Virus check please

Viruses and worms
1

My machine has been acting terribly slow lately. I did a full scan with malwarebytes and came up with 11 infections. I removed those and so no significant change. I’ve included the suggested scans, however, while scanning with aswmbr, an error popped up and said, “avast antirootkit has encountered an error and needs to close…” so the aswmbr did not finish. Nor, does windows update install updates successfully. Please Help!!

P.S. Ocassionally my browsing directs me to some DNS yahoo error handler page.

Thank You!!

Beau

2

You should have attached the MBAM log with detection… so that we can see what was found and removed

Malware experts are notified…

3

Hi, I will be working on your Malware issues.

Scan with Combofix:

[*] Please download ComboFix by sUBs and save it to your Desktop.
You may read how Combofix works here.

[*] Temporarily disable your AntiVirus program, usually via a right click on the System Tray icon. They may interfere with Combofix.
If you are unsure how to do this please read this or this Instruction.

[*] Run ComboFix. Click on I Agree! & follow the prompts.
Note: If you see a message like “Illegal operation attempted on a registry key that has been marked for deletion” just restart your computer.

[*] When finished, it will produce a report for you. Please attach log reports (ComboFix.txt) back to topic.
(typical log location: C:\ComboFix.txt )

4

Hello Argus.
Thank you very much for looking into this. Ive attached the combofix log and the original full mbam scan log that Pondus said I should have included to begin with.

Thanks again!

Beau

5

Open notepad and copy/paste the text present inside the code box below:



Folder::
c:\documents and settings\Jacalyn\Application Data\Search Protection
c:\program files\QuickTime

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"135:TCP"=-
"5000:TCP"=-
"5001:TCP"=-
"5002:TCP"=-
"5003:TCP"=-
"5004:TCP"=-
"5005:TCP"=-
"5006:TCP"=-
"5007:TCP"=-
"5008:TCP"=-
"5009:TCP"=-
"5010:TCP"=-
"5011:TCP"=-
"5012:TCP"=-
"5013:TCP"=-
"5014:TCP"=-
"5015:TCP"=-
"5016:TCP"=-
"5017:TCP"=-
"5018:TCP"=-
"5019:TCP"=-
"5020:TCP"=-
"1700:TCP"=-
"1641:TCP"=-
"443:TCP"=-
"443:UDP"=-
"37674:TCP"=-
"37674:UDP"=-
"37675:UDP"=-

File::
c:\program files\Application Updater\ApplicationUpdater.exe

Driver::
Application Updater

Firefox::
FF - ProfilePath - c:\documents and settings\Jacalyn\Application Data\Mozilla\Firefox\Profiles\0btcpxzd.default\
FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar

Save this as CFScript.txt

http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif

Close all browser windows and refering to the picture above.

Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will will re-run. When finished, it will produce a log for you.
Attach the contents of the log in your next reply. (typical location: C:[b]ComboFix.txt[/b] )

6

Okay, here is the log.

Beau

7

How is your computer behaving now ?

8

It still appears pretty sluggish. It just took forevever for IE to load and still will not intstall Windows updates :frowning:

9

Uninstall Ad-Aware.

I do not know if there is more support for XP.

10

Okay, well thank you very much Argus for all your help!! You ROCK!!