Jump to content
laurareeling

Scan and cleanup run several times - still infected

Recommended Posts

Hi there, I was warned by AVG of Trojan Horse Generic29.AJGE and started taking action.  Ran malwarebytes rootkit tool several times.  Ran superantispyware several times,  quick, complete, and custom on Firefox program.  Ran cccleanup.  Have rebooted several times.  Yet I am obviously still infected (pop ups, including one saying it was the FBI which required a restart to clear), even though I'm being told I'm clean by all these programs - what next?

Share this post


Link to post
Share on other sites

Try starting the Firefox browser in safe mode (reset).

 

To do this :

 

Select the FF tab, (if you are using the Menu bar select Help)

 

Select Help,

 

Select Troubleshooting info,

 

On the right hand side select Reset FF

 

This will start FF in its basic setting without add-ons etc.

Share this post


Link to post
Share on other sites

OK, done.  Just went to a page where I was having problems and see none.  So what does this tell me?  (In fact, I ran a custom scan just on the Firefox program directory previously, as the browser is where I'm having all my problems...I had also uninstalled a pesky toolbar.)  Thanks!

Share this post


Link to post
Share on other sites

The toolbar may have had something to do with it.

 

All of this tells me that the issue is with something downloaded to the browser like an add-on.

 

Disable all add-ons and incremently enable each one until you find the culprit.

 

What add-ons do you have? What was the toolbar ?

Share this post


Link to post
Share on other sites

The toolbar I uninstalled of was 'sweetstarts' or something to that effect, but I was still having problems.  Also have/had an AVG Security toolbar.

 

Plugins: AVG SiteSafety plugin Shockwave Flash AmazonMP3DownloaderPlugin Adobe Acrobat Silverlight Plug-In NVIDIA 3D Vision Java Deployment Toolkit 6.0.220.4 Java Platform SE 6 U22 (SoftBlocked) CANON iMAGE GATEWAY Album Plugin Utility Windows Live® Photo Gallery MetaStream 3 Plugin (disabled)

Share this post


Link to post
Share on other sites

OK, did that, deleted and rebooted. (Thank you for all your assistance by the way, it is much appreciated.)

The only thing that still concerns me is that when I logged in after boot up, my entire monitor was taken over by a 'The F.B.I. Dept. of Cybercrime...' window - had gotten this once before during all this mess and the only way I got rid of it was by a task manager restart (as I did this time).

Share this post


Link to post
Share on other sites

Best way I found to get rid of that is either boot into safe mode and run any anti malware scans that are permitted in safe mode (some aren't),

 

or (and this is the way I've found to be best)

 

is use a bootable disc such as Avira rescue more details can be found here.

Share this post


Link to post
Share on other sites

Thanks once again - I had some trouble creating the Avira rescue boot disk, but I've got it running now - it's finding things and renaming them (looks like some nasty, backdoor stuff), but the scanner's stopped twice now with 'segmentation fault' - I've hit start scanner and i think it picks up where it left off, but I'm not feeling comfortable that it's really working  and can find nothing online about what it actually looks like when it's found something.  So, sorry to be troubling you yet again, but does this all sound normal?  Should I just keep running it again when it stops until it's finally done?  (I created the boot disk on a clean laptop.)

Share this post


Link to post
Share on other sites

Here's a tut on what things should look like forum.avira.com/wbb/index.php?page=Thread&threadID=82163

Remember, any thing that shows as jet black is a warning (I think) and is not necessarily bad, its just because its Linux based and can't distinguish between legit windows files (safe).

Anything in Red shows as an Alert (I think) the red ones are usually Threats and should be treated as such.

But it shouldn't keep stopping unless you are using a hibernate feature which will slow/stop things.

Share this post


Link to post
Share on other sites

Thanks - I had found the tutorial, but it said nothing about segmentation fault.  It also looks like I'll need Avira's regular antivirus s/w to quarantine stuff afterwards (and yes, it's highlighting things in red).

Share this post


Link to post
Share on other sites

Hmmm, I just babysat it and it stopped in the same spot it had the last time with 'segmentation fault.' I'm going to run their antivirus and quarantine what it did find. Wonder if this is bad enough I need to take this PC to a shop.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×