Unsolved
This post is more than 5 years old
60 Posts
0
2141
multi-virus and trojan infestation.....partially fixed but still have weirdness
History:
Got iPod Touch. Wanted to load video's. Got convertor from CNET. Wanted to convert DVD's. Followed instructions from video convertor recommended by CNET. Loaded DVD convertor. Ran it. It completed. Ran alternate converter. It stopped and the computer rebooted itself. Eventually it came back but had "PC_antispyware2010" malware.
Updated SymantecAV files and ran it. Found multiple virus's and trojans, which it quarantined.
Rebooted.
Tried running Spybot. No joy.
Teatimer did fine a couple of things.
Found the "spybot doesn't run....what you should do" forum post. Followed the instructions. No joy.
De-installed Spybot. Re-installed.
Ran it. No joy.
Continuing weirdness beyond the above: "googleinstaller" error message during start0up after reboot; random "internet explorer couldn't open...." messages eventhough I don't have it running.
I suspect I at least have registry errors.
Guidance, please.
cheers,
Leigh
What now??
Bugbatter
3 Apprentice
3 Apprentice
•
20.5K Posts
0
August 25th, 2009 00:00
Try running Malwarebytes' Anti-Malware.
Please download to your desktop Malwarebytes' Anti-Malware from Here or Here
Double Click mbam-setup.exe to install the application.
and just double-click on mbam-rules.exe to install.
Alternatively, you can update through MBAM's interface from a clean computer,
copy the definitions (rules.ref) located in
C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes'
Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.
Click Remove Selected.
1. Just click the "Post A Message" button (upper right) in the Malware Removal forum HERE
to start your own thread requesting assistance for a follow-up check to be sure the malware is gone.
2. In the discussion window that opens, simply Right-Click and select Paste.
Extra Notes:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer, please do so immediately.
-- MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes (like Spybot's Teatimer), they may interfere with the fix or alert you after scanning with MBAM. Please disable such programs until disinfection is complete or permit them to allow the changes.
**If you need to re-install MBAM but encounter issue in re-installing, try using the MBAM Cleanup Utility by downloading it from http://www.malwarebytes.org/mbam-clean.exe
Keyboards_999
60 Posts
0
August 26th, 2009 19:00
Bugbatter,
Thanks for the response.
After posting to this forum, I went back and tried the "if it doesn't work..." instructions for Spybot. I eventually got it to work. It found LOTS!!! Virus'es, trojans, and registry changes. I let it clean up a bunch of it but was a bit concerned about some of the registry errors (SystemRestore, Explorer, WindowsSecurityCenter) so left them until I got some guidance from one of you folks.
There are still a few clearly weird things going on, e.g. IE pop-ups to down load Adobe Reader when IE isn't even running.
I'll follow your instructions for Malwarebytes' Anti-Malware and post to the Malware removal forum.
Thanks again.
Leigh