Welcome Guest ( Log In | Register )

2 Pages V   1 2 >  
Reply to this topicStart new topic
> Aliexe Hijack Log, remove aliexe?
mag
post Jun 10 2008, 01:49 PM
Post #1


Newbie


Group: Members
Posts: 24
Joined: 10-June 08
From: Australia
Member No.: 13,835



Hey guys can you look at this please (IMG:style_emoticons/default/wink.gif)
Attached File(s)
Attached File  hijackthis.log ( 14.23K ) Number of downloads: 6
 
Go to the top of the page
 
+Quote Post
Christian
post Jun 10 2008, 03:23 PM
Post #2


Bitdefender Support
******

Group: Root Admin
Posts: 14,012
Joined: 27-January 08
From: BitDefender HQ
Member No.: 9,374



Upload this files on http://www.virustotal.com/ and leave here the test link !
QUOTE

F:\Documents and Settings\Mark Gower\Desktop\postcard.exe
Go to the top of the page
 
+Quote Post
mag
post Jun 10 2008, 03:27 PM
Post #3


Newbie


Group: Members
Posts: 24
Joined: 10-June 08
From: Australia
Member No.: 13,835



QUOTE (crysty2k5 @ Jun 11 2008, 12:53 AM) *
Upload this files on http://www.virustotal.com/ and leave here the test link !


Thanking you will do now (IMG:style_emoticons/default/biggrin.gif)


QUOTE (crysty2k5 @ Jun 11 2008, 12:53 AM) *
Upload this files on http://www.virustotal.com/ and leave here the test link !


Sorry I don't know how to find it (IMG:style_emoticons/default/rolleyes.gif) F:Documents and SettingsMark GowerDesktoppostcard.exe

This post has been edited by crysty2k5: Jun 10 2008, 05:10 PM
Reason for edit: posts merged by crysty2k5
Go to the top of the page
 
+Quote Post
Christian
post Jun 10 2008, 07:04 PM
Post #4


Bitdefender Support
******

Group: Root Admin
Posts: 14,012
Joined: 27-January 08
From: BitDefender HQ
Member No.: 9,374



Didi you check on your Desktop ?!
Go to the top of the page
 
+Quote Post
mag
post Jun 11 2008, 01:51 AM
Post #5


Newbie


Group: Members
Posts: 24
Joined: 10-June 08
From: Australia
Member No.: 13,835



QUOTE (crysty2k5 @ Jun 11 2008, 04:34 AM) *
Didi you check on your Desktop ?!


Yes I did and also used windows search to check all the drive and it found nothing (IMG:style_emoticons/default/unsure.gif)

F:\Documents and Settings\Mark Gower\Desktop\postcard.exe this is what I used in my search...
Go to the top of the page
 
+Quote Post
mag
post Jun 11 2008, 02:27 AM
Post #6


Newbie


Group: Members
Posts: 24
Joined: 10-June 08
From: Australia
Member No.: 13,835



QUOTE (mag @ Jun 11 2008, 11:21 AM) *
Yes I did and also used windows search to check all the drive and it found nothing (IMG:style_emoticons/default/unsure.gif)

F:\Documents and Settings\Mark Gower\Desktop\postcard.exe this is what I used in my search...


Update Spyware Doctor reports 5 infections of Trojan-downloader.Exemas.B and 1 infection of Win32 Backdoor.Bandok
It can remove them and if you scan again their back (IMG:style_emoticons/default/ohmy.gif)
Go to the top of the page
 
+Quote Post
Christian
post Jun 11 2008, 10:03 AM
Post #7


Bitdefender Support
******

Group: Root Admin
Posts: 14,012
Joined: 27-January 08
From: BitDefender HQ
Member No.: 9,374



Type postcard.exe in your Search !!!
Go to the top of the page
 
+Quote Post
mag
post Jun 11 2008, 10:09 AM
Post #8


Newbie


Group: Members
Posts: 24
Joined: 10-June 08
From: Australia
Member No.: 13,835



QUOTE (crysty2k5 @ Jun 11 2008, 07:33 PM) *
Type postcard.exe in your Search !!!


