Using Malawarebytes Software to Remove System Security Virus

View previous topic View next topic Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by Origin on 5th August 2009, 11:14 pm

Run another Malwarebytes scan for me and post the log back here.


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31523
# Likes # Likes : 0

View user profile

Back to top Go down

It says to restart I will do so now! Can I?

Post by kittiexD on 5th August 2009, 11:30 pm

Malwarebytes' Anti-Malware 1.39
Database version: 2524
Windows 6.0.6000

8/5/2009 6:28:00 PM
mbam-log-2009-08-05 (18-28-00).txt

Scan type: Quick Scan
Objects scanned: 106741
Time elapsed: 7 minute(s), 10 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 10
Registry Values Infected: 7
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf98dd74-148c-4a86-a6f3-7571f810d650} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bf98dd74-148c-4a86-a6f3-7571f810d650} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5199201e-60b4-11de-85cf-260556d89593} (Rogue.SecretService) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{5199201e-60b4-11de-85cf-260556d89593} (Rogue.SecretService) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{5199201e-60b4-11de-85cf-260556d89593} (Rogue.SecretService) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{5199201e-60b4-11de-85cf-260556d89593} (Rogue.SecretService) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\NetworkNeighborhood\NameSpace\{5199201e-60b4-11de-85cf-260556d89593} (Rogue.SecretService) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{5199201e-60b4-11de-85cf-260556d89593} (Rogue.SecretService) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91704c3f-a675-4e0e-9fb7-b03e005edda7} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{91704c3f-a675-4e0e-9fb7-b03e005edda7} (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\MSN\D3 (Spyware.Ambler) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MSN\pr (Spyware.Ambler) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MSN\BN (Spyware.Ambler) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MSN\gd (Spyware.Ambler) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MSN\D1 (Spyware.Ambler) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MSN\D2 (Spyware.Ambler) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\privacycenter (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Windows\Temp\~66A7.dll (Trojan.BHO.H) -> Quarantined and deleted successfully.
C:\Program Files\PrivacyCenter\protector.exe (Rogue.PrivacyCenter) -> Quarantined and deleted successfully.

kittiexD
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-07-30
OS OS : Vista
Points Points : 26941
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by Belahzur on 6th August 2009, 3:34 pm

Hello.
One more time, then this should be okay.

  • Please double-click OTM.exe to run it.
  • Copy the bolded text below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose CopyCrying


    :files
    c:\windows\system32\temp.exe
    c:\program files\PrivacyCenter
    C:\!KillBox
    C:\found.***
    c:\users\mary\appdata\roaming\lowsec

    :reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"=-


  • Return to OTMoveIt, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by kittiexD on 6th August 2009, 4:26 pm

========== FILES ==========
c:\windows\system32\temp.exe moved successfully.
c:\program files\PrivacyCenter moved successfully.
C:\!KillBox\Logs moved successfully.
C:\!KillBox moved successfully.
C:\found.000\dir0000.chk moved successfully.
C:\found.000 moved successfully.
C:\found.001 moved successfully.
c:\users\mary\appdata\roaming\lowsec moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ deleted successfully.

OTM by OldTimer - Version 3.0.0.5 log created on 08062009_112520

kittiexD
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-07-30
OS OS : Vista
Points Points : 26941
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by Belahzur on 6th August 2009, 6:25 pm

We can remove OTMoveIt now.

  • Please double-click OTM.exe to run it again.
  • Press the green CleanUp! button.
  • Press Yes cleanup process prompt, do the same for the reboot prompt.
How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by kittiexD on 6th August 2009, 6:41 pm

Ok I did as instructed! xD

How do I make sure everything is finally ok?

kittiexD
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-07-30
OS OS : Vista
Points Points : 26941
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by Belahzur on 6th August 2009, 6:54 pm

Enable Mcafee again, and surf around, see what happens. Just be careful what sites you visit.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by kittiexD on 6th August 2009, 6:56 pm

HAHA um what kind of sites should I stay away from?

kittiexD
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-07-30
OS OS : Vista
Points Points : 26941
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by Belahzur on 6th August 2009, 7:08 pm

Just don't go on anything you don't normally go on.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by kittiexD on 6th August 2009, 7:10 pm

Ok!

