Jump to content


Photo

Cleaning up PC after a vicious malware attack


  • Please log in to reply
5 replies to this topic

#1 parlezvous

parlezvous

    New Member

  • Members
  • Pip
  • 14 posts
  • Gender:Not Telling

Posted 30 August 2012 - 09:53 PM

Hello MalwareBytes community,

around a year ago, this particular PC used by my sibling was compromised by malware which consistently notified the user that the machine was infected and installed a fake antivirus software. I tried getting rid of it through malwarebytes, but it ended up crashing the system. I was able to partly fix it through a complete factory reset, but I suspect that traces of the infection still resides in the system.

I've been unable to remove the Ask.com toolbar, failed to run windows update successfully the last time I tried, and the laptop tends to overheat easily Web browsing appears to be normal though.

I'd appreciate help, thank you.

Attached Files



#2 daledoc1

daledoc1

    Forum Deity

  • Spam Hunters
  • PipPipPipPipPipPip
  • 11,933 posts
  • Gender:Not Telling

Posted 30 August 2012 - 10:01 PM

Hello and welcome, parlezvous: :)

Have you been using an infected computer for a year?
That's pretty scary, especially if you've been using it for online financial transactions during that time, without a fully patched operating system (you mention that you've been unable to run Windows updates).
You'll definitely need a qualified malware expert to take a look at the system.

We cannot review scan logs or work on malware removal in this sub-section of the forum.
So please read below for assistance with cleaning your system.

EDIT: Is this the same computer for which you obtained malware removal help a month or so ago >>HERE<<?

IMPORTANT: Please do NOT use any temporary file cleaners unless instructed to do so - they can cause data loss, making recovery difficult.

IF YOU WOULD LIKE EXPERT HELP WITH MALWARE REMOVAL, PLEASE CHOOSE ONE OF THE FOLLOWING 3 OPTIONS:
OPTION 1: Free, one-on-one, expert assistance in the Malware Removal Forum.
OPTION 2: For licensed users of MBAM PRO, there is free, one-on-one, expert assistance from the MBAM support helpdesk.
OPTION 3: Fee-based, one-on-one, expert assistance from Premium Support.

OPTION 1:
  • Please print out, read and carefully follow the instructions in the "I'm Infected - What Do I Do Now?" article.
  • ---> Since you have already run DDS, that's good, as it's the first step. But you'll want to copy/paste the COMPLETE logs directly into your new post, as described below. (The ones you've attached here appear to be incomplete/tuncated.)
  • Then please start a new post in the Malware Removal Forum.
  • An authorized, trained malware expert will provide free, one-on-one assistance as soon as one becomes available.
  • When starting your new post, please note the following:
  • Please do NOT post in a topic started by someone else, even if their problem sounds similar.
  • Please COPY/PASTE the requested logs directly into your post, rather than attaching them.
  • Under options, please be sure to select "track this topic" and "immediate email notification", so you'll know when a helper responds.
  • Please be patient - it may be 48 hours or more before a helper can assist you, especially when the forum is very busy.
  • Please do NOT "bump" your topic or reply back to it for at least 48 hours.
  • Doing so may cause your topic to be overlooked, as it will appear that you are already being helped.
OPTION 2:
If you are a paid user of MBAM PRO and would like support via the helpdesk, please contact them here.

OPTION 3:
If you prefer the Malwarebytes Premium Services (comprehensive solutions to all your computer support needs – from installation and set-up to troubleshooting and tune-ups), please go to the Premium Support site here.

Please be patient – someone will assist you as soon as possible.

Thank you very much,

daledoc1

Just a home user & forum volunteer
DT1: Win7/Ult/64 SP1; Intel Core i7-3770 @3.4 GHz; 16 GB RAM; NVidia GeForce GT620; IE9; Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner
DT2: Win7 Ult/64 SP1; Intel Core i7-860 @2.8 GHz; 8 GB RAM; ATI Radeon HD 5770; IE 9, Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner.
LT: Win7 Pro/64 SP1; Intel Core i7-3632 cached @3.2 GHz; 16 GB RAM; NVidia GeForce GT640M; IE 10; Fx; TB; WLAN; MBAM PRO 1.75.0.1300; Sophos ES 10.3; SAS Free; CCleaner.


#3 parlezvous

parlezvous

    New Member

  • Members
  • Pip
  • 14 posts
  • Gender:Not Telling

Posted 30 August 2012 - 10:49 PM

Hello daledoc1, thanks for the reply.

