Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infection suspected


  • Please log in to reply
1 reply to this topic

#1 Chuck Q

Chuck Q

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:29 AM

Posted 03 October 2010 - 07:15 AM

Dear,

I'm logging this case for my dad as a matter of fact. He called me stating his computer was acting strange with several kind of workbar-pop-ups and that he all of a sudden wasn't able anymore to surf on the internet.

Now, I know - and you should know this too - that my dad doesn't have a clue about what he's doing on his computer for 95% of the time... He's just looking around on the internet for info, installing programs he will never end up using, etc... He doesn't understand a word of English either and he has developped the nasty habbit to click on "yes" as an answer towards any question that might pop up, whether it is a system question, application question or question which pops up while browsing the internet... I already tried to talk him out of that but without success alas.

I ended up having to clean out his computer already on several occasions but so far without any serious harm, just untill now. When he reported the symptoms of this one, I got a bit worried.

He told me he had very frequent warnings about virus and malware by an application called Remote Antivirus IS. Strange as he's running Avast... Whenever he tried to "clean" one of the reported files, he would be transferred to a screen where he would need to buy the full application. Whatever he would click on that page, there was no reaction.

He was also unable to browse the internet with his IE client.

When I arrived, I first executed the steps in the tutorial here. In attach you can find back the logs. I then verified his IP stack: IP address was available, first address of his router network with router set as gateway. I was able to perform a dns query and ping url's.

So according to me he has problems with malware which is "hiding" behind this unknown virus scanner software, possibly he has problems using his IE but the connectivity towards the internet seems ok to me.

Anybody got any idea what might cause this issue ?

Your feedback is highly appreciated !

Br,

Chuck Q

Attached Files



BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,651 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:01:29 AM

Posted 09 October 2010 - 02:55 PM

hi Chuck Q


Sorry for the delay. The logs are a few days old. If you still need help post back.

How Can I Reduce My Risk to Malware?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users