Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot run HiJackThis, spybot, adaware, Malwarebytes.


  • This topic is locked This topic is locked
4 replies to this topic

#1 BigBillyk

BigBillyk

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:19 AM

Posted 23 November 2008 - 02:07 AM

This notebook had antiviruspro2009 running.
I found this and removed.

I still have a red circle with white cross in the task bar that pop ups spyware detection messages.

I have tried to install all the above software with no luck! (I have also looked for Spyaxe and spyfalcon and found nothing)

If I double click the install of any of these programs nothing happens. The HDD buzzs for a moment and the popup appears telling me there is an infection again.

The browser also appears to be hijacked. Clicking the link from the search results of a google search, you are directed to anti virus or spyware sites.

Attached is the results of a month scan of the Random/random program. I hope it has some clues as to what is going on!

Thanks for your time!

Regards,

Attached Files



BC AdBot (Login to Remove)

 


#2 sundavis

sundavis

  • Malware Response Team
  • 2,708 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:19 PM

Posted 06 December 2008 - 04:48 PM

Hi,

Welcome to BleepingComputer HijackThis Logs and Malware Removal,BigBillyk. :thumbsup:
My name is sundavis, I will be helping you to deal with your Malware problems today.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times. and we are trying our best to keep up.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not, then please do the following.
The log you presented had been a few days away. It may not show what it is. In the meantime, please refrain from making any changes to your computer. and please do in the following:

Please go to Here and Download System Repair Engine by smallfrogs

  • Extract it to Desktop & double click SREng.exe to run it
  • Select 'Smart Scan' & tick "Verify the digital signature of process modules"
  • Click on the Scan button
  • Before scanning the computer, Close all browsers and other programs except SREng.
  • When finished, click on the Save Reports button & save the log to Desktop
  • If you're experiencing the problem to run SREng, please right click SREng.exe, rename it to abc.com and rerun it.
You can refer to this thread for your reference.

In your next reply, please post back SREng log. Thanks

#3 BigBillyk

BigBillyk
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:19 AM

Posted 06 December 2008 - 11:26 PM

Hello Sundavis,

Thanks for getting back to me on this. I have sorted the problem out already!
I read many other forum posts on this site and found a suggestion to re-name the SD-Fix that I couldn't install. (Or any other malware software)

This did work and let me finally run some tools. (Many times)

It looks like the red-circle pop-up messages were coming from a rootkit. SD-Fix, anti-malware, adaware, avg and house-call with trend. Finally looks like it is gone!

Thanks again for your time,

Bigbillyk

#4 sundavis

sundavis

  • Malware Response Team
  • 2,708 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:19 PM

Posted 07 December 2008 - 12:02 AM

Thanks for your feedback. Good luck!! :thumbsup:

#5 Carolyn

Carolyn

    Bleepin' kitten


  • Members
  • 2,131 posts
  • OFFLINE
  •  
  • Local time:03:19 PM

Posted 20 December 2008 - 03:17 PM

This thread will now be closed.
If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you.
Include the address of this thread in your request.
If you should have a new issue, please start a new topic.
This applies only to the original topic starter.
Everyone else please begin a New Topic.
Member of ASAP (Alliance of Security Analysis Professionals)
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users