Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Antivirus Malware


  • Please log in to reply
2 replies to this topic

#1 steelermike

steelermike

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:40 PM

Posted 07 March 2010 - 04:14 PM

Hello,

My computer was hit by a piece of malware presenting itself as Microsoft Antivirus Software. It tells me that my computer is infected and immediately starts a search that identifies a bunch of problems. Then, it directs me to a screen that allows me to buy the software to get rid of the problems. Everytime I tried to open a program, I would receive a message informing me that this program was infected, and it stopped the program from opening. Everytime I tried to go on the Internet, this malware re-directed me to their ordering webpage. I could not start anything on my computer!

I called a friend who suggested downloading the ComboFix program, so I accessed another computer and downloaded the program onto a USB drive. Then, I ran it on my computer from the USB drive using the "Run" utility. It actually took several tries to run the program, because the malware would intervene and shut the program down before it got a chance to start. I did run ComboFix to conclusion. Then I noticed that my computer started locking up after 2-3 hours of use. It didn't seem to be program specific. My computer froze up on a variety of programs ranging from Outlook to Word to Internet Explorer.

Since that time, I have downloaded Ad-Aware and EMSISoft programs to try and scan my computer for problems. Both programs found a lot of problems, but my computer still locks up after a few hours of operation. It seems that whatever was loaded on my system is still there somewhere. It may be indentified in your existing list of viruses, but I did not recognize any of those names.

Any help would be appreciated.

Edited by Orange Blossom, 07 March 2010 - 04:18 PM.
Move to AII. ~ OB


BC AdBot (Login to Remove)

 


#2 Sashacat

Sashacat

  • Members
  • 372 posts
  • OFFLINE
  •  
  • Local time:03:40 AM

Posted 08 March 2010 - 11:00 AM

Hello :thumbsup:

Please note the warning in blue text at the top of this page:
"ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer."

Run ATF Cleaner:
http://www.atribune.org/index.php?option=c...5&Itemid=25
Instructions on web page.

Read this topic in its entirety
(including the Troubleshoot section, proxy settings, and use of Rkill):
How to use Malwarebytes' Anti-Malware to scan and remove malware from your computer
Posted by Grinler on February 16, 2010

http://www.bleepingcomputer.com/virus-remo...alware-tutorial

Run Rkill:
http://www.technibble.com/rkill-repair-tool-of-the-week/
"Rkill is a small, freeware and portable tool designed to terminate active malware processes allowing you to use other removal tools. Rkill is made by a Microsoft MVP “Lawrence Abrams” and is available in 4 different extensions. An .EXE, .COM, .SCR and a .PIF file.
The reason why Rkill comes in 4 different versions is because some malware will block .EXE files in an attempt to prevent you from running other malware removal tools, so this gets around that problem."


Immediately after running Rkill, scan with Malwarebytes'.
(Make sure you UPDATE Malwarebytes' before scanning.)
Reboot after scanning with Malwarebytes'.

- - - - - - - - - - - - - - - - - - - - - - - - - - -

Outdated programs can let "bad things" into your computer.

Do you have all the Windows Updates ? (for security vulnerabilities)

Do you have the most recent version of Adobe Reader?
See article on the main page of this site:
Adobe issues updates to Reader and Acrobat to address critical vulnerabilities
http://www.bleepingcomputer.com


Do you have the most current Java ?
Go to:
http://www.java.com/en/
Click "Do I have Java" (under the big red button).
It will tell you if you have the most current Java.

- - - - - - - - - - - - - - - - - - - - - - - - - - -

Please reply back with the Malwarebytes' scan results, for an official staff member to help you with.
Copy/paste the ENTIRE CONTENTS of the scan results log into your next reply.

Just to let you know, I am not authorized to help with logs:
"only trained members of the following groups: Malware Response Team, Malware Study Hall Senior, Moderators or Administrators are allowed to help people with logs. "
source: http://www.bleepingcomputer.com/forums/t/126946/a-reminder-to-our-members-regarding-malware-logs/

Also, please specify what, if any, symptoms you are still experiencing.
If we don't change the direction we are going,
We are likely to end up where we are headed.

#3 steelermike

steelermike
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:40 PM

Posted 09 March 2010 - 11:37 AM

Sashacat,

Thanks for your suggestions. I understand your comment about ComboFix. I will try your suggestions and send the malwarebytes information in. The only symptoms I am currently experiencing is a slow computer that freezes after it has been running for approximately 2-3 hours. The only way I have found to recover is to manually yurn off power to the computer and restart. If there is a more effective/less drastic method to restart/unfreeze Windows, I would be interested in hearing about it.

Again, thanks for your response.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users