[Closed] This Computer is Being Attacked
#1
Posted 08 November 2009 - 10:01 PM
Register to Remove
#2
Posted 09 November 2009 - 04:39 PM
Download Combofix from any of the links below but rename it to ABCD.exe before saving it to your desktop.
* IMPORTANT !!! Save ComboFix.exe to your Desktop
Link 1
Link 2
Double click on the ABCD.exe ComboFix.exe & follow the prompts.
- When finished, it will produce a report for you.
- Please post the C:\ComboFix.txt so we can continue cleaning the system.
The forum is run by volunteers who donate their time and expertise.
Want to help others? Join the ClassRoom and learn how.
Logs will be closed if you haven't replied within 3 days
If you would like to for the help you received.
Proud graduate of TC/WTT Classroom
#3
Posted 10 November 2009 - 12:26 AM
#4
Posted 11 November 2009 - 03:57 PM
This infection can and will infect all the machine's executable files .exe, .scr, .rar, .zip, .htm, .html.
you should be aware that you may have been infected by a backdoor trojan. This type of program has the ability to steal passwords and other information from your system. If you are using your computer for sensitive purposes such as internet banking then I recommend you take the following steps immediately:
- Use another, uninfected computer to change all your internet passwords, especially ones with financial implications such as banks, paypal, ebay, etc. You should also change the passwords for any other site you use.
- Call your bank(s), credit card company or any other institution which may be affected and advise them that your login/password or credit card information may have been stolen and ask what steps to take with regard to your account.
- Consider what other private information could possibly have been taken from your computer and take appropriate steps
the best thing you can do is to backup, preferably to CD, all your important data, documents, pictures, movies, and songs.
DO NOT backup any applications or installers and DO NOT backup any files with the following extensions:
•.exe
•.scr
•.htm
•.html
•.xml
•.zip
•.rar
Please see this information by miekiemoes:
http://miekiemoes.bl...s-throwing.html
If you want to try and remove it, try this.
Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe[list] - Doubleclick the drweb-cureit.exe file and Allow to run the express scan
- This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
- Once the short scan has finished, mark the drives that you want to scan.
- Select all drives. A red dot shows which drives have been chosen.
- Click the green arrow at the right, and the scan will start.
- Click 'Yes to all' if it asks if you want to cure/move the file.
- When the scan has finished, in the menu, click file and choose save report list
- Save the report to your desktop. The report will be called DrWeb.csv
- Close Dr.Web Cureit.
The forum is run by volunteers who donate their time and expertise.
Want to help others? Join the ClassRoom and learn how.
Logs will be closed if you haven't replied within 3 days
If you would like to for the help you received.
Proud graduate of TC/WTT Classroom
#5
Posted 12 November 2009 - 03:07 AM
I have tried to use Dr. Web CureIt, and the log file can be downloaded from the link below:
http://www.2shared.c...9e3/CureIt.html
#6
Posted 12 November 2009 - 06:58 AM
The forum is run by volunteers who donate their time and expertise.
Want to help others? Join the ClassRoom and learn how.
Logs will be closed if you haven't replied within 3 days
If you would like to for the help you received.
Proud graduate of TC/WTT Classroom
#7
Posted 12 November 2009 - 06:14 PM
#8
Posted 12 November 2009 - 08:21 PM
Please download Malwarebytes' Anti-Malware to your desktop.
- Double-click mbam-setup.exe and follow the prompts to install the program.
- At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select Perform quick scan, then click Scan.
- When the scan is complete, click OK, then Show Results to view the results.
- Then click Remove Selected .
- When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
- Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Also please describe how your computer behaves at the moment.
Please don't attach the scans / logs, use "copy/paste". .
The forum is run by volunteers who donate their time and expertise.
Want to help others? Join the ClassRoom and learn how.
Logs will be closed if you haven't replied within 3 days
If you would like to for the help you received.
Proud graduate of TC/WTT Classroom
#9
Posted 13 November 2009 - 03:01 AM
#10
Posted 13 November 2009 - 03:11 AM
#11
Posted 13 November 2009 - 07:46 PM
Vista users:
1. These tools MUST be run from the executable. (.exe)
2. With Admin Rights (Right click, choose "Run as Administrator") every time you run them
1) exeHelper
Please download exeHelper to your desktop.
Double-click on exeHelper.com to run the fix.
A black window should pop up, press any key to close once the fix is completed.
Post the contents of log.txt (Will be created in the directory where you ran exeHelper.com)
Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).
The forum is run by volunteers who donate their time and expertise.
Want to help others? Join the ClassRoom and learn how.
Logs will be closed if you haven't replied within 3 days
If you would like to for the help you received.
Proud graduate of TC/WTT Classroom
#12
Posted 16 November 2009 - 11:22 PM
#13
Posted 17 November 2009 - 07:20 AM
Hello and Welcome to the forum.
Download Combofix from any of the links below but rename it to ABCD.exe before saving it to your desktop.
* IMPORTANT !!! Save ComboFix.exe to your Desktop
Link 1
Link 2
Double click on the ABCD.exe ComboFix.exe & follow the prompts.
- When finished, it will produce a report for you.
- Please post the C:\ComboFix.txt so we can continue cleaning the system.
The forum is run by volunteers who donate their time and expertise.
Want to help others? Join the ClassRoom and learn how.
Logs will be closed if you haven't replied within 3 days
If you would like to for the help you received.
Proud graduate of TC/WTT Classroom
#14
Posted 26 November 2009 - 05:35 PM
The forum is run by volunteers who donate their time and expertise.
Want to help others? Join the ClassRoom and learn how.
Logs will be closed if you haven't replied within 3 days
If you would like to for the help you received.
Proud graduate of TC/WTT Classroom
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users