Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I had AV 2010, Fixed but had/have issues after removal.


  • This topic is locked This topic is locked
7 replies to this topic

#1 jall65

jall65

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:08:32 AM

Posted 11 October 2010 - 01:47 PM

My laptop browsers (IE and Mozilla) was re-directing. After I closed my browser I got a pop up saying AV 2010 was telling me I was infected, Without out touching that pop up I shut down immediately and restarted in safe mode and tried to do a restore and all the restore points were gone.. I then tried to open malwarebytes to do a scan and it would not let me open the program. I then scanned with super antispyware and it removed some spyware. I restarted the computer and then opened the malwarebytes program to load and update and got MBAM_ERROR_UPDATING (12007,0,WinHttpSendRequest) message.
After uninstalling and using the Mbam clean utility I was still getting the error code. After further searching I found out that my router may have been hacked. Sure enough the router settings were changed. I changed them back to the original numbers and changed my router password. I finally got malwarebytes to update and remove rouge trojans.

Is there someone can give me some suggestions as to a scanner utility to use and to see if my system was cleaned? Malwarebytes and super antispyware gave me a clean scan after removal but I wanted to make sure this thing was gone.
Thanks,
jalls5

Edited by jall65, 11 October 2010 - 01:50 PM.


BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:02:32 PM

Posted 12 October 2010 - 06:18 PM

Can you post the logs from the scans?

#3 jall65

jall65
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:08:32 AM

Posted 12 October 2010 - 07:35 PM

Can you post the logs from the scans?



Sorry, I cannot. I had to uninstall then reinstall malwarebytes to get it to load and I lost the logs. I deleted the super anti spyware log while I was cleaning my desktop. I thought it was from a previous scan and realized that i had screwed up.

But if I may ask, What could have changed or how could it have changed my DNS address?

#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:02:32 PM

Posted 12 October 2010 - 08:54 PM

You are probably still infected if you got that error.

Do you share a house with someone?

#5 jall65

jall65
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:08:32 AM

Posted 13 October 2010 - 08:43 AM

You are probably still infected if you got that error.

Do you share a house with someone?



No, But I do have 3 computers in my house that share the router plus my niece that lives next door that I let her have access too. I scanned her computer and it came up clean. All the computers using my router had problems with very slow internet service but since I've changed the dns address and password (network key as well as router log on password) I was able to update the malwarebytes. The infected laptop has been working good since cleaning and the wireless router reconfiguring, The other computer are working normal so far.

I guess I was being a bit paranoid since something chanced the dns address. You probably could close this topic until I experience future problems. I didn't give the AV 2010 full access with me shutting down my computer and running the tools that BleepingComputer.com provides in its self help guide.

Like I said earlier I probably was being paranoid but I want to thank you very much for your time.
jall65.

#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:02:32 PM

Posted 13 October 2010 - 11:51 AM

The Fake AV's and what not that are out there are very clever they can download files to your computer and execute them. I would still make sure that you are clean by doing the following:

Please follow the instructions in ==>This Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

#7 jall65

jall65
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:08:32 AM

Posted 13 October 2010 - 04:40 PM

Thank you cryptodan for your patience and I really appreciate your help. Here is the thread with the requested log files. http://www.bleepingcomputer.com/forums/topic353483.html

Thanks,
jall65

#8 hamluis

hamluis

    Moderator


  • Moderator
  • 55,735 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:32 AM

Posted 13 October 2010 - 06:55 PM

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the logs you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on, the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another Malware Removal Team member is already assisting you and not open the thread to respond.

To avoid confusion, I am closing this topic.

Louis




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users