Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help please! Malware Bytes, AVG, IE8, and Firewall, are all shut down.


  • This topic is locked This topic is locked
7 replies to this topic

#1 SFRS

SFRS

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:18 AM

Posted 08 October 2011 - 07:49 AM

Please let me start off by saying I am VERY computer illiterate. I can work with different programs all day, but when it comes to the technical stuff I have NO CLUE what to do. My problem... Yesterday I was surfing the net and AVG popped up and said something about a Trojan. I did what the screen told me to do and since then I have pretty much lost control of my laptop. I have a Dell Studio 1555, System: Microsoft Windows XP Provessional Version 2002 Service Pack 3. Out of fear of losing what files I have, I copied everything over to a small Iomega external drive. I have been up all night downloading from a very slow desktop computer, AVG, Malware Bytes, other Spyware/Malware programs to a usb drive and then trying to transfer them over to the laptop. I can get them onto the desktop, then install, once I install and run the program it shuts down and if I try to click on the icon again it basically tells me there is no connection to that file extension. I really hope someone can help me with this problem soon. I am having a baby shower for my daughter tomorrow and need to print and make things today. I was actually working on Windows Movie Maker when all of this happened. I can still work with files, but am afraid to do very much as I don't know what will decide to quit again. Several of the programs that I would like to use will not work on the desktop because of the speed. Please help me to solve this problem as quick as possible. Please also be aware that I will need dumbed down, step by step instructions as to what to do. Thanks in advance!

BC AdBot (Login to Remove)

 


#2 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:06:18 AM

Posted 08 October 2011 - 11:14 AM

Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=========================================================================

Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#3 SFRS

SFRS
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:18 AM

Posted 08 October 2011 - 11:45 AM

This is the result of the security check.

Results of screen317's Security Check version 0.99.21
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

AVG 2012
Antivirus up to date! (On Access scanning disabled!)
```````````````````````````````
Anti-malware/Other Utilities Check:

SpywareBlaster 4.4
CCleaner
Java™ 6 Update 11
Out of date Java installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent

AVG avgwdsvc.exe
AVG avgnsx.exe
``````````End of Log````````````


Installed Malwarebytes onto desktop. Ran setup, clicked to run quick scan, program started, went approximately 11 seconds and malwarebytes shut down. Tried to restart from Program received following error message: Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item.

#4 SFRS

SFRS
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:18 AM

Posted 08 October 2011 - 11:49 AM

Just a reminder, I cannot access the internet at all from the infected computer. I am having to place things on a usb and transfer.

#5 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:06:18 AM

Posted 08 October 2011 - 11:52 AM

With the information you have provided I believe you will need help from the malware removal team. I would like you to start a new thread HERE and include a link to this thread.

Please make sure that you read the information about getting started before you start your thread.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#6 SFRS

SFRS
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:18 AM

Posted 08 October 2011 - 02:41 PM

Thank you. I followed all instructions and began a new thread. Below are the results of the instructions. Files are posted on new thread.

Posted Today, 02:57 PM

Please bear with me as I am NOT computer literate. I was instructed by TheShooter93 to follow all instructions for malware removal before posting a New Topic. I have followed all instructions given to what seems no avail. TDSS removal tool will run, I did try this a couple of different times and each time it finds 2 items, one being the same everytime the other being different and the fix for it was cure. When finished it would say 2 problems found, 1 problem neutralized. Malwarebytes will load after a fresh install, but once program is started it will only run for a few seconds and then shut down.The Defogger also would work. The GMER tool would begin running and then shut down before it allowed me to save a file. Attached are the DDS Logs.

My link

#7 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:06:18 AM

Posted 08 October 2011 - 03:19 PM

Sounds good. :thumbup2:

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#8 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,946 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:06:18 AM

Posted 08 October 2011 - 03:30 PM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/topic422509.html you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users