Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Massive malware infection has made a mess

26 Dec 2015   #11
MoxieMomma

OEM Windows 7 Ult (x64) SP1
 
 

Hi, @tony22:

Quote   Quote: Originally Posted by tony22 View Post
Göran, I'm curious. Can you recall what each of the various tools found during your efforts to identify and remove the problem(s)?
For the record:
Each computer is unique.
While there are general principles, malware detection and removal are best customized for each system.
Fixes for one system could break another system or even render it unbootable.

Although it may be interesting to hear what was on the OP's system, I respectfully suggest that the information NOT be extrapolated to your computer(s).

If you're concerned that your computer might be infected, then the safest course of action would be either to wait for one of the malware-trained experts to assist you here in your own threads, or to seek a bit of expert help at one of the many reputable computer disinfection fora.
Those experts will know which tools to run, in which order, for complete & safe detection and removal.

Just a friendly suggestion,

MM


My System SpecsSystem Spec
.
26 Dec 2015   #12
Admiral Awesome

Windows 7 Ultimate, 32-bit
 
 

Quote   Quote: Originally Posted by tony22 View Post
Göran, I'm curious. Can you recall what each of the various tools found during your efforts to identify and remove the problem(s)?
I'm afraid not Tony. As I said there was a sh*tload of them:

Malwarebytes Anti-Malware and Anti-Rootkit
AdwCleaner
Junkware Removal Tool
Norton Power Eraser
Hijack This
Sophos Virus Removal Tool
Trendmicro Housecall
SpyBot Search & Destroy
and Chrome Cleanup-Tool.

each producing slightly different results.

Malwarebytes I didn't run, not because it's no good - on the contrary it would have been my first choice - but because I had just finished my 30-day-trial with them, and thought the price a bit steep.

I did purchase SpyBot Search & Destroy though, and it ran for hours and finding stuff the whole time. Of course I don't know if that's just smoke-and-mirrors stuff i.e. if all they reported, or any other anti-malware reports, really was there and if they didn't purposely make things seem more dramatic than necessary, add artificial delays, blinking screens etc.

How would users know? For all I know, they may be cooking up the bad code at night that they then 'find' during daylight with great fanfare..;)

But I do seem to recall that one - I think it was Sophos Virus Removal Tool - that wanted to remove even Textmaker Pro and Planmaker Pro, from the excellent German MSOffice-like suite Softmaker Pro.

Papa don't like, cause this is highly legitimate software and made me think that perhaps the Sophos people are in cahoots with Microsoft;).

But seriously, that was the only thing that stuck out. Like I said I had gone from 6 am one day to 6 am the next w/o sleep so forgive me for being hazy about what happenened when.

I do remember that Norton Power Eraser struck me as perhaps the best of the lot, mainly because the first thing it asked to do was reboot so as to be able to perform a root-kit search; none of the others did.

I think also Trendmicro Housecall came off as serious and knowing their stuff, but to be honest I didn't think about keeping my own log or even saving the logs of the respective programs except for a few that I will attach to this post.

I do remember that one of the cuprits was Wajam, that most of them blocked my actions to try and stop the infection from spreading (Task Manager wouldn't run or else access was denied when I tried to end suspicious-looking processes) and that many seemed at first to have been successfully eradicated - only to pop up again after reboot. Very persistent, very sneaky and malicious. But then that's what they are/do.

No surprise there. I will say this though, the infection(s) didn't 'just happen', I foolishly visited sites of ill repute and clicked on dubious links, so in my case I brought it on myself; nobodys fault but mine.

Not that I'd fall for obvious stuff like 'By incredible luck, you are the millionth user to visit this site, therefore you have won...', but there are sneakier, less obvious ways to haul you in.

Remember, the slimebag con-artists that write this malicious code do nothing else all day - they're bound to get good at it.


Attached Files
File Type: zip Malware logs.zip (190.5 KB, 1 views)
My System SpecsSystem Spec
26 Dec 2015   #13
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

Just a note:

If a trial version of Malwarebyte Anti Malware time runs out one can always use the Free version to scan your systems.

I chose to get the Premium Version.
----------------------------------------

Golden's method of a
Disk - Clean and Clean All with Diskpart Command
will certainly be the most complete.

Their are times when their is just to much junk and damage and starting new is a great idea.
I have went that path a couple of times. A clean start just made me feel safer.
Now that Windows 7 Updates take two life times to get does make it more time consuming.
My System SpecsSystem Spec
.

26 Dec 2015   #14
MoxieMomma

OEM Windows 7 Ult (x64) SP1
 
 

Hi:

Quote   Quote: Originally Posted by Admiral Awesome View Post
Malwarebytes I didn't run, not because it's no good - on the contrary it would have been my first choice - but because I had just finished my 30-day-trial with them, and thought the price a bit steep.
<snip>
For the record, a couple of clarifications:

1) MBAM Free and MBAM Premium use the identical malware detection and removal engines/methods/databases. IOW, anyone can run a manual scan with MBAM Free and remove malware exactly the same way a user with MBAM Premium would do so. So, you could very well have run a full scan with MBAM Free and it would have detected/removed all of the same malware as MBAM Premium or Trial. The major difference between Free and Premium is the real-time protection and some other features, NOT the malware removal.

EDIT: OOPS! I didn't notice that @LBB had replied while I was typing. Great minds think alike

2) The "Trial" version is for 14-days, not 30. The "30 days" applies to the money-back guarantee on the license purchase. (There is one Trial per PC per MBAM Program version.) As for the cost, it works out to pennies per day per PC -- it's probably cheaper than the lost time, effort and productivity recovering from a major malware problem, data breach or other catastrophe. <just sayin'>

3) MBAR-Beta (Malwarebytes Anti-Rootkit BETA) is a free, BETA tool. While most of the anti-rootkit functionality has been incorporated into MBAM, the tool does exist as a standalone. However, since it is a powerful, beta tool it is recommended that it be run with expert guidance and assistance.

Cheers,

MM
My System SpecsSystem Spec
26 Dec 2015   #15
Admiral Awesome

Windows 7 Ultimate, 32-bit
 
 

Quote   Quote: Originally Posted by Layback Bear View Post
Just a note:

If a trial version of Malwarebyte Anti Malware time runs out one can always use the Free version to scan your systems.

I chose to get the Premium Version.
Is that a fact? I didn't know. That would to my thinking lessen demand for the premium version - unless the premium version offers, for example, proactive measures.

Yes, that must be it. Immunization and such and such. An ounce of prevention is, after all, worth two in the bush. Or is that the other way around? Today was a very long, tiring day, for entirely different reasons than malware.

It's -time here (GMT+1=11:20 pm).
My System SpecsSystem Spec
26 Dec 2015   #16
Admiral Awesome

Windows 7 Ultimate, 32-bit
 
 

MM said "As for the cost, it works out to pennies per day per PC -- it's probably cheaper than the lost time, effort and productivity recovering from a major malware problem, data breach or other catastrophe. <just sayin'>"

This is very true. 'Penny wise and pound foolish'.
My System SpecsSystem Spec
26 Dec 2015   #17
MoxieMomma

OEM Windows 7 Ult (x64) SP1
 
 

Quote:
s that a fact? I didn't know. That would to my thinking lessen demand for the premium version - unless the premium version offers, for example, proactive measures.
MBAM Free is only a manual, on-demand scanner that REMOVES malware that has already made it past your AV onto the system.

MBAM Premium provides complementary, layered, real-time protection alongside your AV, to help PREVENT infection by zero-hour and zero-day, non-viral threats often missed by the AVs.

The malware detection and removal capabilities are the same for both versions, as explained in my previous post.

Comparison between MBAM Free and MBAM Premium


Thanks,

MM (just a home user with no company affiliation or financial interest)
My System SpecsSystem Spec
26 Dec 2015   #18
Admiral Awesome

Windows 7 Ultimate, 32-bit
 
 

LBB: you said "...starting new is a great idea./.../A clean start just made me feel safer."

I know it. That's why I did a clean install - for the peace of mind that's in it.

"Now that Windows 7 Updates take two life times to get does make it more time consuming."

That is a bummer...still, I'm not yet sure about Windows 10 - I deliberately missed Vista back in the day, and would rather let other people evaluate Windows 10 thoroughly before I make the switch.

Plus I don't really see the need - Im good with what I have, but then I'm not one to depend on to keep the wheels of business turning.
My System SpecsSystem Spec
26 Dec 2015   #19
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

Their are some that like W-10. We have a sister forum full of them.

Windows 10 Forums



I don't like W-10 but please understand I don't hate W-10.
I just don't have a need or desire for W-10 and the things that come with it.

Sense W-10 came out, Windows 7 updates have been very, very, very slow searching.
Members report that the time to search and download the Windows 7 updates after a Clean Install or a Repair Install for 8 to 48 hours.
Other than leaving your computer on and waiting I know of no cure for this slowness.

While Searching for Windows 7 Updates you can reboot and try again and hopefully you will get a Microsoft server that is not so busy.
Do Not reboot if your system is in the downloading or installing stage of Windows Updates.
Only in the Search stage.

Note:
To me Malwarebytes Premium is absolutely necessary along side of my anti virus program.
This is my opinion and I also don't get anything from Malwarebytes Inc. for stating this opinion.
My System SpecsSystem Spec
26 Dec 2015   #20
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Quote:
I did purchase SpyBot Search & Destroy though, and it ran for hours and finding stuff the whole time. Of course I don't know if that's just smoke-and-mirrors stuff i.e. if all they reported, or any other anti-malware reports, really was there and if they didn't purposely make things seem more dramatic than necessary, add artificial delays, blinking screens etc.
Spybot S&D has always been free to my knowledge ... I need to look into that.

Yikes! Just looked ... You'd be so much better off if you had purchased Malwarebytes'
My System SpecsSystem Spec
Reply

 Massive malware infection has made a mess




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Possible malware infection
Sorry if ths is in the wrong section,,i wasn't sure where to put itl. My cother computer wont let me visit any pages at all with any browser and it also wont let me run hardly any programs either. I have cleeaned the system with Malwarebytes Anti Malware and tried to use superantispyware but...
System Security
Malware infection.
Hi, so this all started when I clicked on a Shipment Label.exe that arrived on my email, impersonating FedEx, a minute later, I get hit by a Malware denying me internet. So, I start by running Avira which didn't find anything. So, I go onto my laptop to see what I can do, after that, I restart my...
System Security
Possible malware infection
Hey, I have been having problems with BSODs, and have been redirected to here from the BSOD subforum. http://www.sevenforums.com/bsod-help-support/281276-recent-bsods-happening-random.html I have no idea what I should post or say here furthermore, but I do need help as it is a very big...
System Security
Win 7 Install Has Made A Mess
I've had to re-install Windows 7. And it naturally did something completely screwy - Disk 0 used to be Disk 1, and vice versa. Rearranged my Disk labels, and drive letters in a nonsensical way, but far worse, it has labeled my Documents drive as "System, Active" (in MiniTools Partition...
Installation & Setup
Made a mess of my partitions, need to recover what is possible
Hello, My name is Alex, and first of all, I would like to thank you for taking the time to help me. SYSTEM: I am running an optiplex 755 with a 160gb 7200rpm hard drive. Just added a 320gb WD 5400rpm hard drive. WAS dual booting win7 pro 64bit (OEM) and winxp pro 32bit ATTEMPTED: I wanted...
Hardware & Devices
Made a mess of C:\users\public security
Files within c:\users\public folder have been reset to owner "Administrators" and all security is gone. Inhereted security from c:\users\public is still there on all files and folders. What security is the default on a normal windows 7 machine? Please send me outpu of follwing commands ...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 11:56.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App