Originally posted by cdavfrew:
--------------------------------------------------------------------------------
Hi adrelectr
Please follow these instructions and post your log in a new thread.
Please download Malwarebytes Anti-Malware and install it. Follow the prompts and reboot if required.
Launch Malwarebytes either by running C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe or double-click the Malwarebytes' Anti-Malware shortcut on your Desktop.
Configuring Malwarebytes
? Click on the tab Settings.
? Make sure only these boxes are checked:
Terminate Internet Explorer
Automatically save and display logfile after removal
Always scan memory objects
Always scan registry objects
Always scan filesystem
Always scan extra and heuristics objects
? Click on the tab Update.
? Press the button Check for Updates
? Wait for Malwarebytes to be fully updated.
Scanning Time
? Click on the tab Scanner.
? Check Perform full scan and click on Scan
? Wait for the scan to complete, and then click on Show Results.
? Make sure all items are checked, then click on Remove Selected.
**If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If you are asked to restart the computer, please do so immediately.
Post A Log
? A text box will pop up after the removal process is over. Post the contents of the text here.
? If no text box pops up, launch Malwarebytes, and click on the tab Logs.
? The logs will appear as mbam-log-*date-*time.txt. Select the latest one, and then click on Open.
? Post the log here.
Best Regards :D
--------------------------------------------------------------------------------
Malwarebytes' Anti-Malware 1.30
Database version: 1412
Windows 5.1.2600 Service Pack 3
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\CodecBHO.DLL (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\codecbho.codecplugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\codecbho.codecplugin.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\codecbho.xmldomdocumenteventssink (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\codecbho.xmldomdocumenteventssink.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RichVideoCodec (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_CLASSES_ROOT\CLSID\{35CEC8A3-2BE6-11D2-8773-92E220524153}\InprocServer32\ (Hijack.Tray) -> Bad: (C:\DOCUME~1\Dad\LOCALS~1\Temp\\shell32.dll) Good: (stobject.dll) -> Quarantined and deleted successfully.
Folders Infected:
C:\Program Files\Microsoft Security Adviser (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\RichVideoCodec (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\system32\ddcCRlLB.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssinit.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssservers.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dad\Local Settings\Temp\60325cahp25ca0.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dad\Local Settings\Temp\TDSS625b.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Dad\Application Data\~tmp.html (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSerrors.log (Trojan.TDSS) -> Quarantined and deleted successfully.
THANK YOU!
.... no pop-up with the start now and the firewall deleting it after generation. Found 17 items that the other guys missed. I took awhile to run but it was worth it, boy talk about faster start-up and loading of programs. I will recommed you to everyone! Wish I knew about you the first time before I had to blow away my hard drive and start all over again. I couldn't get past the start screen.
I would like to clean out whatever malware traces are left on your PC. Please follow these instructions:
Now, please download ComboFix.
With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it. Save it to your Desktop.
Please disable all security programs, such as antiviruses, antispywares, and firewalls.
? Run Combo-Fix.exe and follow the prompts.
? Accept the End-User License Agreement.
? Allow the Recovery Console to be installed.
? When you see the window below, click on Yes.
? When the Recovery Console has been installed, click on Yes to start the scan.
**Understand that things like your system clock changing and your desktop disappearing might happen. Do not worry, because all will be restored later. ? Wait for the scan to be fully completed.
? If it requires a reboot, please do so.
? After the scan has completed entirely, please post the log here. The log will be located at C:\ComboFix(.txt)
Do not click on the ComoboFix window, as it may cause it to stall.
Life is but a dream; you dont feel any pain unless you want to or you fall off the bed. Success is relative; the more success the more relatives.
A computer once beat me at chess, but it was no match for me at kickboxing. To be or not to be; thats a dumb question.
one of my kids has a lap top. has a tone of junk on it. I added malwarebytes for the protection. after running it. Malwarebytes found over 600 objects, but when come time to delete them. the laptop freezes. i tryed in safe mode, but get the same results. laptop will freeze when deleting them. are there any suggestios??
