Computer Hope

Software => Computer viruses and spyware => Topic started by: dickinfl on July 08, 2008, 04:54:13 AM

Title: Malware removal help (dkinfl)- all steps followed
Post by: dickinfl on July 08, 2008, 04:54:13 AM

I have/had a virus/spyware/malware problem and upon doing an internet search I found your forum. I have followed the steps in "Read this before requesting malware removal help".

Background - I mistakenly authorized a download (my AVE internet security warned me) and immediately knew it was loading bad software. Being a novice I panicked and tried to shutdown my computer and disconnected my high speed internet. When I restarted I had several anti-spyware icons on my desk top. I ran my AVE virus checker and it was finding viruses, but was running very slow. As it continued additional windows popped up warning that software was trying access the internet. At first I clicked OK to not allow access, but then Internet explorer would open. I decided not to click any more windows and just let my virus scan run. At one point the scan stopped before completing it's check. It had removed and placed Trojans and other viruses in the vault. So I cancelled the scan. I was still receiving software unauthorized internet access windows popping up. I decided to run my Max Registry Cleaner to restore a prior registry. Following this no more unauthorized accesses occurred. I reran my virus scan and it ran fast. The only issue I have now is Windows Automatic Update is off and I can't turn it on. It will also not run manually. I received a error code 0x8DDD0018, but Microsoft does not have info on this code.

I complete all the steps as described in Malware removal help. The logs are attached:
SuperAntispyware log, Malwarebytes Log, Hijackthis log.

[recovering disk space -- attachment deleted by admin]

Title: Re: Malware removal help (dkinfl)- all steps followed
Post by: evilfantasy on July 08, 2008, 10:53:18 AM

Open Hijackthis and select Do a system scan only then place a check mark next to:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Now click Fix checked, exit Hijackthis and run CCleaner.

The logs look fine, any more signs of malware?

-----

Look here for your error message. http://support.microsoft.com/kb/910337

Title: Re: Malware removal help (dkinfl)- all steps followed
Post by: dickinfl on July 08, 2008, 12:10:40 PM

ALRIGHT. You are the BEST. No more signs of malware. :D Thanks for the Microsoft link, as that fixed the last issue.

Title: Re: Malware removal help (dkinfl)- all steps followed
Post by: evilfantasy on July 08, 2008, 12:13:43 PM

Glad to help.

Set a New Restore Point to prevent possible reinfection from an old one
Setting a new restore point AFTER cleaning your system will enable your computer to roll-back to a clean working state if needed.

Go to Start > Programs > Accessories > System Tools and click System Restore
Choose the radio button marked Create a Restore Point on the first screen then click Next Give the Restore Point a name then click Create.
The new restore point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
Next go to Start > Run and type Cleanmgr
Click OK
Click the More Options Tab.
Click Clean Up in the System Restore section to remove all previous restore points except the newly created clean one.

You can find instructions on how to enable and re-enable system restore here:

Windows XP System Restore Guide (http://www.bleepingcomputer.com/forums/tutorial56.html) or Windows Vista System Restore Guide (http://www.bleepingcomputer.com/tutorials/tutorial143.html)
.
----------

Use the Secunia Software Inspector (http://secunia.com/software_inspector) to check for out of date software.

Click Start Now
Check the box next to Enable thorough system inspection.
Click Start
Allow the scan to finish and scroll down to see if any updates are needed.
Update anything listed.

.
----------

Make sure all of your security programs are up to date and run scans with them regularly. Once or twice a week minimum.

Here are some great FREE tools to help you keep from getting infected again. These tools use little or no resources so won't slow down your PC.

To prevent unknown applications from being installed on your computer install WinPatrol 2008 (http://www.winpatrol.com/winpatrol.html)
Using Winpatrol to protect your computer from malicious software (http://www.winpatrol.com/features.html)

Another thing I would suggest installing SiteAdvisor (http://www.siteadvisor.com/). SiteAdvisor rates sites on business practices and spam.

SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html) - Secure your Internet Explorer to make it harder for these ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* (http://www.bleepingcomputer.com/tutorials/tutorial49.html)Using SpywareBlaster to protect your computer from Spyware and Malware (http://www.bleepingcomputer.com/forums/tutorial49.html)
*If you don't know what ActiveX controls are, see here (http://www.webopedia.com/TERM/A/ActiveX_control.html)

Check out Keeping Yourself Safe On The Web (http://evilspages.blogspot.com/2008/05/keeping-yourself-safe-on-web.html) for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It May Not Be Malware (http://evilspages.blogspot.com/2008/05/slow-computer-it-may-not-be-malware.html) for free cleaning/maintenance tools to help keep your computer running smooth.

Title: Re: Malware removal help (dkinfl)- all steps followed
Post by: dickinfl on July 09, 2008, 04:03:58 AM

I had a problem when trying to run cleanmgr. I did not get a "more options" tab. I got a select drive window.

Title: Re: Malware removal help (dkinfl)- all steps followed
Post by: evilfantasy on July 09, 2008, 02:38:17 PM

Turn off system restore, restart the computer and turn it back on.

Windows XP System Restore Guide http://www.bleepingcomputer.com/forums/tutorial56.html