Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I'm infected. Please help!


  • Please log in to reply
6 replies to this topic

#1 nate1921

nate1921

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:29 PM

Posted 25 September 2013 - 09:50 AM

Never had an infection on this computer before.  Win7 home, MSE updated and running at all times.  Redirects in IE8 started happening.  Ran MBAM scan, found trojan and several PUPs.  Upon reboot, message popped up saying WSC service not running.  MSE not showing in taksbar.  Tried to uninstall MSE, won't uninstall. Tried everything, but I must still have infections.  Can you please help?



BC AdBot (Login to Remove)

 


#2 bory504

bory504

  • Members
  • 224 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Orleans
  • Local time:02:29 PM

Posted 25 September 2013 - 10:09 AM

When MBAM scan finished, did you check all the boxes to remove the infections before you restarted it?


Sincerely, Blake.

7 year Computer Hardware + Software Technician.

Operations Technician at a retail company.

Rhythm guitarist for the band Headspill.

:guitar: 


#3 nate1921

nate1921
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:29 PM

Posted 25 September 2013 - 08:31 PM

Yes.  Everything but the PUPs was already checked.  I removed those threats and then scanned again.  It only found the PUPs this time, so I checked all of them and removed them.  Next scan was clean.  Problem is, when rebooted, MSE was not showing in the taskbar.  Pop-up showed Windows Security Center service was not running.  Unable to launch MSE.  Unable to uninstall MSE.  Tried asking for help on malwarebytes but never received the email validation.  Have resent the validation email twice more but never received it.  I'm lost.

 



#4 bory504

bory504

  • Members
  • 224 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Orleans
  • Local time:02:29 PM

Posted 26 September 2013 - 08:57 AM

If you can I would say try downloading and running combofix.


Sincerely, Blake.

7 year Computer Hardware + Software Technician.

Operations Technician at a retail company.

Rhythm guitarist for the band Headspill.

:guitar: 


#5 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,785 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:29 AM

Posted 27 September 2013 - 02:53 AM

 
 

You should not run ComboFix unless you are specifically asked to by a helper. Also, due to the power of this tool it is strongly advised that you do not attempt to act upon any of the information displayed by ComboFix without supervision from someone who has been properly trained. If you do so, it may lead to problems with the normal functionality of your computer.

 

++++++++++++++++++++++++++++

 

G'day nate1921 and Welcome to BC !

 

Lets run the following scans and see if we can clear things up.....

 

 

Download http://www.bleepingcomputer.com/download/securitycheck/
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If any security program requests permission to access the Internet, allow it to do so.

 

++++++++++++++++

 

Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them.
NOTE : You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.
If normal mode still doesn't work, run the tool from safe mode.
When the scan is done Notepad will open with rKill log.
Post it in your next reply.
NOTE. rKill.txt log will also be present on your desktop.
 
 
+++++++++++++++++
 
Do not install the Free Trial Version at this time .........
* Double-click MBAM -setup.exe and follow the prompts to install the program.
* At the end, be sure to Check for Updates to be so it is current
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Scan, then click Quick Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.
If you are not sure of any items, post the log and ask if it should be removed.
Be sure to reboot the computer after you post the log.


 
 

Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

 

Microsoft gives you Windows, Linux gives you the whole house...

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

#6 bory504

bory504

  • Members
  • 224 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Orleans
  • Local time:02:29 PM

Posted 27 September 2013 - 08:09 AM

 

 
 

You should not run ComboFix unless you are specifically asked to by a helper. Also, due to the power of this tool it is strongly advised that you do not attempt to act upon any of the information displayed by ComboFix without supervision from someone who has been properly trained. If you do so, it may lead to problems with the normal functionality of your computer.

 

++++++++++++++++++++++++++++

 

G'day nate1921 and Welcome to BC !

 

Lets run the following scans and see if we can clear things up.....

 

 

Download http://www.bleepingcomputer.com/download/securitycheck/
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If any security program requests permission to access the Internet, allow it to do so.

 

++++++++++++++++

 

Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them.
NOTE : You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.
If normal mode still doesn't work, run the tool from safe mode.
When the scan is done Notepad will open with rKill log.
Post it in your next reply.
NOTE. rKill.txt log will also be present on your desktop.
 
 
+++++++++++++++++
 
Do not install the Free Trial Version at this time .........
* Double-click MBAM -setup.exe and follow the prompts to install the program.
* At the end, be sure to Check for Updates to be so it is current
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Scan, then click Quick Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.
If you are not sure of any items, post the log and ask if it should be removed.
Be sure to reboot the computer after you post the log.


 
 

 

 

Alrighty then.. and I wonder why its the number ONE downloaded tool on this site?


Edited by bory504, 27 September 2013 - 08:11 AM.

Sincerely, Blake.

7 year Computer Hardware + Software Technician.

Operations Technician at a retail company.

Rhythm guitarist for the band Headspill.

:guitar: 


#7 bory504

bory504

  • Members
  • 224 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Orleans
  • Local time:02:29 PM

Posted 27 September 2013 - 08:16 AM

Nevermind, sorry I didnt read the RED on the main topic forum. Apologies.


Sincerely, Blake.

7 year Computer Hardware + Software Technician.

Operations Technician at a retail company.

Rhythm guitarist for the band Headspill.

:guitar: 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users