Tweet
Howdy,
Hope someone can advise. Here's the novel about my trials with this little bugger.
Initial
Appears as though my daughter got a little bugger on my box that's causing me some major grief......... Sympoms include slow logging into profiles and only displays wallpaper for quite a while, won't let AVAST update or download newer version, turns off the automatic updating from Windows Security and probably a couple other things that I havn't found out yet. The problem is I logged onto windows in safe mode with networking, downloaded updates for AVAST and Spybot Seach and destroy. Proceeded to run SS&D with several trojans found and one in particular I remenber was some sort of "Windows Update Bypass" something or other. Nuked all those, immunized with the new database. Then ran Avast and it found a couple others. Set a boot time scan and it found some more stuff and Avast deleted them all, but I think the little bugger is re-installing itself with all this crap since when I log on as it seems to be back just as before with slow log on, windows update turned off, trouble getting to Avast site etc. etc. Any thoughts on where I should go from here? Takes quite a while to run all those app's just to have it reinstall all the little buggers once again.
TRy #1
Took Chewy's advice on Malwarebytes post:
Started up in safe mode with networking and a pop up showed itself saying I had infections and go here and download blah, blah, blah to clean...........strange as I've never seen malware pop up from safe mode.........I had downloaded the executable MWB setup file from a different box and installed. Even though I had an internet connection and the firewall configured to for MWB to access it wouldn't let me download the updates........strange........but I'm running MWB now with the initial install rules only, but I've downloaded the newest rules from a different box. I'll update when it's finished finding whatever it finds. At present it's looking as though there's 60 infected objects and counting. Whether it gets them all without the update I don't know, but I'll run again once I install the new rules........ Any angles on the apparent malware running in safe mode would be appreciated.
Try #2
Initial MWB run found 80 infected objects, looked at the quarantined items, made sure they ware all checked and clicked remove. Massage came up that Regedit had been disabled and will affect quarantining pricess, but also indicated that MWB anti-malware will now enable regedit. I rebooted as requested as there were some that would be nuked on the restart. Restarted normally, then shutdown and restarted in safe mode once again. At this point MWB was able to get out and download the updates.......After the second run it found an additional 10 items........Restarted normally and it appears as though the same BS is happening again. Windows firewall disabled, automatic updates disabled, AVAST wouldn't start up like it normally does, couldn't update AVAST........So restarted again in safe mode, uninstalled Avast, downloaded and reinstalled new version of Avast, updated detection files, and now running a scan and then I'll run MWB again........don't have much faith that this is going to nuke the little bugger though. If I can't get this little bugger out of there it's probably going to be easier and quicker just to reformat.........
Thanks for your help in advance,
Cheers,
Max
Hope someone can advise. Here's the novel about my trials with this little bugger.
Initial
Appears as though my daughter got a little bugger on my box that's causing me some major grief......... Sympoms include slow logging into profiles and only displays wallpaper for quite a while, won't let AVAST update or download newer version, turns off the automatic updating from Windows Security and probably a couple other things that I havn't found out yet. The problem is I logged onto windows in safe mode with networking, downloaded updates for AVAST and Spybot Seach and destroy. Proceeded to run SS&D with several trojans found and one in particular I remenber was some sort of "Windows Update Bypass" something or other. Nuked all those, immunized with the new database. Then ran Avast and it found a couple others. Set a boot time scan and it found some more stuff and Avast deleted them all, but I think the little bugger is re-installing itself with all this crap since when I log on as it seems to be back just as before with slow log on, windows update turned off, trouble getting to Avast site etc. etc. Any thoughts on where I should go from here? Takes quite a while to run all those app's just to have it reinstall all the little buggers once again.
TRy #1
Took Chewy's advice on Malwarebytes post:
Started up in safe mode with networking and a pop up showed itself saying I had infections and go here and download blah, blah, blah to clean...........strange as I've never seen malware pop up from safe mode.........I had downloaded the executable MWB setup file from a different box and installed. Even though I had an internet connection and the firewall configured to for MWB to access it wouldn't let me download the updates........strange........but I'm running MWB now with the initial install rules only, but I've downloaded the newest rules from a different box. I'll update when it's finished finding whatever it finds. At present it's looking as though there's 60 infected objects and counting. Whether it gets them all without the update I don't know, but I'll run again once I install the new rules........ Any angles on the apparent malware running in safe mode would be appreciated.
Try #2
Initial MWB run found 80 infected objects, looked at the quarantined items, made sure they ware all checked and clicked remove. Massage came up that Regedit had been disabled and will affect quarantining pricess, but also indicated that MWB anti-malware will now enable regedit. I rebooted as requested as there were some that would be nuked on the restart. Restarted normally, then shutdown and restarted in safe mode once again. At this point MWB was able to get out and download the updates.......After the second run it found an additional 10 items........Restarted normally and it appears as though the same BS is happening again. Windows firewall disabled, automatic updates disabled, AVAST wouldn't start up like it normally does, couldn't update AVAST........So restarted again in safe mode, uninstalled Avast, downloaded and reinstalled new version of Avast, updated detection files, and now running a scan and then I'll run MWB again........don't have much faith that this is going to nuke the little bugger though. If I can't get this little bugger out of there it's probably going to be easier and quicker just to reformat.........
Thanks for your help in advance,
Cheers,
Max
Comment