Newbie here, cj2448 told me to come and ask 4 help, trojans, unauthorized IP accessin

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Loriturner

Thread Starter
Joined
Sep 8, 2009
Messages
2
Hi, My name is Lori. My coworker cj2448 told me to come here for help. My computer is having issues. I keep getting pop ups, see screen shot. Cj2448 advised me and helped me do a HiJack log..please see and help out if you can. Thanks in advance for what you do here. AMAZING!

I am getting errors including:

backdoor.sdbot.den
N-case.win32
I-Worm.sobig
TrojanDropper.JS.Mimail


See attached, again, TIA.
 

Attachments

Loriturner

Thread Starter
Joined
Sep 8, 2009
Messages
2
Tried to run AVG and Ewido & neither will open ...anywho, please see screen shot at what happened when I restarted computer..TIA.

Window's protection suite keeps coming up, not sure what it is and if it's safe.

What's freakin me out is the 'unauthorized access personal data transfer to 128.154.26.11' cj2448 says that does not match any IP addy in our office.
 

Attachments

dvk01

Derek
Retired Moderator Retired Malware Specialist
Joined
Dec 14, 2002
Messages
56,452
step 1

Download the HostsXpert 4.2 - Hosts File Manager.
  • Unzip HostsXpert 4.2 - Hosts File Manager to a convenient folder such as C:\HostsXpert 4.2 - Hosts File Manager
  • Run HostsXpert 4.2 - Hosts File Manager from its new home
  • Click on "File Handling".
  • Click on "Restore MS Hosts File".
  • Click OK on the Confirmation box.
  • Click on "Make Read Only?"
  • Click the X to exit the program.
  • Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.

step2

Delete any existing version of ComboFix you have sitting on your desktop
Please read and follow all these instructions very carefully

Download ComboFix from Here to your Desktop.

**Note: It is important that it is saved directly to your desktop and run from the desktop and not any other folder on your computer**
--------------------------------------------------------------------
1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • Very Important! Temporarily disable your anti-virus and anti-malware real-time protection and any script blocking components of them or your firewall before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results" or stop combofix running at all
  • Click on THIS LINK to see instructions on how to temporarily disable many security programs while running combofix. The list does not cover every program. If yours is not listed and you don't know how to disable it, please ask.
  • Remember to re enable the protection again after combofix has finished
--------------------------------------------------------------------
2. Close any open browsers and any other programs you might have running
Double click on combofix.exe & follow the prompts.​
If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?"
Please select yes & let it download the files it needs to do this
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review


****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read HERE why we disable autoruns

Please do not install any new programs or update anything unless told to do so while we are fixing your problem.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top