Jump to content

need help malware attack


Recommended Posts

hi malwarebytes i use malwarebytes(free) but my problem isnt done i have virus in my pc when i go logging in facebook my computer goes shutdown  and when i press A key in the keyboard a and a eurosign is in the display what should i gonna do plss help me

Link to post
Share on other sites

Hello.
I will be guiding you as we go forward.  I do need to see other diagnostic information from this system, so that I can see about pinning down the source of this issue.
I would like to ask that you always attach any report or file I ask for, from time to time.

Before we proceed further, please read all of the following instructions carefully.
If there is anything that you do not understand kindly ask before proceeding.
If needed, please print out these instructions.

Please do not post logs using CODE, QUOTE, or FONT tags. Just always attach files / reports.
   
Please enable your system to show hidden files: How to see hidden files in Windows

Make sure you're subscribed to this topic:

Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable, it is unlikely, but things can go  wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen / flash drive

Please don't run any other scans, download, install or uninstall any programs unless requested by me while I'm working with you.

The removal of malware is not instantaneous; please be patient. Often we are also in a different Time Zone.

Perform everything in the correct order. Sometimes one step requires the previous one.

If you have any problems while following my instructions, Stop there and tell me the exact nature of the issue.
You can check here if you're not sure if your computer is 32-bit or 64-bit

As we go along, from time to time, Windows User Account Control ( U A C ) will prompt whether to allow a tool or procedure to proceed forward.  Approve the Windows’ UAC prompt on by clicking on Continue or Yes.


When we are done, I'll give you instructions on how to clean up all the tools and logs
Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.
Your topic will be closed if you haven't replied within 3 days.

I will need several clarifications.  You said that at times your Windows shuts down.  That may be a sign of hardware issues  ( one of them, possible over heating in internal hardware).
You mention issue when going to facebook.  Please stay out of social sites for the time being !  and lets please no do web surfing while this case is open.


You may wind up needing to temporarily turn off your antivirus program IF it interferes with the diagnostic tool-reports listed below.
I would like to have you run a tool known as FRST. FRST will help provide me with a list of installed programs and other information about your computer that will help me see if there are any other problems that are not being detected. Please follow the steps below to run FRST.


1: Please download FRST from the link below and save it to your desktop:


Download link for 32-Bit version Windows


Download link for 64-Bit Version Windows

Click the blue DOWNLOAD button to start the process.

Please wait and look toward the top or bottom of your browser for the option to Run or Save.
Click Save to save the file version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Scan with FRST

Right-click on *FRST* icon and select  *Run as Administrator* to start the tool , and reply *YES* to allow it to proceed and run.
Windows 8 or 10 users will be prompted about Windows *SmartScreen protection* - click line  *More info* information on that screen and click button *Run anyway* on next screen.
Click YES when prompted by Windows U A C prompt to allow it to run.

XP users just double-click, and then click run after receipt of Windows Security Warning - Open File.



Approve the Windows’ UAC prompt on Windows Vista and newer operating systems by clicking on Continue or Yes. (not on XP systems)

Click Yes when the* disclaimer* appears in FRST.
The tool may want to update itself - in that case you'll be prompted when the update is completed and ready to use.

Make sure that *Addition* and *Shortcut* options are *checked* - the configuration should look exactly like on the screen below (do not mark additional things unless asked).
Press *Scan* button and wait.



The tool will produce three logfiles on your desktop: FRST.txt , Addition.txt and Shortcut.txt

Please attach these three files to your next reply.
 

Link to post
Share on other sites

Hello.
The Windows 7 on this box has the Windows System Restore service "disabled". Its important for you to be aware of that deficiency.
Also, this PC shows as having installed "Movies Toolbar for Chrome (Dist. by Bandoo Media, Inc.)"   which is highly likely something ill-advised to have and likely a source of adwares.

This machine does not show having Malwarebytes Anti-Malware program.
Please download and SAVE the setup-utility for our program.  This is the download-link
Save to the Desktop.
Then after that, double-click the setup-exe file to start the installation and follow all the prompts.

Once the install is completed, then you can do a Threat Scan run.
Start the program  Malwarebytes Anti-Malware.
on the Dashboard, click the Update ( blue link ).
click the Scan Now >> ( link)  button.

Click on the first column Threat scan

A Threat Scan will begin.
When the scan is complete, Make sure to Review the results.   Look over the list please.

if there have been detections, if there have been detections, look over the list and insure all lines have  check-marks so that they can be removed

click Remove selected to allow MBAM to clean what was detected.
In some cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.


Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the last SCAN performed. Please make sure the word SCAN is shown and also that you grab the very latest Date. the most recent Scan run.
You can double click the line to get it on screen. Then use the menu at bottom of the window.

Click the EXPORT button at the bottom left.
Click TEXT file

Be very aware as to what folder and what NAME you give this report.  You have to make a note so you can send it.

Then attach that file with your next reply.

 

Link to post
Share on other sites

The Threat scan-report shows no malwares found on the run of evening of the 18th.
That is great !

I would like you to do one more scan; this one from ESET security.  This is for a second opinion.

I'd suggest you run this  scan to help look for a virus or possible P U P or rogue that may be lurking. This scan can easily take upwards of an hour, so be run the scan when you don't need to use the computer for a while.
{ If you need help on this, then see this page http://www.eset.com/us/online-scanner/help/

You may use the stand-alone-eset installer.
Use this link to get and SAVE esetsmartinstaller_enu.exe _the ESET Smart Installer. Save it to your desktop.
from this link

You need to first SAVE the file to your system.  Save to the Downloads folder or the DESKTOP  ( for ease of use).


2.Double click on the esetsmartinstaller  icon on your desktop.

