also, now I have no clock display.
kiss0fdeath
Regular Member
 
Posts: 49
Joined: February 8th, 2008, 11:37 pm
Advertisement
Register to Remove

Re: Malware has Destroyed my PC! Please Help!

Unread postby Katana » March 13th, 2008, 4:13 am

There is something very strange going on here, we need to find out what is happening.

Please do the following.


Reboot the machine for a start.


CCleaner
Please download CCleaner from here to clean temp files from your computer.
  • Double click on the ccsetup.exe file to start the installation of the program.
  • Select your language and click OK, then next.
  • Read the license agreement and click I Agree.
  • Click next to use the default install location.
  • Under Install Options, choose all the default settings
  • Click Install then finish to complete installation.
  • Double click the CCleaner shortcut on the desktop to start the program.
  • On the "Windows" tab, under "Internet Explorer," uncheck "Cookies" if you do not want them deleted. (If deleted, you will likely need to reenter your passwords at all sites where a cookie is used to recognize you when you visit).
  • If you use either the Firefox or Mozilla browsers, the box to uncheck for "Cookies" is on the Applications tab, under Firefox/Mozilla.
  • Click on the "Options" icon at the left side of the window, then click on "Advanced."
    deselect "Only delete files in Windows Temp folders older than 48 hours."
  • Caution: It is not recommended that you use the "Issues" feature unless you are very familiar with the registry as it has been known to find legitimate items. Click on Issues and make sure Registry Integrity is UNchecked!
  • Click on the "Cleaner" icon on the left side of the window, then click Run Cleaner to run the program.
  • After CCleaner has completed its process, click Exit.


Malwarebytes' Anti-Malware

  • Start and update MalwareBytes Antimalware
  • Once the program has loaded, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidently close it, the log file is saved here and will be named like this:
    • C:\\Documents and Settings\\Username\\Application Data\\Malwarebytes\\Malwarebytes' Anti-Malware\\Logs\\mbam-log-date (time).txt


TotalScan
Your Antivirus and/or Antispyware may give a warning during the scan. This is perfectly normal
Please go to this site Link >> TotalScan << LINK
  • Under Scan Now click the Full Scan button
  • Follow the prompts to install the Active X if necessary
  • Go and make a cup of tea/coffee/beverage of your choice and watch some TV :)
  • When the scan is finished, a report will be generated
  • Next to Scan Details click the small Save button and save the report to your desktop.
  • Please post the report in your reply.


Please post both logs in your reply
Last edited by Katana on March 17th, 2008, 6:39 pm, edited 1 time in total.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Malware has Destroyed my PC! Please Help!

Unread postby kiss0fdeath » March 16th, 2008, 9:56 pm

Malwarebytes' Anti-Malware 1.03
Database version: 357

Scan type: Full Scan (A:\|C:\|)
Objects scanned: 88360
Time elapsed: 1 hour(s), 25 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
kiss0fdeath
Regular Member
 
Posts: 49
Joined: February 8th, 2008, 11:37 pm

Re: Malware has Destroyed my PC! Please Help!

Unread postby kiss0fdeath » March 16th, 2008, 10:35 pm

No log was generated by the total scan. Only this screen appeared:

Results
Congratulations!
No viruses, spyware, Trojans, or any other ACTIVE or LATENT threats have been detected on your PC.
We detected that Bitdefender Antivirus is disabled.
We detected that avast! antivirus 4.7.1098 [VPS 080207-0] is out-of-date.
El texto que corresponda en cada momento
After completely scanning your PC, we have not detected any ACTIVE or LATENT malicious software.
Become a TotalScan Pro member
Includes disinfection!

< Back to home


Scan details
High danger level (0)

Medium danger level (3)

Low danger level (1)

<<
1
2
3
4
5
>>

Suspicious files (3)

<<
1
2
3
4
5
>>
kiss0fdeath
Regular Member
 
Posts: 49
Joined: February 8th, 2008, 11:37 pm

Re: Malware has Destroyed my PC! Please Help!

Unread postby Katana » March 20th, 2008, 6:05 am

There is no malware showing, so I can only assume it is your security programs that are causing the problem with ComboFix.
Have you had the popup from Fastclick again ?


Deckard's System Scanner (DSS)


Note: You must be logged onto an account with administrator privileges.
  1. Close all applications and windows.
  2. Double-click on dss.exe to run it, and follow the prompts.
  3. When the scan is complete, a text file will open - main.txt <- this one will be maximized
  4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt to your post. in your reply
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Malware has Destroyed my PC! Please Help!

Unread postby kiss0fdeath » March 20th, 2008, 10:29 am

I haven't had any fastclick popups but my cpu has been running very slowly at times.
kiss0fdeath
Regular Member
 
Posts: 49
Joined: February 8th, 2008, 11:37 pm

Re: Malware has Destroyed my PC! Please Help!

