Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I am STILL infected, what do I do?


  • Please log in to reply
3 replies to this topic

#1 tygr

tygr

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:35 AM

Posted 01 April 2014 - 03:02 PM

Hi, I just signed up today to this forum and that in itself was a nightmare. I never know when I'm on a real site and when I'm not, to be honest. Whatever is in my pc is driving me to drink. Today I ran the Adwcleaner and it helped so tremendously that I thought my problems were solved; that is until I tried surfing just a little. I soon realized something deeper still exists than Adwcleaner was able to find. I am still having troubles with my browser being redirected, I'm seeing ads that appear to be part of the site I'm visiting, including bleeping computer's site, and yet my gut tells me they aren't supposed to be there. When connecting to a site I will hear multiple clicks. I'm sure there is more I just haven't noticed yet. I do know that there is something called White Smoke still in my pc although I removed it manually with the ad/remove hardware. It's still there, just disabled for now. I'm just not computer savvy enough to handle this on my own and for heavens sake, I don't have the money to send my pc out to be gone over with a fine tooth comb. I only paid about $75 for it from a computer recycling place when my old one took a mother board crap. This one is running windows XP, and beyond that I'm not sure what other information to give you. I know when I tried to log into this forum my computer redirected me several times, including opening an entire new window in which it told me website could not be found or did not exist...something to that affect/effect (pardon my grammar). I have no idea what tool to attempt to use next as I simply do not trust my computer or even where I am when logged into a site. I use Microsoft Security Essentials for anti-virus. I've also run their 10 day trial for some tool to run incase Essentials isn't cleaning stubborn adware and malware. I can't remember what it was called, but it found NOTHING. I'm too broke for a new computer and I don't think I can afford to have this one professionally cleaned. Estimated cost was almost as much as I paid for the dumb thing, and that was the starting cost. Can anyone please help me?



BC AdBot (Login to Remove)

 


m

#2 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,146 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:10:35 AM

Posted 01 April 2014 - 03:51 PM

Hi tygr and welcome to BC.
 
I take it that you haven't had the system long then?
and have no idea of what any previous owner has put on to it?
 

I have no idea what tool to attempt to use next

AdwCleaner is basically an Adware remover.
What we need is a better picture of any malware that may be on the system.
Best to add a rootkit scan as well................
  • Download Malwarebytes Anti-Malware Free and save it to your desktop
  • Double click the desktop icon, click Run, then OK
  • Click Next
  • Select I accept the agreement then continue to click Next then finally click Install
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program
  • Click Finish
  • If you are notified the Database is out of date click Update Now
  • Threat scan + Rootkit scan
    • Click the Settings tab >> Detection and Protection >> Detection Options, tick the box 'Scan for rootkits'.
    • Click on the Scan tab,

      mbamrk_zpsa1db88dd.png
    • Click on Scan Now
    • A Threat/Rootkit Scan will begin.
    • With some infections, you may see this message box.
    'Could not load DDA driver'
    • Click 'Yes' to this message, to allow the driver to load after a restart.
    • Allow the computer to restart. Continue with the rest of these instructions.
    • When the scan is complete, click Apply Actions.
    • Wait for the prompt to restart the computer to appear, then click on Yes.
    (Copy to clipboard for pasting into forum replies)
    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab >> Application Logs.

      mbamapplog_zps222887ef.png
    • Double click on the scan log which shows the Date and time of the scan just performed.
    • Click 'Copy to Clipboard'

      mbamhis_zps7bfe6503.png
    • Paste the contents of the clipboard into your reply.
Thanks

Edited by Starbuck, 01 April 2014 - 03:57 PM.

BBPP6nz.png


#3 tygr

tygr
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:35 AM

Posted 06 April 2014 - 07:00 AM

Well Thankyou Starbuck. That was certainly an enlightening experience and has again helped tremendously. It cleaned UNCOUNTABLE registry files and others as well as a couple mysterious things that had looked like computer componenents to me before so that I was afraid to touch them. HOWEVER, I am unfortunately STILL infected. I am still seeing mysterious ads and having pop-up ads where none should be or being misdirected to other sites or nonexistent ones. Would you suggest that I run the Adwcleaner again now? I am so frustrated! To answer your question about this computer system, it had been scrubbed, there was nothing on it when I received it except for windows XP and an older version of internet explorer which I updated myself. All the programs on it are from original disks except for ONE tiny program I downloaded from cnet to do something which I don't even remember what now. That's approximately when this all began. Now my scanner doesn't work for my printer which is probably just a matter of reinstalling the software, if I can find it in my messy office. Also it takes incredibly long for IE to load or to find a page whereas this used to be a fairly quick machine. Opening Itunes is an epic event and I might as well go fix a drink while it opens. I can't even catch up with my kids on facebook because that is a totally lost cause, worse than surfing the web. Please let me know if you have any other ideas. I have CCleaner also which I could try to run after I run Adwcleaner again. I just don't want to run anything untrustworthy. I wasn't 100% sure this site was safe because of the pop-ups I'm having, but I'm pretty sure it's me and not bleepingcomputer. I do trust you all to help. Thanks for any other suggestions. Please let me know if you need to know anything else? Thanks for any and all help.

#4 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,146 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:10:35 AM

Posted 06 April 2014 - 10:55 AM

Hi tygr

That was certainly an enlightening experience and has again helped tremendously.

That's good to hear.

It cleaned UNCOUNTABLE registry files and others as well as a couple mysterious things that had looked like computer componenents to me before so that I was afraid to touch them.

Can you paste the report from MBAM, so that i can see what was removed.

All the programs on it are from original disks except for ONE tiny program I downloaded from cnet to do something which I don't even remember what now. That's approximately when this all began.

Cnet!! that explains a lot.

Would you suggest that I run the Adwcleaner again now?

It certainly wouldn't do any harm.
I'll give you some instructions for this and another Adware removal tool.

Now my scanner doesn't work for my printer which is probably just a matter of reinstalling the software, if I can find it in my messy office.

Been there, done that! :)
You will be able to download the drivers for your printer from the manufacturers website.
More often than not, these are free.

Step 1
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer.
  • After the scan has finished...
  • Click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
Step 2
Please post the report from MBAM.
There will be more than one..... it's the scan log you want not the Protection Log

(Copy to clipboard for pasting into forum replies)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab >> Application Logs.

    mbamapplog_zps222887ef.png
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'

    mbamhis_zps7bfe6503.png
  • Paste the contents of the clipboard into your reply.
In your next reply, please submit:
JRT.txt
AdwCleaner report
plus the MBAM report


Thanks.

BBPP6nz.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users