4.Check "YES, I accept the Terms of Use."
5.Click the *Start* button.

and proceed just as outlined before.   Reply ( click ) YES when prompted to allow the run by Windows U A C ( user account control).
Have patience while it downloads antivirus database definitions.

Click on *Enable detection of potentially unwanted applications*
Click on the blue line *Adanced Settings*
Choose the following settings in scan settings:

Select (check) Enable detection of potentially unwanted applications.

in advanced settings:
clear ( leave un-checked) Remove found threats

Select ( check-mark) Scan for potentially unsafe applications


Click on Start. The virus signature database will begin to download. This may take some time.
When completed the Online Scan will begin automatically.
Note: This scan might take a long time! Please be patient.
When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
Now click on Finish

A logfile is created and located at C:\Program Files (x86)\Eset\EsetOnlineScanner\log.txt.

Note: Do not forget to re-enable your antivirus application after running the above scan!

I will advise you more after I have had a chance to review that log file.

You will find a log-file for the results of the ESET scan that is named LOG.txt
It will be located under the Program Files structure of Windows in one of the folders listed below.  The report file is named *LOG.txt*
The folder constaining that report is this for 64-bit Windows.
C:\Program Files (x86)\ESET\ESET Online Scanner  

{ for 32-bit Windows systems it would be C:\Program Files\ESET\ESET Online Scanner
 

Link to post
Share on other sites

This last scan with ESET found just 3 items and removed them.  Apparently you chose to have it remove all that it found.
Those 3 items were P U P  ( potentially unwanted programs.)   These are not classified as being malicious malware.
That is all that was found.

and prior to that, the MBAM scan had found and removed a good number of other P U P, as well.

(a)
To help keep from getting P U P in future:
Pay close attention when installing 3rd-party programs. It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed.
Take great care in every stage of the process and every offer screen, and make sure you know what it is you're agreeing to before you click "Next".

(b)
You said <<my computer isnt good >>
But you did not provide more detail as to what exactly is going on now !  What do you see now as being a infection ?
What are you seeing?  what are you trying to do ?  what exactly is not right ?

What we can do hear is help you to remove malware if one is found.  We can also help you on using Malwarebytes software.

You need to provide specific detail as to what is going on.

(c)
When was the last time you flushed ( deleted) all browser cache files ?  e.g. pc house-keeping, etc.
Do you do a lot of web surfing?
Is that what the main issue is now?

(d)
Removing malware can be unpredictable, it is unlikely, but things can go  wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen / flash drive

(e)
These steps are for  NAVI only. If you are a casual viewer, do NOT try this on your system!
If you are not NAVI and have a similar problem, do NOT post here;  start your own topic

I would suggest you do a scan with a specialized tool.

Download ComboFix from here and save it to your desktop.

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.

You can get help on disabling your protection programs here:
http://www.techsupportforum.com/security-center/virus-trojan-spyware-help/490111-how-disable-your-security-applications.html

Double click on ComboFix.exe & follow the prompts.

Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.

When finished, it shall produce a log for you, C:\ComboFix.txt. Attach that log in your next reply.

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.
 

Link to post
Share on other sites

combofix says that os not incompatible. my os windows 7 64bit

my computer isnt good yet my problem is just like what i tell you..

i cannot log on if i tried to log on my computer is force to shutdown and when i press A Key the print is A€...

i think the last time i clean the browser is after my computer is being infected. i follow the steps how to remove malware in browser google chrome.

i do a lot of web surfing because i need it to my assignment in research

thanks again..

Link to post
Share on other sites

What login do you mean ?  a website ?  is it Facebook that you are trying to log into ?

The major thing for us to know, is whether you are able to use Windows.

 

It's not real clear what you mean by << i cannot log on my account like in my account in malwarebytes >>

We do not require any login to run our program.

  • Download mbam-check.exe from >>> here <<<and save it to your desktop
  • On Vista/Windows 7, 8.1, 10, Right-click on mbam-check.exe & select Run as Administrator & allow to Run.
  • after it finishes, It should then open a log file CheckResults.txt
  • Please  may attach the CheckResults.txt file located on your desktop instead

 

 

Link to post
Share on other sites

Sorry, but it is simply not possible to get that last report.  Please just then Copy and paste the contents of the Checkresults.txt report.

 

Other point, I still do not follow, as to what website you are wanting to "login" to.  Can you tell me which one ?

Link to post
Share on other sites

The scan report from MBAM shows no malware.  As to your keyboard, it could well be a hardware issue.  IF you use a wireless keyboard, switch to a regular one that is connected directly.  We cannot help you on keyboard issue.

 

The scan reported no malware.  The Checkresults shows a good install of our program, and that you are running it in Trial mode of the Premium.

 

Link to post
Share on other sites

I am sorry, but I have to say, you are not being clear about what you mean by << help i cant log in my account again >> !

What account is that ?  What do you mean ?

or do you mean this is about the Malwarebytes Anti-Malware program ?   and that you had something set on it ?

Please describe what you mean in detail.

Is it some other program?   maybe you mean some website?   Having good details is so important.

 

also, I need to see a fresh report:   

This tool will collect some information on the installation of Malwarebytes and create a report I need to review:

NOTE: You may need to temporarily turn off your antivirus if it interferes with this tool.

Download mbam-check.exe and save it to your desktop    "from this link"

http://downloads.malwarebytes.org/file/mbam_check

 


On Windows 7,  Right-click on mbam-check-2.3.2.0.exe & select Run as Administrator & allow to Run when prompted by User Account Control.
Do have patience while the tool runs.  It may take a while, and will flash a command prompt window.  And then it will start your text editor ( default is typically NOTEPAD).

It should then open a log file CheckResults.txt.  Just do a File >> Exit in NOTEPAD.
You should attach the CheckResults.txt file located on your desktop so that I can review.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.