help for possible virus

[Dallas]

good day to all,

last night, thursday, i started to get these pop up "warnings" from my
alleged anti virus/anti spyware, so i figured it was the phony pop ups that
wanted to me to click yes; i never did, but, anytime i tried to open my own
security programs, explorer, or any folder, it would open briefly, then
close & another pop up would surface.

i have a quick scan run every morning, using mse, i run a full scan w/ mse,
once every 1-2 weeks, i keep spyware blaster updated & run ccleaner often.

i could not log off last night, via start menu, so i shut it down from the
tower.

i started it this morning & same thing, so i restarted it, via safe mode &
restored to wed. when all was fine.

now, i ran the mse quick scan after logging in the safe mode, no threats
were found.

so, 1, do i just keep running in the restored mode, or do i try & find the
virus ?

thanks for any/all, ia

--
Dallas.....

Dell P 4, 3GHz, 512 MB DDR SDRAM, 160 GB, Win XP HomeSP3, WMP11,
16X DVD-ROM & ,6X DVD+/RW, IE8, OE6, DSL, via AT&T. I use these on a regular
basis: MSE, Spyware Blaster, Ccleaner

 

[Bruce Hagen]

good day to all,

last night, thursday, i started to get these pop up "warnings" from my
alleged anti virus/anti spyware, so i figured it was the phony pop ups
that wanted to me to click yes; i never did, but, anytime i tried to
open my own security programs, explorer, or any folder, it would open
briefly, then close & another pop up would surface.

i have a quick scan run every morning, using mse, i run a full scan w/
mse, once every 1-2 weeks, i keep spyware blaster updated & run ccleaner
often.

i could not log off last night, via start menu, so i shut it down from
the tower.

i started it this morning & same thing, so i restarted it, via safe mode
& restored to wed. when all was fine.

now, i ran the mse quick scan after logging in the safe mode, no threats
were found.

so, 1, do i just keep running in the restored mode, or do i try & find
the virus ?

thanks for any/all, ia

--
Dallas.....

Dell P 4, 3GHz, 512 MB DDR SDRAM, 160 GB, Win XP HomeSP3, WMP11,
16X DVD-ROM & ,6X DVD+/RW, IE8, OE6, DSL, via AT&T. I use these on a
regular basis: MSE, Spyware Blaster, Ccleaner

You don't need to undo the SR, but that doesn't usually get rid of
Malware. It may have been something altogether different.

However, I would recommend downloading the free version of this tool and
let it scan your machine.

Malwarebytes Anti-Malware
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

 

[Dallas]

understand & will do so bruce, & will respond once it's complete - thanks
very much

--
Dallas.....

Dell P 4, 3GHz, 512 MB DDR SDRAM, 160 GB, Win XP HomeSP3, WMP11,
16X DVD-ROM & ,6X DVD+/RW, IE8, OE6, DSL, via AT&T. I use these on a regular
basis: MSE, Spyware Blaster, Ccleaner

 

[Dallas]

thanks again bruce, below is the log from the quick scan. also, when i log
in next time, it it no longer in safe mode,m right ? i have never had to do
this before, so not sure; knock wood!


"Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4152

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

5/28/2010 12:54:16 PM
mbam-log-2010-05-28 (12-54-16).txt

Scan type: Quick scan
Objects scanned: 154603
Time elapsed: 23 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)"

--
Dallas.....

Dell P 4, 3GHz, 512 MB DDR SDRAM, 160 GB, Win XP HomeSP3, WMP11,
16X DVD-ROM & ,6X DVD+/RW, IE8, OE6, DSL, via AT&T. I use these on a regular
basis: MSE, Spyware Blaster, Ccleaner

 

[Bruce Hagen]

YW. It looks like your clean. Go ahead and use your computer as normal. As
I said, since an SR fixed your issue. I didn't think it was Malware
related, but this is a good program to have and run on occasion.

Good luck.

 

[Jose]

thanks again bruce, below is the log from the quick scan. also, when i log
in next time, it it no longer in safe mode,m right ? i have never had to do
this before, so not sure;  knock wood!

"Malwarebytes' Anti-Malware 1.46www.malwarebytes.org

Database version: 4152

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

5/28/2010 12:54:16 PM
mbam-log-2010-05-28 (12-54-16).txt

Scan type: Quick scan
Objects scanned: 154603
Time elapsed: 23 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)"

--
Dallas.....

Dell  P 4, 3GHz, 512 MB DDR SDRAM, 160 GB, Win XP HomeSP3, WMP11,
16X DVD-ROM & ,6X DVD+/RW, IE8, OE6, DSL, via AT&T. I use these on a regular
basis: MSE, Spyware Blaster,  Ccleaner

Why in the world would anyone do a quick scan if you are even
suspicious about the integrity of your computer.

It would seem that if one are worried about something one would do the
most thorough scan possible even if it takes longer.

Won't you always wonder later: "Hmmm... maybe I should have done a
full scan instead..."

