Author Topic: Possible Malware Infestation(Help) (Read 3352 times)

FlakJak · « **on:** December 20, 2012, 03:58:43 AM »

Recently went to visit my brother.... long story short, he runs UTorrent a lot with no antivirus.

Installed Malwarebytes, and followed infection guide.

Thank you for your time.

[FIXED](Silly firefox)Cannot attach logs....

Pondus · « **Reply #1 on:** December 20, 2012, 08:10:00 AM »

aso run AdwCleaner as this will clear all the browser/toolbar crap

malware removers are notified. it may take hours before one arrive so be patient

essexboy · « **Reply #2 on:** December 20, 2012, 03:47:25 PM »

Hi what are the current problems ?

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

Code: [Select]

:OTL
[2012/08/19 15:16:02 | 000,005,133 | ---- | M] () (No name found) -- C:\Users\Dr.Prof.Sexy\AppData\Roaming\Mozilla\Firefox\Profiles\cs1axc0r.default\extensions\50314953e85d2@50314953e860a.info.xpi
[2012/12/05 22:27:43 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

FlakJak · « **Reply #3 on:** December 20, 2012, 07:28:55 PM »

There aren't any noticeable problems as of yet(except for ads...), but I've identified iLivid, WinMate and Tuneup360.

essexboy · « **Reply #4 on:** December 20, 2012, 07:33:41 PM »

Where are the ads appearing ?

CLEAR THE BAD TOOLBARS

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

FlakJak · « **Reply #5 on:** December 20, 2012, 09:37:45 PM »

Ads were appearing on googles homepage and elsewhere but are gone now(beforeadwcleaner).

WinMate.exe still asks for permission on startup.

essexboy · « **Reply #6 on:** December 20, 2012, 10:10:24 PM »

Personally I would uninstall winmate from the system, these so called optimisers do not really achieve a lot

What is happening is that it does not have sufficient privileges to run under windows 7 so ask to ask each time

FlakJak · « **Reply #7 on:** December 21, 2012, 11:43:54 PM »

Unistalled WinMate.

Noticed something else today, Malwarebytes has detected a malicious process sttempting to start, and has blocked the execution attempt
C:\Program Files (x86)\Super Meat Boy\Uninstall.exe
Malware.Packer.Krunchy

With the buttons

Disable Protection | Ignore | Quarantine

...Is this a problem? What should I choose?

essexboy · « **Reply #8 on:** December 22, 2012, 11:56:23 AM »

That is a game.. Are you trying to uninstall it ? http://en.wikipedia.org/wiki/Super_Meat_Boy

Author Topic: Possible Malware Infestation(Help) (Read 3352 times)

FlakJak

Possible Malware Infestation(Help)

Pondus

Re: Possible Malware Infestation(Help)

essexboy

Re: Possible Malware Infestation(Help)

FlakJak

Re: Possible Malware Infestation(Help)

essexboy

Re: Possible Malware Infestation(Help)

FlakJak

Re: Possible Malware Infestation(Help)

essexboy

Re: Possible Malware Infestation(Help)

FlakJak

Re: Possible Malware Infestation(Help)

essexboy

Re: Possible Malware Infestation(Help)