VirusProtector2008, then Sagispul/Vundo- Still need help
Hello~
Yesterday an alert window popped up telling me my computer was not protected and that I had to reinstall McAfee.
Last night, almost 24 hours ago I had an alert from McAfee Anti-Virus telling me that multiple Trojan's were being blocked. I opened the program up from the quick start menu, and a ToS came up. I figured it was automatically reinstalling as it asked me to do earlier, and clicked yes. As I was doing so though, I realized that the ToS title had nothing to do with McAfee, or any other program I currently have installed.
It was a program called VirusProtector2008 and it promptly opened a "simulated" scan and asked me to buy the full package.
So I realized I had a problem on my hands, and I asked my friends husband to help me over IM. I described what happened above and he told me to try and download Malwarebytes, and he told me the link might not work. Thankfully it did and after downloading it I did a scan. My computer froze a few times, but finally I got it to work and VirusProtector's desktop shortcut and the little icon on the bottom left disappeared after the scan + Reboot.
I also did a quick-scan with SuperAntiSpyware, and found more infected files, I was pretty confident I had beaten it after that.
I was pretty happy everything was back to normal on my computer, but when my friend sent me some youtube videos I noticed it was opening in a new window, not in another tab like usual. Then blank Sagispul.com pages would pop up (and once a yellowpages-type ad? )
So I realized that maybe when I had to restart that Malware hadn't had the chance to finish updating. (I checked, I'm pretty sure it didn't) My friend had logged off for the night so I couldn't ask her husband for help anymore so before taking further action I looked for a reliable site with more information than just "Download Malwarebytes" and hope for the best.
And here I am! I've found this site extremely informative as someone who had never even heard of Malware. I went through the 8-step sticky and followed the instructions there.
I'll be attaching the first scans log, as well as the ones I did following the 8-steps.
As for symptoms, besides the pop-ups in Firefox and McAfee acting weird, every time I downloaded even a little gif or something Firefox would freeze. My internet has also been slower than usual. I just got Cable about a month ago and I've heard during certain times of the day it can be slower than usual so the slow-down didn't make me too suspicious until the bogus Virus scanning program showed up. Also, my automatic Windows updates had been disabled I know for a fact that I hadn't changed this myself because I recently moved the time in which It would automatically reset my computer.
I have been kind of reckless with what sites I've been visiting via Google searches. (I usually only click on sites I've heard of) And I wasn't aware that outdated java could be a security risk, I hadn't updated it in a long while. But it's all updated now and I'm learning from my past mistakes. If anyone could check my logs to see if there is anything still hiding in my computer and any further advice on what I can do if there is, I would really appreciate it!
I'm using McAfee SecurityCenter, and I had it disabled during the scans. I did do an (anti-virus) scan last night, and all that came up was "Generic PUP.x" which I had it fix for me. I don't know how to get a log from McAfee so I hope that's sufficient enough information.
Thanks so much in advanced for help! ( ..And sorry in advanced if I missed anything! )
EDIT: Right after I postd this thread, My tabs prefrences for firefox was changed to open new window again.
And Just now I got this alert from McAfee:
Hello~
Yesterday an alert window popped up telling me my computer was not protected and that I had to reinstall McAfee.
Last night, almost 24 hours ago I had an alert from McAfee Anti-Virus telling me that multiple Trojan's were being blocked. I opened the program up from the quick start menu, and a ToS came up. I figured it was automatically reinstalling as it asked me to do earlier, and clicked yes. As I was doing so though, I realized that the ToS title had nothing to do with McAfee, or any other program I currently have installed.
It was a program called VirusProtector2008 and it promptly opened a "simulated" scan and asked me to buy the full package.
So I realized I had a problem on my hands, and I asked my friends husband to help me over IM. I described what happened above and he told me to try and download Malwarebytes, and he told me the link might not work. Thankfully it did and after downloading it I did a scan. My computer froze a few times, but finally I got it to work and VirusProtector's desktop shortcut and the little icon on the bottom left disappeared after the scan + Reboot.
I also did a quick-scan with SuperAntiSpyware, and found more infected files, I was pretty confident I had beaten it after that.
I was pretty happy everything was back to normal on my computer, but when my friend sent me some youtube videos I noticed it was opening in a new window, not in another tab like usual. Then blank Sagispul.com pages would pop up (and once a yellowpages-type ad? )
So I realized that maybe when I had to restart that Malware hadn't had the chance to finish updating. (I checked, I'm pretty sure it didn't) My friend had logged off for the night so I couldn't ask her husband for help anymore so before taking further action I looked for a reliable site with more information than just "Download Malwarebytes" and hope for the best.
And here I am! I've found this site extremely informative as someone who had never even heard of Malware. I went through the 8-step sticky and followed the instructions there.
I'll be attaching the first scans log, as well as the ones I did following the 8-steps.
As for symptoms, besides the pop-ups in Firefox and McAfee acting weird, every time I downloaded even a little gif or something Firefox would freeze. My internet has also been slower than usual. I just got Cable about a month ago and I've heard during certain times of the day it can be slower than usual so the slow-down didn't make me too suspicious until the bogus Virus scanning program showed up. Also, my automatic Windows updates had been disabled I know for a fact that I hadn't changed this myself because I recently moved the time in which It would automatically reset my computer.
I have been kind of reckless with what sites I've been visiting via Google searches. (I usually only click on sites I've heard of) And I wasn't aware that outdated java could be a security risk, I hadn't updated it in a long while. But it's all updated now and I'm learning from my past mistakes. If anyone could check my logs to see if there is anything still hiding in my computer and any further advice on what I can do if there is, I would really appreciate it!
I'm using McAfee SecurityCenter, and I had it disabled during the scans. I did do an (anti-virus) scan last night, and all that came up was "Generic PUP.x" which I had it fix for me. I don't know how to get a log from McAfee so I hope that's sufficient enough information.
Thanks so much in advanced for help! ( ..And sorry in advanced if I missed anything! )
EDIT: Right after I postd this thread, My tabs prefrences for firefox was changed to open new window again.
And Just now I got this alert from McAfee:
Yikes! I'm not sure what to do.McAfee has automatically blocked and removed a Trojan.
About this Trojan
Detected: Generic Dropper (Trojan), Generic Dropper (Trojan)
Location: C:\WINDOWS\system32\k9261108.exe
Trojans appear as legitimate programs but can damage valuable files, disrupt performance, and allow unauthorized access to your computer.
Immediately after I clicked OK, this came up as well:
McAfee has automatically blocked and removed a Trojan.
About this Trojan
Detected: Generic Downloader.x (Trojan), Generic Downloader.x (Trojan)
Location: C:\WINDOWS\system32\bgl.exe
Trojans appear as legitimate programs but can damage valuable files, disrupt performance, and allow unauthorized access to your computer.