A Digital Age Deserves A Digital Leader

fake windows errors slowly destroying computer!!! (resolved)

fake windows errors slowly destroying computer!!! (resolved)

Postby Nicklefrits » Sat Nov 03, 2007 12:59 pm

hi guys, please help me! i have done an AVAST scan, an ADAWARE se scan, and a spybot scan, but this thing slowly is eating my computer. so far i have lost admin privileges and i tried, but cant get them back. i have also gotten a popup that is noticeably fake but is supposed to be a security alert every 5-6 minutes saying "Warning! Potential Spyware Operation!" then it tries to get me to download their fake virus scan. i have made a hijackthis log and here it is, thanks for all your help
PRO Level 2
Posts: 10
Joined: Fri Aug 17, 2007 3:08 pm

Postby ar1stotle » Sat Nov 03, 2007 2:07 pm

When you did the virus/spyware scans, were you in safe mode? If so, you might want to try downloading the trial version of NOD32 and letting that scan the system. But always do those scans in safe mode, because in safe mode those programs shouldn't run (shouldn't being the key word, if they've injected themselves into explorer or something it gets a little tougher).

You say you've lost administrative access... if you boot to safe mode, does the Administrator account still have administrative privileges? Can you create a new administrative account? Can you manually edit permissions from going to Start-->right click My Computer-->Manage-->Users and Groups? If none of that works, Windows may be too corrupt and it will be easiest just to do a fresh installation.

Good luck!
Image
Image
PRO BRONZE
User avatar
Posts: 3841
Joined: Sun May 16, 2004 1:59 am
Location: New Orleans, Louisiana

Postby augie » Sat Nov 03, 2007 2:19 pm

Let's try this the easy way first, run the new ESET Online Scanner as it uses the same signatures as NOD32 which many swear by at this site but I've never tried it yet. Just so you know, the culprit files are:

proper.exe
winter.exe
autos.exe
infos.exe
skuns.dat.
bronto.dll

You may have to do some work to recover your missing functionality after getting rid of those files. HTH and good luck.

EDIT: Oops, didn't see you there Ar!stotle.

EDIT2: I see you already have Combofix installed, run this after you delete the files.
Everything that irritates us about others can lead us to an understanding of ourselves. -- Carl Jung

eVGA X58 tri-SLI, i7 930 @ 3.8GHz., Corsair 6GB Dominator, Inno3D GTX470, eVGA260
ASUS P8P67 Pro, i7 2600K @4.60 GHz, 8GB RAM, eVGA GTX 460
Community Director
User avatar
Posts: 7870
Joined: Mon Aug 26, 2002 1:55 am
Location: Laurentians, Quebec

Postby Nicklefrits » Sat Nov 03, 2007 5:21 pm

Thank you both very much! after getting the update for today from avg and then scanning in safe mode, i deleted the infection, used combofix and ended the problem. now i have full admin rights again, and control panel is back.
thanks,
Nicklefrits
PRO Level 2
Posts: 10
Joined: Fri Aug 17, 2007 3:08 pm

Postby augie » Sat Nov 03, 2007 5:26 pm

Nicklefrits wrote:Thank you both very much! after getting the update for today from avg and then scanning in safe mode, i deleted the infection, used combofix and ended the problem. now i have full admin rights again, and control panel is back.
thanks,
Nicklefrits


Ya, I just saw that yesterday's (Nov. 2) AVG update picked the sucker up, it's a pretty new infection. Glad you got it fixed. ^*^
Everything that irritates us about others can lead us to an understanding of ourselves. -- Carl Jung

eVGA X58 tri-SLI, i7 930 @ 3.8GHz., Corsair 6GB Dominator, Inno3D GTX470, eVGA260
ASUS P8P67 Pro, i7 2600K @4.60 GHz, 8GB RAM, eVGA GTX 460
Community Director
User avatar
Posts: 7870
Joined: Mon Aug 26, 2002 1:55 am
Location: Laurentians, Quebec

Return to Security & Virus

Who is online

Users browsing this forum: No registered users and 4 guests

cron
cron