Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

A few leftover's that I can't seem to shake??


  • Please log in to reply
1 reply to this topic

#1 Danny08053

Danny08053

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ
  • Local time:01:51 PM

Posted 06 December 2009 - 09:34 PM

I got some kind of malware last week. I kept getting tons of pop-ups, which never bothered me before, and other things. One of those fake anti-spyware sites that took over my computer till I shut it down, etc.

So in the past week I have done the following:

I ran Stinger, Ad-Aware, Malicious Removal Tool, CC Cleaner, Housecall, HS Remove, cwshredder, Kill2Me, all of which found nothing, and did a System Restore which had no effect..

Then I ran Malwarebytes and Stopzilla both of which found some Trojans, Malwares, Ad cookies etc and deleted them. (No worms that I could see.)

Since then I still have the following problems:

When I load Firefox - before the page loads in the upper left hand corner I get the following box:

"Java Application Type Error: spElement is null." (A search of "spElement is null" on Google turns up nothing.)

When I click OK, the message box disappears and Firefox loads. Sometimes a few different pages load, Ask.Com, My * 10.Com, etc. A couple pages sometime try to load but there is a message box that says the locations couldn't be found. I click off those pages, I seem to be able to use Firefox without any further problems.

If I try and load Internet Explorer, a bunch pf pages try to load, all with the same internet address with numbers, letters, and symbols that I have never seen before (not a foreign language, but symbols which aren't on my keyboard, letters, etc) Luckily for each page that tries to load, a message box comes up that says something like: That location could not be found.

Usually it is so bad that I just click off IE and give up on using that.

Since first running MalwareBytes and Stopzilla, I have run the following:

Updated HijackThis and had it analyze the list, and nothing came back checked. I ran Updated SpyBot-Search and Destroy, Updated SuperAntiSpyware in Safe Mode, Stopzilla again, and nothing found.

I loaded SpyWareBlaster today.

I deleted Firefox and reloaded it, and I am still getting the message box before Firefox will load, and my Internet Explorer page still tries to load tons of pages for that mysterious site.

I am afraid to go on Ebay/Paypal in case there is something serious on my computer that just can't be found yet.

Also, I am pretty much a neophyte when it comes to anything like ComboFix, or Root repeal, DDs logs Etc etc, All the things that most of the folks on this site seem to take for granted.

My questions are:

Any chance that my "problems" are just leftover traces from the malware and not really a serious problem? I have run so many updated scans and they keep coming back clean...............

Since alot of these cures seems to be very technical in nature, should I hire somebody like Computer Geeks that may have alot more experience in finding/correcting these problems, or would that be a waste of money???

Maybe just keep scanning/updating till the anti-virus/anti-malware programs catches up with whatever problem I have???

I will appreciate any info you can give me and I'll try and do any instructions you might have to get to the bottom of this.

Danny

BC AdBot (Login to Remove)

 


#2 azfreetech

azfreetech

  • Members
  • 182 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Mesa, AZ
  • Local time:11:51 AM

Posted 07 December 2009 - 07:37 PM

I would do the following.....

Use Rkill to stop the rootkit processes that start when the computer comes on. Then I run the Malwarebytes and SUPERAntiSpyware. Here are some DL links for the Rkill....

LINK 1
LINK 2
LINK 3
LINK 4
Save it to your desktop and then double click to launch it (With Vista you need to right click and select run as administrator). You should see a little black window open and then close. If you see that box then it worked. If you don't see the black box then delete the file and use another download link and repeat the steps.

After running Rkill update and run MBAM. Next I would install AFT Cleaner check the box for select all and then run it.

Finally, I would run SUPERAntiSpyware. If you have more than one username then you will need to scan each user account seperately with this.

Edited by azfreetech, 07 December 2009 - 07:37 PM.

DJ Digital Gem

I gave up on computers and now I just DJ!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users