Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spyware


  • Please log in to reply
6 replies to this topic

#1 drublaze619

drublaze619

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:San Diego, California
  • Local time:12:16 AM

Posted 10 September 2014 - 09:02 AM

I've been informed by my significant other that I am the victim of spyware instead by, you guessed it!!! I've been reading everything possible on spyware, malware, viruses and whatever else that would be of help to remove this wonderful gift I've been given. I'm not sure what I've been given or where I start to uninstall. Any information would be greatly appreciated, as I am not sure what's to be trusted in the world of removal.
Much Thanks...
drublaze619

BC AdBot (Login to Remove)

 


m

#2 LiquidTension

LiquidTension

  • Malware Response Instructor
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 PM

Posted 10 September 2014 - 09:54 AM

Hello, 

 

Why do you (or your significant other) believe your computer is infected? 

What issues are you currently experiencing? Eg. Slow performance, browser/Internet issues, etc. 

 

What is the Operating System of the affected PC? 


Posted Image

#3 drublaze619

drublaze619
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:San Diego, California
  • Local time:12:16 AM

Posted 10 September 2014 - 10:09 AM

Hello to you as well.
I noticed my files looking a tad "off", like syswow64, sys32.exe, etc... AND, the most obvious was a file of my onedrive saved as an offline share file off all contents..There was a confrontation with full admittance of what was suspected. I have a Windows 8.1 OS... P.S. there are a few other mitigating factors to contribute verification of an infection as well. I downloaded just about every form of protection I could find.

#4 LiquidTension

LiquidTension

  • Malware Response Instructor
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 PM

Posted 10 September 2014 - 10:18 AM

Hello, 
 

syswow64

This is a legitimate System Folder.
 

sys32.exe

Where is this file located?
 

There was a confrontation with full admittance of what was suspected.

Perhaps I misconstrued your original post.
This "significant other" is the one responsible for the issues you are experiencing?  
 

I downloaded just about every form of protection I could find.

This is a good way to exacerbate the issues you are experiencing. We can address this later.  

 
Please provide the location of sys32.exe and run the following rootkit scan.
 
YARWD1t.png.pagespeed.ce.nvhmVeYDe3.png TDSSKiller Scan

  • Please download TDSSKiller and save the file to your Desktop.
  • Right-Click TDSSKiller.exe and select xAVOiBNU.jpg.pagespeed.ic.H5HC6LkiJX.jpg Run as administrator to run the programme.
  • Click Change parameters. Place a checkmark next to:
    • Loaded Modules
    • Detect TDLFS file system
  • Note: If you receive the following message: Extended Monitoring Driver is required, click Reboot now, and continue from here following the reboot.
  • ​Click Start Scan.
  • Note: Do not use the computer during the scan.
  • If objects are found, change the action to skip.
  • Click Continue and close the window.
  • A log will be created and saved to the root directory (usually C:\). Copy the contents of the log and paste in your next reply.

Posted Image

#5 drublaze619

drublaze619
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:San Diego, California
  • Local time:12:16 AM

Posted 10 September 2014 - 10:37 AM

Okay, I'm not too sure whats legit and what's not, and I didn't want to start messing around with files I should be messing with. The sys32.exe is, I believe, in my C: drive... Also, my mouse and keyboard settings were not what I had configured them as and I noticed a LOT of different adapters installed. When I received the laptop it came with a Realtek WiFi adapter and a Realtek PCIe bus... He connected his windows phone toy computer and it loaded as a Samsung TV... WT??? Hehehe
I really appreciate the help. Also, I found the files that were put on my computer in his computer. He forgot to remove the disc that he'd burned them onto...

#6 drublaze619

drublaze619
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:San Diego, California
  • Local time:12:16 AM

Posted 10 September 2014 - 10:39 AM

I think my laptop knows, it just crashed on me
.. Ughhh.

#7 LiquidTension

LiquidTension

  • Malware Response Instructor
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:16 PM

Posted 10 September 2014 - 10:42 AM

Hello, 

 

From what you've described so far, I think you would be better off posting in the Malware Removal section, where more advanced diagnostic tools are permitted. 

 

Please post back with a link to your new topic. 


Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users