Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"security alerts" "malware detection" and other junk


  • Please log in to reply
13 replies to this topic

#1 ltdave

ltdave

  • Members
  • 268 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 13 January 2010 - 10:17 PM

somehow i started to get "Security Center Alert" pop ups (about 6 or 7 different messages) and some trojan called Malware Defense started to self load itself. the SCA pop ups dont allow anything but "enable protection" which doesnt do anything (the Keep Blocking and Unblock buttons are inaccessible)...

i am unable to clear it with AVG 8.5. i found some OTHER malware stuff that i assume was cleared. it took about 35 minutes to run the scan...

i also get a "Web page unavailable while offline" pop up asking if i want to connect or stay offline. obviously this is fraudulent because im online on this forum. it comes on for about 10-13 seconds then blinks off. then it comes back on again...

i have SuperAntiSpyware on my computer but it wont run (SAS has encountered a problem and needs to shutdown etc). i downloaded Malwarebytes and it took a couple of attempts for it to run the setup. i got it installed but it wont run either (no start)...

some of the SCA pop ups list Virus.Win32.Hala.a, Virus.Win32.Gpcode.ak, Trojan.Win32.Agent.dcc then there is also Net-Worm.Win32.DipNet.d of course i dont even know if these are legitimate notifications. sometimes i get the balloon pop up on the system tray that says something about Chin09 or something. it doesnt stay popped up long enough to read it all...

Mozilla Firefox (latest version)
XPhome

what a colossal pain in the backside....

Edited by Pandy, 14 January 2010 - 10:20 AM.
Moved from HijackThis Logs and Virus/Trojan/Spyware/Malware Removal as no logs were included ~Pandy


BC AdBot (Login to Remove)

 


#2 trev47

trev47

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 14 January 2010 - 11:52 PM

Try the guide at http://www.bleepingcomputer.com/virus-remo...malware-defense
Let me know your results

#3 ltdave

ltdave
  • Topic Starter

  • Members
  • 268 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 15 January 2010 - 05:49 PM

okay here goes...

i tried to run malwarebytes software yesterday even downloading a new 'install' and calling it fix since i figured this crap would block the mbam.exe files from executing...

no luck...

i tried to run all of my anti-spyware software...

no luck...

i tried to run HJT so i could see what my registry values looked like...

no luck...

i search google for "remove malware defense" and got about a dozen recent hits back. they all had good methods for removing it BUT, my 'search for files and folders' came up with nothing, my 'end processes' attempt with the task manager revealed no malware defense processes (even though it continued to run), and my 'find registry values' came back with ZERO results (based on the 'fix' sites list of malware defense registry entries so i guess you could say...

no luck...

after about 16 attempts i got the computer running this afternoon after it froze up on the first boot up. on the 11th time it started but froze right away and on the last (16th?) it seems to be running properly other than the malware crap on it. i backed up all 27mb of info i had on it (most stuff was already stored on an external) and what i dont have, i can live without...

im going to attempt an F11 (its a dell vostro laptop) and reset everything to 'new from the factory' settings. ill have some programs to reload but that shouldnt be an issue. stuff like corel draw, my printer driver, ms office stuff and a couple of divx converters...

i dont know why my malwarebytes wont run. i had the same issue with my wifes computer about a year ago (maybe 10 months) and i had to do the same F11 treatment...



i hope who ever wrote this virus/trojan/malware got his rocks off because i dont know WHEN ive been this pissed off...

just for the record:

xpHome (soon to be pro)
mozilla (latest version)
AVG antivirus (8.5 or 9.0)
dont go to questionable sites

i think i got it when i downloaded a pdf for a roleplaying game for my friend from isohunt dot com

let me know if anyone has any input on resetting it to OEM...

thanks

(responded to on daughter's computer since it also blocked this site from working properly)....

#4 trev47

trev47

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 16 January 2010 - 12:08 AM

If your data is backed up a restore is a great solution. Good luck!

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:21 AM

Posted 16 January 2010 - 12:50 AM

If you cannot get DDS to work, please try this instead.

Please download RSIT by random/random and save it to your Desktop.
Note: You will need to run this tool while connected to the Internet so it can download HijackThis if it is not located on your system. If you get a warning from your firewall or other security programs regarding Rist attempting to contact the Internet, please allow the connection.
  • Close all applications and windows so that you have nothing open and are at your Desktop.
  • Double-click on RSIT.exe to start the program.
  • If using Windows Vista, be sure to Run As Administrator.
  • Click Continue after reading the disclaimer screen.
  • Leave the drop down box set to default: "List/folders created or modified in the last 1 month (30 days).
  • When the scan is complete, a text file named log.txt will automatically open in Notepad.
  • Save the log file to your desktop and copy/paste the contents into a new topic in the HijackThis Logs and Malware Removal forum, NOT here.
Important: Be sure to mention that you tried to follow the Prep Guide but were unable to get DDS to run.
If RSIT did not work, then reply back here.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 ltdave

ltdave
  • Topic Starter

  • Members
  • 268 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 16 January 2010 - 03:15 PM

If you cannot get DDS to work, please try this instead.... were unable to get DDS to run


what is DDS?

sorry to be so stupid on this but it does nothing but piss me off...

bottom feeder scum. they need to be castrated so they cant procreate...


