Hi there, super-duper tech dudes,
Enjoy your posts and guides, and followed your 8-step on an infected computer, signed up for some help with next step(s)
My mother-in-law came yesterday and plopped her laptop down and asked for help. Seems it's been infected by some nasty buggers.
Main symptoms, still persisting after some antivirus work, are 1) inability to access windows update online, most/all microsoft websites either blocked or immediately redirected to trashware advert sites, 2) Google Chrome, which I installed to get away from IE, won't open websites at all, just crashes. First time I've ever seen this, and I've reinstalled Chrome 3x, still happens. 3) Also, from the beginning all the usual tray items were missing, most notably, volume and power meter. These have now returned in my latest boot (a good sign, I think?).
She was only using IE (that's part of the problem, I'm sure), so at first I installed firefox. That site was being blocked too, but I copied installer from my computer, got it going. Web symptoms above are happening still on Firefox, though other websites browsing normally now. (I haven't opened IE again for awhile).
What I've done so far:
1) Removed McAfee Security Suite. Viruses had disabled and messed with it. And it was just slowing down everything (as usual).
2) Installed and ran IObit Security 360. It found 20 security threats and removed them, including a win32 agent (piratepoppers), a couple adware keys in registry, a backdoor trojan and a "misleading.extremesecurity". Things started running more smoothly. But main symptoms persisted.
3) I happened upon your forum and started moving more systematically. I installed Avast and ran a full boot scan. It found and removed some more things. Then I ran TFC, cleaned out the Temps and rebooted. Then installed MBAM, ran scan, but nothing new found. I have the log. Then I did the GMER thing. (The log looked pretty ugly.) Then DDS. Logs attached below. I've also installed Hijackthis and run it; inspected results. Removed some obviously useless, possibly harmful, items.
4) Contrary to what I should have done, which is join the forum immediately and ask for help, I've continued to tinker with the computer. I've installed Comodo AV suite, running alongside Avast. Stealthed the ports. Started in Safe Mode, tried to run more scans, but programs were having a hard time running in safe mode. That's about it. Oh, and I uninstalled a program (Qwest QuickCare) which, from Comodo alerts, seemed to be controlling / running the web redirects when I tried to access windows update. (Though that problem still persists).
The latest windows update (a .NET update) failed (on 7-10). It was at that point, from what my mother-in-law says, that the computer started going buggy. It would appear to me that the virus has completely taken over Windows Automatic Updates. That's not good, I know....
My next steps? Thanks!
LOGS ATTACHED
Enjoy your posts and guides, and followed your 8-step on an infected computer, signed up for some help with next step(s)
My mother-in-law came yesterday and plopped her laptop down and asked for help. Seems it's been infected by some nasty buggers.
Main symptoms, still persisting after some antivirus work, are 1) inability to access windows update online, most/all microsoft websites either blocked or immediately redirected to trashware advert sites, 2) Google Chrome, which I installed to get away from IE, won't open websites at all, just crashes. First time I've ever seen this, and I've reinstalled Chrome 3x, still happens. 3) Also, from the beginning all the usual tray items were missing, most notably, volume and power meter. These have now returned in my latest boot (a good sign, I think?).
She was only using IE (that's part of the problem, I'm sure), so at first I installed firefox. That site was being blocked too, but I copied installer from my computer, got it going. Web symptoms above are happening still on Firefox, though other websites browsing normally now. (I haven't opened IE again for awhile).
What I've done so far:
1) Removed McAfee Security Suite. Viruses had disabled and messed with it. And it was just slowing down everything (as usual).
2) Installed and ran IObit Security 360. It found 20 security threats and removed them, including a win32 agent (piratepoppers), a couple adware keys in registry, a backdoor trojan and a "misleading.extremesecurity". Things started running more smoothly. But main symptoms persisted.
3) I happened upon your forum and started moving more systematically. I installed Avast and ran a full boot scan. It found and removed some more things. Then I ran TFC, cleaned out the Temps and rebooted. Then installed MBAM, ran scan, but nothing new found. I have the log. Then I did the GMER thing. (The log looked pretty ugly.) Then DDS. Logs attached below. I've also installed Hijackthis and run it; inspected results. Removed some obviously useless, possibly harmful, items.
4) Contrary to what I should have done, which is join the forum immediately and ask for help, I've continued to tinker with the computer. I've installed Comodo AV suite, running alongside Avast. Stealthed the ports. Started in Safe Mode, tried to run more scans, but programs were having a hard time running in safe mode. That's about it. Oh, and I uninstalled a program (Qwest QuickCare) which, from Comodo alerts, seemed to be controlling / running the web redirects when I tried to access windows update. (Though that problem still persists).
The latest windows update (a .NET update) failed (on 7-10). It was at that point, from what my mother-in-law says, that the computer started going buggy. It would appear to me that the virus has completely taken over Windows Automatic Updates. That's not good, I know....
My next steps? Thanks!
LOGS ATTACHED