Solved Malware Problem, please help??

[dinesh]

Just download and Install Avast 5 beta anti virus and run a full scan.

 

[Neverhavemoney]

Virus scanners arent going to pick this one up. If norton (which is reviewed and rated #1 by a high amount of professionals) cant pick it up, then there must be something behind this one. Maybe they dont know of it or it is not scanning right. I have no idea.

I suggest you shut down and start up your computer in safe mode. Then you should be able to run Malwarebytes.

Also, make sure that you only have one AV program installed, one AM program installed and one AS installed. Anymore and they could couter act and you would be more vulnerable then now.

Let us know,
Ben

 

[Neurolanis]

I removed the trojan file.

Norton and these other products will not work, not even in safe mode. However, Norton did run by itself though (although it still won't work when I try to do it myself.) It only found a tracling cookie, and removed it.

The problem remains.

 

[jp07764]

You could always remove your drive and hook it up to another computer
and scan it.

 

[Neurolanis]

I don't know how to do that, unfortionatetly.

 

[jp07764]

I truly belive if your are that bad then it is
time to give up the fight and wipe the drive
clean and reinstall windows.
You do have restore disk or the oem disk
that came with the computer?
The above option I mentioned will cost money. You have to buy the
adaptor for it.
So that is why I say just give it up.
You can try one last thing Security Cleanup forum - dslreports.com broadband community
You can sign up for free and post a hijack this log and someone will guide you though it.
It might help.

Jimmy

 

[Neurolanis]

Ok...I'll check out that forum then.. But this isn't a problem that developed; it only happened that one night, a week ago now. It has to be somewhere..

Still finding and removing problem files. Think I will contact the Microsoft website who offered the patch file for Age of Mythology (a Microsoft game) that I believe is responsible for this (this problem started after downloading it.)

I have heard of others having similiar problems with Microsoft patch downloads.

 

[Neurolanis]

OK...now SUPERAntiSpyware has found "Rogue.SmartProtector" and removes it, but every time I restart it returns. Does anyone know how I might go about removing it for good?

 

[mitchell]

This is driving me nuts...I got no sleep last night and I'm going CRAZY....I spent HOURS looking through the task manager and then removing unsafe files one by one...researching every software name under my user name to see if it's a malware and I did find and remove a few...I restarted under normal mode and it had only gotten worse!

Malwarebytes won't run, but I downloaded and am currently running
Microsoft® Windows® Malicious Software Removal Tool (KB890830). Hopefully it will find something....

Every time my computer restarts in normal mode a message comes up to update "Creative Products." Looking it up online but can't find much yet...

You still cant get Malwarebytes to run?? even in safe mode

 

[Neurolanis]

I tried several times and tried again (uninstalled and reinstalled, and did it again (in safe mode.) It won't come up or update or anything. Neither will SUPERAntiSpy (except for the online scan.) Norton won't work either. Everything else seems to work just fine..:huh:

 

[mitchell]

I tried several times and tried again (uninstalled and reinstalled, and did it again (in safe mode.) It won't come up or update or anything. Neither will SUPERAntiSpy (except for the online scan.) Norton won't work either. Everything else seems to work just fine..:huh:

Looking through all the posts you seem to have used a lot of Security apps, have you uninstalled previous anti virus before installing another anti virus as having two AV Resident scanners running at once will conflict with each other.
You can have more than one antispyware like mbam/sas

To be quite honest if it was me i would uninstall all security apps
Reinstall Malwarebytes (Malwarebytes has a high detection rate of polymorphic malware)
This maybe why when you do remove something it reappears (Polymorpic malware is malware that once it gets established it replicates under different identities)

If you cant get Malwarebytes to run i think you really need to format & reinstall Windows

Edit; If you wish to keep trying you may find this interesting, best wishes;
http://www.vistax64.com/system-security/209297-ultimate-malware-removal-guide.html

 

[Neverhavemoney]

OK...now SUPERAntiSpyware has found "Rogue.SmartProtector" and removes it, but every time I restart it returns. Does anyone know how I might go about removing it for good?

Hey neurolanis,
The reason it keeps returning is because of your system restore files. Viruses hide out here and they don't go away. You have to delete these. Hifgh risks are involved because you can't restore. So makr sure u have all of your files backed up and delete the restore files.
Windows Vista System Restore Guide
The link abovr shows you how. Aftger that run another scan, remove the files, and restart. Let us know if that solves it.

Let us know,
Ben

 

[Corrine]

Please do NOT clear System Restore until the computer is clean. It is better to have an infected restore point than none!

If you would like assistance, please post the following logs:

• Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
• Double click on RSIT.exe to run RSIT.
• Click Continue at the disclaimer screen.
• Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

 

[Neurolanis]

Hmmm, I believe I have already saved at least one system restore point. I'm not sure that will fix the problem though. I guess I may try that if all else fails..

I found the following registry file and tried looking it up. It looks to be a Creative Proucts file, but I am not certain. Would it be OK to remove it? Location: C:\Users\UserName\AppData\Local\VirtualStore\ProgramData\Creative\Software Update

 

[Neurolanis]

Please do NOT clear System Restore until the computer is clean. It is better to have an infected restore point than none!


If you would like assistance, please post the following logs:

• Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
• Double click on RSIT.exe to run RSIT.
• Click Continue at the disclaimer screen.
• Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Okie-dokie. I assume it's safe to post this stuff? There is a lot to post...I'll start with the log info..

 

[Neurolanis]

*Logfile information removed by Neurolanis*

 

[Neurolanis]

*removed by Neurolanis*

 

[Neurolanis]

*removed by Neurolanis*

 

[Neurolanis]

*removed by Neurolanis*

 

[Corrine]

Hi, Neurolanis. I see you ran ComboFix. ComboFix is an extremely powerful program and should not be run without supervision from a trained expert. Are you receiving guidance from another site? If not, since you have already run ComboFix, please post the log and we will see where things stand.
http://www.vistax64.com/member.php?u=141470