outbenchthis
Members-
Content Count
13 -
Joined
-
Last visited
Content Type
Profiles
Forums
Calendar
Everything posted by outbenchthis
-
1530 Infected Files - System Restore?
outbenchthis replied to outbenchthis's topic in Malware Removal
Hi Sarahw sorry for the late reply. I have spoken with a friend and he has said that there is a risk of losing files when you do a System Restore. I am concerned that I could lose some or all of my files (.docs as well as emails as I use Microsoft outlook) is there a way i could address this problem? My friend said that in theory it will only restore system files and not personal files but actually you could risk losing personal files in the process. I have been informed that saving work in My Documents may be a way of protecting against that risk, is this the case? Is there a more effective w -
1530 Infected Files - System Restore?
outbenchthis replied to outbenchthis's topic in Malware Removal
Hi Sarahw, thanks for the reply, I have attached the log from Malwarebytes as an attachment as it is too large to fit in a post. this is the file name: mbam-log-2008-09-30(19-06-09).txt thanks mbam_log_2008_09_30__19_06_09_.txt -
Hi, I have had success on this forum with a previous problem with a virus after some excellent assistance from Sarahw so I thought I would post here again as this current problem may be related. My computer was running slow so I decided to do a Malwarebytes Anti-malware scan which found 1530 infected files (deleted and quarantined). I thought this was an exceptionally high number of infected files (I can post the log from the Mbam scan if you'd like). Below is the log from the Hijackthis log. After my system was cleaned up the first time a month ago from really good advice (sarahw), should I h
-
Hi Sarahw, Thanks! I'll go through all of your recommendations. If I have any questions in the future, I'll know where to ask. Thanks again for all your help.
-
Hi Sarahw, Sorry for my late reply. The computer is running much quicker now. Thank you very much for all your help! I wanted to know a few things to ensure the computer will remain trojan and malware free. Can you tell me (or how can I tell) if I have a firewall? I currently have AVG 7.5 Free installed which scans periodically but I wanted to know your expert opinion on whether to use an alternative or continue with this scanning program. Should I uninstall the programs HiJackThis, SDFix and OTMoveIT2 now that I've finished with them? Thanks again for all your help, Sarah. Regards, Sean
-
Hi Sarah, Below is the ESET Online Scanner log Thanks -------------------------------------------------------------------- # version=4 # OnlineScanner.ocx=1.0.0.635 # OnlineScannerDLLA.dll=1, 0, 0, 79 # OnlineScannerDLLW.dll=1, 0, 0, 78 # OnlineScannerUninstaller.exe=1, 0, 0, 49 # vers_standard_module=3430 (20080910) # vers_arch_module=1.064 (20080214) # vers_adv_heur_module=1.064 (20070717) # EOSSerial=16abe310adb8b84088d22846f792c154 # end=finished # remove_checked=true # unwanted_checked=true # utc_time=2008-09-10 12:29:36 # local_time=2008-09-10 10:29:36 (+1000, E. Australia Standard Time)
-
I have restored the four entries from the Quarantine tab in mbam. do you require another log? thanks
-
Hi Sarahw below is the OTMoveIt2 log and the Hijackthis log thanks OTMoveIt2 File/Folder C:\Program Files\rhcp2pj0e7bv not found. File/Folder C:\Documents and Settings\Clementi\Application Data\rhcp2pj0e7bv not found. File/Folder C:\WINDOWS\system32\kdizk.exe not found. OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09092008_110907 ------------------------------------------------------------------------- Hijackthis log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:11:11, on 9/09/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.110
-
I ran Malwarebytes Anti-Malware and it found 28 objects infected, which I checked and removed successfully. here is the log file below Thanks ------------------------------------------------------------------- Malwarebytes' Anti-Malware 1.26 Database version: 1127 Windows 5.1.2600 Service Pack 1 8/09/2008 3:59:15 PM mbam-log-2008-09-08 (15-59-15).txt Scan type: Full Scan (C:\|D:\|) Objects scanned: 122455 Time elapsed: 2 hour(s), 11 minute(s), 51 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 3 Registry Values Infected: 1 Registry Data Items Infected:
-
Hi Sarah the OTMoveIt2 folder has been zipped and uploaded to uploadmalware.com as (09082008_091946.zip). Thanks
-
Hi Sarah here is the OTMoveit2 log thanks ---------------------- File/Folder C:\WINDOWS\System32\ntos.exe not found. LoadLibrary failed for C:\WINDOWS\system32\wowfx.dll C:\WINDOWS\system32\wowfx.dll NOT unregistered. C:\WINDOWS\system32\wowfx.dll moved successfully. File/Folder C:\WINDOWS\system32\ALCXMNTR.EXE not found. File/Folder C:\WINDOWS\System32\braviax.exe not found. File/Folder C:\WINDOWS\System32\spoolvs.exe not found. C:\WINDOWS\web\Wallpaper moved successfully. C:\WINDOWS\web\printers\images moved successfully. C:\WINDOWS\web\printers moved successfully. C:\WINDOWS\web moved succe
-
Hi sarahw! thanks for your help. I have gone through step-by-step your list of instructions below I have posted my new hijackthis log and the SDfix report (report.txt). I also have a log from OTMoveIt2 that I can post for your analysis if you would like. The window with the error message "the application or dll c:\windows\system32\wowfx.dll is not a valid Windows image. Please verify with the installation disk." has stopped popping up after following your directions! Based on the new logs, what else needs to be done now? Thanks in advance for your help. --------------------------------------
-
Hi, On my Windows Xp PC, every time I open it I receive a window with this message: "the application or dll c:\windows\system32\wowfx.dll is not a valid Windows image. Please verify with the installation disk." I have AVG FREE installed and have performed a scan but still recieve the wowfx.dll message. I also have Smitfraud and have scanned which I was able to do but then I restarted in safemode to do the 'clean' process but it was unable to do the 'clean' because wowfx.dll window message would not go away, so I still keep getting this message On my Windows Xp PC, every time I open it I receiv