Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Malware infection.


16 Jun 2013   #1

Windows 7 64bit
 
 
Malware infection.

Hi, so this all started when I clicked on a Shipment Label.exe that arrived on my email, impersonating FedEx, a minute later, I get hit by a Malware denying me internet. So, I start by running Avira which didn't find anything.
So, I go onto my laptop to see what I can do, after that, I restart my computer, I run Safe Mode, I download Microsoft System Scanner, finds 3 infected files and gets rid of them. I go to sleep thinking of everything is fine. The next morning I turn on my computer, and I'm in, I open the browser which gave me a huge relief, less than 3 minutes in, And it's back, closes the browser, and denies me access, at this point, I run safe mode again, run the Microsoft System Scanner, which surprisingly shows no infected files, to which I immediately begin to think that the Malware is more of " Under the radar" kinda thing. So it finishes. Now my other option is that I do a System Restore which will put it a few months back. I tried doing one yesterday but it closed preventing me from doing a Restore, Im thinking of doing the Restore on Safe Mode but Im thinking the System restore might've been infected already and will do more harm. So, fellow forum warriors, I ask for thee. What are my options?

My System SpecsSystem Spec
.

16 Jun 2013   #2

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Xen12


Download FRST from the link below . Either in Safe Mode with Networking if possible or download it from a working PC

64-Bit Version OS Farbar Recovery Scan Tool x64

If you could download FRST64.exe from Safe Mode with Networking drag the file from the Downloads folder to your Desktop .

From the Desktop :
  • Right-click on FRST64.exe choose
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • FRST will let you know when the scan is complete and has written the FRST.txt to file
  • Please copy and paste both logs in your reply.(FRST.txt and Addition.txt) both logs should be on the Desktop

If you can't Download it inside Safe Mode . Download the file from a non infected PC and save it to your USB Flash Drive and follow the instructions below .


Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
Use the arrow keys to select Repair Your Computer menu item.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
Insert the installation disc.
Restart your computer.
If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
Click Repair your computer.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account and click Next.

On the System Recovery Options menu you will get the following options:
  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt

Select Command Prompt

In the command window type X:\FRST.exe (for x64 bit version type X:\FRST64.exe) and press Enter
Note   Note
Replace letter X with the drive letter of your flash drive.

Tip   Tip
Type the commands below to see what your letter is for the USB drive and press ENTER after each command

Code:
Diskpart
List volume
The tool will start to run.
When the tool opens click Yes to disclaimer.
Press Scan button.
FRST will let you know when the scan is complete and has written the FRST.txt to file
Please copy and paste both logs in your reply.(FRST.txt and Addition.txt)
My System SpecsSystem Spec
16 Jun 2013   #3

Desk1 8 Pro / Desk2 7 Home Prem / Laptop 8.1 Pro all 64bit
 
 

hiyya mate try TDSSKiller Rootkit Removal Utility Free Download | Kaspersky Lab US

and


http://www.superantispyware.com/

http://www.malwarebytes.org/products/malwarebytes_free/

http://www.bleepingcomputer.com/download/adwcleaner/

download ADW from bleeping computer
My System SpecsSystem Spec
.


16 Jun 2013   #4

Windows 7 64bit
 
 
Problem Solved!

I`ve solved the problem, I ran Malware Bytes through Safe Mode, found a total of 5 infected files and removed them. I restarted the computer, ran another scan, and no files have been detected, my browser works fine, thank you for the help, I will keep this as a reference!
My System SpecsSystem Spec
16 Jun 2013   #5

Desk1 8 Pro / Desk2 7 Home Prem / Laptop 8.1 Pro all 64bit
 
 

Good stuff Xen keep them all for permanent use mate I keep taskbar icons for MBAM, SAS and CCleaner and run them on a regular basis and after all they are free.

CCleaner is really good stuff if you don't have it already CCleaner - Download
My System SpecsSystem Spec
16 Jun 2013   #6

Windows 7 Home Premium
 
 

Xen12,

Based on the information you provided in your initial post, as an added measure of precaution, will you open Malwarebyte's Anti-Malware once again, go to the Logs tab, and provide the report that has the files found?

Running scans without analyzing their results is a risky business.
You need to make sure there is not something there than can cause problems in the future.

Also, with no ofense intended to ICit2lol, but, at his point there is no evidence of malware that would require the use of TDSSKiller. Basically, it addresses the TDL threat. The use of this tool here is not recommended.
My System SpecsSystem Spec
16 Jun 2013   #7

Windows 7 Home Premium 32 bit
 
 

Quote   Quote: Originally Posted by Xen12 View Post
I`ve solved the problem, I ran Malware Bytes through Safe Mode, found a total of 5 infected files and removed them. I restarted the computer, ran another scan, and no files have been detected, my browser works fine, thank you for the help, I will keep this as a reference!
Till 24 Jun, you can buy MalwareBytes Pro at 20% discount.

http://www.sevenforums.com/general-d...24-2013-a.html

( I did and at a whopping 65% discount probably because of my location and it immediately found Trojan Vundo. I was surprised. I had just before installing MalwareBytes Pro, run the Jun Windows update Malicious Software Removal tool, had updated Microsoft Security Essentials and run a quickscan. I am still wondering why MSE didn't get it.)
My System SpecsSystem Spec
17 Jun 2013   #8

Desk1 8 Pro / Desk2 7 Home Prem / Laptop 8.1 Pro all 64bit
 
 

Quote   Quote: Originally Posted by cottonball View Post
Xen12,

Based on the information you provided in your initial post, as an added measure of precaution, will you open Malwarebyte's Anti-Malware once again, go to the Logs tab, and provide the report that has the files found?

Running scans without analyzing their results is a risky business.
You need to make sure there is not something there than can cause problems in the future.

Also, with no ofense intended to ICit2lol, but, at his point there is no evidence of malware that would require the use of TDSSKiller. Basically, it addresses the TDL threat. The use of this tool here is not recommended.
No offence taken CB I just slipped it in as I was not aware of what you pointed out.

Myself for the MBAM Pro I run Kaspersky ISS and find the KIS doesn't really like the Pro but thats just my machines.
My System SpecsSystem Spec
Reply

 Malware infection.




Thread Tools



Similar help and support threads for2: Malware infection.
Thread Forum
Possible malware infection System Security
S. Korea tops Asia's malware infection list Security News
Malware or Rootkit infection? System Security
Malware/Viruses. What is the most common way of getting infection? System Security
Malware Infection System Security
Malware Infection? System Security
Malware.Trace infection System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 12:47 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33