P.S.

(responded to on daughter's computer since it also blocked this site from working properly)....


where can i get RSIT online other than here (i need a secure site) because as i posted earlier, this crap is blocking www.bleepingcomputer.com

Edited by ltdave, 16 January 2010 - 03:18 PM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:21 AM

Posted 16 January 2010 - 11:43 PM

Hi, sorry thought you would have seen HJT?DDS in the Tute.
Get it here L@@K
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 ltdave

ltdave
  • Topic Starter

  • Members
  • 268 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 17 January 2010 - 03:33 PM

okay...

my laptop could NOT access this website. it could NOT access any computer related site. it would NOT run Malwarebytes AM, CW shredder, AVG, HiJackThis, or SuperSpyWare...

i tried to run them from CD-rom NO LUCK, i tried to run them from a flash drive NO LUCK...

i attempted to use the CTRL-F11 function on Dells to restore it to OEM configuration but it is a Vostro model but they dont come with the recovery partition on the hard drive...

i tried to use my xpPro (sp3) reinstallation disc from my daughters new computer (Dell Vostro desktop) but i have no wireless, the screen has 2 choices for resolution, 800 x 600 and 1024 x 768. both of which look very crappy (quality wise) and the 1024 is so misshapened that it looks like a carnival mirror. i have the xpHome (sp2) that came with it but i dont know why i cant upgrade to Pro...

i am very very frustrated at this point...

does anyone want a dell vostro 15.4" laptop with 2gb or RAM, 250gb of HDD, CD/DVD drive running on a Core2 Duo? its going to be for sale cheap i think so i can just buy a new computer because it feels like im too dumb to figure this crap out...

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:21 AM

Posted 17 January 2010 - 04:15 PM

Things are a bit desparate here.
We may lose this machine and be forced into a reinstal.
Let's do this and see if MBAM will run after,
You need to run these off a flash drive or CD.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.
  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

    "%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt -v

  • If it says "Hidden service detected" DO NOT type anything in. Just press Enter on your keyboard to not do anything to the file.
  • When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.


Please download mbr.exe and save it to the root directory, usually C:\ <- (Important!).
  • Go to Start > Run and type: cmd.exe
  • press Ok.
  • At the command prompt type: c:\mbr.exe >>"C:\mbr.log"
  • press Enter.
  • The process is automatic...a black DOS window will open and quickly disappear. This is normal.
  • A log file named mbr.log will be created and saved to the root of the system drive (usually C:\).
  • Copy and paste the results of the mbr.log in your next reply.
If you have a problem using the command prompt, you can just double-click on mbr.exe to run the tool.

Edited by boopme, 17 January 2010 - 04:16 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 ltdave

ltdave
  • Topic Starter

  • Members
  • 268 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 17 January 2010 - 04:21 PM

Things are a bit desparate here.
We may lose this machine and be forced into a reinstal.
Let's do this and see if MBAM will run after,
You need to run these off a flash drive or CD.

* Download TDSSKiller and save it to your Desktop.



these programs do NOT want to run on my machine. see my previous post...

my laptop could NOT access this website. it could NOT access any computer related site. it would NOT run Malwarebytes AM, CW shredder, AVG, HiJackThis, or SuperSpyWare...

i tried to run them from CD-rom NO LUCK, i tried to run them from a flash drive NO LUCK...


as you can see ive TRIED NUMEROUS times to download and run a myriad of anti-bleep ware and NONE of them will run as advertised...

i have since tried to do a REINSTALL with my daughters xpPro REINSTALLATION disc. the computer originally had xpHome on it...

the REINSTALL is running for crap because there is no wireless 'card' or function, and the resolution is for CRAP...



it looks like i need to close this thread and open a new one titled MY COMPUTER DOESNT RUN RIGHT WITH REINSTALL

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:21 AM

Posted 17 January 2010 - 06:12 PM

Yes I saw the other post. I was taking a shot. I feel that yes you need to find a way to reinstall and should ask in the Operating sytem forums. This machine is to screwed to bother cleaning.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 ltdave

ltdave
  • Topic Starter

  • Members
  • 268 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 17 January 2010 - 06:14 PM

yeah, its pretty messed up...

im currently working it now with an IT guy who i can only get a hold of every once and a while...

thanks for everyones help

#13 Groffeaston

Groffeaston

  • Members
  • 518 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Easton,PA
  • Local time:06:21 AM

Posted 17 January 2010 - 08:42 PM

Hello everyone!

my suggestion is contact DELL for support, if you have not done so already. They may be able to help you,, If your computer is relatively new and still under warrenty they might be able to fix it or could possibly give you a replacement one.

Hope this helps.

#14 ltdave

ltdave
  • Topic Starter

  • Members
  • 268 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 17 January 2010 - 08:45 PM

thanks but after 20 minutes trying to navigate their website on yet ANOTHER system that needs work, i got the 'youre out of warranty, call 1-800-something for the FEE SCHEDULE to work on your computer...

thanks though!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users