Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Malware Or Virus?

  • Please log in to reply
1 reply to this topic

#1 Eabs


  • Members
  • 1 posts
  • Local time:01:42 PM

Posted 18 June 2009 - 04:06 AM


My computer has seemed to have got infected with something. I am able to browse the internet except when I attempt to go to a antivirus or anti-malware site.

I have Malwarebytes installed as well as ESET NOD32 Antivirus installed and I was first aware that I have a problem when bot programs would not update automatically or manually. I also have the TeaTimer component of SpyBot and now am getting popups from it asking if I want a particular program to run at startup.

I have run a ful Malwarebytes scan in safemode and have deleted around 23 infections and rebooted the computer and most have returned.

Please help since I am at wits end and don't want to reformat my computer.

Many Thanks

BC AdBot (Login to Remove)


#2 MalwareMutilator


  • Members
  • 931 posts
  • Gender:Male
  • Local time:07:42 AM

Posted 18 June 2009 - 08:14 AM

Hello Eabs, :flowers:

My name is MalwareMutilator (MM for short). Welcome to Bleeping Computer. :thumbsup:

When infections return after a MBAM scan and repair have been performed, it usually indicates that a more serious (or stubborn) infection is present. I will offer you as much help as is possible in this forum, but I first I need to point out a few facts:
  • MBAM works best when run in normal mode . . . not in safe mode.
  • Prior to running MBAM you should first disable TeaTimer:
Now, please follow these steps:

Step 1:

TeaTimer works by preventing ANY changes to the system. It will attempt to undo any fixes we run, because it blocks these fixes from running.
In order to safeguard your system from problems that can be brought on by a half finished fix, we need to disable TeaTimer. We can reenable it when we're done if you like.
  • Open SpyBot Search and Destroy by going to Start -> All Programs -> Spybot Search and Destroy -> Spybot Search and Destroy.
  • If prompted with a legal dialog, accept the warning.
  • Click Posted Image and then on "Advanced Mode"
    Posted Image
  • You may be presented with a warning dialog. If so, press Posted Image
  • Click on Posted Image
  • Click on Posted Image
  • Uncheck this checkbox:
    Posted Image
  • Close/Exit Spybot Search and Destroy
Step 2:

Please download Malwarebytes Anti-Malware (v1.38) and save it to your desktop.

alternate download link 1
alternate download link 2

If you have a previous version of MBAM, remove it via Add/Remove Programs and download a fresh copy.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:

    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself.

  • Press the OK button to close that box and continue.

  • If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and Scan in progress will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say The scan completed successfully. Click 'Show Results' to display all objects found.
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Please save the contents of that report as it will needed with your next reply. Now, exit MBAM.
Step 3:
  • Reboot your computer normally.
  • Run another Quick Scan of your system using MBAM. Do NOT allow it to fix any problems that it finds.
  • Save that log using a different name.
After you have complete all of the above steps, please furnish both of the MBAM logs along with your next reply.



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users