If you do a quick scan, fewer things get scanned so if there is an
option to scan more things why not scan everything that is scannable
and just get it over with - at least once in a while or when there is
some unexplained behavior. You don't want to wonder about it later.
How many thousands of items do you think your quick scan did not scan
today?

Phony pop-up warnings come from several different sophisticated
infections and the proper removal process is sometimes detailed and
specific for each one (fortunately, most procedures have been well
documented). If you want the details, please provide more info than
"those pop-up warnings"... What do they say exactly, or take a screen
shot so somebody else can see what you are seeing instead of imagining
what you are seeing.

Perform some scans for malicious software, then fix any remaining
issues:

Download, install, update and do a full scan with these free malware
detection programs:

Malwarebytes (MBAM): http://malwarebytes.org/
SUPERAntiSpyware: (SAS): http://www.superantispyware.com/

They can be uninstalled later if desired.

 

[Dallas]

thanks again & i can always & forever use the good luck! i used malwarebytes
onc,e but someone, in here actually, said all i needed was the mse, but now
i will use this as well as the mse.

again thanks & have a good holiday weekend

--
Dallas.....

Dell P 4, 3GHz, 512 MB DDR SDRAM, 160 GB, Win XP HomeSP3, WMP11,
16X DVD-ROM & ,6X DVD+/RW, IE8, OE6, DSL, via AT&T. I use these on a regular
basis: MSE, Spyware Blaster, Ccleaner

YW. It looks like your clean. Go ahead and use your computer as normal. As
I said, since an SR fixed your issue. I didn't think it was Malware
related, but this is a good program to have and run on occasion.

Good luck.
--
Bruce Hagen
MS-MVP [Mail]
Imperial Beach, CA

thanks again bruce, below is the log from the quick scan. also, when i
log in next time, it it no longer in safe mode,m right ? i have never had
to do this before, so not sure; knock wood!


"Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4152

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

5/28/2010 12:54:16 PM
mbam-log-2010-05-28 (12-54-16).txt

Scan type: Quick scan
Objects scanned: 154603
Time elapsed: 23 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)"

--
Dallas.....

Dell P 4, 3GHz, 512 MB DDR SDRAM, 160 GB, Win XP HomeSP3, WMP11,
16X DVD-ROM & ,6X DVD+/RW, IE8, OE6, DSL, via AT&T. I use these on a
regular basis: MSE, Spyware Blaster, Ccleaner

 

[Dallas]

thanks jose, as i did the quick scan as i needed to be accessing my credit
union at the time as i am having some financial issues, but will do a full
scan as soon as i possibly can.

as far as the pop ups, there were 2, but since i knew they were not
legitimate, in so far as any security program i am using, & since i could
not do anything, as it was, i had to enter via f8, then sr, so i can't tell
you what they were - my bad.

thanks & will run the full scan as soon as i am finished w/ the credit
union here this afternnoon.

--
Dallas.....

Dell P 4, 3GHz, 512 MB DDR SDRAM, 160 GB, Win XP HomeSP3, WMP11,
16X DVD-ROM & ,6X DVD+/RW, IE8, OE6, DSL, via AT&T. I use these on a regular
basis: MSE, Spyware Blaster, Ccleaner

thanks again bruce, below is the log from the quick scan. also, when i log
in next time, it it no longer in safe mode,m right ? i have never had to
do
this before, so not sure; knock wood!

"Malwarebytes' Anti-Malware 1.46www.malwarebytes.org

Database version: 4152

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

5/28/2010 12:54:16 PM
mbam-log-2010-05-28 (12-54-16).txt

Scan type: Quick scan
Objects scanned: 154603
Time elapsed: 23 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)"

--
Dallas.....

Dell P 4, 3GHz, 512 MB DDR SDRAM, 160 GB, Win XP HomeSP3, WMP11,
16X DVD-ROM & ,6X DVD+/RW, IE8, OE6, DSL, via AT&T. I use these on a
regular
basis: MSE, Spyware Blaster, Ccleaner

Why in the world would anyone do a quick scan if you are even
suspicious about the integrity of your computer.

It would seem that if one are worried about something one would do the
most thorough scan possible even if it takes longer.

Won't you always wonder later: "Hmmm... maybe I should have done a
full scan instead..."

If you do a quick scan, fewer things get scanned so if there is an
option to scan more things why not scan everything that is scannable
and just get it over with - at least once in a while or when there is
some unexplained behavior. You don't want to wonder about it later.
How many thousands of items do you think your quick scan did not scan
today?

Phony pop-up warnings come from several different sophisticated
infections and the proper removal process is sometimes detailed and
specific for each one (fortunately, most procedures have been well
documented). If you want the details, please provide more info than
"those pop-up warnings"... What do they say exactly, or take a screen
shot so somebody else can see what you are seeing instead of imagining
what you are seeing.

Perform some scans for malicious software, then fix any remaining
issues:

Download, install, update and do a full scan with these free malware
detection programs:

Malwarebytes (MBAM): http://malwarebytes.org/
SUPERAntiSpyware: (SAS): http://www.superantispyware.com/

They can be uninstalled later if desired.

