Help w malware removal

Discussion in 'Malware Help (A Specialist Will Reply)' started by makins, Dec 27, 2008.

  1. makins

    makins Private E-2

    Please advise on removal of these found by Windows Defender. Just tried installing Trend Micro IS Pro v.2. Intall successful but update apparently blocked. No malware detected or removed. Browsers continue to be hijacked. A current Hijack This log is attached.

    Will check thread frequently.

    Thank you,

    makins
     

    Attached Files:

    makins, Dec 27, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    On removal of what?


    If you are having malware problems, please follow the instructions in the below link and attach the requested logs when you finish these instructions.



    READ & RUN ME FIRST. Malware Removal Guide
    • If something does not run, write down the info to explain to us later but keep on going.
    • Do not assume that because one step does not work that they all will not.
    Notes:
    1. If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode. You can run steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
    2. If you have problems downloading on the problem PC, download the tools on another PC and burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
     
    chaslang, Dec 30, 2008
    #2
  3. makins

    makins Private E-2

    Malware resulted in reformat

    Thank you for responding, but by the time I picked up your message I had already battled with the Vundo malware too long using other advisors and, after consulting with Trend Micro, decided to simply reformat the drive and reinstall Windows XP, software, and data files. This took just over an hour and has been working fine. Please let me share the lesson I came away with... although you may not agree.

    Although the last time I fought a trojan (and won with help from MajorGeek), given my experience this time, when I next encounter a malware like the Vundo trojan/hijacker and discover the assessment that "this malware is difficult to remove" posted all over the Internet, I plan to go directly to reformatting and reinstalling Windows and applications, and uploading backup of data. This takes far less time and has a much higher chance of working I think.

    I now know (as you no doubt already knew) that installing an internet security suite like Trend MicroCillin Pro does not help. Even if you can get it installed without being blocked (as I eventually did), it does not detect the malware infection present prior to installation of Trend. Also, the malware was successful in blocking my ability to even get to Trend Micro's system cleaning application that they offered by email.

    So, for me, Lesson 1 is: Always install internet security software and have it turned on before connecting any new computer (such as this new eMachine from Walmart that my friend connected without protection) to the web.

    Lesson 2 is, if you get one of these really bad types of malware like Vundo, forget removal and just reformat, reinstall operating system. Then IMMEDIATELY install internet security and then reinstall apps and upload backup data.

    I have to say I'm getting the feeling that the creators of the malware are a few steps ahead of everyone trying to beat them back. I'm also getting the feeling that prevention of the malware is best, and removal is becoming much more difficult.

    Thank you for your suggestions in any event... I'm cheering for you to keep trying to provide strategies to fight malware.

    Respectfully submitted,
    makins
     
    makins, Dec 31, 2008
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Re: Malware resulted in reformat

    Wrong approach for Vundo and for most people takes much much more time then the cleaning procedure. Had you just ran SUPERAntiSpyware and Malwarebytes alone 99% of your problems would already have been fixed.


    It's your choice on what approach you prefer to take. But a new install involves more than you may think. Especially to get back to a level of where your system is at. You have to consider all of the below:
    • you have to backup all you own data, settings, configurations etc and first you have to know what/where all of these are. And you have to have the medium (burnable media, second hard drive, tape drive [yuck] )
    • then you must make sure you have the necessary disks to reinstall not just your OS but all other software you use especially protection before going online
    • then delete your partitions, recreate partitions, format, reinstall the OS
    • now reinstall all your software especially protection
    • get online (requires some setup and config that novices have problems with)
    • download updates for OS
    • download updates for protection software
    • download updates for all other software
    • tweak all software back the way you like it. Including Desktop settings, icons etc.
    • create all the folders that you use for everything in your normally routines
    • re-load from your backups to get data back, to get settings, Favorites,.....etc back
    • now over the next two weeks you will realize that you forgot to backup some stuff and also you will keep finding something else that you need to reinstall.
    There is no way that a total reinstall only takes an hour. The reinstall of Windows alone would take that and that is without all the updates you may need to download and install especially if you do not have an installation CD with the current Service Pack. For many people the reinstall of Windows XP and upgrades to get back to SP3 level alone with nothing else can take much longer than removing the malware. And then you still have to do everything else mentioned above.

    As far as preventioned is concern, yes the best thing to do is be properly protected which is why another one of our sticky threads exists:

    How to Protect yourself from malware!

    And yes all protection software should be installed before every connecting to the internet.
     
    chaslang, Jan 4, 2009
    #4
  5. makins

    makins Private E-2

    Point granted!

    Hi chaslang,
    Thank you for the reply and taking time to give me those details. Your make your point. If I had not been in an urgent situation and rushed, I would have tried the solution you suggest. I'll inform myself more about SUPERAntiSpyware and Malwarebytes so I'll be better prepared next time... and in the meantime I'll contine to tell my friends to keep the cyberspace "shields" up. :) Ha...

    Your point about the time involved in a complete reformat and restore is right on target. However, in this case I was able to get through all these steps quickly (maybe 1 hour is an uderestimate, but it did not take more than a couple). This is because eMachines (I guess this is really Gateway) provides an efficient "Restore" utility that reformats and reinstalls Windows XP rapidly. And, the friend I was helping only had a relatively small number of applications to reinstall... and is good about keeping install disks in order. So, you're right. My situation is probably not the most common.

    Thank you so much.

    makins
     
    makins, Jan 4, 2009
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome.

    Yes this is just a image of how the system was shipped and they just reimage the drive. You now still need to get all of your Windows Updates and updates for other programs since everything that you reimaged back to is probably out of date. Make sure you follow the instructions in the How to protect yourself thread. You will see the first step is to go to Microsoft Update.
     
    chaslang, Jan 8, 2009
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds