Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Thinking if I have to reformat

  • Please log in to reply
1 reply to this topic

#1 Idkanymore


  • Members
  • 2 posts
  • Local time:04:59 PM

Posted 12 May 2013 - 10:45 PM

I'm going to recall things as it went down; and I know this may have been my fault but I'm really desperate and don't know what to do and if I'm infected.


I just got a new computer custom built and it cost me quite a lot. I made sure that it would be as fast as possible so I got whatever I can that'll speed things up (i7, 16gb ram 2gb SATA hdd) and a fresh new windows 7.


Then i installed everything in order: AVAST, Malwarebytes, Comodo, and SAS; due to the fact that my last computer had a lot of malware problems I did everything to prevent it. At this moment I didn't have HIPS on, more of because I didnt understand Comodo's HIPS protocols very well.


Then I installed all the other programs that I wanted. Sadly this is where the problems start; and where my computer started not running programs, my internet randomly disconnecting, and viruses appearing everywhere.


First; I installed Adobe Master suite and since I lost a pretty penny to my pc I used amtlib.dll tactics to bypass the serial; only after 3 days and scanning did I know that it was a riskware according to malwarebytes. I decided not to delete it, but I wanted to delete the activator.


Since the activator refused permission and owning, I decided to safe boot and run file assassin to delete the adobe activator since it won't get deleted through any other means. And it worked.


Wanting to be extra cautious, I enabled HIPS on my Comodo and from then on it warned me of my computer's processes. From then on, superantispyware kept wanting to edit my registry, access the disk, and all other things. Comodo warned me of this frequently; trusting SAS, I decided to keep ALLOWING it. From here on this is where things got dicey.


One day my computer just started lagging so bad. IDK if its due to the amount of programs I have, so i tried to clean my registry and junk files using ccleaner, defraggler, glary utilities.


I searched for a bit, learned I might be infected, ran roguekiller which found 3 registrys which i then deleted. After rescanning it found 5 to be "replaced"?


Then yesterday Avast told me I had a rootkit in my svcsomething, two of them I ran a boot time scan and a scan after it. Now? My pc has a hard time opening firefox when it does so before in less than a second. I can't run anything without lagging, roguekiller won't function, and all my scanners says I'm clean; yet I know I'm not. 

I ran mbar, tdrrs kaspersky and hitmanpro; avast fullscan on all hard disks, memory, rootkits. Nothing. 


But now, none of those won't work. When I ran roguekiller it tries to access my proxyoverride registry. I've deleted amtlib.dll now, and restored the originals.  Also, my computer now won't log off and shut down: it stays at the logging off prompt.  


I want to run combofix since it seems handy but that might screw up my pc without guidance. And I really want to be sure if I have an infection first. Should I just reformat or is there hope? I'm really confused.


TL;DR am I being paranoid that somehow my system is 10 times slower than before and won't boot down without force powerdown? What should I do step by step to restore my system or should I just pack it in and reformat? What can I do to rule out things?

Edited by Idkanymore, 12 May 2013 - 11:08 PM.

BC AdBot (Login to Remove)


#2 Idkanymore

  • Topic Starter

  • Members
  • 2 posts
  • Local time:04:59 PM

Posted 12 May 2013 - 11:08 PM

removing log cause i think it's not allowed and no one really wants to see it anyway

Edited by Idkanymore, 13 May 2013 - 11:09 AM.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users