Home > Am I > Am I Infected? Cognac & B.exe In Mcconfig

Am I Infected? Cognac & B.exe In Mcconfig

Thank you! it will restart the computer a few times then clean all the shit out of it. Thank you! Anybody can ask, anybody can answer. http://interasap.net/am-i/am-i-infected-yet-again.html

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\documents and settings\user\local settings\Temp\install.exe (Trojan.Dropper) -> No action taken. Please be patient as this can take some time.When the scan completes, push Push , and save the file to your desktop using a unique name, such as ESETScan. Registry Keys Infected: HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully. http://www.bleepingcomputer.com/forums/t/313721/am-i-infected-cognac-bexe-in-mcconfig/

Once Trojan Cognac is run on the PC, it will make changes on the system especially on Windows registry. Characteristics: Trojan Cognac was made to deploy threats. Follow the prompts and install as default only. 4. HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

I will also post the second from earlier today. C:\WINDOWS\msa.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.If you do not understand any step(s) provided, please http://www.pcthreat....yid-7904en.html I don't know if you have multiple viruses or those others are just parts or clones of each other.

When done two logs should open: DDS.txtAttach.txt Save both reports to your desktop.---------------------------------------------------Post the contents of the DDS.txt report in your next replyAttach the Attach.txt report to your post by scrolling Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2AA0726C-95B7-4216-AA43-B5BDD524892F} - (no file)
No action taken. Join our site today to ask your question.

I am enclosing the log file from combofix:====================================================ComboFix 10-05-04.06 - user 05/05/2010 20:16:06.1.2 - x86Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1255.972.1033.18.2047.866 [GMT 3:00]Running from: c:\users\user\Desktop\schrauber.exeSP: Spybot - Search and Destroy *disabled* (Outdated) We do not want to clean you part-way, only to have the system re-infect itself.Please reply using the button in the lower right hand corner of your screen. Back to top #5 Dj DHoLa Dj DHoLa Authentic Member Authentic Member 24 posts Posted 09 July 2009 - 06:22 PM hey sorry for the late reply but i actually am Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers.

Please update. 6. regards, schrauber If I've not posted back within 48 hrs., feel free to send a PM with your topic link. c:\documents and settings\user\local settings\Temp\rasvsnet.tmp (Trojan.FakeAlert) -> No action taken. Thank you!

Are you looking for the solution to your computer problem? http://interasap.net/am-i/am-i-infected-or-what-help.html mode: Politics & Controversy Lifestyle & Off Topic Quick Links What's New My Profile My Content Content l Follow Community Areas User Blogs User Galleries Games Reviews Contests Code Giveaways Prices HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cognac (Trojan.FakeAlert) -> No action taken.

Click here to Register a free account now! Please login or register.Did you miss your activation email? 1 Hour 1 Day 1 Week 1 Month Forever Login with username, password and session length Forum only search News: Home Advertisement granderio Thread Starter Joined: Jul 12, 2009 Messages: 1 Hi, apparently my laptop has stumbled onto a few unsavory websites that have subsequently infected my laptop. Source Even when I try to remove in safe mode, it always comes back.

Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List Several functions may not work. c:\documents and settings\user\local settings\Temp\msb.dll (Trojan.Agent) -> No action taken.

If you accept cookies from this site, you will only be shown this dialog once!You can press escape or click on the X to close this box.

Click here to join today! C:\Program Files\Hijackthis\backups\backup-20070908-141526-622.dll (Trojan.Crypt) -> Quarantined and deleted successfully. Please go to Kaspersky website and perform an online antivirus scan. c:\documents and settings\user\local settings\Temp\install.48349.exe (Trojan.Downloader) -> No action taken.

That thing is a system hog that doesn't really do any good. "I renounce Verdukianism!" Back to top #17 dragonsho Lulz CAGiversary! 733 Posts Joined 10.1 Years Ago It is very sluggish. Contents of the 'Scheduled Tasks' folder 2009-02-17 c:\windows\Tasks\DriverCure.job - c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-01-21 05:38] 2009-06-07 c:\windows\Tasks\ParetoLogic Registration.job - c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-21 05:36] 2009-04-26 c:\windows\Tasks\ParetoLogic Update Version2.job - c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-21 have a peek here c:\documents and settings\user\local settings\Temp\3525530756.exe (Trojan.Dropper) -> No action taken.

http://www.bleepingcomputer.com/combofix/how-to-use-combofix -EZS 0 Message Active 3 days ago Author Comment by:thinktechsolutions ID: 245857672009-06-09 I did check msconfig and its not there any other suggestions thank you 0 Message Active Please download ATF Cleaner by Atribune. Any ideas how to solve that issue?Thanks,Simon Back to top #41 schrauber schrauber Mr.Mechanic Malware Response Team 24,794 posts OFFLINE Gender:Male Location:Munich,Germany Local time:10:51 PM Posted 14 June 2010 - A case like this could easily cost hundreds of thousands of dollars.

The gang focuses on the latest Nintendo Switch news, Nintendo’s portable gaming future, CheapyD’s gas problem, and so much more! Right now the computer seems to be stable, but not too long ago my computer was overrun by some of those fake virus scanners, as well as numerous random programs (Iolasdnfd.exe, Thank you! Similar Threads - msantivirus help New I need help with Windows 10 Browser issue SoraKBlossom, Jan 22, 2017 at 4:29 AM, in forum: Virus & Other Malware Removal Replies: 0 Views:

I chose to restart then, and that's when shit hit the fan. Started by Dj DHoLa , Jun 30 2009 04:27 AM Please log in to reply 5 replies to this topic #1 Dj DHoLa Dj DHoLa Authentic Member Authentic Member 24 posts Make sure you read the instructions carefully. CAGiversary! 2503 Posts Joined 9.5 Years Ago seen 100% 5 0 - - - Posted 16 July 2009 - 07:19 AM To me it does not appear you

Get 1:1 Help Now Advertise Here Enjoyed your answer? Jump to content Here is some test content Forums Games CAGcastnew! It's free. Cognac in startup configuration and cannot remove it.

regards, schrauber If I've not posted back within 48 hrs., feel free to send a PM with your topic link. How is the computer working now? -EZS 0 LVL 2 Overall: Level 2 Windows XP 1 Anti-Spyware 1 Anti-Virus Apps 1 Message Expert Comment by:adminpps ID: 245859372009-06-09 Disregard my above Short URL to this thread: https://techguy.org/842593 Log in with Facebook Log in with Twitter Log in with Google Your name or email address: Do you already have an account? It sometimes does not work within normal mode. 0 LVL 2 Overall: Level 2 Windows XP 1 Anti-Spyware 1 Anti-Virus Apps 1 Message Expert Comment by:adminpps ID: 245858972009-06-09 Well, combofix

Will have to re-boot to see if it did anything.