« previous next »
Pages: 1 [2]   Go Down

Author Topic: MBR:SST infection  (Read 8445 times)

0 Members and 1 Guest are viewing this topic.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: MBR:SST infection
« Reply #15 on: August 19, 2012, 10:49:29 PM »
Hi could I have a quick scan with OTL please to ensure that I got it all
Logged

dkimble

  • Guest
Re: MBR:SST infection
« Reply #16 on: August 20, 2012, 06:11:35 AM »
Here's the OTL.txt file.

That must have been chewing up a good amount of CPU.  The response of the laptop is much faster.

Thanks again,

Dave
Logged

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: MBR:SST infection
« Reply #17 on: August 20, 2012, 03:48:11 PM »
Lets see if this speeds it up a tad more

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following


Code: [Select]
:OTL
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMPFC5A2B2
@Alternate Data Stream - 1316 bytes -> C:\Users\music\AppData\Local\TempIsUwDrk1lj7pzyLNfQjuk8jQk
@Alternate Data Stream - 1279 bytes -> C:\ProgramData\Microsoft:zB5v2fV7KnfzTdjDKLUhIw
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 1140 bytes -> C:\ProgramData\Microsoft:Nzsjx9EuagfKWJHtF6
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP1B5B4F1

:Files
ipconfig /release /c
ipconfig /renew /c

:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete



Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that
Logged

dkimble

  • Guest
Re: MBR:SST infection
« Reply #18 on: August 21, 2012, 05:06:30 AM »
Logs from OTL quick scan and AdwCleaner log attached.

Thanks,

Dave
Logged

dkimble

  • Guest
Re: MBR:SST infection
« Reply #19 on: August 21, 2012, 05:26:39 AM »
One more thing I noticed:

Malwarebytes is still not launching, which I thought was one of the original symptoms of this infection (I had to rename it to get it to run).

The dialog says this:

===
[OpenEvent] Failed to perform desired action. Error Code 2.
===

I can run it manually, but I'll uninstall/reinstall to see if that clears it up.
Logged

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: MBR:SST infection
« Reply #20 on: August 21, 2012, 03:59:04 PM »
Download and run the MBAM cleanup tool from here http://downloads.malwarebytes.org/file/mbam_clean
Then try a fresh install
Logged
Pages: 1 [2]   Go Up
« previous next »