Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Double click virus is ruining my life


  • Please log in to reply
4 replies to this topic

#1 steveovig

steveovig

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 17 October 2013 - 09:50 PM

I've had this stupid double-click virus/malware for the last couple weeks and I have no clue what to do to get rid of this thing.  I've ran malwarebytes three times and it won't leave.  It seemed to slow down for a day or two after running it the second time but it's not back in full force.  I need to get rid of this thing and I'm willing to do anything to do so but I'm clueless as to what to do.  Can someone please help me?

Edited by Queen-Evie, 17 October 2013 - 09:56 PM.
moved from Windows 7 to the appropriate forum


BC AdBot (Login to Remove)

 


#2 hbyton

hbyton

  • Members
  • 196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England
  • Local time:11:36 AM

Posted 18 October 2013 - 10:09 AM

Run rkill

http://www.bleepingcomputer.com/download/rkill/

 

 

Run adwcleaner (press scan then clean when the scan has finished)

http://www.bleepingcomputer.com/download/adwcleaner/

 

Junkware removal tool

http://www.bleepingcomputer.com/download/junkware-removal-tool/

 

Eset online scan (run from internet explorer)

go to this website

http://www.eset.com/us/online-scanner/

 

Press "run eset online scanner"

 

accept the licence agreement and press next

 

Click on advanced settings, select "scan for potentially unwanted applications" and "scan for potentially unsafe applications"

Then start scan.

 

 

Plus you should run a full scan with whatever antivirus you are currently using. What antivirus are you using at the moment?

 

Most of the tools will show a log report once they have finished running, please copy and paste the reports to your next post.



#3 steveovig

steveovig
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 03 November 2013 - 09:34 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.0.7 (10.15.2013:3)

OS: Windows 7 Home Premium x64

Ran by SAVEAV on Sun 11/03/2013 at 21:18:46.23

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

~~~ Services

 

 

~~~ Registry Values

 

 

~~~ Registry Keys

 

 

~~~ Files

 

 

~~~ Folders

 

Successfully deleted: [Empty Folder] C:\Users\SAVEAV\appdata\local\{5281715d-0773-91e8-7fe9-db8eee783b27}

 

 

~~~ Event Viewer Logs were cleared

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sun 11/03/2013 at 21:28:18.61

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

# AdwCleaner v3.011 - Report created 03/11/2013 at 20:57:22

# Updated 03/11/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : SAVEAV - SAVEAV-PC

# Running from : C:\Users\SAVEAV\Downloads\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

[#] Service Deleted : vToolbarUpdater17.0.12

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\SAVEAV\AppData\Local\WordLayers

***** [ Shortcuts ] *****

 

***** [ Registry ] *****

 

Key Deleted : HKCU\Software\WEDLMNGR

Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

 

-\\ Mozilla Firefox v24.0 (en-US)

 

[ File : C:\Users\SAVEAV\AppData\Roaming\Mozilla\Firefox\Profiles\3p67sjze.default\prefs.js ]

 

Line Deleted : user_pref("extensions.LinkSwift.aul", "1382403911466");

Line Deleted : user_pref("extensions.LinkSwift.irl", true);

Line Deleted : user_pref("extensions.LinkSwift.is", "trlsus");

Line Deleted : user_pref("extensions.LinkSwift.ug", "BDAC444B-F6A6-48B2-A2DD-097A8426FC33");

*************************

AdwCleaner[R0].txt - [27094 octets] - [18/10/2013 15:24:22]

AdwCleaner[R1].txt - [1488 octets] - [31/10/2013 02:30:41]

AdwCleaner[R2].txt - [1548 octets] - [31/10/2013 02:31:47]

AdwCleaner[R3].txt - [1686 octets] - [03/11/2013 20:09:11]

AdwCleaner[S0].txt - [27171 octets] - [18/10/2013 15:25:34]

AdwCleaner[S1].txt - [1591 octets] - [03/11/2013 20:57:22]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1651 octets] ##########

 

I did the set scanner but it didn't give me a log.  I'm using Microsoft Essentials for an anti-virus, is that a suitable program?  This double click thing is miserable and I need to work on my computer but it makes it very difficult.

 

 



#4 steveovig

steveovig
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 03 November 2013 - 09:35 PM

Rkill 2.6.2 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2013 BleepingComputer.com

More Information about Rkill can be found at this link:

http://www.bleepingcomputer.com/forums/topic308364.html

 

Program started at: 11/03/2013 09:08:33 PM in x64 mode.

Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\SAVEAV\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe (PID: 3100) [UP-HEUR]

* C:\Program Files (x86)\HP Button Manager\BM.exe (PID: 1456) [Mal-GEN]

 

2 proccesses terminated!

 

Checking Registry for malware related settings:

 

* No issues found in the Registry.

 

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

 

Performing miscellaneous checks:

 

* ALERT: ZEROACCESS rootkit symptoms found!

 

     * C:\Users\SAVEAV\AppData\Local\{5281715d-0773-91e8-7fe9-db8eee783b27}\ [ZA Dir]

     * C:\Users\SAVEAV\AppData\Local\{5281715d-0773-91e8-7fe9-db8eee783b27}\L\ [ZA Dir]

     * C:\Users\SAVEAV\AppData\Local\{5281715d-0773-91e8-7fe9-db8eee783b27}\U\ [ZA Dir]

 

Checking Windows Service Integrity:

 

* No issues found.

 

Searching for Missing Digital Signatures:

 

* No issues found.

 

Checking HOSTS File:

 

* HOSTS file entries found:

 

  127.0.0.1       localhost

 

Program finished at: 11/03/2013 09:18:10 PM

Execution time: 0 hours(s), 9 minute(s), and 36 seconds(s)



#5 steveovig

steveovig
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:36 AM

Posted 03 November 2013 - 11:42 PM

I just tried installing another mouse and it seems to have fixed it.  Could that have been the problem all along or should I still worry?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users