My apologies, just for clarification:

a) This laptop was infected several months ago, but was not used until recently. I've managed to fix it through a factory reset, but have not used it for doing business or making financial transactions.

EDIT: Is this the same computer for which you obtained malware removal help a month or so ago >>HERE<<?
b) No, this laptop is a separate system, and is not the same computer.

#4 daledoc1

daledoc1

    Forum Deity

  • Spam Hunters
  • PipPipPipPipPipPip
  • 11,933 posts
  • Gender:Not Telling

Posted 30 August 2012 - 11:24 PM

OK, thanks for the clarification. :)
(As you know from your recent experience with the other computer, some of the infections these days can lead to SERIOUS compromise of one's personal info. So it set off some bells and whistles to think you might have been using an infected system all this time.)

Anyway, it's the same process you went through last month. :)

Please just follow the guidelines and start a new topic over in the malware removal section.
You'll want to try to copy/paste those DDS logs (DDS.txt and attach.txt) directly into your first post (rather than attaching them), as it makes it easier for the malware helpers to read them.

They did look as if they were somehow truncated, so please try to post the full logs with all the header info, if you can.

All of this will make it easier for the malware helpers to get an accurate snapshot of the sytem, in order to expedite the cleaning process.

If the infection has so crippled the computer that you cannot follow those guidelines, then just start a new post anyway, doing the best you can, & explaining the issues you're seeing (just like you did here) -- you can also include a link back to this topic, too.

HTH,

daledoc1

Just a home user & forum volunteer
DT1: Win7/Ult/64 SP1; Intel Core i7-3770 @3.4 GHz; 16 GB RAM; NVidia GeForce GT620; IE9; Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner
DT2: Win7 Ult/64 SP1; Intel Core i7-860 @2.8 GHz; 8 GB RAM; ATI Radeon HD 5770; IE 9, Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner.
LT: Win7 Pro/64 SP1; Intel Core i7-3632 cached @3.2 GHz; 16 GB RAM; NVidia GeForce GT640M; IE 10; Fx; TB; WLAN; MBAM PRO 1.75.0.1300; Sophos ES 10.3; SAS Free; CCleaner.


#5 Firefox

Firefox

    Forum Deity

  • Trusted Advisors
  • PipPipPipPipPipPip
  • 10,036 posts
  • Gender:Male
  • Location:USA

Posted 31 August 2012 - 09:17 AM

It will be better to follow the instructions that were posted in post # 2 above with this system as well.

While being helped in the HJT Section you will have to remove any P2P software you have installed on that laptop such as uTorrent.

post-2065-0-92797800-1392234217.jpg


Dell Precision T7500, Win7 Ultimate 64bit fully updated, McAfee Corp Edition v8.8,
Watchguard Firewall, Intel Xeon E5606CPU, Dual Quad Core Processors, 16GB Ram,
E5606 @ 2.13GHz, Nvidia Quadro NVS420, Raid-1 Dual 1TB Sata 10000 rpm Hard Drives
Dual DVD Burners, IE10, Opera, MBAM, MBSB, MBAE


#6 daledoc1

daledoc1

    Forum Deity

  • Spam Hunters
  • PipPipPipPipPipPip
  • 11,933 posts
  • Gender:Not Telling

Posted 31 August 2012 - 09:27 AM

Hi, Firefox:

It looks as if the OP is already being assisted by Maniac here for this second computer (laptop): http://forums.malwar...howtopic=115096 :)

(I was initially confused b/c this topic was very soon after a recent computer cleaning, and the truncated DDS logs in this thread made it hard to determine if it was the same rig, or not. ;))

Cheers!

Just a home user & forum volunteer
DT1: Win7/Ult/64 SP1; Intel Core i7-3770 @3.4 GHz; 16 GB RAM; NVidia GeForce GT620; IE9; Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner
DT2: Win7 Ult/64 SP1; Intel Core i7-860 @2.8 GHz; 8 GB RAM; ATI Radeon HD 5770; IE 9, Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner.
LT: Win7 Pro/64 SP1; Intel Core i7-3632 cached @3.2 GHz; 16 GB RAM; NVidia GeForce GT640M; IE 10; Fx; TB; WLAN; MBAM PRO 1.75.0.1300; Sophos ES 10.3; SAS Free; CCleaner.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users