Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus? Trojan? Malware?


  • This topic is locked This topic is locked
6 replies to this topic

#1 MrApartment

MrApartment

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 11 November 2011 - 02:23 PM

Good afternoon. I have encountered what I believe to be a virus. Upon browsing familiar internet sites, Firefox inexplicably shut down. Next, a program named "Privacy Protection" mimicking a legitimate antivirus-like program popped up. As well, a Desktop shortcut popped up for the corresponding program. I was then (and still am) unable to run any .exe's in Normal Mode. I have entered Safe Mode. Regretfully, I have already begun running Combofix. It has completed Stage_50 as of this minute. Regretfully again, before running Combofix (not concurrently), I tried installing Malwarebytes. However, as I've seen in multiple threads on this site, access was denied. I then moved onto Combofix. I understand I'm not performing these steps accurately. Hence, I would like to arrange professional assistance as I'm not qualified to do this on my own. This forum sure seems helpful to others. I'm hoping one will help me as well. To the minute, I am in Safe Mode on the infected computer and Combofix is at Stage_50. I am on a separate computer. I'll be here all day. Looking forward to getting rid of this.

Thanks.

BC AdBot (Login to Remove)

 


#2 MrApartment

MrApartment
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 11 November 2011 - 02:29 PM

Since my original post, Combofix has run it's course including a reboot. When the computer rebooted, it did so in Normal Mode. Now, Combofix is preparing a log report.

#3 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,313 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:08:25 AM

Posted 11 November 2011 - 02:52 PM

Hello, if you still want help removing malware from your computer, as well as someone to look over your combofix log, I recommend you to follow this guide and start a topic HERE including the requested logs as well as the generated combofix log.
Please do not post any logs in a reply to this topic!

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#4 MrApartment

MrApartment
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 11 November 2011 - 03:14 PM

elise025,

Thanks. Steps are in progress and I will report back when I've completed the stated parameters.

#5 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,313 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:08:25 AM

Posted 11 November 2011 - 03:20 PM

Okay, good luck! :)

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#6 MrApartment

MrApartment
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 11 November 2011 - 03:48 PM

Preparation Guide:
1. My data (of choice) has been backed up (to a USB dongle) by Cobian Backup 10.
2. Slow computer is not a relevant problem in my case.
3. A free account at this forum has been created/activated and is in use.
4. Topic Reply Notification is not preferred personally.
5. I have verified that my firewall is, indeed, enabled.
6. My computer does not contain CD emulation software.
7. DDS has been downloaded and ran. Both logs have been generated and are located on my Desktop. They are both available to post.
8. A GMER log has not been created as I am using a 64-bit version of Windows.
9. My post in the aforementioned and relevant sub-forum can be found here.

I look forward to the next step in this process.

Thank you.

#7 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,313 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:08:25 AM

Posted 11 November 2011 - 03:54 PM

Hello,

Now that you have posted a log, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Response Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Response Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Response Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days, up to a week, to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

To avoid confusion, I am closing this topic. Good luck with your log.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users