| View previous topic :: View next topic |
| Author |
Message |
goodonyacolby
Joined: 28 Jun 2008
Posts: 6
|
 Posted: Sat Nov 15, 2008 8:40 am Post subject: combofix log [che3.exe trojan/backdoor] |
 |
|
here is my log after running combofix.where do i go from here?
| Description: |
|
Download |
| Filename: |
log.txt |
| Filesize: |
11.27 KB |
| Downloaded: |
22 Time(s) |
|
|
| Back to top |
|
 |
|
|
patrik
Site Admin
Joined: 08 Jan 2006
Posts: 1865
|
| Posted: Sun Nov 16, 2008 2:21 am Post subject: |
|
|
Hello goodonyacolby, welcome to the Myantispyware forum!
Combofix log shows, your PC infected with che3.exe trojan/backdoor.
Open notepad, copy/paste the text in the code box below into notepad:
| Code: | Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"sysberay2"=-
File::
c:\windows\be49f4d98.dat
c:\windows\bemark2.dat
c:\windows\be49f4daa.dat
c:\windows\che3.exe |
Name the Notepad file CFScript and Save it to your desktop. Then drag the CFScript into ComboFix.exe as you see in the screenshot below.
Post back with combofix log, also include a HijackThis log (How to make it, read here.)
_________________
Free Antispyware: HijackThis, SmitfraudFix, ComboFix, Super Antispyware, Malwarebytes Anti-malware
Instructions: Show hidden files, Reboot in Safe Mode |
|
| Back to top |
|
|
goodonyacolby
Joined: 28 Jun 2008
Posts: 6
|
|
| Back to top |
|
|
|
|
goodonyacolby
Joined: 28 Jun 2008
Posts: 6
|
| Posted: Sun Nov 16, 2008 4:41 am Post subject: |
|
|
HijackThis log
| Description: |
|
Download |
| Filename: |
hijackthis.txt |
| Filesize: |
6.78 KB |
| Downloaded: |
19 Time(s) |
|
|
| Back to top |
|
|
patrik
Site Admin
Joined: 08 Jan 2006
Posts: 1865
|
|
| Back to top |
|
|
goodonyacolby
Joined: 28 Jun 2008
Posts: 6
|
| Posted: Mon Nov 17, 2008 12:00 am Post subject: |
|
|
it does seem to be working well now.defiately alot better on the net when surfing 
|
|
| Back to top |
|
|
|
|
patrik
Site Admin
Joined: 08 Jan 2006
Posts: 1865
|
| Posted: Mon Nov 17, 2008 3:43 am Post subject: |
|
|
Sounds good 
Uninstall Combofix.
| Quote: | Click Start > Run - type ComboFix /u
Press Ok. |
Make a new restore point.
| Quote: | | Disable system restore to flush out infected restore points. Reboot your computer again. Turn on Windows System Restore. After that click START > ALL PROGRAMS > ACCESSORIES > SYSTEM TOOLS > SYSTEM RESTORE. click on “create new restore point” > click on NEXT and follow the prompts. |
Many of the exploits are directed to users of Internet Explorer. Try using a different browser - Firefox or Opera.
Update Windows. Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office products loopholes and fix any bugs found.
Be careful when opening attachments and downloading files.
Safe surfing!
_________________
Free Antispyware: HijackThis, SmitfraudFix, ComboFix, Super Antispyware, Malwarebytes Anti-malware
Instructions: Show hidden files, Reboot in Safe Mode |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
