Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

problem with virus


  • This topic is locked This topic is locked
47 replies to this topic

#1 edd78

edd78

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 31 March 2014 - 11:55 PM

hi there
i had something on my laptop called websteroids which i found out it was a virus. then i used a website for directions to uninstall websteroids the website i used was malwaretips i followed the steps even after using malwarebytes ect i still seem to have something on my pc maybe a day later if i do another scan with malwarebytes there is viruses that had to be removed then my norton was showing that there auto protect showed that there was something called bloodhound.mipe in various files example that i will send that i will attach

Attached Files



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 AM

Posted 01 April 2014 - 04:50 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
 
 
 
Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please attach this file to your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 edd78

edd78
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 02 April 2014 - 01:56 AM

hi Marius

i did the first scan and the results went on to notepad. I am not that good with computers so how to i send the results to you without sending them as attatchment

regards

edd



#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 AM

Posted 02 April 2014 - 06:30 AM

In this case, please attach the files.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 edd78

edd78
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 02 April 2014 - 08:04 AM

hi there i have the results of the first scan

Attached Files



#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 AM

Posted 02 April 2014 - 08:08 AM

Then please attach the TDSS-Killer log as well


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 edd78

edd78
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 02 April 2014 - 08:12 AM

hi there

i have not done that scan yet i will be doing it shortly



#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 AM

Posted 02 April 2014 - 08:19 AM

Add-/remove programms

Click on start-->control panel.

Vista/7: Open Programs and Features
XP: Open add/remove programs

Search for and remove the following programs
 

Ask Toolbar
Ask Toolbar Updater
File Type Assistant
GamesBar (W)
Iminent
MyPC Backup
RebateInformer
WebCake 3.00
Virgin Media Toolbar


Close the window.

 

 

 

 

 

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 edd78

edd78
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 02 April 2014 - 08:55 AM

hi 

i uninstalled the programs on the the list that you gave me

i also done the tdss killer scan and it said there where no threats found it scanned 487 objects



#10 edd78

edd78
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 02 April 2014 - 09:29 AM

i have the results of the fixlog scan

Attached Files



#11 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 AM

Posted 03 April 2014 - 03:36 AM

Please rescan with FRST and post up the log.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#12 edd78

edd78
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 03 April 2014 - 09:10 AM

i have the results of the scan 

Attached Files



#13 edd78

edd78
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 03 April 2014 - 09:19 AM

it's taking me longer to reply just of night shift

tomorrow i will be off all day



#14 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 AM

Posted 04 April 2014 - 02:44 AM

Combofix

Combofix should only be run when adviced by a team member!

Link


Important - Save the file to your desktop!


  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe


When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#15 edd78

edd78
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:09 AM

Posted 04 April 2014 - 08:56 AM

hi 

I have read that this software can damage your pc and need to be run under supervision i read the post from quietman7   . How safe is it to use 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users