Unread postby kiss0fdeath » March 23rd, 2008, 12:57 pm

I can't click on the DSS scanner in order to open it. Should I download it directly from the website?
kiss0fdeath
Regular Member
 
Posts: 49
Joined: February 8th, 2008, 11:37 pm

Re: Malware has Destroyed my PC! Please Help!

Unread postby Katana » March 24th, 2008, 6:31 pm

Sorry, I thought you already had it.

http://www.techsupportforum.com/sectool ... rd/dss.exe
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Malware has Destroyed my PC! Please Help!

Unread postby kiss0fdeath » March 26th, 2008, 2:35 pm

Deckard's System Scanner v20071014.68
Run by Bill Duke on 2008-03-26 14:32:15
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Bill Duke.exe) -------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:32:55 PM, on 2008-03-26
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\EarthLink TotalAccess\TaskPanl.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\AOL Companion\companion.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\EarthLink TotalAccess\WENGINE\wmonitor.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Seagate\Sync\SeaSyncServices.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\YPCSER~1.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AMERIC~1.0\waol.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\AMERIC~1.0\shellmon.exe
C:\Program Files\Common Files\Aol\aoltpspd.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\Program Files\iTunes\iTunes.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\Documents and Settings\Bill Duke\Local Settings\Temporary Internet Files\Content.IE5\AX2RU5AH\dss[1].exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\BILLDU~1.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/m ... earch.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://start.earthlink.net/AL/Search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.earthlink.net/partner/more/m ... earch.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nytimes.com//?oref=login
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.earthlink.net/AL/Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - 3 - URLSearchHook: (no name) - ~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: EarthLink ScamBlocker V2 - {15F4D456-5BAA-4076-8486-EECB38CD3E57} - C:\Program Files\EarthLink TotalAccess\Toolbar\EScamBlk.dll
O2 - BHO: EarthLink PopUp Blocker V2 - {512ACF1B-64D9-4928-B382-A80556F28DB4} - C:\Program Files\EarthLink TotalAccess\Toolbar\ElnkPuB.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Earthlink Protection BHO - {9579D574-D4D8-4335-9560-FE8641A013BD} - C:\Program Files\EarthLink TotalAccess\Toolbar\ProtctIE.dll
O2 - BHO: Uninstall Legacy Earthlink Toolbar - {E713904C-DF05-4C79-BBAD-02DB923253BE} - C:\Program Files\EarthLink TotalAccess\Toolbar\uninsttb.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: EarthLink Toolbar - {C7768536-96F8-4001-B1A2-90EE21279187} - C:\Program Files\EarthLink TotalAccess\Toolbar\Toolbar.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [combofix] C:\WINDOWS\system32\CF7843.exe /c C:\ComboFix\Combobatch.bat
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [E6TaskPanel] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" -winstart
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: SBC Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O15 - Trusted Zone: http://*.aim.com
O15 - Trusted Zone: http://www.youtube.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partne ... nicode.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{51832915-6E12-4EB8-AE47-05CCDF1DD721}: NameServer = 205.188.146.145
O17 - HKLM\System\CCS\Services\Tcpip\..\{8044A104-E4A8-440A-A9FF-FC4ABD011D74}: NameServer = 68.237.161.12 71.243.0.12
O17 - HKLM\System\CCS\Services\Tcpip\..\{9768ACCE-6912-4E25-A5EA-9B06A348A818}: NameServer = 207.69.188.185,207.69.188.186
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: EarthLink Monitor Service (EarthLinkMonitor) - Boingo Wireless, Inc. - C:\Program Files\EarthLink TotalAccess\WENGINE\wmonitor.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe (file missing)
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Seagate Sync Service - Seagate Technology LLC - C:\Program Files\Seagate\Sync\SeaSyncServices.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

--
End of file - 9349 bytes

-- Files created between 2008-02-26 and 2008-03-26 -----------------------------

2008-03-18 00:28:32 0 d------c- C:\WINDOWS\system32\LogFiles
2008-03-16 20:26:28 0 dr-h---c- C:\Documents and Settings\Bill Duke\Recent
2008-03-10 17:11:19 1584403 --a----c- C:\ComboFix.exe
2008-03-10 09:27:34 0 d------c- C:\ComboFix[1]
2008-03-08 21:33:24 0 d------c- C:\Documents and Settings\Bill Duke\Application Data\BitTorrent
2008-03-08 21:33:11 0 d------c- C:\Program Files\DNA
2008-03-08 21:33:11 0 d------c- C:\Documents and Settings\Bill Duke\Application Data\DNA
2008-03-08 21:33:09 0 d------c- C:\Program Files\BitTorrent
2008-03-01 03:25:13 0 d------c- C:\Combo-Fix[1]


