Jump to content


 

Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win 7 Anti Spyware 2011

Started by KJayne , Apr 09 2011 10:11 PM

  • This topic is locked This topic is locked
39 replies to this topic

#1 KJayne

KJayne

    Member

  • Members
  • PipPip
  • 31 posts

Posted 09 April 2011 - 10:11 PM

Hi,

So this morning I think I accidentally clicked on a random ad and I got the Win 7 Anti Spyware 2011 on my system. Everything was shut down--could not get online, or even run command prompts so I checked a couple of forums and tried the following:

-Downloaded Malwarebytes to a flash drive, tried to run it, wouldn't work.

-Downloaded Super Antispyware Portable to a flash drive, and ran it. It detected 15 files, deleted them and then I restarted. Popups from the Win 7 malware were still there.

-Tried to reboot in safe mode--got black screen (no options to select safe mode with networking, or any option for that matter), tried to delete the file in Task Manager, nothing.

-NOTHING on any of the forums worked so I downloaded the combofix file from your site and ran it. I have the log, computer seems to be working fine now. I downloaded malwarebytes and it's running on my laptop as I type this (I should probably mention that all my downloading/forum searching was done on my parents' computer since I couldn't get online with mine).

I just want to make sure that the spyware/malware rogue program etc., is gone before I start using my computer again. I've attached the log file from combofix (sorry I wasn't sure if I was supposed to only post in the log file forum or not).

Thank you to whoever has a chance to have a look!

p.s. I saw a post about disabling P2P software, I run uTorrent, should I uninstall? I don't use it too frequently.

Attached Files


 

  • BC Ads
  • BleepingComputer.com

#2 oneof4

oneof4

    Forum Addict

  • Malware Study Hall Senior
  • PipPipPipPipPipPip
  • 2,901 posts
  • Gender:Male
  • Location:The Collective

Posted 18 April 2011 - 07:22 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Please take note:

  • If you have since resolved the original problem you were having, we would appreciate you letting us know.
  • If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.
  • If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.
  • If you have already posted a DDS log, please do so again, as your situation may have changed.
  • Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


Thanks and again sorry for the delay.
Best Regards,
oneof4.

#3 KJayne

KJayne

    Member

  • Members
  • PipPip
  • 31 posts

Posted 18 April 2011 - 07:36 PM

Thank you for getting back to me!

My computer is working again after I ran combofix (as I stated above in the original posting--the log is attached in the first post). However there are some delays on start-up that I didn't have before so I worry that there is a buried problem affecting my system. I did run Malwarebytes after and it didn't detect anything.

I am running Windows 7 64 bit.
I don't have the Windows CD/DVD available as it came pre-installed on my laptop.

I've reattached the original log. Do you still need me to run the DDS.scr or DDS.pif scans?

Thanks for the info, and let me know if I have to run the scan above.

-KJayne

Attached File  ComboFix.txt   21.44K   4 downloads

#4 oneof4

oneof4

    Forum Addict

  • Malware Study Hall Senior
  • PipPipPipPipPipPip
  • 2,901 posts
  • Gender:Male
  • Location:The Collective

Posted 19 April 2011 - 02:10 PM

Yes, please run DDS and post the log in your next reply.
Best Regards,
oneof4.

#5 KJayne

KJayne

    Member

  • Members
  • PipPip
  • 31 posts

Posted 19 April 2011 - 02:23 PM

Here are the logs (DDS & the zipped Attach files). Thanks so much!!

Attached Files


#6 gringo_pr

gringo_pr

    Bleepin Gringo

  • Malware Response Team
  • PipPipPipPipPipPip
  • 120,664 posts
  • Gender:Male
  • Location:Puerto rico

Posted 23 April 2011 - 07:26 AM

Hello

My name is gringo and I will be Helping you from this point forward

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please Do not Attach logs or put in code boxes unless I tell you so.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.

If you have not done so please Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Here is the first thing I would like you to do.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

I see you have run combofix already so please delete the combofix you have on the desktop now and redownload it again

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic

Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

#7 gringo_pr

gringo_pr

    Bleepin Gringo

  • Malware Response Team
  • PipPipPipPipPipPip
  • 120,664 posts
  • Gender:Male
  • Location:Puerto rico

Posted 26 April 2011 - 02:35 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic

Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

#8 KJayne

KJayne

    Member

  • Members
  • PipPip
  • 31 posts

Posted 26 April 2011 - 06:09 PM

Hi,

I'm a little confused as to why you want me to run comboxfix again. I attached the log from the first time I ran it (it's attached to the first posting). I also ran the DDS applications as required by the other moderator and attached those logs. My computer seems to be working fine but I am noticing it's a negligible bit slower than it was previous (but that might be attributable to my internet connection). Is there no way to garner what's going on with my computer without having to run that application all over again when I already did it?

Please refer to my previous posts for the attachments. Thank you!

-Kristal

#9 gringo_pr

gringo_pr

    Bleepin Gringo

  • Malware Response Team
  • PipPipPipPipPipPip
  • 120,664 posts
  • Gender:Male
  • Location:Puerto rico

Posted 26 April 2011 - 06:28 PM

Hello Kristal

I asked for it to be rerun because it was run 6 days ago and I would like it updated and run again

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic

Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

#10 KJayne

KJayne

    Member

  • Members
  • PipPip
  • 31 posts

Posted 26 April 2011 - 06:30 PM

The combofix was run two weeks ago, the DDS was 6 days ago, which one do you want me to run?

#11 gringo_pr

gringo_pr

    Bleepin Gringo

  • Malware Response Team
  • PipPipPipPipPipPip
  • 120,664 posts
  • Gender:Male
  • Location:Puerto rico

Posted 26 April 2011 - 09:48 PM

right now run combofix and it will ask to update go ahead and let it



gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic

Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

#12 gringo_pr

gringo_pr

    Bleepin Gringo

  • Malware Response Team
  • PipPipPipPipPipPip
  • 120,664 posts
  • Gender:Male
  • Location:Puerto rico

Posted 28 April 2011 - 11:46 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic

Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

#13 KJayne

KJayne

    Member

  • Members
  • PipPip
  • 31 posts

Posted 29 April 2011 - 02:33 AM

Sorry, been busy with work, will run combofix asap and post log.

#14 gringo_pr

gringo_pr

    Bleepin Gringo

  • Malware Response Team
  • PipPipPipPipPipPip
  • 120,664 posts
  • Gender:Male
  • Location:Puerto rico

Posted 29 April 2011 - 03:57 AM

:thumbup2:

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic

Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

#15 KJayne

KJayne

    Member

  • Members
  • PipPip
  • 31 posts

Posted 30 April 2011 - 06:04 PM

Turns out it was a good thing that I waited--I got the EXACT same virus again last night, so we can just get it done in one shot. So I ran combofix again since it disabled everything (couldn't get online or run Malwarebytes). I've attached the log. Computer seems to be working fine but of course I want to doublecheck. Thanks!

Attached Files


Back to Virus, Trojan, Spyware, and Malware Removal Logs


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Virus, Trojan, Spyware, and Malware Removal Logs
  4. Privacy Policy
  5. Rules ·