Jump to content
zangalus2005

Need help identifying problem

Recommended Posts

On the 17th two days ago, I recieved an infection while I was away from my computer, and had turned off my firewall and live scanner with two website pages opened (most likely trusted). and without my knowledge a rogue anti-spyware program was installing itself onto my PC. After I got back I did a force restart immediately to see if I could interupt the infection, but all I got was a blue screen error before windows could even load every time I restarted. I was however able to enter safe mode and allow my computer to be usable again. I cannot remember the name of the rogue AV that tried to (or did) install itself on my PC, but it might have been antivirus 360, or MS2009.

After I got my system back up running, even after multiple following scans, I noticed that 5 randomly single numbered/lettered .tmp files, and 2 double numbered/lettered .tmp files, would re-create themselves every time after restarting, even with MBAM and SAS set to run on startup with live protection. This would re-occur every time until I did a self-diagnosis and determined that combofix was necessary to help finish it off. Sure enough, it got rid of all tmp files permanently, and when I did follow-up scans with your program and MBAM, all results showed up 100% clear after multiple scans/restarts. So, I was able to get rid of most of the problem EXCEPT an internet browser hijack, which I was completely unsure of what was causing it even after doing manual window searches. I was being re-directed away from websites I searched and attempted to visit from google that had anything to do with anti-malware, and prompted to install a rogue-antispyware program which name is unknown to me, but I would ignore it by alt-F4 closing the window and chose to ignore it temporarily till I discovered something new.

on the 18th yesterday, someone who I was sharing LAN with gained a serious infection from MS2009 which caused the computer to stall completely. That person typically never does anything that would prompt malware/virus infections, and has never had a history of it, and yet got infected just a day later after my infection. On this day after the initial infection, which I had presumably rid myself most of, came back in full force with the same tmp files and more. I had SAS scheduled to do a scan following MBAM while I was asleep, and I set SAS to restart my PC after it finished its scan, and thats most likely how it came back.

What I have done so far after the re-infection on the 18th is run MBAM once again, then combofix (as instructed by the tech support), and then avira antivirus (boot CD), and next I am to run Dr. Web CureIt. I have yet to run SAS because I am strictly following instructions from MBAM support at the moment.

Should I still have a problem even after recieving technical support after MBAM, I will then hope I can rely on your assistance as well to guide me in the right direction. What I have found is that MBAM and SAS time and time again have always worked the most effectively together at eliminating previous threats to my PC, but it might have never completely solved the problem. What I really wanted to know is if using MBAM and SAS together will only cause problems or conflictions in the proceedures made for complete quarantine. Will you most likely be able to still help me even after I recieve MBAMs help and remain infected?

Share this post


Link to post
Share on other sites

Hello.

SAS, MB, and the Eset online scan are the main scanners I use for disinfections.

Prior to disinfecting, I clear the temps with CCleaner, disable system restore, and disable all startup items.

In regards to support, the SAS team and the regular members are here to assist with any SAS issue.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×