Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected With Fake UAC


  • This topic is locked This topic is locked
1 reply to this topic

#1 Ordo

Ordo

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:36 PM

Posted 02 June 2009 - 10:21 PM

Hi all,

First time posting, but I've been a constant researcher of the bleeping computer forums for working resolutions to the more irritating infections that I get.

So here is my main problem, I cannot get rid of these fake UAC registry entries. I can clean out the majority of the files, but there is one lingering file+the registry entries that are proving to be a pain to remove.

There are other infections, however they are easily removed when you disconnect the internet and run mbam and SAS with all but three of the options checked "close browser" "scan for tracking cookies" and one other option that escapes me.

If I try to run mbam either renamed or otherwise with the internet connection in tact, all it does is linger in task manager. Renaming SAS is how I was able to run that, however currently if I leave an internet connection active and I run the cleanup, DCOM causes the system to shut down.

Also, on startup, there is an iexplore.exe window that lingers in task manager, and it keeps poping up. With that, IE won't save settings either, every time I run it, it's like it was never run before. Also I'm told that there are popup windows that appear while browsing.

Initially the issue was Win PC Antivirus 2009, there is a lingering presence of it, but it seems that the UAC is the base of the problem as that is the only part I'm unable to remove fully.

A couple of details before the log, windows firewall is not enabled as I am doing the cleaning remotely for the most part. And I did not generate a DDS report. However I have a GMER log which is attached.

Any help you can provide is much appreciated!

Attached Files



BC AdBot (Login to Remove)

 


#2 Ordo

Ordo
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:36 PM

Posted 07 June 2009 - 01:15 PM

This can be closed, I was able to clean it up.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users