Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

malware/spyware that antivirus can't get rid of


  • Please log in to reply
5 replies to this topic

#1 merecon5

merecon5

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:51 AM

Posted 14 September 2010 - 06:37 AM

My computer keeps popping up a new browser window with annoying bogus ads. It happens with IE and Firefox. AVG and Malwarebytes are both updated and can't find this thing.
Also from a google search page it goes to a bogus search website instead of to whatever link I click on.
Help!

Edited by hamluis, 14 September 2010 - 07:33 AM.
Moved from XP forum to Am I Infected ~ Hamluis.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,954 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:51 AM

Posted 14 September 2010 - 10:38 AM

Please post the results of your last MBAM scan for review (even if nothing was found).

To retrieve the Malwarebytes Anti-Malware scan log information, launch MBAM.
  • Click the Logs Tab at the top.
    • The log will be named by the date of scan in the following format: mbam-log-date(time).txt
      -- If you have previously used MBAM, there may be several logs showing in the list.
  • Click on the log name to highlight it.
  • Go to the bottom and click on Open.
  • The log should automatically open in notepad as a text file.
  • Go to Edit and choose Select all.
  • Go back to Edit and choose Copy or right-click on the highlighted text and choose Copy from there.
  • Come back to this thread, click Add Reply, then right-click and choose Paste.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Logs are saved to the following locations:
-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs
-- Vista, Windows 7, 2008: C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs



Please follow these instructions: How to remove Google Redirects or the TDSS, TDL3, Alureon rootkit using TDSSKiller
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • When the program opens, click the Start Scan button.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure is selected, then click Continue > Reboot now to finish the cleaning process. <- Important!!
    Note: If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection.
  • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
-- For any files detected as 'Suspicious', get a second opinion by submitting to Jotti's virusscan or VirusTotal. In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 merecon5

merecon5
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:51 AM

Posted 14 September 2010 - 07:47 PM

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4611

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

9/13/2010 7:55:32 PM
mbam-log-2010-09-13 (19-55-32).txt

Scan type: Quick scan
Objects scanned: 182387
Time elapsed: 10 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,954 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:51 AM

Posted 14 September 2010 - 08:48 PM

Now continue with the instructions to use TDSSKiller.exe.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 merecon5

merecon5
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:51 AM

Posted 14 September 2010 - 09:19 PM

thanks! i did it, so far so good.

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,954 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:51 AM

Posted 15 September 2010 - 06:24 AM

A log file named TDSSKiller_version_date_time_log.txt should have been created and saved to the root directory (usually Local Disk C:).
Copy and paste the contents of that file in your next reply.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users