Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I Still Infected?


  • This topic is locked This topic is locked
1 reply to this topic

#1 tselosse

tselosse

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 22 March 2008 - 11:53 AM

Hi,

Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

I downloaded what was supposed to be a codec update and I believe IE7 was "hijacked". When opened, it immediately loaded to //secureinvites.com/ and showed a major security warning, instructing me to download all kinds of security programs, etc. to clean my system. The system tray kept popping up a "System Alert: Malware Threat" dialog box asking me to click it to download malware removal software. At first, I just cancelled, but then I was fooled by a Malwarecore site and I accepted the "fix". Things just got worse from then on. I know now that this is all fake...

Here is what I have done so far to try and fix it:
- First I uploaded the latest virus list on my Norton 360 and performed a full scan, but it found nothing.
- Then I read something about Malware on Symantec's site and turned off Systems Restore as instructed (still off at this time).
- Then I found this website and followed the instructions: cleanmgr, Ad-aware (picked up a few tracking cookies), Spybot S&D (found Virtumonde trojan, so just to be safe, I downloaded and ran Vundo Fix and Virtumondobegone fix). This got rid of the crazy pop-ups!
- Then I ran Malwarebyte's Anti Malware, which found Trojan.Zlob and Trojan.Downloader.
- I thought this was fixed and ran McAfee stinger, which did not find anything.
- But just to be safe, I then ran the Kaspersky online scan which found Trojan-Downlaoader.win32.zlob.jfl. I then add problems restarting Windows...

All I want to know is: "Am I still infected?" and if I am "What can I do to fix it once and for all?". Please help...

Edited by tselosse, 22 March 2008 - 11:58 AM.


BC AdBot (Login to Remove)

 


m

#2 TMacK

TMacK

  • Members
  • 4,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B.C. Canada
  • Local time:01:19 AM

Posted 22 March 2008 - 02:17 PM

Hi tselosse,

I see you have a HJT log posted in the HijackThis Logs and Malware Removal forum.

You shouldn't make any changes to your system, while your HJT log is posted, as that could change the results of the posted log, making it difficult to properly clean your system.
At this point, the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

If after 5 days you still have received no response, then post a link to your HJT log in the thread titled "Haven't Had A Reply In Five Days?".

This topic will now be closed, since you have an open log posted.
If you have any questions, feel free to send me a PM.
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.

aaaaaaaa a~Suzie Wagner




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users