Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I'm Infected Need Help A.s.a.p. Please


  • This topic is locked This topic is locked
7 replies to this topic

#1 bongripper

bongripper

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redlands, California
  • Local time:09:57 AM

Posted 17 November 2007 - 06:39 PM

I just recently contracted a virus of some sort. I have screenies of what it looks like. I am scared and dont know what to do. I cant click anything on my desktop and i keep getting popups for antivirus software that i keep closing and not continuing. Please help!

Posted Image

BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:57 PM

Posted 17 November 2007 - 06:54 PM

Removal instructions in link below.
http://www.bleepingcomputer.com/forums/t/98811/how-to-remove-ultimate-defender-removal-instructions/

Follow up with SAS. It will remove the malware that accompanies the Smitfraud malware.
Install Super Antispyware free. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

Please let us know the results.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 bongripper

bongripper
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redlands, California
  • Local time:09:57 AM

Posted 18 November 2007 - 08:47 PM

i followed the removal instructions. it keeps coming back ive repeated it 3 times now and it always comes back what do i to?

#4 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:57 PM

Posted 18 November 2007 - 08:57 PM

If you haven't run SAS, do that. It will remove Smitfraud as well.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 bongripper

bongripper
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redlands, California
  • Local time:09:57 AM

Posted 18 November 2007 - 09:06 PM

i followed all the directions of that guide. i also went as far as to run SAS, AD-Aware 2007, spybot s&d, AVG free, crap cleaner and adding spyware blaster.

i used smitfraud and removed the hijackthis lines like the guid said, even defragged and disk cleanup.

still finds its way back to my computer im desperate here

(all those were ran in safemode too)

Edited by bongripper, 18 November 2007 - 09:08 PM.


#6 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:57 PM

Posted 18 November 2007 - 09:18 PM

I just checked and SAS's last update was Friday. So they will probably update again tomorrow. You can post a Hijack This log
in the Hijack This Forum. Do Not post the log in this forum. The directions are in the link below. Since you have done the preliminary scanning, just follow the links to download HJT and post the log in the HJT Forum.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

The malware you have is constantly changing file names, etc. to fool the security programs so they are always playing catchup.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 bongripper

bongripper
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redlands, California
  • Local time:09:57 AM

Posted 18 November 2007 - 09:18 PM

here are other screenies of the infection:

Posted Image

Posted Image

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,602 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:57 PM

Posted 19 November 2007 - 10:56 AM

I see your hijackthis log is posted here and you are already getting assistance.

From this point on the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

To avoid confusion, I am closing this topic.

Thanks for your cooperation and good luck with your log.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users