Go Back   Cyber Tech Help Support Forums > Software > Malware Removal Forum

Notices

Reply
 
Topic Tools
  #1  
Old April 21st, 2012, 06:55 PM
tami3_3 tami3_3 is offline
Senior Member
 
Join Date: Oct 2000
Location: CA
Posts: 222
Trojan/Malware problem

Hi there,
My daughter's laptop is running Windows 7 and using Microsoft Security Essentials. After running a weekly scan it found her computer at risk and asked her to download Windows Defender Offline, which she did. She saved it on a CD, but when she tried to use it, it wouldn't work. I had her run Malwarebytes and it found several things and said it was able to get rid of them. But it apparently didn't because she was still having problems. When she brought the laptop to me, we tried again to use the Windows Defender Offline but downloaded it on my computer and saved it to a USB drive. But it still wouldn't work. Finally I just used the Recovery Console and went back to factory settings. Figuring everything would be fine I decided to go ahead and use McAfee Antivirus that came with the computer to run a check and I would get rid of it after it ran a scan. Well it wouldn't let me put a password in when signing up for an account. It totally locked up the computer. Wouldn't let me shut the screen or let me bring up the task manager, or even shut down the computer the right way. Anyway, after turning it back on I figured I'd go straight to Microsoft Security Essentials and download it. It let me download and start updating for new definitions and now its just stuck about half way through. Again it won't let me close the window or bring up the task manager. And the window that was downloading the definitions has in red at the top of the window 'Computer status-At risk. That may be because there isn't any antivirus program on the computer yet.

I figured that if I went back to factory settings everything would be fine. But apparently not. If someone could help me it would be very much appreciated. I have never had a virus before so I am totally in the dark here. I have had a few malware or trojans that Malwarebytes was able to get rid of. But that's about it.

Thanks,
Tami

Last edited by tami3_3; April 21st, 2012 at 07:21 PM.
Reply With Quote


  #2  
Old April 21st, 2012, 07:21 PM
tami3_3 tami3_3 is offline
Senior Member
 
Join Date: Oct 2000
Location: CA
Posts: 222
I'm going to add this:

I just used her computer to come to this site and it did, but when I clicked on a post it wouldn't go anywhere and just kept trying to load the page. I closed the browser and it won't even let me open the browser now.
Reply With Quote
  #3  
Old April 21st, 2012, 11:54 PM
Jintan Jintan is offline
Malware Removal Team Advisor
 
Join Date: Dec 2004
Posts: 50,375
Hello tami3_3,

Quote:
Windows 7 and using Microsoft Security Essentials

go ahead and use McAfee Antivirus that came with the computer
More than one antivirus program on any one system means they will each attack, and corrupt, each other, as well as cause system corruption. Please see if you can temp disable both, uninstall one, reboot, then uninstall the other. If you happen to have other antivirus programs there repeat that for each of those.

Once you have done that, then let's take a look.


The system is Windows 7, so when running any of the scan files we use, be sure to right click the file, then select "Run as administrator" to start the scan/tool.

And To make sure you have an accurate view of files there, make sure you can View Hidden Files. Also uncheck "Hide Extensions for Known File Types"



To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs. Here are some antivirus disable tips if needed.

-------

Click here and download OldTimer's OTL to your desktop, then click that to open the scan display. At the top click "Scan All Users", then click "Run Scan". Make no other changes at this time.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are also saved in the same location as OTL.exe. Post the contents of those back here please.

-----------

Click here and download the installer for Gmer to your desktop, then click that file to run Gmer.


Once the opening scan finishes, click on Scan (again, before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan).

When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.

-----------

Download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • If you can have an open Internet connection, and allow it to download the latest Avast engine detections.
  • If avast! antivirus is already installed, just do the next step.
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.


