Attached Files
-
FRST.txt 29.05KB
10 downloads
-
Search.txt 596bytes
4 downloads
-
Capture.JPG 169.79KB
3 downloads
I'm infected! Rootkit.0Access and Trojan.Dropper.BCMiner
Started by tdaniels17, Aug 13 2012 03:01 PM
-
This topic is locked
12 replies to this topic
#1
tdaniels17
-
- Members
-
- 6 posts
New Member
Posted 13 August 2012 - 03:01 PM
Plz Help....
#2
MrCharlie
-
- Experts
-
- 18,270 posts
Forum Deity
- Gender:Male
- Location:So. Plainfield, New Jersey, USA
Posted 13 August 2012 - 03:12 PM
OK, here you go......Please carefully carry out this procedure!!!!!!
Please download the attached fixlist.txt and copy it to your flashdrive.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
On Vista or Windows 7: Now please enter System Recovery Options. (as you did before)
Run FRST64 or FRST (which ever one you're using) and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
MrC
Please download the attached fixlist.txt and copy it to your flashdrive.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
On Vista or Windows 7: Now please enter System Recovery Options. (as you did before)
Run FRST64 or FRST (which ever one you're using) and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
MrC
Malware Removal Expert
I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.
Thanks MrC & crew
#5
MrCharlie
-
- Experts
-
- 18,270 posts
Forum Deity
- Gender:Male
- Location:So. Plainfield, New Jersey, USA
Posted 13 August 2012 - 03:40 PM
Well Done, lets run ComboFix to clear up any leftovers.
Please download and run ComboFix.
The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.
Please visit this webpage for download links, and instructions for running ComboFix
http://www.bleepingc...to-use-combofix
Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Information on disabling your malware programs can be found Here.
Make sure you run ComboFix from your desktop.
Give it at least 30-45 minutes to finish if needed.
Please include the C:\ComboFix.txt in your next reply for further review.
MrC
Please download and run ComboFix.
The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.
Please visit this webpage for download links, and instructions for running ComboFix
http://www.bleepingc...to-use-combofix
Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Information on disabling your malware programs can be found Here.
Make sure you run ComboFix from your desktop.
Give it at least 30-45 minutes to finish if needed.
Please include the C:\ComboFix.txt in your next reply for further review.
---------->NOTE<----------
If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.MrC
Malware Removal Expert
I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.
Thanks MrC & crew
#6
tdaniels17
-
- Members
-
- 6 posts
New Member
Posted 13 August 2012 - 04:23 PM
Here's the combofix log....
Attached Files
-
ComboFix.txt 42.37KB
7 downloads
#7
MrCharlie
-
- Experts
-
- 18,270 posts
Forum Deity
- Gender:Male
- Location:So. Plainfield, New Jersey, USA
Posted 13 August 2012 - 05:58 PM
Looks Good.....
Please Update and run a Quick Scan with MBAM, post the report.
Make sure that everything is checked, and click Remove Selected.
Please let me know how computer is running now, MrC
Please Update and run a Quick Scan with MBAM, post the report.
Make sure that everything is checked, and click Remove Selected.
Please let me know how computer is running now, MrC
Malware Removal Expert
I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.
Thanks MrC & crew
#8
tdaniels17
-
- Members
-
- 6 posts
New Member
Posted 15 August 2012 - 06:40 AM
Here it is!
Attached Files
-
mbam-log-2012-08-13 (23-27-29).txt 1.84KB
7 downloads
#9
MrCharlie
-
- Experts
-
- 18,270 posts
Forum Deity
- Gender:Male
- Location:So. Plainfield, New Jersey, USA
Posted 15 August 2012 - 06:41 AM
How is it??? MrC
Malware Removal Expert
I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.
Thanks MrC & crew
#10
MrCharlie
-
- Experts
-
- 18,270 posts
Forum Deity
- Gender:Male
- Location:So. Plainfield, New Jersey, USA
Posted 18 August 2012 - 04:13 PM
How are we doing??
Do you still need help or can I close this post??
MrC
Do you still need help or can I close this post??
MrC
Malware Removal Expert
I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.
Thanks MrC & crew
#12
MrCharlie
-
- Experts
-
- 18,270 posts
Forum Deity
- Gender:Male
- Location:So. Plainfield, New Jersey, USA
Posted 19 August 2012 - 08:16 PM
Great 
A little clean up to do....
Please Uninstall ComboFix: (if you used it)
Press the Windows logo key + R to bring up the "run box"
Copy and paste next command in the field:
ComboFix /uninstall
Make sure there's a space between Combofix and /
Then hit enter.
This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point
(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall)
---------------------------------
Please download OTL from one of the links below: (you may already have OTL on the system)
http://oldtimer.geekstogo.com/OTL.exe
http://oldtimer.geekstogo.com/OTL.com
http://www.itxassoci...T-Tools/OTL.exe
Save it to your desktop.
Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)
Any other programs or logs you can manually delete.
IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST, etc....
-------------------------------
Any questions...please post back.
If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.
Take a look at My Preventive Maintenance to avoid being infected again.
Good Luck and Thanks for using the forum, MrC
A little clean up to do....
Please Uninstall ComboFix: (if you used it)
Press the Windows logo key + R to bring up the "run box"
Copy and paste next command in the field:
ComboFix /uninstall
Make sure there's a space between Combofix and /
Then hit enter.
This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point
(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall)
---------------------------------
Please download OTL from one of the links below: (you may already have OTL on the system)
http://oldtimer.geekstogo.com/OTL.exe
http://oldtimer.geekstogo.com/OTL.com
http://www.itxassoci...T-Tools/OTL.exe
Save it to your desktop.
Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)
Any other programs or logs you can manually delete.
IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST, etc....
-------------------------------
Any questions...please post back.
If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.
Take a look at My Preventive Maintenance to avoid being infected again.
Good Luck and Thanks for using the forum, MrC
Malware Removal Expert
I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.
Thanks MrC & crew
#13
Maurice Naggar
-
- Moderators
-
- 13,598 posts
Eradicator de logiciels malveillants
- Gender:Male
- Location:USA
- Interests:Security, Windows, Windows Update, malware prevention
Posted 20 August 2012 - 06:39 AM
Glad we could help. 
If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.
Other members who need assistance please start your own topic in a new thread. Thanks!
If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.
Other members who need assistance please start your own topic in a new thread. Thanks!
Maurice Naggar
Consumer Support Specialist
Follow us: Twitter, Become a fan: Facebook
I close my threads if there is 5 days without a response.
Consumer Support Specialist
Follow us: Twitter, Become a fan: Facebook
I close my threads if there is 5 days without a response.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
