Tech Support Forum - View Single Post

Ried · 01-08-2008, 11:09 AM

Thanks, Naomi420.

No worries about the online scan just yet--I understood the issue with online scans and IE from your first post.

I see plenty of Anti-Malware programs onboard, which is good--but they do not take the place of an Anti Virus program. An Anti Virus program is essential to have onboard as well, and is one of the reasons your system is so infected right now.

As soon as we stabilize the system a bit, I'll have instructions for a very good free AV program to use.

The other reason is the use of P2P programs. Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

This will require more than one round to properly eradicate. Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Please copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.

It's IMPORTANT to carry out the instructions in the sequence listed below.

***************************************************

Download Combofix from any of the links below, and save it to your desktop.

Link 1
Link 2
Link 3

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

1. Disconnect from the internet.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

--------------------------------------------------------------------

Open HijackThis and click on 'Do a System Scan Only'. 'Check' the following entries:

O15 - Trusted Zone: http://click.getmirar.com (HKLM)
O15 - Trusted Zone: http://click.mirarsearch.com (HKLM)
O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM)

Click 'Fix Checked' and close HijackThis.

--------------------------------------------------------------------

Double click on ComboFix.exe & follow the prompts.

When finished, it will produce a report for you. I'll need to see that in your next reply to continue cleaning the system.

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall

********************************************************

Please download FindAWF to your Desktop.

Double-click FindAWF.exe to start the tool.
Select option #1 - Scan for bak folders by typing 1 and press 'Enter'
When the tool has completed, a report will open up in notepad. Please post the results of the awf.txt here.

**Do not run any other option unless directed to do so.**

-------------------------------------------------------------------

Please include the following in your next reply:

C:\ComboFix.txt
awf.txt

01-08-2008, 11:09 AM	#9 (permalink)
Ried Assistant Manager, TSF Academy; Moderator/Analyst Security Team Join Date: Jan 2005 Location: Ohio Posts: 26,578 OS: WinXP and Vista	Re: Help Computer Is Dying Thanks, Naomi420. No worries about the online scan just yet--I understood the issue with online scans and IE from your first post. I see plenty of Anti-Malware programs onboard, which is good--but they do not take the place of an Anti Virus program. An Anti Virus program is essential to have onboard as well, and is one of the reasons your system is so infected right now. As soon as we stabilize the system a bit, I'll have instructions for a very good free AV program to use. The other reason is the use of P2P programs. Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares. This will require more than one round to properly eradicate. Please stay with me until given the 'all clear' even if symptoms seemingly abate. Please copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions. It's IMPORTANT to carry out the instructions in the sequence listed below. ************************************************* Download Combofix from any of the links below, and save it to your desktop. Link 1 Link 2 Link 3 Note: It is important that it is saved directly to your desktop -------------------------------------------------------------------- 1. Disconnect from the internet. 2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. -------------------------------------------------------------------- Open HijackThis and click on 'Do a System Scan Only'. 'Check' the following entries: O15 - Trusted Zone: http://click.getmirar.com (HKLM) O15 - Trusted Zone: http://click.mirarsearch.com (HKLM) O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM) Click 'Fix Checked' and close HijackThis. -------------------------------------------------------------------- Double click on ComboFix.exe & follow the prompts. When finished, it will produce a report for you. I'll need to see that in your next reply to continue cleaning the system. Note: Do not mouseclick combofix's window while it's running. That may cause it to stall **************************************************** Please download FindAWF to your Desktop. Double-click FindAWF.exe to start the tool. Select option #1 - Scan for bak folders by typing 1 and press 'Enter' When the tool has completed, a report will open up in notepad. Please post the results of the awf.txt here. Do not run any other option unless directed to do so.** ------------------------------------------------------------------- Please include the following in your next reply: C:\ComboFix.txt awf.txt __________________ Member of ASAP since 2005 Member of UNITE since 2006 "It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."