A lot, but comprehensive, and will make sure we get a good view of everything.
Reply With Quote
  #4  
Old April 22nd, 2012, 01:16 AM
tami3_3 tami3_3 is offline
Senior Member
 
Join Date: Oct 2000
Location: CA
Posts: 222
Hi Jintan,

Thanks for getting back to me. Just to let you know, I wasn't running any
antivirus yet on her computer. I thought I would try McAfee because it was already on here. But it wouldn't let me even put ANY password in. So the next step was to try Microsoft Security Essentials. And it just got hung up downloading definitions. So basically I had no antivirus on the computer. After posting here, on her computer I went the control panel to change the folder setting to 'show hidden files' and it wouldn't open it. Went out of control panel and went to open it again and it wouldn't even show anything in the control panel. Her computer finally wouldn't even let me go on line or open any of the programs that loaded on startup on the desktop. Soooo....sorry to say I got mad and went back and did another full recovery, back to factory settings. This time it wouldn't let me go online. So I started in safe mode with networking and it finally let me go online. But I was frustrated by then, I went to Acer (I know, a stupid Acer, but I was looking for a cheap laptop for my daughter) support and found out it was still under warranty but just for software, not hardware. Right now I have a guy in tech support there working on my computer remotely. What he's saying is that there is a virus that is still in the machine and he's going to try to fix it. I'm paying for this, another warranty for the hardware for a year, so he'd better fix it.

I downloaded a few of the scanning software you've suggested to other people on here unto a flash drive and tried them on her machine and they didn't even show up on the flash drive. They did on my computer.

I appreciate the time you spent on your post and I probably should of waited before I contacted Acer, but her computer was really getting out of hand and thought it probably did have a bad virus. Apparently so, cuz he's even having a hard time with it.

But thank you Jintan! I haven't been here in a long time. I've been taught a lot here. Luckily I'm pretty careful with my computer and like I said, have never had a virus. But my daughter downloads music, pictures and such and uses her phone a lot to download pics and videos. I've tried to teach her, but you know kids.

But thank you again!
Tami
Reply With Quote
  #5  
Old April 22nd, 2012, 01:25 AM
tami3_3 tami3_3 is offline
Senior Member
 
Join Date: Oct 2000
Location: CA
Posts: 222
I meant to tell you, interestingly, the tech guy there at Acer uses Malwarebytes and something called HitmanPro.
Reply With Quote
  #6  
Old April 22nd, 2012, 01:31 AM
Jintan Jintan is offline
Malware Removal Team Advisor
 
Join Date: Dec 2004
Posts: 50,375
If you check through this forum, you may notice we don't use HitmanPro. Cloud-computing running a bunch of antivirus programs is just not the way to fix malware issues, though they do get lucky at times. If you would, I would like to suggest you do the steps I posted, and let's get a look at what all is there.
Reply With Quote
  #7  
Old April 22nd, 2012, 02:09 AM
tami3_3 tami3_3 is offline
Senior Member
 
Join Date: Oct 2000
Location: CA
Posts: 222
Hi again,

I was just kinda letting you know something they were using. Didn't know anything about HitmanPro.

I would do the steps you suggested, but he's using the computer remotely right now. I think he's running the recovery to factory settings because he said it hadn't taken everything off. When I do get the computer back, I will follow up with the steps you suggested.

Tami
Reply With Quote
  #8  
Old April 22nd, 2012, 02:14 AM
Jintan Jintan is offline
Malware Removal Team Advisor
 
Join Date: Dec 2004
Posts: 50,375
If they are doing the actual factory recovery procedures, it will very likely resolve whatever was the problem. So just FYI for the future - CTH folks can likely help resolve issues without the need for a total wipe factory recovery.
Reply With Quote
  #9  
Old April 22nd, 2012, 02:49 AM
tami3_3 tami3_3 is offline
Senior Member
 
Join Date: Oct 2000
Location: CA
Posts: 222
I sincerely hope they fix it. My daughter had taken off everything she needed so it wasn't a big deal to to go back to factory settings. I do realize you guys are very good at helping people without having to resort to that. And you have no idea how much I appreciate the times you've helped me. Trust me, it would be a big deal to me if I had to go back to factory settings. I'd be trying anything else.
Reply With Quote
  #10  
Old April 22nd, 2012, 11:02 PM
Jintan Jintan is offline
Malware Removal Team Advisor
 
Join Date: Dec 2004
Posts: 50,375
Glad to be here if and when needed. Good luck there.
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 11:59 AM.