Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Apparently I have 500+ trojans


  • Please log in to reply
1 reply to this topic

#1 Machan

Machan

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:27 AM

Posted 23 June 2009 - 04:26 PM

Hey guys. I came home from work one day only to have my mom tell me about how there's a ridiculous amount of viruses on the computer. Thinking it was nothing, I went over and saw a screen that said there were a combined total of over 500 trojans infecting the computer. I didn't get a good look at that screen before I switched over to my username (since it's the admin), but my mom said something about scanning for viruses with norton not doing much (I can't remember if she said that the remove option wasn't working or if it didn't detect anything). When she tried to restart, a warning message would pop up saying that if they restarted, something will happen (I don't know what she was talking about; the point being that there was something there dissuading her from restarting the computer). During this time, the computer was really slow, on all user profiles. I switched over to my user profile and tried doing a system restore, which ultimately failed. After rebooting, it gave me an error saying that the system could not be restored to the specified point. Afterwards, I just unplugged the internet and began to scan using norton internet security, super anti-spyware and malwarebyte's anti-malware. All of these said there were absolutely no threats. Now it just seems fine, there's no slowness, no error messages, no threat detection. Anyone know what could be wrong? If more information is needed, please let me know, but as of now this is all I can remember.

BC AdBot (Login to Remove)

 


#2 Zllio

Zllio

  • Members
  • 1,107 posts
  • OFFLINE
  •  
  • Local time:09:27 AM

Posted 26 June 2009 - 11:38 AM

Hi Machan,

The symptoms sound like that of a rogue malware program trying to get you to buy some of their software. Sometimes if you've deleted your temporary files before you shut down the computer, those programs don't have a chance to get going in your computer. It might be something like scareware.

If you don't have a cleaner installed on your computer, please do the following:


Please download ATF Cleaner by Atribune & save it to your desktop.
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main "Select Files to Delete" choose: Select All.
  • Click the Empty Selected button.
  • If you use Firefox browser click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera browser click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.
Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".[/indent]



Then, you might want to do one of the following online scans which pick up the odd thing here or there that the others miss. These will not interfere with your resident antivirus (Norton).


Note: You must use Internet Explorer with ActiveX enabled to use these two scans.


BitDefender Online Scan


Please run a BitDefender Online Scan

  • Click I Agree to agree to the EULA.
  • Allow the ActiveX control to install when prompted.
  • Click Click here to scan to begin the scan.
  • Please refrain from using the computer until the scan is finished. This might take a while to run, but it is important that nothing else is running while you scan.
  • When the scan is finished, click on Click here to export the scan results.
  • Click-on the Detected Problems tab. Then select Click here to export the scan report
  • When the window comes up to save the report, change the Save as type box to Text (Tab Delimited) (*.txt)
  • Then in the File name box enter bdscan then click save.
  • Please upload this file with your next post as an attachment, or post the contents of the file into a code box. To do this, simply paste the contents of the file into your Add Reply box (do not use quick reply) and then highlight just those contents and click on the button five over from the smiley face beneath the fonts which is called Wrap in code tags. You can only see this if you allow your mouse to hover over that button.




Panda Active Scan

Panda Active Scan 2.0
(please use this scanner instead of any other scanner!)

- Once you are on the Panda site click the Scan your PC button
- A new window will open...click the Check Now button
- Enter your Country
- Enter your State/Province
- Enter your e-mail address and click send
- Select either Home User or Company
- Click the big Scan Now button
- If it wants to install an ActiveX component allow it
- It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
- When download is complete, click on Local Disks to start the scan
- When the scan completes, if anything malicious is detected, click the See Report button
- Save Report and save it to a convenient location.
Post the contents of the Panda scan report together with a new hijackthislog.



If the two scans find anything, please post the logs.

Let me know how this went?
Zllio





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users