Help! Something posing as Windows Updates.

Discussion in 'Malware Help (A Specialist Will Reply)' started by tiggsmom, Jan 17, 2009.

  1. tiggsmom

    tiggsmom Private E-2

    A couple of months ago I started getting nightly windows updates. It confused me because I had it scheduled for once a week (and it still is as far as I can tell) and when I do a manual windows update check it tells me it has 27 important updates for me to install. My pc reboots every single night. It started having trouble restarting and I often have to use system restore to get it to start. I tried shutting the computer down at night and it caused all kinds of havoc when I restarted the next morning and I still had to use system restore. It often resets my desktop and changes I have made to it which sent up huge red flags to me. Today I discovered through System Suite that my D (recovery) drive is 93% full. I tried to do a disc cleanup and it shuts System Suite down about 1/2 way through reading the registry.

    Any idea what I have going on here? Virus and Spam scans have not detected anything.

    OS: Vista Home Premium

    Thanks for any help at all. I am about 2 steps away from just wiping the drive and starting over, but I'd rather not if I don't have to.
     
    tiggsmom, Jan 17, 2009
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    It's not really sounding like you are having malware problems, but let's be sure.

    Please follow the instructions in the READ & RUN ME FIRST link given futher down and attach the requested logs when you finish these instructions.
    • If you have problems where no tools seem to run, please try following the steps given in the below and then continue on no matter what you find. You only need to try the TDSSserv steps if having problems getting scans in the Read & Run Me First.
    • If something does not run, write down the info to explain to us later but keep on going.
    • Do not assume that because one step does not work that they all will not.
    READ & RUN ME FIRST. Malware Removal Guide


    Helpful Notes:


    1. If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
    2. If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware, Malwarebytes and Spybot ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
    3. To avoid additional delay in getting a response, it is strongly advised that after completing the READ & RUN ME you also read this sticky:
    Any additional post is a bump which will add more delay.​
     
    chaslang, Jan 18, 2009
    #2
  3. tiggsmom

    tiggsmom Private E-2

    Thank you Chaslang. Here are the logs you asked for
     

    Attached Files:

    Last edited by a moderator: Jan 19, 2009
    tiggsmom, Jan 18, 2009
    #3
  4. tiggsmom

    tiggsmom Private E-2

    And the other two:

    I hope all of these worked ok. They seemed to, but I am having trouble restarting the computer. For this reason, I couldn't Toggle System Restore. Sometimes system restore is the only way I can get the computer back on.

    Thanks again for your help figuring out what is going on with my computer.
     

    Attached Files:

    Last edited by a moderator: Jan 19, 2009
    tiggsmom, Jan 18, 2009
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Your Malwarebytes log shows that you took no action. Did you fix what it found? Check a new scan.

    I'm not seeing any malware in your logs but I do question the below folder. What is in the new folder?
    Code:
    10:30 . 2009-01-18 10:31 <DIR> c:\program files\Common Files\AntiVirus
     
    chaslang, Jan 19, 2009
    #5
  6. tiggsmom

    tiggsmom Private E-2

    I thought I had. I will re-do that one. As for the anti-virus folder, that is supposed to be the updated version of my System Suite. I haven't been able to get it to stay though. I install it, the computer restarts, we go to start-up repair because the computer can't start, repair does it's thing and gets me started back up and then my System Suite isn't there anymore.

    It's like it uses system restore in order to get started back up again. Sometimes start-up repair can't fix the problem and I get a list of options and then I manually have to use system restore to get it going again. This is the crux of the issue I'm having.
     
    tiggsmom, Jan 19, 2009
    #6
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    If you keep using restore points to revert back in time to where the application was not installed, then it will not show anymore even though files may be present. In fact, if you are doing a restore then any malware removed by the cleaning procedure is also being restored.

    If installing System Suite and running it, is breaking your PC, then you need to take this up with them or post in the Software Forum because this is not a malware problem.
     
    chaslang, Jan 21, 2009
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds