Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware, Trojans and Rootkit? Oh My!


  • This topic is locked This topic is locked
4 replies to this topic

#1 nrr

nrr

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:05 AM

Posted 26 March 2009 - 04:58 PM

Ok, so about a month ago I managed to pickup something rather nasty. I scanned with a few different free antivirus programs, trying to get the most comprehensive coverage possible and wipe it all out. They were AVG Free, A Squared Free, and Malwarebytes. Here's just a selection of some of the things that I've got quarantined from the last month of scanning with these programs...

Virus.Win32.Virtumonde!IK
Trojan.Win32.Agent!IK
Hoax.Win32.Agent.fu!A2
Trace.Registry.Blubster
Trojan.DNSChanger
Trojan.Agent
Trojan.Zlob.H
Trojan.FakeAlert
Spyware.StolenData
Trojan.Spambot
Backdoor.Bot
Rootkit.Trace
Trojan.Downloader
Rogue.Multiple
Trojan.BHO

Nice huh! I noticed that antivirus websites were being blocked in IE, especially when using my Google toolbar, and a very large amount of the infections being found were located in both the IE and Mozilla Firefox "Temp" directories, as well as my documents and settings/temp directory. I haven't even used Firefox in many months, so I imediately uninstalled it. I also deleted my IE/temp directory, and documents&settings/temp directory. After rescanning, this seemed to give my antivirus a bit of a foothold, and for the first time so far, it seemed like I was winning the battle.

Scans eventually came up clean, and while I was still suspicious, at least my laptop worked again and I can use it for the necessities.

Of course, the problem wasn't completely solved, and a couple of weeks later, it's came back. Sure enough, more scans reveal more virus stuff. This time around and friend told me about ComboFix, and the success he had using that. I run combofix, but the logfile is too tech for me to really know if it did any good or not. After combofix I scan with Malwarebytes again, which finds one infection. I scan with a new program, SUPERAntiSpyware Free (another recommended antivirus) and it seems to only find adware tracking cookies.

I do some reading and research, and remember Windows Update. I did have it turned off at one time because I thought it was clogging up system resources, but it was actually set to still download updates after prompting me. I don't remember being prompted in months about downloading any updates. Windows update seems to no be doing anything, so I try the Microsoft Update website, and now that comes up with error 0x80070002 whenever I try to used their active X update control. I look for fixes for this, but nothing works. When I manually try and download a suggested update, my computer shuts it down claiming continuing will cause damage. When I attempt to connect to Windows Live Chat Help, it fails every time. When I run services.msc, Automatic Updates is turned off, (despite Control Panel telling me that it is active,) and when I try and turn it on I get Error 2: The system cannot find the file specified.

Despite my scans coming back clean, there still seems to be something screwing with my system.

I really don't know what else to do here, which is why I'm coming you to guys. Hopefully you can help me out here and save my little laptop. I really can't afford to reformat and lose some of the really important things I have on it. Here's some system information to hopefully help you guys out some more.

Microsoft Windows Version 5.1 (Build 2600.xpsp/080413-2111 : Service Pack 3)

Dell Inspiron I6400
Intel Core2 CPU
T5600 @ 1.83GHz
987 MHz, 2.00 GB of RAM
Physical Address Extension

Thankyou for ANY help you can give me at all. I know this is a monster post, but your newbie guides say to give as much information as possible, to help you out as much as possible. I hope I haven't blabbered too much, and actually given you usefull info. Thanks again for your help and I look forward to hearing from you. :thumbsup:

BC AdBot (Login to Remove)

 


#2 darkypoo

darkypoo

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 26 March 2009 - 06:32 PM

yeah, im having the same problem, and i cant keep these 'extra' windows from popping up, even after i deleted all the intenet temp files. plus, I have this damned thing on my desktop once again where i cant change the bitmap, its locked, grr, replies please?

#3 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:05 AM

Posted 26 March 2009 - 06:40 PM

You guys should each make a post in the "Am I Infected" section of this forum....

http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/

#4 nrr

nrr
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:05 AM

Posted 26 March 2009 - 06:48 PM

Thanks Stang. Sorry for putting this in the wrong section.

#5 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:05 AM

Posted 26 March 2009 - 06:51 PM

You are welcome and that is ok, don't worry about it :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users