Thanks will do now (IMG:style_emoticons/default/wink.gif)
Go to the top of the page
 
+Quote Post
mag
post Jun 11 2008, 11:54 AM
Post #9


Newbie


Group: Members
Posts: 24
Joined: 10-June 08
From: Australia
Member No.: 13,835



QUOTE (mag @ Jun 11 2008, 07:39 PM) *
Thanks will do now (IMG:style_emoticons/default/wink.gif)


No still can't find it and searched in hidden file and folders too, also all of drive F .. (IMG:style_emoticons/default/blink.gif)
Go to the top of the page
 
+Quote Post
Christian
post Jun 11 2008, 02:33 PM
Post #10


Bitdefender Support
******

Group: Root Admin
Posts: 14,012
Joined: 27-January 08
From: BitDefender HQ
Member No.: 9,374



Your PC may contain viruses, so I suggest you to run ComboFix that will investigate and eliminate all infections it may found (if it has them in its database).

Download ComboFix from here: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Then close all running programs, including web browser, instant messenger, etc and then run ComboFix.
It will ask you whether it should start cleaning or not. Press 1 and hit Enter. Don't stop it while running. While doing this your screen may disappear but don't worry, it's a normal behaviour.

At the end ComboFix will generate a log file. Save it and post it here + another HijackThis log !
Go to the top of the page
 
+Quote Post
mag
post Jun 12 2008, 03:13 AM
Post #11


Newbie


Group: Members
Posts: 24
Joined: 10-June 08
From: Australia
Member No.: 13,835



QUOTE (crysty2k5 @ Jun 12 2008, 12:03 AM) *
Your PC may contain viruses, so I suggest you to run ComboFix that will investigate and eliminate all infections it may found (if it has them in its database).

Download ComboFix from here: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Then close all running programs, including web browser, instant messenger, etc and then run ComboFix.
It will ask you whether it should start cleaning or not. Press 1 and hit Enter. Don't stop it while running. While doing this your screen may disappear but don't worry, it's a normal behaviour.

At the end ComboFix will generate a log file. Save it and post it here + another HijackThis log !


Thanks champ (IMG:style_emoticons/default/biggrin.gif)

ok will post back as soon as it's finished ...
Go to the top of the page
 
+Quote Post
mag
post Jun 12 2008, 05:11 AM
Post #12


Newbie


Group: Members
Posts: 24
Joined: 10-June 08
From: Australia
Member No.: 13,835



QUOTE (crysty2k5 @ Jun 12 2008, 12:03 AM) *
Your PC may contain viruses, so I suggest you to run ComboFix that will investigate and eliminate all infections it may found (if it has them in its database).

Download ComboFix from here: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Then close all running programs, including web browser, instant messenger, etc and then run ComboFix.
It will ask you whether it should start cleaning or not. Press 1 and hit Enter. Don't stop it while running. While doing this your screen may disappear but don't worry, it's a normal behaviour.

At the end ComboFix will generate a log file. Save it and post it here + another HijackThis log !


Right had some trouble when Combofix rebooted windows as some programs restarted and the one causing the problem was Norton System Works stopping some scripts from Combofix from running (only doing it's job (IMG:style_emoticons/default/wink.gif) ) so I had to use task manager to shut that down..

This post has been edited by mag: Jun 12 2008, 05:12 AM
Attached File(s)
Attached File  ComboFix.txt ( 17.17K ) Number of downloads: 4
Attached File  hijackthis.log ( 13.45K ) Number of downloads: 2
 
Go to the top of the page
 
+Quote Post
Christian
post Jun 12 2008, 09:55 AM
Post #13


Bitdefender Support
******

Group: Root Admin
Posts: 14,012
Joined: 27-January 08
From: BitDefender HQ
Member No.: 9,374



The thinks look good now !


For your safety, run a system scan with Bitdefender Online && SUPERAntiSpyware (free edition) !

http://www.bitdefender.com/scan8/ie.html

http://superantispyware.com/
Go to the top of the page
 
+Quote Post
mag
post Jun 12 2008, 12:10 PM
Post #14


Newbie


Group: Members
Posts: 24
Joined: 10-June 08
From: Australia
Member No.: 13,835



QUOTE (crysty2k5 @ Jun 12 2008, 07:25 PM) *
The thinks look good now !


