« previous next »
Pages: [1]   Go Down

Author Topic: Help with OTL and virus  (Read 2138 times)

0 Members and 1 Guest are viewing this topic.

abaek5

  • Guest
Help with OTL and virus
« on: October 01, 2013, 03:38:12 AM »
Hoping for some help with an infection I seem to have picked up.  Ran Avast with boot scan, that fixed some problems.  Have a Sirefef and other issues, I'm guessing a rootkit problem?  I'm also getting an error with MsMpRes.dll saying Error: Incorrect Function (after Avast scan).  I suspect my main issue is with the ZeroAccess registry entries...My OTL log is attached (too long to insert):

Thanks in advance!
Logged

Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5604
  • Spartan Warrior
Re: Help with OTL and virus
« Reply #1 on: October 01, 2013, 05:33:48 AM »
    hi abaek5,

    Thanks for the OTL log.  You were correct to attach the log, 'tis how we do things.   ;)

    Please see this link: 
http://forum.avast.com/index.php?topic=53253.0

Please download and run the following programs:
  • AdwCleaner
  • Malwarebytes
  • aswMBR.exe
Ok to quarantine and remove anything AdwCleaner and Malwarebytes find.  Do not run a fix with aswMBR.exe however, log is needed only.  Attach all three new logs in your next reply.  A certified malware expert will be notified when logs are attached.
[/list]
« Last Edit: October 01, 2013, 05:38:07 AM by mchain »
Logged
Windows 10 Home 64-bit 22H2 Avast Premier Security version 24.1.6099 (build 24.1.88821.762)  UI version 1.0.797
 UI version 1.0.788.  Windows 11 Home 23H2 - Windows 11 Pro 23H2 Avast Premier Security version 24.2.6105 (build 24.1.8918.827) UI version 1.0.801

abaek5

  • Guest
Re: Help with OTL and virus
« Reply #2 on: October 01, 2013, 04:17:13 PM »
Thanks for your help!  I've attached the following logs:

- ADW
- aswMBR
- Malwarebytes from yesterday (found a few items, now quarantined)
- Malwarebytes from today (showed clean)
- jpg of the items in the quarantine list (is there any reason I would leave them quarantined as opposed to deleting?)

Thanks again!
Logged

abaek5

  • Guest
Re: Help with OTL and virus
« Reply #3 on: October 01, 2013, 04:18:15 PM »
jpg of quarantined items here, couldn't attach to last post
Logged

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Help with OTL and virus
« Reply #4 on: October 01, 2013, 08:22:14 PM »
Hi you did not run the full OTL scan so that I could check for reparse points, anyhow I will run a separate programme for that

Please download Farbar Recovery Scan Tool and save it to your Desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from. 
  • Please attach the log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Logged

abaek5

  • Guest
Re: Help with OTL and virus
« Reply #5 on: October 01, 2013, 10:56:44 PM »
FRST and Addition logs are attached.  Thanks again
Logged

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Help with OTL and virus
« Reply #6 on: October 01, 2013, 11:13:19 PM »
Download the attached fixlist.txt to the same location as FRST
Run FRST as before and press fix
A log will be generated, please post that and an update on how the computer is behaving
Logged
Pages: [1]   Go Up
« previous next »