Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

pile file reminder and oxy programs (downloader)


  • This topic is locked This topic is locked
8 replies to this topic

#1 cas1981

cas1981

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 31 March 2014 - 06:18 AM

hi

 

when trying to download a file from the net I downloaded pilefile and oxy downloader and other files

 

I tried using panda but when finishing the scan the program shutdown and I received a window saying that there is a problem with the program and windows will send me a solution if there is one. I then downloaded ccleaner and malwarebytes. after running malwarebytes I got a notice of 49 pup and some Trojan programs and they were quarantined after running again i was able to delete. the program asked me to reboot to take care of the problem and i did so. after rebooting I receive a window poping up saying there it a problem. I received the window again after trying to accesses my fire fall. the window came after the screen went blue.

 

when trying to download the dds I received a windows saying that the file is corrupted.

 

I now tried again the panda and was able to remove the icons of the oxy and the pilefile from the desktop but they are not removed from the computer. I can uninstall them and I want them off my computer

 

also I can't use my chrome

can anyone help?



BC AdBot (Login to Remove)

 


m

#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:22 PM

Posted 31 March 2014 - 07:09 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
 
 
 
Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please attach this file to your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 cas1981

cas1981
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 01 April 2014 - 02:58 AM

Marius hi

 

first of all thank you for your quick response. last night my friend came in town and  wanted to take a look. he is a computer programmer working in the cyber war fare.

 

he took  look at the computer and after two hours was able to uninstall the pilefile and oxy programs. the computer is working fine so far. he deleted the files by looking for them checking what programs aren't working. even though he has vast knowledge about computers and windows (writing code and working as an architect for the program writers) he is not an expert in malware ex'. 

 

what i wanted to ask is how can i know if he was able to remove all the damaging files and programs? I ran panda and Malwarebyte and the computer is clean. can i be calm?  what free anti virus do you recommend to use in the future. what can i do to protect my computer

 

my last question is, is there a way to know if the program was able to steel any information like credit card numbers?

 

again thank you for your help

 

cas1918



#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:22 PM

Posted 01 April 2014 - 03:02 AM

There is no way to see if sensible information has already been submitted but the adware that was running on your system doesn´t steal information

 

I´ll provide some recommenadtions when we´ve finished.

 

Let´s check if malicious files are remaining:

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 cas1981

cas1981
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 01 April 2014 - 03:10 AM

thanks for the quick response i am sorry i don't have time to do what you are asking (have to get back to work) but will do tonight.

 

again thanks



#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:22 PM

Posted 01 April 2014 - 03:13 AM

no problem - I´ll await the answer! :)


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 cas1981

cas1981
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 01 April 2014 - 05:37 PM

just when i thought thinks were going well.

 

 

now my comuter doens't allow me to enter most sites on the internet. i can enter gmail but not most sites. when i try to enter i get a messege that i have a problem with my proxy server.

 

i don't know if this is the virus or the fact that i unistalled "tunnel bear" and maybe there was a problem with the uninstallment. could that be? 

 

i am writing to you from a different computer because i can't get on to the site with my computer.

 

while writing to you a noticed that i had on my compute gigaclicks crawler and femoved it.

 

i scanned my computer before hand with panda finding only minner threts and scanned again with malwarebytes but nothing  

 

a friend of mine took over my computer via teamviewer and ran a scane with search and destroy. fond somthing considerd a big thret a took care of it. and then he scanned with sas. nothing

 

i have a feeling i should have listen to you from the start

 

what can i do?

 

especialy that i can't download anything

 

thank you again



#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:22 PM

Posted 02 April 2014 - 06:13 AM

Please run the two programs I´ve initially posted. If you are not able to download, transfer them from another computer on a flashd evice (or similar).

I can tell you more when I´ve seen these log files.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:22 PM

Posted 09 April 2014 - 03:41 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users