Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown trojan, virus, spyware


  • This topic is locked This topic is locked
3 replies to this topic

#1 JLBUD

JLBUD

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:44 PM

Posted 26 October 2014 - 10:13 PM

Im new here, so sorry if I get something wrong.I am running windows XP Home, Chrome browser. I have followed the instructions to create a log file and attached it here. I usually am able to locate and remove trojans/spyware/viruses myself, but this one has me beat.

A few weeks ago I downloaded from an email what I thought was an invoice for road toll I had traveled on. Turned out to be a scam and computer did all sorts of strange things, shut down on its own, opened weird web pages, cant remember what they were now. I noticed in the task manager processes list that iexplore.exe was using a lot of memory and internet browsing was very slow. I dont use internet explorer and have it disabled so I ended the iexplore.exe process. Internet went back to normal, after a while iexplore.exe started up again causing the same problem, I kept ending it but kept restarting. I downloaded Task Blocker to kill it every time it started up. Some days it was continuously being ended, but computer and internet were fine. Problem is a few days ago task blocker wouldnt open, even tried uninstalling and reinstalling, still didnt work. I then downloaded "Ultimate_Process_Killer_2.0.2" which enabled me to end the process manually and kill the root file, which I did like 100 times until it didnt start up again. I havent had a problem since but wanted some help to make sure it is gone for good. Sorry this is so long, please advise as to what you need me to do next. Thanks.

Attached Files



BC AdBot (Login to Remove)

 


#2 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:08:44 AM

Posted 31 October 2014 - 07:56 PM

:welcome:

 

We have newer scanners that will show us much more, lets do this

 

1QYkxTZ.jpg Please download aswMBR to your desktop.

  • Double click the aswMBR icon to run it.
  • Click the Scan button to start scan.
  • If you are asked to update the Avast Virus database please allow it to do so.
  • When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.

I just want to see the report....Please Do Not Fix Anything

 

 

 

 

============================================================================

 

 

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system
A simple way to check your system: Start --> Computer (right click) --> Properties

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Please make sure All Users is checked
  • Do not check
    *List BCD
    *Drivers MD5
    *Shortcut txt
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



donate.gif Please consider a donation to help me keep up my fight against malware.

 

Just a reminder that threads will be closed if no response in 3 days


#3 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:08:44 AM

Posted 03 November 2014 - 01:26 PM

Still need help or have you resolved this issue ?


mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



donate.gif Please consider a donation to help me keep up my fight against malware.

 

Just a reminder that threads will be closed if no response in 3 days


#4 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:08:44 AM

Posted 04 November 2014 - 08:52 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



donate.gif Please consider a donation to help me keep up my fight against malware.

 

Just a reminder that threads will be closed if no response in 3 days





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users