BleepingComputer.com: Win 7 Security Issue

Jump to content

Forum Guidelines

Posted Image Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help


Posted Image Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient.


Posted Image DO NOT RUN ComboFix unless requested to.


Posted Image Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.


Posted Image When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.


Posted Image Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
  • 8 Pages +
  • « First
  • 6
  • 7
  • 8
  • You cannot start a new topic
  • This topic is locked

Win 7 Security Issue

#106 User is offline   m0le 

  • I know the drill!
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Instructor
  • Posts: 29,133
  • Joined: 24-July 08
  • Gender:Male
  • Location:London, UK

Posted 14 March 2012 - 06:04 PM

Which firewall do you have?
If I have helped you fix your PC then please donate. Thanks

Posted Image
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)

#107 User is offline   mcrugger 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 62
  • Joined: 21-December 11

Posted 14 March 2012 - 06:08 PM

The one that came with Windows 7, under the control panel.

#108 User is offline   m0le 

  • I know the drill!
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Instructor
  • Posts: 29,133
  • Joined: 24-July 08
  • Gender:Male
  • Location:London, UK

Posted 14 March 2012 - 06:48 PM

Before we look into further fixes for the firewall service could you run MBAM and SAS to make sure a remnant of malware is blocking the reset

Please download Posted Image Malwarebytes Anti-Malware and save it to your desktop.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application or, if you are using Vista, right-click and select Run As Administrator on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware

  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
    If MBAM won't update then download and update MBAM on a clean computer then save the rules.ref folder to a memory stick. This file is found here: 'C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware' then transfer it across to the infected computer.
  • On the Scanner tab:
    • Make sure the "Perform Full Scan" option is selected.
    • Then click on the Scan button.

  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes, they may alert you after scanning with MBAM. Please permit the program to allow the changes.


And

Download Superantispyware
  • Load Superantispyware and click the check for updates button.
  • Once the update is finished click the scan your computer button.
  • Check Perform Complete Scan and then next.
  • Superantispyware will now scan your computer and when its finished it will list all the infections it has found.
  • Make sure that they all have a check next to them and press next.
  • Click finish and you will be taken back to the main interface.
  • Click Preferences and then click the statistics/logs tab. Click the dated log and press view log and a text file will appear.
  • Copy and paste the log onto the forum.

If I have helped you fix your PC then please donate. Thanks

Posted Image
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)

#109 User is offline   mcrugger 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 62
  • Joined: 21-December 11

Posted 15 March 2012 - 08:57 AM

Here you go. Please ignore all the porn on the spyware log, I.... swear it wasn't me

Attached File(s)


#110 User is offline   m0le 

  • I know the drill!
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Instructor
  • Posts: 29,133
  • Joined: 24-July 08
  • Gender:Male
  • Location:London, UK

Posted 15 March 2012 - 07:26 PM

They are both malware-free. Please uninstall Webroot and install a different antivirus, just for testing a free version such as Avast or Antivir are good, and then try and start the firewall.
If I have helped you fix your PC then please donate. Thanks

Posted Image
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)

#111 User is offline   mcrugger 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 62
  • Joined: 21-December 11

Posted 17 March 2012 - 01:37 PM

Uninstalled webroot and installed Avast but the Windows Firewall still won't turn on, it gives that same error code.

#112 User is offline   m0le 

  • I know the drill!
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Instructor
  • Posts: 29,133
  • Joined: 24-July 08
  • Gender:Male
  • Location:London, UK

Posted 17 March 2012 - 08:03 PM

I believe that this is beyond repair now, mcrugger.

Please back up your files and reinstall the operating system. I'm sorry I couldn't get your system back to full working order on this occasion.

Do you have any questions for me?
If I have helped you fix your PC then please donate. Thanks

Posted Image
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)

#113 User is offline   mcrugger 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 62
  • Joined: 21-December 11

Posted 18 March 2012 - 01:25 PM

Drats. How do I go about doing that? I have the hard drive from my old computer I could use, but I don't know if I have the Windows 7 disk my computer came with.

#114 User is offline   m0le 

  • I know the drill!
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Instructor
  • Posts: 29,133
  • Joined: 24-July 08
  • Gender:Male
  • Location:London, UK

Posted 18 March 2012 - 07:09 PM

Okay, you shouldn't need a disk but you need a way to back up your files. a CD-ROM, an external hardrive or a USB works well. Insert the media and transfer the files to the media's storage folder. Let me know if you need more help with this.

From Microsoft's website

Quote

You can reinstall Windows 7 using Recovery in Control Panel, under Advanced recovery methods. This method reinstalls Windows 7, either from a recovery image provided by your computer manufacturer, or from your original Windows 7 installation files. You need to reinstall all of the programs that you added, and restore all of your files from a backup.



OR.... :)

An alternative to this (and if you are unsure of reinstallation it may be safer) would be to leave the Windows firewall disabled and download and install a free third party firewall.

Here are some good free recommended firewalls to choose from:


If I have helped you fix your PC then please donate. Thanks

Posted Image
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)

#115 User is offline   m0le 

  • I know the drill!
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Instructor
  • Posts: 29,133
  • Joined: 24-July 08
  • Gender:Male
  • Location:London, UK

Posted 22 March 2012 - 08:01 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
If I have helped you fix your PC then please donate. Thanks

Posted Image
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)

Share this topic:


  • 8 Pages +
  • « First
  • 6
  • 7
  • 8
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users