File scanner log should be consisted in the page that you put as link for the file scanning. Certain file scanner site generates scanned log for users, whereas the site you use put the direct link for users for analysis.

i see... thanx..

Thanks chris

Are you still having the same problem?

WOW!! i just checked... now, i can open facebook page already! YEAY! thanks BlueWind for the help!!! thank u.... a lots......



btw, wad the problem wif my lptp actually?

There was something inside your computer making funny stuff to your host file. I just flush it away, but I do found other unwanted stuff that are not supposed to be in your computer so I had them clean up.

My only advice to you is always, I mean ALWAYS run only one anti-virus coupled with a standalone firewall, and malware scanner such as the one you have which is highly recommended to have; Malwarebytes.

There is a bit more to do. It's up to you whether you want to do it, because this is only part of follow up scan that I do routinely to make sure everything is in order. If you cannot wait for ESET to complete its scan then you can close this thread if you want. Just remember to press Clean Up button in OTL.

Re-run Malwarebytes' Anti-Malware

• Double-click MalwareBytes' (Note to Vista users, please right-click and select Run as Administrator.)
  • Go to Update tab to update Malwarebytes' Anti-Malware
• Then click Check for Updates.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform Quick Scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, and click Remove Selected.
• When completed, a log will open in Notepad. Please copy and paste the log back into your next reply

Note:

• The log can also be found here:
  C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
• Or via the Logs tab when Malwarebytes' Anti-Malware is started.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so. Failure to reboot will prevent MBAM from removing all the malware.

===================================================

ESET Online Scanner
I'd like us to scan your machine with ESET OnlineScan

Note: If you are using Windows Vista/7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.

1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
   ESET OnlineScan
2. Click the button.
3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
   1. Click on to download the ESET Smart Installer. Save it to your desktop.
   2. Double click on the icon on your desktop.
4. Check
5. Click the button.
6. Accept any security warnings from your browser.
7. Check
8. Make sure that the option "Remove found threats" is Unchecked
9. Push the Start button.
10. ESET will then download updates for itself, install itself, and begin
    scanning your computer. Please be patient as this can take some time.
11. Look for report in C:\Program Files\ESET\ESET Online Scanner\log.txt. Include the contents of this report in your next reply.
12. Select Uninstall application on close check box and push

===================================================

On your next reply please post :
MBAM log
ESET log


Let me know if you have any problems in performing with the steps above or any questions you may have.

Yeah~
I solve my problems also!
Thanks a lot!

i found a threat after using eset online scan. wad shud i do?

---

Added on July 22, 2011, 9:50 pmbtw, dis is my MBAM log


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7229

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

22-Jul-11 7:18:46 PM
mbam-log-2011-07-22 (19-18-46).txt

Scan type: Quick scan
Objects scanned: 172603
Time elapsed: 2 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

---

Added on July 22, 2011, 9:52 pmeset log


ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=fc7362219fe210448e5d51c9de7ffc6b
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-07-22 01:44:03
# local_time=2011-07-22 09:44:03 (+0800, Malay Peninsula Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 255206 255206 0 0
# compatibility_mode=5893 16776573 100 94 0 62964838 0 0
# compatibility_mode=8192 67108863 100 0 725 725 0 0
# scanned=256762
# found=1
# cleaned=0
# scan_time=7255
C:\_OTL\MovedFiles\07222011_145157\C_Windows\System32\drivers\etc\hosts Win32/Qhost trojan (unable to clean) 00000000000000000000000000000000 I


This post has been edited by lisieng: Jul 22 2011, 09:52 PM

It's a quarantined file that I nuked it earlier this afternoon. You're good to go now, unless you have any other issues.

Clean up with OTL:

• Double-click OTL.exe to start the program.
• Close all other programs apart from OTL as this step will require a reboot
• On the OTL main screen, press the CLEANUP button
• Say Yes to the prompt and then allow the program to reboot your computer.

already clean up. so that means my lptp virus free already?

Got The Same Problem Here.The Antivirus Problem Already Solved I Think,But Still Couldnt Connect To Facebook

mine ok oredi!

As far as I could tell, it's free now.

wow! thanks again... big clap!!!

BeueWind, ever encounter the FB virus that will just auto restart the Laptop when logged in, even in safe mode? 1 of my company trainee just encounter that... which I have no idea how to stop it, and she using a acer laptop that fully screwed, I dare not open it to take out the harddisk due to the laptop is quite new, zzzz. Any good tools that you can recommend that able solve the issue in dos mode mode or other boot disk?

Maybe it would be a better idea if you help her to restore to factory settings from the hidden partition in her Acer laptop.

I've been having the same issue as well. I followed the scan step you posted.but It doesnt work for me.
please help me to solve this. thanks in advance
i uploaded my OTL and Extras.  Extras.Txt ( 34k ) Number of downloads: 6
 Extras.Txt ( 34k ) Number of downloads: 6



Attached File(s)
 OTL.Txt ( 67.91k ) Number of downloads: 3

Open your own thread and PM me your link. I need to get these logs separated to avoid confusion.

I also need you to run GMER and post that in your new thread. Don't attach it. It's much easier for me.

On a second thought, copy paste the OTL log you have now in your new thread as well.

• Please download GMER from one of the following locations, and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zip Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.

• Extract the contents of the zipped file to desktop (applicable only to Zip mirror) .
• Double click or on your desktop.
• If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  
  
  
  Click the image to enlarge it
  
• In the right panel, you will see several boxes that have been checked. Uncheck the following ...
  • IAT/EAT
  • Drives/Partition other than Systemdrive (typically C:\)
  • Show All (don't miss this one)
• Then click the Scan button & wait for it to finish.
• Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
  
• Save it where you can easily find it, such as your desktop, and attach it in your reply.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

i also have this problem, what should i do?

i hv the same problem. if i reformat will it help remove the virus?

---

Added on July 23, 2011, 3:26 pmbtw i got the same virus from the facebook thing T_T

This post has been edited by art108: Jul 23 2011, 03:26 PM

I had posted as you request. blue wind