Help sorting this virus out

Status
Not open for further replies.
Hello everyone, my name is Martyn. I've just joined and I need some help!!

It looks like my web broswer has been hijacked. Just turned on my computer today at 3pm (UK time) and noticed that things were not right all.

These are the signs:

Computer keeps popping up a baloon every 15-25 seconds and an alert message "System Alert: Maleware threats - click this baloon to remove" This is not genuine! different messages appear, uncluding iexplorer keeps opening with a page to microsoft download of an antivirus which is not genuine, the page is too crude and it sometimes doesn't work and there is just a blank page. Noticed also 2 icons in control panel which look like microsoft icons but they are too crude. These are fake.

3 processes have appeared in the system configuration: wcs.exe, wcm.exe, iebtmm.exe.

iexplorer.exe keeps appearing on the system twice.

Unable to use a search engine or use the browser bar at the top of the page. I am using firefox. The page redirects to some random page.

---------------------------------------------------------------------------------------

My attempts to get rid of it so far include:

AVG Anti virus scan = Unsuccesful.
Spybot scan = Unsuccesful.
Ad-aware scan = freezes halfway through.

Note: I cannot download any antivirus programmes other what I already have because I am unable to click on any links. Links in Cached pages do not work either.

What can I do? Can you help?

I am aware of something called HJT (HIJACK THIS) but I know nothing about it. I am a novice with this stuff. I tried downloading spyware guard but the browser is not having any of it.

I just don't know what to do!!
 
Hi :

You are experiencing the classic symptoms of what the malware-fighting
community calls a "Rogue" Program ; the best program to fight this is the FREE
Version of Malwarebytes' Anti-Malware from www.malwarebytes.org/mbam.php .
IF you are unable to download/install this program on the "infected" computer,
download and "burn" the program onto a CD from a functioning computer .
 
Re:

Hi :

You are experiencing the classic symptoms of what the malware-fighting
community calls a "Rogue" Program.....

A rogue program? Who makes them? And why?

I don't think I can download malwarebytes antivirus from this computer. Whatever this rogue program is, it is blocking any attempt to download from links.

I'm running spybot right now (again) but this time it has found at the moment the following:

Fraud.antivirus 2008
Smitfraud. C-gp
antispycheck
win32.BHO.je

I'll wait for this to finish and then check out malwarebytes to see if I can download it.

If I can't I don't know what to do. I don't have another computer either, and I don't know anyone who uses a computer except one of my friend's. But his computer has no Re-Write drive so I won't be able to use his computer to download to a disc.

I'm wondering if I could paste the link into an e-mail and then click it from there.

I'll keep posted.
 
Hi :

See IF you can get help from a public library in your area . You should realize that
Ad-Aware and Spybot have NOT been top antispyware/antitrojan programs for a
couple of yrs; now the best FREE Ones are Malwarebytes' Anti-Malware and
"SUPERAntiSpyware" from www.superantispyware.com .

IF you are unable to install programs that are able to combat your "infection"
( "Rogues" are the newest "form" of bad things to infect a computer; most come
from the "Zlob Trojan ) , most likely you are going to have to reformat, then
reinstall the Operating System . The Best Explanation of this is at
http://aumha.net/viewtopic.php?f=26&t=28580 .
 
Re:

Hi :

See IF you can get help from a public library in your area . You should realize that
Ad-Aware and Spybot have NOT been top ....[/url] .

Malwarebytes is damn good!!!!

It removed 200 infected files and all the viruses!!!!

My computer runs more smoothly now. Thanks for your help. I was panicking that I might have to do a 'hijack this'. No need!!

Thanks for bringing malwarebytes to my attention. Ironically, I have just contracted 3 backdore trojan viruses all at once. 2 healed by AVG and 1 moved to the vault.
 
Personally I would still recommend posting a HJT log just for a quick check to see if your system is clean though. Often times malware tend to be tricky when it comes to removal.
 
Re:

Personally I would still recommend posting a HJT log just for a quick check to see if your system is clean though. Often times malware tend to be tricky when it comes to removal.

Should I do it? How do I do that? I have Winpatrol and it has a button on it "Hijack Log". I haven't clicked on it yet.
 
Status
Not open for further replies.
Back