Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus Removal Help


  • This topic is locked This topic is locked
3 replies to this topic

#1 applecrusher

applecrusher

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:42 AM

Posted 03 December 2012 - 01:24 AM

I use avast as my antivirus software. I don't know what this virus was but the virus was given to me in a update for a game called League of Legends. At first my avast web shield blocked me from the update and said the http://l3cdn.riotgames.com/releases/live… was infected. It is not infected now but was at the time. I was told by Riot that it was a false negative so I turn my shield off and let it through but it wasn't a false positive and the virus infected my computer. I uninstalled the game and thought this would solve the problem but every time I launch my computer the virus would try to download a zip file
from urls similar to (WARNING THIS SITE CONTAINS A VIRUS)hxxp://urlfilter.vmn.net/vnmsbf/data/121125224459-m.zip%7C%3E121125224459-m.list (WARNING THIS SITE CONTAINS VIRUS). Avast can detect this virus in safemode but can't really remove it. It says it moved the virus to the chest which stopped the virus from attempting to go to the website every 15 minutes but it still tries to do so on start up. I tried SuperAntiSpyware and Malwarebytes but neither of those were successful as well. If anyone knows of a website they can send me to which can help me or know of better antivirus programs let me know. I would prefer not to uninstall avast since it is the last line of defense for me now. Thanks in advance.

*Note: I don't have any system restore points. I didn't realize until recently that this was so. So please don't tell me to do this.

Edited by gringo_pr, 03 December 2012 - 01:36 AM.


BC AdBot (Login to Remove)

 


#2 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:09:42 AM

Posted 04 December 2012 - 09:58 PM

Hello applecrusher,

My name is Cody and I'll be helping you clean up your computer.

I will reply as soon as possible (typically within 48 hours). In turn, I ask that you please respond within 72 hours. If you know you will be away longer than that, I just ask for notice ahead of time.

Some points for you to keep in mind:

  • Do NOT run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Do not attach logs or use code boxes, just copy and paste the text.
    • It's simply easier for me to analyze logs in this format.
  • Provide feedback about your experience as we go.
    • Every post you make, please describe in detail how the computer is behaving. "The same" is not detailed enough. If you have any questions at any point, feel free to ask.

NOTE: When you post your reply, do not use the Posted Image button but use the Posted Image button instead.

In the upper right hand corner of the topic you will see the Posted Image button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

------------------------------------------------------------

Please download DDS by sUBs from one of the following links. Save it to your desktop.
DDS.com
DDS.pif
  • Double click on the DDS icon, allow it to run.
  • Mark the option attach.txt.
  • Click on Start.
  • After the scan has finished, confirm the message with Ok.
  • DDS will automatically open both logfiles.
  • You can find them on your desktop as well.
  • Please post the content of those logfiles with your next answer.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

Edited by TheShooter93, 04 December 2012 - 09:58 PM.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#3 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:09:42 AM

Posted 07 December 2012 - 10:51 AM

applecrusher,

It's been at least 72 hours since my last post. Are you still there?

If you need more time, let me know.

If you don't, this thread will be closed in 48 hours due to inactivity.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 


#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,984 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:42 PM

Posted 11 December 2012 - 03:11 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users