Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
Hi,my norton hv detected Packed.Generic.200 & Trojan.Metajuan. Subsequently, i downloaded ad-aware, it also detected Win32.trojan OlmarikTry the Symantec removal, but unsuccessful. Also try to download malwarebytes' anti-malware, it doesnt seems to run.
PLEASE ASSIST ME STEP BY STEP, IM NEW.
thks so much
here are my logs, please advise what is the next step i shld do.
thks
Malwarebytes' Anti-Malware 1.36
Database version: 1945
Windows 5.1.2600 Service Pack 34/8/2009 5:29:46 PM
mbam-log-2009-04-08 (17-29-46).txtScan type: Quick Scan
Objects scanned: 95827
Time elapsed: 8 minute(s), 20 second(s)Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 10
Registry Values Infected: 1
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 3Memory Processes Infected:
(No malicious items detected)Memory Modules Infected:
\\?\globalroot\systemroot\system32\UACoiwberuf.dll (Trojan.TDSS) -> Delete on reboot.Registry Keys Infected:
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully.Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.Folders Infected:
(No malicious items detected)Files Infected:
\\?\globalroot\systemroot\system32\UACoiwberuf.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Delete on reboot.
0 
After scanning, you click on next and click on "remove all". After remove, go to "quarantine" tab and "Delete all".
And restart the computer.
0
You should delete all temporary files, temporary internet files, prefetch and then check.
Start > Run > type temp and click OK. Delete all
Start > Run > type %temp% and click OK. Delete all
Start > Run > type prefetch and click OK. Delete all.You can run disk cleanup utility.
Start > programs> accessories > system tools > Disk cleanup.
Ticked mark all the check box and click OK.
After that all, I think your problem will be resolve.
0
Thks
I suppose the issue hv been solve. But i hv another problem, i try to do the disk defragmentation but it show error msg ' disk defragmenter could not start'.Does that mean the virus is still there?
0
Start > Run > type services.msc
Browse " Logical disk manager from the list.
Set on automatic and stop, then start.You can also run check disk utility.
Start > Run > cmd > OK.
Command prompt will be open then type chkdsk and press enter.Chkdsk utility can fix logical file system error.
0
Hi i hv done,
Start > Run > type services.msc
Browse " Logical disk manager from the list.
Set on automatic and stop, then start.seems like nothing is happening. after running the check disk utility, window found problem with the file system. I was told to run chkdsk with the /F (fix) option to correct these.
having done so, i received this msg
"Chkdsk cannot run because the volume is in use by another process. would you like to schedule this volume to be checked the next time system restart? <Y/N>"after typing Y, i restarted my pc, yet nothing happen.
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
