Home > Solved Msn > Solved: MSN Virus - Remnants I Think?

Solved: MSN Virus - Remnants I Think?

im always cleaning my temp files and ect. Edited by scottwiser, 13 October 2008 - 02:20 PM. C:\Documents and Settings\Prashant Mistri\Cookies\prashant [emailprotected][2].txt -> TrackingCookie.Tribalfusion : Cleaned. C:\Documents and Settings\Prashant Mistri\Cookies\prashant [emailprotected][1].txt -> TrackingCookie.Tacoda : Cleaned. Source

Click on Avenger.zip to open the file Extract avenger.exe to your desktop 2. C:\WINDOWS\system32\msklive.dll !!DELETING FAILED!! *** Deleting temporary files *** Cleaning of C:\WINDOWS\Temp done ! It will return when ComboFix is done. C:\winstall.exe (Trojan.FakeAlert) -> Delete on reboot. website here

I changed this, restarted the machine, and hey presto, all is now well for the first time since I began looking for a solution. Completion time: 2008-10-13 19:13:10 - machine was rebooted ComboFix-quarantined-files.txt 2008-10-14 03:13:05 ComboFix2.txt 2008-08-23 05:37:40 Pre-Run: 10,479,702,016 bytes free Post-Run: 10,534,854,656 bytes free 333 --- E O F --- 2008-10-13 07:57:10 Back Advertisements do not imply our endorsement of that product or service. Run auto fix 3.

MyBB MyBB Internal Error MyBB has experienced an internal error and cannot continue. Note: The log can also be found at C:\AdwCleaner[XX].txt where XX denotes the number of times the application has been run, i.e., S1 Take a walk through the "Security Garden" -- IMPORTANT.... Deletion of file "C:\WINDOWS\ExeDialer.exe" failed!

Once installed, you should see a blue screen prompt that says: The Recovery Console was successfully installed. If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. Regards, TheXeon Reply With Quote 04-25-2013,05:50 PM #4 Corrine View Profile View Forum Posts View Blog Entries Visit Homepage View Articles AdministratorMicrosoft MVPSecurity Analyst Join Date Feb 2012 Location Upstate, NY Announcements and Release Notes Security Industry News Product Discussions Webroot® SecureAnywhere™ - Antivirus Webroot® SecureAnywhere™ - Internet Security Plus Webroot® SecureAnywhere™ - Complete Webroot® Mobile for Android Webroot® Mobile for iOS

The game has a security program which does a scan to see if the disc is the original before it opens the game. Go To Webroot Community Home Ideas Exchange Community Forums Beta News and Announcements Introduce yourself to the Community! C:\Documents and Settings\Prashant Mistri\Cookies\prashant [emailprotected][1].txt -> TrackingCookie.Falkag : Cleaned. AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help!

We will do that later in Safe Mode. https://community.webroot.com/t5/Webroot-SecureAnywhere-Complete/MSN-Login/td-p/75795 Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+C): Begin copying here: Files to delete: C:\WINDOWS\ExeDialer.exe C:\WINDOWS\system32\egdial.dll C:\WINDOWS\system32\ia.dll C:\WINDOWS\system32\ieaccess2.dll C:\WINDOWS\system32\msegcompid.dll C:\WINDOWS\system32\mseggrpid.dll I love a challenge to start the new year! Cheeseball81, Nov 2, 2006 #4 Push-e Thread Starter Joined: Oct 31, 2006 Messages: 9 Here is the log from avenger: Logfile of The Avenger version 1, by Swandog46 Running from registry

Click here to join today! this contact form C:\WINDOWS\system32\msmsgs.exe (Backdoor.Bot) -> Delete on reboot. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. Using XP Home Edition.

This log file will be located at C:\avenger.txt The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and No rootkits found! Younever know...they may be able to come up with something in relation to this strange baehaviour...whilst you are exploring other avenues for a solution. have a peek here Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.CPL,CMICtrlWnd O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 -

NEXT** Next we'll use ComboFix.exe. scan completed successfully hidden files: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . The home page still couldn't be changed.

Welcome back Next, open Navilog1. * On main menu, choose 2 * Follow the instructions and wait. * The tool will then advise you that it will restart your computer. *

Please save it to a convenient location. * You can also access the log by doing the following: o Click on the Malwarebytes' Anti-Malware icon to launch the program. it went through its step for installing, and shut off. Back to top #5 ckstrong01 ckstrong01 Topic Starter Members 43 posts OFFLINE Local time:09:48 PM Posted 26 June 2006 - 09:37 AM Thank you very much again miekiemoes. Several functions may not work.

I assume you have rebooted the computer and the problem persists? C:\Documents and Settings\Prashant Mistri\Cookies\prashant [emailprotected][2].txt -> TrackingCookie.Zedo : Cleaned. ::Report end ------------------------------------------------ And the Pandascan report follows: Incident Status Location Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Prashant Mistri\Cookies\prashant [emailprotected][2].txt Spyware:Cookie/bravenetA Not disinfected Well it's certainly fixed.......what do you think had happened? 0 farrawayman 10 Years Ago Thanks COZZY, I have recently had a similar problem and googled for a while until I came Check This Out C:\WINDOWS\olehelp.exe (Fake.Dropped.Malware) -> Delete on reboot.

Spybot was not causing the problem at all. C:\WINDOWS\xpupdate.exe (Trojan.Fakealert) -> Delete on reboot. If it ain't gonna be a major setback for the PC i will leave it be & this will be the end of this thread, but, i'm imagining it's going to Rescan with Hijack This, close all browser windows except Hijack This, put a checkmark beside these entries and click fix checked.

ect. C:\WINDOWS\system32\klo5.sys (Stolen.Data) -> Delete on reboot. There is no point in doing another fresh installation, i need to find the cause. I also need that old Java version for work so that has to stay :/ .

In the...." you get the idea. C:\WINDOWS\system32\vdnt32.sys (Rootkit.Haxdor) -> Delete on reboot. IMPORTANT: Do not open any other windows or programs while Ewido is scanning as it may interfere with the scanning process: Launch Ewido Anti-spyware by double-clicking the icon on your desktop. C:\WINDOWS\userconfig9x.dll (Fake.Dropped.Malware) -> Delete on reboot.

© Copyright 2017 blightysoftware.com. All rights reserved.