Avast WEBforum

Other => Viruses and worms => Topic started by: Savvy on July 30, 2012, 04:45:24 AM

Title: Pls Help - Win32:Malware-gen;Win32:Downloader-PKU [TRJ]
Post by: Savvy on July 30, 2012, 04:45:24 AM

Pls help me remove these viruses.

I have attached the MBAM - OTL - aswMBR Log files.

thx in advance

Title: Re: Pls Help - Win32:Malware-gen;Win32:Downloader-PKU [TRJ]
Post by: Pondus on July 30, 2012, 06:27:33 AM

malware removers are notified: it may take many hours before one arrive so be patient

Title: Re: Pls Help - Win32:Malware-gen;Win32:Downloader-PKU [TRJ]
Post by: magna86 on July 30, 2012, 01:36:59 PM

Monitoring  8)

Title: Re: Pls Help - Win32:Malware-gen;Win32:Downloader-PKU [TRJ]
Post by: magna86 on July 30, 2012, 01:44:27 PM

Hello,  ;)
I will be working on your Malware issues

Re-run OTL.exe.

• Copy and paste the following text written inside of the quote box into the Custom Scans/Fixes box.
  
  

Code: [Select]

:OTL
IE - HKU\S-1-5-21-1880795468-379239768-4233194241-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=DFA482CF0C169145FDD0994FC1D5C5E5&tbp=homepage
IE - HKU\S-1-5-21-1880795468-379239768-4233194241-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/ws/?source=c3348dd4&tbp=rbox&toolbarid=blekkotb_031&u=DFA482CF0C169145FDD0994FC1D5C5E5&q={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "Blekko"
FF - prefs.js..browser.search.order.1: "Blekko"
FF - prefs.js..browser.search.selectedEngine: "Blekko"
FF - user.js - File not found
@Alternate Data Stream - 1335 bytes -> C:\Users\User\AppData\Local\PxtuFcs0QM:mjTnePwiwig6cFcdG08fZ
@Alternate Data Stream - 1190 bytes -> C:\Users\User\AppData\Local\Temp:0DjwMsGjrggLD4Gaj6WIYpd7W

:files
C:\Windows\Installer\{4088c64f-f16a-544e-1a75-573ae2c8da4a}
ipconfig /flushdns /c

:commands
[CREATERESTOREPOINT]
[emptytemp]
[Reboot]




• Then click the Run Fix button at the top.
  
• Let the program run unhindered; it will reboot the system when it is done and open notepad with logreport. Attach here that logreport.

*******************




> Download ComboFix from here (http://download.bleepingcomputer.com/sUBs/ComboFix.exe) and save it to your Desktop.
If you are unsure how ComboFix works please read this guide (http://www.bleepingcomputer.com/combofix/how-to-use-combofix) carefully.
note: ComboFix must be downloaded to your Desktop.

> Temporarily disable your AntiVirus program.
If you are unsure how to do this please read this Instruction. (http://www.bleepingcomputer.com/forums/topic114351.html)

> Run ComboFix. Click on I Agree!
ComboFix will check if there is a newer version of ComboFix available.
Click Yes if prompted to download.
ComboFix will display DISCLAIMER OF WARRANTY ON SOFTWARE.
Click Yes to allow ComboFix to continue.
If Recovery Console is not installed, ComboFix will offer download & installation.
Click Yes to allow ComboFix to install Recovery Console.
Note:Do not mouse-click Combofix's window while it is running.


> When the tool is finished, it will produce a log report for you. (typical location: C:\ComboFix.txt )
  Attach log reports ( ComboFix.txt) back to topic.

Title: Re: Pls Help - Win32:Malware-gen;Win32:Downloader-PKU [TRJ]
Post by: Savvy on July 30, 2012, 04:17:43 PM

Hi, thx for the instructions ....

I ran both OTL and ComboFix, and its been 1 hour and no popups, looks like u cured it. thank u.

attached are the logfiles u requested.

thx again

Title: Re: Pls Help - Win32:Malware-gen;Win32:Downloader-PKU [TRJ]
Post by: magna86 on July 30, 2012, 11:23:30 PM

Logs looks good.
How's your computer behaving now ?