I have been web surfing and everything seems good ^^ YAY!

Now I was wondering what do I do with all these programs I had to download?

kittiexD
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-07-30
OS OS : Vista
Points Points : 26941
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by Origin on 6th August 2009, 7:33 pm

You can delete them if you want, I would keep HijackThis and Malwarebytes though ;)


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31523
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by kittiexD on 6th August 2009, 7:35 pm

Okay! Thank you SOOOOOOOOOOOOOOOO much!

I am SOOOOOOOOOOOOOOOOOOOO Happy!

You are SOOOOOOOOOOOOO smart!

^^

kittiexD
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-07-30
OS OS : Vista
Points Points : 26941
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by kittiexD on 6th August 2009, 7:37 pm

Last thing can i delete this software called "Registry Mechanic" or should that be on my computer?

kittiexD
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-07-30
OS OS : Vista
Points Points : 26941
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by Origin on 6th August 2009, 7:47 pm

If you didn't install it then yes delete it.


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31523
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by kittiexD on 6th August 2009, 8:01 pm

Okay done! But since I restarted my computer now it keeps shutting down and a blue screen appears T___T So I have my computer in Safe mode with networking right now. what do I do to fix this?

kittiexD
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-07-30
OS OS : Vista
Points Points : 26941
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by Belahzur on 7th August 2009, 11:17 pm

Does the blue screen give you any info, like a .sys file name perhaps?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by kittiexD on 7th August 2009, 11:33 pm

well I can't really get any info. Its barely there for like one second then restarts the computer.

kittiexD
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-07-30
OS OS : Vista
Points Points : 26941
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by Belahzur on 7th August 2009, 11:47 pm

G to the Start Menu and right click "My Computer" > Properties.

Then go into the Advancted tab. Now under "Startup and recovery", there is a settings button. Open that up and untick "Restart automatically"

Press ok.
Now when it blue screens, it won't reboot. Let me know what happens next time you get the BSOD.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by kittiexD on 7th August 2009, 11:52 pm

should I write all the info i see?

kittiexD
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-07-30
OS OS : Vista
Points Points : 26941
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by Belahzur on 8th August 2009, 12:13 am

Yes, we may need it.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by kittiexD on 8th August 2009, 12:30 am

okay here is what I saw:

A problem has been detected and windows has shut down to prevent damage to your computer.

If this is the first time you've seen this stop error screen, restart your computer. If this appears again, follow these steps:

Check to be sure you have adequate disk space. If a driver is identified in the stop message, disable the driver or check with the manufacturer for driver updates, Try changing video adapters.

Check with your hardware vendor for any BIOS updates. Disable BIOS memory options such as caching or shadowing. If you need to use Safe Mode to remove of disable components, restart your computer, press F8 to select Advanced Startup Options, and then select Safe Mode.

Technical information:
*** STOP: 0x0000008E(0xC0000005,0x8A2CE28F,0x96F3C040,0x00000000)

Collecting data for crash dump...
Initializing disk for crash duump...
Beginning dump of physical memory.
Dumping physical memory to disk: 100
Physical memory dump complete.
contact your system admin or technical support group for further assistance.

kittiexD
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-07-30
OS OS : Vista
Points Points : 26941
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by Origin on 8th August 2009, 12:34 am

This seems like a hardware problem, I am not good with hardware Yikes I would open a topic in the hardware section.


While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Origin
Master
Master

Posts Posts : 2685
Joined Joined : 2009-05-05
Gender Gender : Male
OS OS : Windows Xp Sp3
Points Points : 31523
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Using Malawarebytes Software to Remove System Security Virus

Post by kittiexD on 8th August 2009, 12:40 am

Okay thanks anyways.

kittiexD
Novice
Novice

Posts Posts : 35
Joined Joined : 2009-07-30
OS OS : Vista
Points Points : 26941
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum