On step 3 of Read & Run Me First & now I am STUCK!!!

Hi. I'm new to this forum. I am trying to do the Read & Run Me 1st steps... but I'm stuck on the 3rd step (Vista Cleaning Procedure)...

Because I can NOT get the SuperAntiSpyware to fun. (each time I click to install says program has stopped working... etc...)

Then I tried to go to download The Malwarebytes AntiMalware & it's say page can't be found. (I do NOT have $$$ to pay for this.)

So, now I'm going to try the combofix.exe... & wanted to post a note before I start, because I have a feeling I may have done something wrong before this.

Here's the deal... I know what I did to get the virus... Yeah... I did the Keygen thing... BIG MISTAKE!! That was the 1st and LAST time I ever do that!! Anyway, I thought I got it all... but it seems I haven't... because my searches are getting redirected & sending me to ads & etc.

At least I don't have the annoying audio advertisement that kept popping up.

I have ran my AVG (which is a paid subscription) & it found nothing but tracking cookies.

Well, while it was running I found the .tmp file that was running the annoying audio ad & did a shell scan of it & another similar .tmp file... & that's where it found a Trojan Fake Alert. I sent it to the vault & emptied my vault.

Now, the audio ad does not pop up... but my Google search is still messed up.

I'm afraid to sign into anything using this computer... So, now that I've ran the CCleaner... all my automatic login are gone, because those cookies are gone.

SO... to end this long story... I need your help... PLEASE!!!

What do I need to do now? & How can I give you logs from stuff that I can't even get to run or install??

I guess I'll give the ComboFix a try...

Oh... yeah... I went through bleepingcomputers.com & did their autorun program search... & found & deleted a few things that they said were Trojans... but I still am having problems.

AND... make matters worse... I can't get a HiJackThis application to install either!!!

SO, I'M AT A LOSS... HELP ME PLEASE!! :cry

P.S.... I'm a fairly tech savvy & if you give me some stuff to look at or whatever... I should be able to do it.

I hope you can help me! Thanks, LH!
(P.P.S. I used my hubby's computer to register to this forum... in case you're wondering.)

 

I am... just a little scared at the moment about ComboFix...

As for the SuperAntiSpyware... That's the one that won't run at all. Says program stopped working.

So... ComboFix... here I come... (Oh... I am running AVG's AntiRootKit at the moment & it did find one... (never had that happen.) Just waiting for it to finish.

My next question is... my hubby thinks I just need to run a different AntiVirus scan... Something like Avast.... Do you recommend this???

Or should I continue onto the ComboFix????

(Oh golly... If you can help me ... You'll have major kudos coming from me!!!)

I'm so at a loss without being able to sign into stuff... Ok, better stop now before I start rambling again!! (FYI... the name of my blog is: The Rambling Train... so, I have to stop myself a LOT!!) :-D

 

okie dokie (Not typing this to bump... just to let you know I got your message.)

I will go run ComboFix right now... If it works. I sure hope I can get you a log! I will be back soon as I have been able to go through ALL the steps. Thank you much Chaslang.

 

Re: (Logs ATTACHED) On step 3 of Read & Run Me First & now I am STUCK!!!

Ok, I finally have been able to get something to work!! The only one of the tools that I could get to work was the MGTools... I am attaching it & the errors I received from the RootRepeal.

Again, as for the SuperAnti-Spyware & the Malwarebytes..., please see my other replies below, for it is late & I'm not recalling all the details. (But they are below!!)

The ComboFix would not run either...

brb... I just clicked on it again to get you the error... & now it's acting like it wants to work...
(oh, says my AVG is running... hmmm...)

In the meantime, I'll attach the MGTools log.

Hope you all can find something out with it! Thanks

 

Attaching a NEW MGTools log... Is my system clean now?

I tried to edit my prior message (On step 3 but...)... but I don't see that option...

Anyway... I'm attaching a new log from MGTools... because I realized I may have messed up the prior one.

So, please if you haven't already looked at the previous log (in my previous thread)... Please ignore. Because, some things have changed since that last log & the old one may now be incorrect. (Long story.)

Short of it is... I have a new log... is attached.

Please let me know if my system is clean.

Thank you, LH

 

Re: Attaching a NEW MGTools log... Is my system clean now?

WOOT!! (Just excited that now I have some instructions from you to follow... Yes, Sir... I will be FOLLOWING them to the letter!!)

I'll brb with some explanations & some new logs for ya in a few... got to go read exactly what you've said!!

 

Ok, here's the deal... I have been using AVG 8.5 (have a paid version via a Trial Pay) for a while now...

Then at Hubby's insisting I downloaded Avast & thought I had disabled AVG while doing that... But promptly uninstalled Avast (so I thought!) when it was done scanning. However, when I tried to run ComboFix the 2nd time, it said AVG was still running. So I uninstalled AVG. That must have been when I ran the 2nd MGTools log as well.

I have since reinstalled AVG & I had found that MalwareBytes had a free version of their program. So, I have that too now!

Oh... btw... when all this started. AVG did not find on anything during the FULL scan... but I found a Trojan Fake Alert. something, when I did a shell extension of 2 tmp files that I found was part of the audio popup ads. I thought I had gotten rid of it... but then AVAST found some virus (don't remember what) & I thought I had put that in their vault & yet when I ran AVG after reinstalling (& after uninstalling AVAST)... it found the same virus & it's now in the AVG vault. (Do you need to know the name of it??)