For your safety, run a system scan with Bitdefender Online && SUPERAntiSpyware (free edition) !

http://www.bitdefender.com/scan8/ie.html

http://superantispyware.com/


Hi again http://www.bitdefender.com/scan8/ie.html is running as we speak but it's not in a hurry, has been running over 1hr and says est 7.50hrs left (IMG:style_emoticons/default/happy.gif)
Go to the top of the page
 
+Quote Post
Christian
post Jun 12 2008, 03:30 PM
Post #15


Bitdefender Support
******

Group: Root Admin
Posts: 14,012
Joined: 27-January 08
From: BitDefender HQ
Member No.: 9,374



If you have a big HDD, please wait !

Do somethin' else, put leave BD to finish the scan !
Go to the top of the page
 
+Quote Post
mag
post Jun 13 2008, 04:36 AM
Post #16


Newbie


Group: Members
Posts: 24
Joined: 10-June 08
From: Australia
Member No.: 13,835



QUOTE (crysty2k5 @ Jun 13 2008, 01:00 AM) *
If you have a big HDD, please wait !

Do somethin' else, put leave BD to finish the scan !


Hi I did let run (IMG:style_emoticons/default/wink.gif)

It estimated the time but took 4hrs to run so half the time was ok...

The most important thing it's all clean after the scan but after reboot it's back (IMG:style_emoticons/default/angry.gif) it's in the start up reg and it was also clean after running superantispyware until the reboot too!!

superantispyware finds it and removes it and if you scan again it's back. (IMG:style_emoticons/default/angry.gif)
Go to the top of the page
 
+Quote Post
Christian
post Jun 13 2008, 08:38 AM
Post #17


Bitdefender Support
******

Group: Root Admin
Posts: 14,012
Joined: 27-January 08
From: BitDefender HQ
Member No.: 9,374



Hmmm....

Let's try this : download Malwarebytes' Anti-Malware and run a complete scan !

http://www.malwarebytes.org/

Clean all the mallware after the scan !
Go to the top of the page
 
+Quote Post
mag
post Jun 13 2008, 12:35 PM
Post #18


Newbie


Group: Members
Posts: 24
Joined: 10-June 08
From: Australia
Member No.: 13,835



QUOTE (crysty2k5 @ Jun 13 2008, 06:08 PM) *
Hmmm....

Let's try this : download Malwarebytes' Anti-Malware and run a complete scan !

http://www.malwarebytes.org/

Clean all the mallware after the scan !


Well we're winning nothing was found using Malwarebytes and now when rebooting at startup I get the windows error noise and a box appears saying windows can't find the file called ali.exe and so on.

Some of the bug is left behind here, I've added a couple of screen shots to show you (IMG:style_emoticons/default/wink.gif)

This post has been edited by mag: Jun 13 2008, 12:43 PM
Attached File(s)
Attached File  screen_shot_2.jpg ( 36.83K ) Number of downloads: 1
Attached File  screen_shot_1.jpg ( 70.54K ) Number of downloads: 1
 
Go to the top of the page
 
+Quote Post
Christian
post Jun 13 2008, 08:13 PM
Post #19


Bitdefender Support
******

Group: Root Admin
Posts: 14,012
Joined: 27-January 08
From: BitDefender HQ
Member No.: 9,374



Deactivate ali.exe from statup !

Ali.exe is a trojan !

It was deleted !

Uncheck that from startup (IMG:style_emoticons/default/wink.gif)
Go to the top of the page
 
+Quote Post
mag
post Jun 14 2008, 03:29 AM
Post #20


Newbie


Group: Members
Posts: 24
Joined: 10-June 08
From: Australia
Member No.: 13,835



QUOTE (crysty2k5 @ Jun 14 2008, 05:43 AM) *
Deactivate ali.exe from statup !

Ali.exe is a trojan !

It was deleted !

Uncheck that from startup (IMG:style_emoticons/default/wink.gif)


Hey again crysty2k5, If I uncheck it from start up it replaces it self straight away..
Attached File(s)
Attached File  b4_shot.jpg ( 34.79K ) Number of downloads: 2
Attached File  after_un_check.jpg ( 37.27K ) Number of downloads: 1
Attached File  b4_shot_2.jpg ( 67.77K ) Number of downloads: 1
Attached File  after_un_check2.jpg ( 69.14K ) Number of downloads: 1
 
Go to the top of the page
 
+Quote Post

2 Pages V   1 2 >
Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 26th November 2014 - 07:25 AM