Jump to content

fake windows security alerts

JaniceV
 Share

Recommended Posts

JaniceV

JaniceV

Posted
Posted

Hi all,

My netbook has been infected with a fake windows security alerts since last Friday. I've used the PC Spyware Doctor, but it failed to clean the virus.

I read the post which is related to the same topic. I used the malwarebytes to clean up the virus in the safe mode.

Now I'm using the GMER 1.0.15.15281 to generate the log out. Is this procedure correct?

Can anyone help me what should I do afterwards?

Sorry for my poor English and many thanks for you all,

JaniceV

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Hello JaniceV! Welcome to MalwareBytes' Anti-Malware Forums!

My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following:

  • The process of cleaning your system may take some time, so please be patient.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • If you don't know or can't understand something please ask.
  • Do not install or uninstall any software or hardware, while work on.

Please follow these instructions:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites
JaniceV

JaniceV

Posted
  • Author
Posted
Hello JaniceV! Welcome to MalwareBytes' Anti-Malware Forums!

My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following:

  • The process of cleaning your system may take some time, so please be patient.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • If you don't know or can't understand something please ask.
  • Do not install or uninstall any software or hardware, while work on.

Please follow these instructions:

http://forums.malwarebytes.org/index.php?showtopic=9573

Hello Borislav,

I've scanned my HDD with malwarebyte, it helps me clean the fake windows security alerts, should I still post the GMER.log here for you?

Link to post
Share on other sites
JaniceV

JaniceV

Posted
  • Author
Posted
I want to see any log file in the order in which they are given. Follow the instructions please!

Due to my poor english, sorry for the inconvenience I've been made.

At the early time, I used another anti-spyware but it fails to clean the alert completely because virus will come up again and again.

After all, I use the malwarebytes to clean the malware/sypware in the normal mode. it also fails.

Then, I try to use the malwarebytes in the safe mode, my netbook now is cleaned and no virus is found.

I'll post the 2logs created by the malwarebytes (1 is before scanning in the safe mode and 1 is after the scanning in the normal mode)

also, I'll post the GMER log to you too, thanks.

(As my malwarebytes is a chinese version, hope you still can read it...)

JaniceV.zip

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

**Note: If you need more detailed information, please visit the web page of ComboFix in BleepingComputer. **

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper.

Please download ComboFix from

Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**

  1. If you are using Firefox, make sure that your download settings are as follows:
    • Open Tools -> Options -> Main tab
    • Set to Always ask me where to Save the files.

[*]During the download, rename Combofix to Combo-Fix as follows:

CF_download_FF.gif

CF_download_rename.gif

[*]It is important you rename Combofix during the download, but not after.

[*]Please do not rename Combofix to other names, but only to the one indicated.

[*]Close any open browsers.

[*]Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

-----------------------------------------------------------

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause unpredictable results.
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

    -----------------------------------------------------------


  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

-----------------------------------------------------------

[*]Double click on combo-Fix.exe & follow the prompts.

[*]When finished, it will produce a report for you.

[*]Please post the C:\Combo-Fix.txt for further review.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

I have bad news for you JaniceV.

ComboFix log shows that many important system files are infected but also shows that there is no clean copies to be replaced. In this case, we recommend that you reinstall your operating system. I'm so sorry, but your system is seriously infected. :)

Link to post
Share on other sites
JaniceV

JaniceV

Posted
  • Author
Posted

Thanks Borislav anyway, I feel so happy that you are so helpful.. Actually I've prepared to recover the OS.

BTW, due to some important files save in my netbook, is it safe to copy my files to my portable disk, without any virus transferred? Will it be more safe to transfer those files in the safe mode?

Thanks a lot

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept