30 sec timer shouts down PC - logs attached

Discussion in 'Malware Help (A Specialist Will Reply)' started by boogieman, Mar 22, 2014.

  1. boogieman

    boogieman Private E-2

    Hi

    I get a popup about PC being rebooted after 30 seconds.
    It is for sure not a windows program popup but rather some kind of Java-script.
    (I was visiting my financial brokers site and I hope that one is not infected)

    Its a black text on white background floating over all windows but if i select a window behind it, it gets hidden behind them so there is no "stay on top" feature on this virus.
    A 30sec timer runs.
    There is a ?Cancel? and Reboot button and the X to close the prompt in the upper left corner. All is black and white - typical Internet popup look alike.
    It does not matter if I leave it alone or press the x or cancel, the system reboots when timer reaches zero (or if I press reboot i guess the same thing would happen).

    Here are the logs from the scans (Nothing was found)
    Initially i forgot to turn of AV before running MGTools, but I reran it and made sure that the log had the right time stamp so it is the correct one that I have attached.


    Hope that You have heard of this.

    Best regards
    Boogieman
     

    Attached Files:

    boogieman, Mar 22, 2014
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Is this pop up happening whilst using Windows in general, or is it specifically happening in one of your browsers?
     
    Kestrel13!, Mar 22, 2014
    #2
  3. boogieman

    boogieman Private E-2

    I Believe it is Only browsing. It does not happen very often. This was the first time in like 6 months but I might have gotten rid of it last time and it has reinfested itself now.

    Will monitor how often it happens now.
    So far only once.
     
    boogieman, Mar 22, 2014
    #3
  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    OK, which browser specifically, please?
     
    Kestrel13!, Mar 22, 2014
    #4
  5. boogieman

    boogieman Private E-2

    ie 11
     
    boogieman, Mar 22, 2014
    #5
  6. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Hmm. Go to Start, Run, type in shutdown -a and press ENTER.
    Does this change anything or is it still doing the countdown?
     
    Kestrel13!, Mar 22, 2014
    #6
  7. boogieman

    boogieman Private E-2

    I rally can't tell since it happens very seldom.
    Should I type it when the timer is there or just do it now?
    What will it affect?
    EDIT: found it on google - prevent auto shutdown - I have now entered the command and will await the "virus" to reappear

    It reminds of this post but mine does not complain about Dcom and its not a "real windows prompt". The only common is the 30s timer.
    http://en.kioskea.net/forum/affich-59483-system-shutdown

    Its really strange because i cant find anything on google about it.

    Thanks for the support

    Humbly
    Boogieman
     
    Last edited: Mar 22, 2014
    boogieman, Mar 22, 2014
    #7
  8. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    You're very welcome. Guess you will just have to surf around for a week or so and then come back and let me know how it's going. You will be able to follow final steps if all is well. :)
     
    Kestrel13!, Mar 23, 2014
    #8
  9. boogieman

    boogieman Private E-2

    Hi Kestrel

    Yesterday the timer popped up again.
    I made a printscreen but when i pressed ESC to exit fullscreen of a video clip (on Youtube or daily motion i think it was) the pc imediatelly shut down so I did not manage to do a quick save in paint :(

    Anyway the problem still resides.
    I have drawn a picture of how it looks roughly when timer appears. Its not fully that ugly but allmost :)
    see attachment

    Thank you
    Boogie
     

    Attached Files:

    boogieman, Mar 28, 2014
    #9
  10. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    You should post about this in the software forum. I'm sorry I could not have been of more assistance.



    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
    2. Renable your Disk Emulation software with Defogger if you had disabled it in step 4 of the READ & RUN ME.
    3. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
    4. If running Vista, Win 7 or Win 8, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Now goto the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    6. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.

    7. After doing the above, you should work thru the below link:
     
    Kestrel13!, Mar 28, 2014
    #10

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds