fake windows errors slowly destroying computer!!! (resolved)
5 posts
• Page 1 of 1
fake windows errors slowly destroying computer!!! (resolved)
hi guys, please help me! i have done an AVAST scan, an ADAWARE se scan, and a spybot scan, but this thing slowly is eating my computer. so far i have lost admin privileges and i tried, but cant get them back. i have also gotten a popup that is noticeably fake but is supposed to be a security alert every 5-6 minutes saying "Warning! Potential Spyware Operation!" then it tries to get me to download their fake virus scan. i have made a hijackthis log and here it is, thanks for all your help
- Nicklefrits
- Posts: 10
- Joined: Fri Aug 17, 2007 3:08 pm
When you did the virus/spyware scans, were you in safe mode? If so, you might want to try downloading the trial version of NOD32 and letting that scan the system. But always do those scans in safe mode, because in safe mode those programs shouldn't run (shouldn't being the key word, if they've injected themselves into explorer or something it gets a little tougher).
You say you've lost administrative access... if you boot to safe mode, does the Administrator account still have administrative privileges? Can you create a new administrative account? Can you manually edit permissions from going to Start-->right click My Computer-->Manage-->Users and Groups? If none of that works, Windows may be too corrupt and it will be easiest just to do a fresh installation.
Good luck!
Let's try this the easy way first, run the new ESET Online Scanner as it uses the same signatures as NOD32 which many swear by at this site but I've never tried it yet. Just so you know, the culprit files are:
proper.exe
winter.exe
autos.exe
infos.exe
skuns.dat.
bronto.dll
You may have to do some work to recover your missing functionality after getting rid of those files. HTH and good luck.
EDIT: Oops, didn't see you there Ar!stotle.
EDIT2: I see you already have Combofix installed, run this after you delete the files.
proper.exe
winter.exe
autos.exe
infos.exe
skuns.dat.
bronto.dll
You may have to do some work to recover your missing functionality after getting rid of those files. HTH and good luck.
EDIT: Oops, didn't see you there Ar!stotle.
EDIT2: I see you already have Combofix installed, run this after you delete the files.
Everything that irritates us about others can lead us to an understanding of ourselves. -- Carl Jung
eVGA X58 tri-SLI, i7 930 @ 3.8GHz., Corsair 6GB Dominator, Inno3D GTX470, eVGA260
ASUS P8P67 Pro, i7 2600K @4.60 GHz, 8GB RAM, eVGA GTX 460
eVGA X58 tri-SLI, i7 930 @ 3.8GHz., Corsair 6GB Dominator, Inno3D GTX470, eVGA260
ASUS P8P67 Pro, i7 2600K @4.60 GHz, 8GB RAM, eVGA GTX 460
- augie
- Community Director
- Posts: 7870
- Joined: Mon Aug 26, 2002 1:55 am
- Location: Laurentians, Quebec
Thank you both very much! after getting the update for today from avg and then scanning in safe mode, i deleted the infection, used combofix and ended the problem. now i have full admin rights again, and control panel is back.
thanks,
Nicklefrits
thanks,
Nicklefrits
- Nicklefrits
- Posts: 10
- Joined: Fri Aug 17, 2007 3:08 pm
Nicklefrits wrote:Thank you both very much! after getting the update for today from avg and then scanning in safe mode, i deleted the infection, used combofix and ended the problem. now i have full admin rights again, and control panel is back.
thanks,
Nicklefrits
Ya, I just saw that yesterday's (Nov. 2) AVG update picked the sucker up, it's a pretty new infection. Glad you got it fixed.
Everything that irritates us about others can lead us to an understanding of ourselves. -- Carl Jung
eVGA X58 tri-SLI, i7 930 @ 3.8GHz., Corsair 6GB Dominator, Inno3D GTX470, eVGA260
ASUS P8P67 Pro, i7 2600K @4.60 GHz, 8GB RAM, eVGA GTX 460
eVGA X58 tri-SLI, i7 930 @ 3.8GHz., Corsair 6GB Dominator, Inno3D GTX470, eVGA260
ASUS P8P67 Pro, i7 2600K @4.60 GHz, 8GB RAM, eVGA GTX 460
- augie
- Community Director
- Posts: 7870
- Joined: Mon Aug 26, 2002 1:55 am
- Location: Laurentians, Quebec
5 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 4 guests