Author Topic: Malware attacks (Read 3520 times)

REDACTED · « **on:** June 05, 2015, 04:45:36 PM »

Malware attack issues

RL:http://anythicago.com/4141/RelayTurbo_142668814314552.dll
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe

URL:http://simplesitescan.net/4141/LighterInit_142669556111830.dll
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe

URL:http://alwaysisobar.com/4141/CutterGeneration_142669028208336.dll
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe

URL:http://bestdriverstar.net/4141/CutterSystem_142669222915982.dll
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe

URL:http://opticguardzip.net/4141/CutterSystem_142669222919983.dll
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe

I've attached scan results

Many thanks in advanced

Gavin

TwinHeadedEagle · « **Reply #1 on:** June 05, 2015, 04:46:10 PM »

Monitoring...

TwinHeadedEagle · « **Reply #2 on:** June 05, 2015, 07:43:24 PM »

Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

Right-click on icon and select Run as Administrator to start the tool.
Wait patiently until the main console will appear, it may take a minute or two.
In the main box please paste in the following script:

Code: [Select]

createsrpoint;
autoclean;
emptyalltemp;
ipconfig /flushdns;b

Make sure that Scan All Users option is checked.
Push Run Script and wait patiently. The scan may take a couple of minutes.
When the scan completes, a zoek-results logfile should open in notepad.
If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

REDACTED · « **Reply #3 on:** June 05, 2015, 09:04:26 PM »

Results from ZOEK scan

TwinHeadedEagle · « **Reply #4 on:** June 05, 2015, 10:41:39 PM »

We will run one more Zoek fix:

Fix with ZOEK

This fix was created for this user for use on that particular machine.
Running it on another one may cause damage and render the system unstable.

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

Right-click on icon and select Run as Administrator to start the tool.
Wait patiently until the main console will appear, it may take a minute or two.
In the main box please paste in the following script:

Code: [Select]

createsrpoint;
chrdefaults;

Make sure that Scan All Users option is checked.
Push Run Script and wait patiently. The scan may take a couple of minutes.
When the scan completes, a zoek-results logfile should open in notepad.
If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

REDACTED · « **Reply #5 on:** June 05, 2015, 11:04:37 PM »

Fix results

REDACTED · « **Reply #6 on:** June 05, 2015, 11:08:37 PM »

is it ok to enable antivirus now?

TwinHeadedEagle · « **Reply #7 on:** June 05, 2015, 11:11:25 PM »

Yes, it is.

How is your PC behaving now?

REDACTED · « **Reply #8 on:** June 05, 2015, 11:14:24 PM »

seems fine at the moment i will monitor it over the next day or so.

Many Thanks

TwinHeadedEagle · « **Reply #9 on:** June 05, 2015, 11:15:36 PM »

You do not need to wait a day. One PC restart and several minutes will be just enough to see.

Author Topic: Malware attacks (Read 3520 times)

REDACTED

Malware attacks

TwinHeadedEagle

Re: Malware attacks

TwinHeadedEagle

Re: Malware attacks

REDACTED

Re: Malware attacks

TwinHeadedEagle

Re: Malware attacks

REDACTED

Re: Malware attacks

REDACTED

Re: Malware attacks

TwinHeadedEagle

Re: Malware attacks

REDACTED

Re: Malware attacks

TwinHeadedEagle

Re: Malware attacks