-- Find3M Report ---------------------------------------------------------------

2008-03-19 00:22:42 1744 --a----c- C:\WINDOWS\system32\d3d9caps.dat
2008-03-16 21:53:42 0 d------c- C:\Program Files\Common Files
2008-03-10 19:49:41 0 d------c- C:\Documents and Settings\Bill Duke\Application Data\gtk-2.0
2008-02-28 11:45:08 0 d------c- C:\Documents and Settings\Bill Duke\Application Data\WinPatrol
2008-02-24 23:56:47 0 d------c- C:\Program Files\BillP Studios
2008-02-20 17:44:27 0 d------c- C:\Program Files\Panda Security
2008-02-20 16:34:46 0 d------c- C:\Program Files\Alwil Software
2008-02-14 00:12:30 0 d------c- C:\Documents and Settings\Bill Duke\Application Data\Malwarebytes
2008-02-14 00:11:52 0 d------c- C:\Program Files\Malwarebytes' Anti-Malware
2008-02-13 02:37:50 0 d------c- C:\Program Files\EarthLink TotalAccess
2008-02-11 15:19:59 0 d------c- C:\Program Files\Common Files\BitDefender
2008-02-11 14:27:08 0 d------c- C:\Program Files\Enigma Software Group
2008-02-11 14:10:05 0 d------c- C:\Documents and Settings\Bill Duke\Application Data\Apple Computer
2008-02-11 14:09:38 0 d------c- C:\Program Files\Safari
2008-02-11 14:07:41 0 d------c- C:\Program Files\Apple Software Update
2008-02-10 21:03:13 0 d------c- C:\Program Files\ewido anti-malware
2008-02-09 00:40:42 0 d------c- C:\Documents and Settings\Bill Duke\Application Data\Opera
2008-02-09 00:40:13 0 d------c- C:\Program Files\Opera
2008-02-08 00:20:23 0 d------c- C:\Program Files\Trend Micro
2008-02-07 13:41:12 0 --a----c- C:\WINDOWS\system32\SBRC.dat
2008-02-07 13:41:12 0 --a----c- C:\WINDOWS\system32\SBFC.dat
2008-02-07 10:58:24 0 d------c- C:\Documents and Settings\Bill Duke\Application Data\Sunbelt Software
2008-02-07 09:13:14 0 d------c- C:\Program Files\America Online 9.0
2008-01-12 01:25:36 2560 --a----c- C:\WINDOWS\_MSRSTRT.EXE
2008-01-08 12:39:11 1158 --a----c- C:\WINDOWS\mozver.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-06-28 12:14 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 12:41 PM]
"combofix"="C:\WINDOWS\system32\CF7843.exe" [2004-08-04 03:56 AM]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 09:00 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56 AM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24 PM]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-03-08 09:33 PM]
"E6TaskPanel"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" [2005-09-01 03:24 PM]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{00c27897-3fe5-11dc-a9fd-00038a000015}]
AutoRun\command- F:\Autorun.exe /run
Shell00\Command- F:\Autorun.exe /run
Shell01\Command- F:\Autorun.exe /action
Shell02\Command- F:\Autorun.exe /uninstall




-- End of Deckard's System Scanner: finished at 2008-03-26 14:34:11 ------------
kiss0fdeath
Regular Member
 
Posts: 49
Joined: February 8th, 2008, 11:37 pm

Re: Malware has Destroyed my PC! Please Help!

Unread postby kiss0fdeath » March 26th, 2008, 2:41 pm

I've also been having problems with flash player. Certain sites I've never had trouble accessing before now say I need to download the most recent version of flash yet even after I do download it, I still can't view the page properly.
kiss0fdeath
Regular Member
 
Posts: 49
Joined: February 8th, 2008, 11:37 pm

Re: Malware has Destroyed my PC! Please Help!

Unread postby Katana » April 1st, 2008, 6:14 am

Sorry for the delay, I have been going over the entire thread again.

There is no evidence left of any malware. The problems you had with ComboFix were related to your security programs, so that is nothing to worry about.
The popup has not reoccurred, and there is no sign of any new files having been created.

Please delete the following files/folders

C:\ComboFix.exe
C:\ComboFix[1]
C:\Combo-Fix[1]
C:\Deckards


Is your clock still not correct ?
Have you tried completely uninstalling Flash and then starting from fresh ?
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Malware has Destroyed my PC! Please Help!

Unread postby kiss0fdeath » April 1st, 2008, 8:24 pm

Thanks again for all of your help. The clock is fine but I am still having trouble with flash. I won't complain though. As long as all of the malware is gone I am a happy camper. Thanks again for all of your help.
kiss0fdeath
Regular Member
 
Posts: 49
Joined: February 8th, 2008, 11:37 pm

Re: Malware has Destroyed my PC! Please Help!

Unread postby NonSuch » April 8th, 2008, 12:08 am

Glad we could be of assistance.

This topic is now closed. If you wish it reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.

You can help support this site from this link :
Donations For Malware Removal

Please do not contact us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27300
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 40 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware