Jump to content

Malwarebytes

I followed the instructions, here are my .txt files

- - - - -
Started by Barbp, Dec 17 2011 01:16 AM


3 replies to this topic

#1
Barbp
Posted 17 December 2011 - 01:16 AM

    New Member

  • Members
  • Pip
  • 2 posts
My swell old IBM T42 (XP Pro) got infected with XP Security 2012 on Tuesday Dec 13 in the evening. It just about immediately hijacked my browser. (IE7) Here are the steps I took.

Booted into safe mode and picked a restore point of that morning. No change. Tried a restore of the previous Thursday, prior to a software update and defrag (Fridays). No change.

I established a second identity and was able to get online from there. Downloaded Malwarebytes right away. Ran a full scan from the new identity. I have that log, if needed. Removed many items. Checked the old identity. Could get online, but my task manager showed only 6 processes! Ran the full scan from that identity. Also have that log. Found nine items. Removed them and my task manager appeared closer to normal. Saw a bunch of Ping, tho.

Still don't really trust the machine. I keep getting the pop-up box "Successfully blocked access to a potentially malicious website". I have copied down numerous IPs from that message. Don't know if that info matters.

Today, I updated the Malwarebytes and ran it again from the new identity. Found one object. Then I found the instructions for what to do to post here. Did all the dds stuff per instructions. Decided to run Malwarebytes from safe mode with networking as Admin, just to cover all my bases. Found nothing. Still getting the pop-ups, so here I am.

Any help is GREATLY appreciated!

Thanks in advance!
Barbp

Attached Files


#2
screen317
Posted 18 January 2012 - 09:35 PM

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,465 posts
  • Gender:Male
  • Location:New Haven, CT
Hi and welcome to Malwarebytes.


In the future, please post all logs directly into your reply instead of attaching them unless otherwise indicated. With that said, please update MBAM, run a Quick Scan, and post its log.

Next, run DDS again and post DDS.txt directly in your reply.
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook

#3
screen317
Posted 23 February 2012 - 04:00 PM

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,465 posts
  • Gender:Male
  • Location:New Haven, CT
Are you still with us? This topic will be closed in a few days if we do not hear back from you.
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook

#4
screen317
Posted 20 April 2012 - 11:48 PM

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,465 posts
  • Gender:Male
  • Location:New Haven, CT
Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook
Back to Resolved HijackThis Logs · Next Unread Topic →


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Malwarebytes Forum
  2. Computer Help
  3. Malware Removal - HijackThis Logs
  4. Resolved HijackThis Logs

Products

About

Partners

Follow Us