Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Nasty trojan infection and after effects.


  • Please log in to reply
1 reply to this topic

#1 keyne

keyne

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:10 PM

Posted 11 January 2010 - 12:56 PM

Hey guys. So yesterday I noticed firefox wasn't opening. Everytime I'd click it I'd get the windows message "Mozilla Firefox has stopped working."

At the time, I didn't think much of it. However, shortly after, I was immediately bombarded by pop-ups claiming I had virus infections and the like. Upon checking my processes in the Task Manager I saw settdebugx.exe. I tried opening IE because Firefox wouldn't open, and I got another windows alert saying "Internet Explorer has stopped working."

I immediately googled isettdebug.exe on another PC and all solutions pointed towards MalwareByte's Anti-Malware program. I downloaded it on the second computer and transferred it to the infected one. I tried running it, and I got "Mbam-setup.exe has stopped working."

On the Malware site, it says that certain trojans prevent the installer from running, and that all I need to do is rename the installer and run it. I did it, and it worked. It found the trojans and removed them.

However, on startup I get messages saying IE and Windows Defender have stopped working. Firefox still wont open. The message saying IE has stopped working actually pops up every 2 or so minutes.

I rescanned with Malware Bytes and it has found nothing. My system restore doesn't work (a big problem, I'm working on it), and I'm out of ideas.

I'm running 32-bit Vista on a HP Compaq 8510p laptop. I have a HijackThis log but I'm not sure if I should post it yet or not because of the rules.

Thanks for any help guys.

EDIT: After some more work and a couple more scans I found a Vundo infection and a rootkit. I removed them both using MalwareBytes, but IE, Firefox and Windows Defender will still not open. I downloaded rkill, and once I run it IE works properly, but Windows Defender still wont stat. This means that something is still infected right? Additional scans do not find anything.

Edited by keyne, 11 January 2010 - 02:36 PM.


BC AdBot (Login to Remove)

 


#2 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:05:10 PM

Posted 11 January 2010 - 04:02 PM

Welcome to BC


If you wish to post a HJT log, please follow these instructions:

Please read the pinned topic titled "Preparation Guide For Use Before Posting A Hijackthis Log". If you cannot complete a step, then skip it and continue with the next. In Step 6 there are instructions for downloading and running DDS which will create a Pseudo HJT Report as part of its log.

You will also be instructed to create a Root Repeal Log

When you have done that, post your log in the HijackThis Logs and Malware Removal forum, NOT here, for assistance by the HJT Team Experts. A member of the Team will walk you through, step by step, on how to clean your computer. If you post your log back in this thread, the response from the HJT Team will be delayed because your post will have to be moved. This means it will fall in line behind any others posted that same day.

The HJT team is very busy and it will take awhile to get to your post
Please be patient and good luck
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users