Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus takeover


  • Please log in to reply
13 replies to this topic

#1 BMTex

BMTex

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 13 February 2012 - 03:46 AM

As soon as I log into windows by typing my password, it either freezes or loads the desktop icons then freezes. Have run combofix and MBAM but no avail. Have CF log.

BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,317 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:03 AM

Posted 13 February 2012 - 06:12 AM

Hello,
Do you have any idea why this happened? Have you tried Safe Mode?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#3 BMTex

BMTex
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 13 February 2012 - 06:33 AM

I have no idea why this happened, mainly use this computer for online gaming. I scan all downloads with avast. I am on it in safe mode currently, seems to work fine.

Edited by BMTex, 13 February 2012 - 06:35 AM.


#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,317 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:03 AM

Posted 13 February 2012 - 07:08 AM

Try to do a clean boot and see if you can determine which process/application causes the problem.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#5 BMTex

BMTex
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 13 February 2012 - 06:09 PM

I have done that and it seems to be working ok. At least it doesnt freeze immediately. Now what should I do?

#6 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,317 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:03 AM

Posted 14 February 2012 - 03:41 AM

Re-enable processes one at a time and see which one causes the freeze.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#7 BMTex

BMTex
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 14 February 2012 - 12:13 PM

How would I do that?

#8 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,317 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:03 AM

Posted 14 February 2012 - 12:59 PM

See Step 3 in the article I linked you to. :)

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#9 BMTex

BMTex
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 14 February 2012 - 02:16 PM

Ok I have started all the services in the system configuration. No problems to report. Am I missing something?

#10 BMTex

BMTex
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 14 February 2012 - 03:55 PM

Update. Have started all processes and drivers and am now using normal startup in msconfig. No problems to report after clean boot. A Pre clean boot Combofix log shows removal of something in main user application data called pricegong. As I am writing this a window pops up labeled data execution prevention. windows has closed the program named windows update. Program named wuauclt.exe has encountered problem.

#11 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,317 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:03 AM

Posted 15 February 2012 - 02:33 AM

Pricegong is indeed a resource hog and an undesirable program as well. I do not recommend to run Combofix unsupervised though; it is quite a powerful program and can cause serious damage in some cases.

At this point it would be good to run a scan with a program like Malwarebytes Antimalware (if you do not have it installed, let me know and I'll post more detailed instructions).

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#12 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:03 AM

Posted 15 February 2012 - 04:15 PM

As soon as I log into windows by typing my password, it either freezes or loads the desktop icons then freezes. Have run combofix and MBAM but no avail. Have CF log.

I do not recommend to run Combofix unsupervised though; it is quite a powerful program and can cause serious damage in some cases.
At this point it would be good to run a scan with a program like Malwarebytes Antimalware

From Post #1; Both have already been run -

This may be a better topic to move into Malware Removal as there is no (actual) extra help being offered -

#13 BMTex

BMTex
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:08:03 PM

Posted 15 February 2012 - 05:42 PM

Yes as I said, I have run both programs now. MBAM finds nothing still. Avast appears disabled and will not restart. MBAM didnt catch pricegong when I ran it, but combofix did. Although I am not experiencing the original problem now, I feel the problem/malware has not been addressed.

#14 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,317 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:03:03 AM

Posted 16 February 2012 - 02:40 AM

In that case best is to start a new thread HERE and include a link to this thread. Please make sure that you read the information about getting started before you start your thread.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users