However, things don't end there!! Because I was so anxious to get things running AND because Hubby kept saying I wasn't doing what he told me to do... I started researching again... & that's when I found that MB had a free version... & so, I installed that & ran it & it found the Trojan.Vundo ...

Then I was really worried... & that's when I came back to the forums & started trying to find out what I was doing wrong.

Well, 1st thing I did wrong was I did NOT follow the R&R instructions correctly the 1st time. (Please forgive me... I claim it's Adult ADD, along with a nagging spouse!) LOL

(I don't know if you've been reading any of my other posts... if so, some of this may be duplicated from it.)

Anyway... 2nd thing I did wrong is that I was being impatient! 3rd thing is I was listening to too many people giving advice of what to do... when I should have just stuck it out here!!

Well... there's more (I KNOW) but this has gone on long enough. What I'm trying to say is... I'M LISTENING TO YOU NOW!!! :major

With that said... let me get to what else you said...

CRUD... I was going to try to do this all in one reply for ya... but now I see I'm going to have to submit this nice long story of what I've done so far... so that I can follow your instructions carefully! Sorry... I'll brb again!

 

(NEW LOGS) Re: On step 3 of Read & Run Me First & now I am STUCK!!!

(See below replies!!)

COMPLETED!!

Tried to run, but it crashed (Gave 2 Error reports, I put in one log, attached)

All ran fine... MBAM & ComboFix Logs attached... No log from SAS, though... received a pop up to say: "No harmful software detected." :cool

Done & attached!! ;o)

Well, I can't really tell a difference at the moment.

Now I am going to enable AVG again (had disabled for the SAS to run.) & I'm going to restart my system... I should be able to tell when I restart... because I kept getting a slower restart & it was odd when all this started.

I only wonder if I had some of this stuff long before I got the Trojans. (I still am in shock I had 2 different ones.)

Ok... Now before I leave you... I have a few questions that have been on my mind (some since this started & others for some time even before.)

1. In all the logs did you see anything that looked like a Key Stroke generator?? (I am concerned, & because of such, I've not opened my emails & would like to know if it's safe to open now??)

2. Once you give me an "all clean"... do you think my system will run more efficiently if I were to use the recovery / reformat disc that came with the computer when I bought it? (Meaning starting from fresh?) (Yes, my files are already backed up!)

3. Can you tell if all this was from just the one problem? Or did it look like I had multiple problems & possibly had been there for a while??

4. What about the files I saved to my external drive? Hubby scanned it the other day (from his computer using Avast AND MBAM) & it turned up nothing... Does this mean we're safe on that one?

5. Speaking of... should I do a R&R of my hubby's computer... even though AVAST & MBAM showed nothing? Or maybe just run the MGTools & submit them to the forum for a look over?? (If so, I have to wait until Hubby is not in need of the computer.... & I want to wait to see if you want me to do the R&R completely before I do anything!!

6. Here's one that's been bugging me for quite some time... Should I be concerned there are multiple "svchost.exe" running in the background (seeing them in my task manager.)

7. Now what do I do with all the stuff I downloaded for this? I am thinking I'll keep the MBAM free (& later when we have the $$$ get the paid version.)... & I know I'll be keeping AVG 8.5 until Jan 2010, that's when my license for it expires.... I really like AVG, but if you can tell me it's downfalls & why I should switch (if you think I should)... It would be much appreciated.

8. When uninstalling programs via their icon to uninstall and / or via the add / remove program tool... Shouldn't the programs be completely removed?? I ask, because I still think there's traces of AVAST on my system. (Along with a couple other files I saw in one of the logs.)

Ok, that does it for all the questions I had written down... I'm sure I'll have more & if I do, I'll wait until you reply again... so as not to "bump" this!!

I'm heading to attach my logs now... but before I do... Thank you again & I do apologize for the impatience that I had during this time!!!

P.S. Could you do me a favor, please... when you get this & you start to review my new logs... will you please post a quick note (either here or in a PM, because I have that ability now!) to let me know you're working on it... Just to give me reassurance that I had not been overlooked. (Sorry, I tend to be a little paranoid when it comes to things like this.)

Thank you again!! :major :cool
Oh... sorry, I just thought of one other question that I've had for a long time... I have a scrolling mouse... & after awhile when I'm reading something on a page... the page will jump down as if I hit page down or something. It's like the the scroll was settling in or something? Does that make sense? It's only a minor annoyance... & only wondered if it was normal or not.
Thanks

 

I may have to run the R&R on my computer again... or should I just run the MW & SAS 1st to see if anything is found? It's just acting strange.

I didn't go to any sites or download anything I shouldn't have. It just could be user error. LOL

If I do go through the R&R again... should I just post the logs in this thread again?

 

You're probably right, software issues. I think it's to do with upgrading from SP1 to SP2 on Vista. If so, I'll post in the software forum.
Yes, I did finish the final 100%.

I don't think I have any further malware issues at this time. If I do, I'll post a new thread, as per your request.

Thanks much! :cool