Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antimalware doctor and BSOD


  • This topic is locked This topic is locked
7 replies to this topic

#1 YesImOtto

YesImOtto

  • Members
  • 284 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 18 April 2011 - 10:32 PM

Sigh....I'll try to explain the situation as brief as possible while my head is so dizzy... and sad.... T_T

Ok lets start.

So I have a pirated version of starcraft 2. I tried running one of the cracks called keytro. But my AVG says it is a virus. But after some research I found out that Keytro is safe. Well basically I temporarily disabled AVG, let it run, still didn't work. So I downloaded something called sandboxie (google it to find out more about it). After that......something popped up....I knew straight away it was something so bad....yes it was Antimalware Doctor....Oh my God......

So then after that I straight away ran a scan with my AVG, but all of a sudden it was BSOD!! OH MY GOD NOO! It said physical dumping memory etc.....then restarted itself.

So I tried safe mode and ran a scan with MBAM....everything was ok, infected files removed. So I used my AVG, it says something like this:

- trjoan horse agent_r.xj
- memory_000100000
- wuauclt.exe

And unfortunately even AVG cannot access it because it says "inaccessible"

And my computer is very slow now, and I am grateful just to be able to go on internet.

.....

So I am using ESET online scanner now......and the worst part is.....whenever I open windows explorer, it crashes....shows my BSOD again.....T_T

Maybe I should take it to a computer expert shop....and ask for help....oh God......what will happen to all my files... T_T

Someone.....I dont know what to say....."help" is all i can ask for..

Thank you for reading though...


EDIT: Well...I just ran TDSS Killer....and it found 1 malicious thing, I restarted...and I can open windows explorer now....but I really would love to make sure....

Will be waiting for your help, thank you....

Another EDIT: Maybe I have to do that OTL thing where it tells you what is running on my computer?

BC AdBot (Login to Remove)

 


#2 YesImOtto

YesImOtto
  • Topic Starter

  • Members
  • 284 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 25 April 2011 - 07:02 AM

Help please someone....been a week....

#3 YesImOtto

YesImOtto
  • Topic Starter

  • Members
  • 284 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 26 April 2011 - 06:48 AM

Bump

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,766 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:28 AM

Posted 26 April 2011 - 09:00 AM

The practice of using cracking tools, keygens, warez or any pirated software is not only considered illegal activity but it is a serious security risk.

Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.

trendmicro.com/vinfo

...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

Keygen and Crack Sites Distribute VIRUX and FakeAV

...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.

University of Washington spyware study

...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...they sneak malware onto your system...Where do trojan viruses originate? One of the biggest malware distributors on the Internet are serial/warez/code cracking sites.

Bad Web Sites: Malware

When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.

Before continuing, you will need to remove all cracks and keygens immediately to reduce the risk of infection/reinfection. If not, then we are just wasting time trying to clean your system. Further, other tools used during the disinfection process may detect crack and keygens so we need to ensure they have been removed.

Using these types of programs or the websites visited to get them is very likely how your computer got infected!!
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 YesImOtto

YesImOtto
  • Topic Starter

  • Members
  • 284 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 27 April 2011 - 02:46 AM

Thank you for the reply!

Yes, I have removed them straight away after I got rid of the virus lol

SO yeah, would like to know what is running in my computer. Is it fine? I heard OTL is good for it?

Well, you're the expert ;) Ill let you handle it!

THanks again quietman7!

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,766 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:28 AM

Posted 27 April 2011 - 06:44 AM

I heard OTL is good for it?

Yes OTL takes a comprehensive look at your system. Our Helps start by asking for a DDS log which is similar.

Those logs, however, are not permitted in this forum. If you want someone to take a look and review your log, please read the "Preparation Guide".
  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 7 there are instructions for downloading and running DDS which will create a Pseudo HJT Report as part of its log.
When you have done that, post your log in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team Experts. If you post your log back in this thread, the response from the Malware Response Team will be delayed because your post will have to be moved. This means it will fall in line behind any others posted that same day.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 YesImOtto

YesImOtto
  • Topic Starter

  • Members
  • 284 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 27 April 2011 - 09:27 PM

Alright, I have done the DDS and I will post in that other section of the forum.

So what do I do now, will this topic be closed?

#8 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,011 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:02:28 AM

Posted 27 April 2011 - 09:37 PM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/topic394143.html you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users