 

[David H. Lipman]

From: "Dallas" <Jagged Edge@StillIStruggle>

| thanks jose, as i did the quick scan as i needed to be accessing my credit
| union at the time as i am having some financial issues, but will do a full
| scan as soon as i possibly can.

| as far as the pop ups, there were 2, but since i knew they were not
| legitimate, in so far as any security program i am using, & since i could
| not do anything, as it was, i had to enter via f8, then sr, so i can't tell
| you what they were - my bad.

| thanks & will run the full scan as soon as i am finished w/ the credit
| union here this afternnoon.

That is NOT a good idea if " ...be accessing my credit union..." means online.

While it can presumed that you are infected with a fake anti malware, a trojan, we don't
know what else you may be infected with. You may be infected with a keylogging trojan, a
password stealer or banker trojan.

I know I am late to reply, but for all readers of this thread, such actions should be
deferred or at least performed on a different computer. Access while infected can have
the account information harvested and perloined.

 

[Dallas]

here's the full scan results, jose & thanks again - enjoy your weekend

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4152

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

5/28/2010 3:44:47 PM
mbam-log-2010-05-28 (15-44-47).txt

Scan type: Full scan (C:\|)
Objects scanned: 269791
Time elapsed: 1 hour(s), 22 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


--
Dallas.....

Dell P 4, 3GHz, 512 MB DDR SDRAM, 160 GB, Win XP HomeSP3, WMP11,
16X DVD-ROM & ,6X DVD+/RW, IE8, OE6, DSL, via AT&T. I use these on a regular
basis: MSE, Spyware Blaster, Ccleaner

thanks again bruce, below is the log from the quick scan. also, when i log
in next time, it it no longer in safe mode,m right ? i have never had to
do
this before, so not sure; knock wood!

"Malwarebytes' Anti-Malware 1.46www.malwarebytes.org

Database version: 4152

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

5/28/2010 12:54:16 PM
mbam-log-2010-05-28 (12-54-16).txt

Scan type: Quick scan
Objects scanned: 154603
Time elapsed: 23 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)"

--
Dallas.....

Dell P 4, 3GHz, 512 MB DDR SDRAM, 160 GB, Win XP HomeSP3, WMP11,
16X DVD-ROM & ,6X DVD+/RW, IE8, OE6, DSL, via AT&T. I use these on a
regular
basis: MSE, Spyware Blaster, Ccleaner

Why in the world would anyone do a quick scan if you are even
suspicious about the integrity of your computer.

It would seem that if one are worried about something one would do the
most thorough scan possible even if it takes longer.

Won't you always wonder later: "Hmmm... maybe I should have done a
full scan instead..."

If you do a quick scan, fewer things get scanned so if there is an
option to scan more things why not scan everything that is scannable
and just get it over with - at least once in a while or when there is
some unexplained behavior. You don't want to wonder about it later.
How many thousands of items do you think your quick scan did not scan
today?

Phony pop-up warnings come from several different sophisticated
infections and the proper removal process is sometimes detailed and
specific for each one (fortunately, most procedures have been well
documented). If you want the details, please provide more info than
"those pop-up warnings"... What do they say exactly, or take a screen
shot so somebody else can see what you are seeing instead of imagining
what you are seeing.

Perform some scans for malicious software, then fix any remaining
issues:

Download, install, update and do a full scan with these free malware
detection programs:

Malwarebytes (MBAM): http://malwarebytes.org/
SUPERAntiSpyware: (SAS): http://www.superantispyware.com/

They can be uninstalled later if desired.

 

[Dallas]

thanka david & yes, i should have not done this, re: my credit union, but
after the quick scan & no infections, & i don't have access for another pc.
i know i am on borrowed time as i have not had a virus, to my knowledge,
since i got this pc, back in 04, i think it was.

hope you have a nice long weekend david

--
Dallas.....

Dell P 4, 3GHz, 512 MB DDR SDRAM, 160 GB, Win XP HomeSP3, WMP11,
16X DVD-ROM & ,6X DVD+/RW, IE8, OE6, DSL, via AT&T. I use these on a regular
basis: MSE, Spyware Blaster, Ccleaner

 

[David H. Lipman]

From: "Dallas" <Jagged Edge@StillIStruggle>

| thanka david & yes, i should have not done this, re: my credit union, but
| after the quick scan & no infections, & i don't have access for another pc.
| i know i am on borrowed time as i have not had a virus, to my knowledge,
| since i got this pc, back in 04, i think it was.

| hope you have a nice long weekend david

To you as well Dallas.

And remember...
An ounce of prevention is worth more than a pound in cure.

 

[Jose]

here's the full scan results, jose & thanks again - enjoy your weekend

Malwarebytes' Anti-Malware 1.46www.malwarebytes.org

Database version: 4152

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

5/28/2010 3:44:47 PM
mbam-log-2010-05-28 (15-44-47).txt

Scan type: Full scan (C:\|)
Objects scanned: 269791
Time elapsed: 1 hour(s), 22 minute(s), 35 second(s)

Good job.

No hits, but 110K+ more object scanned this time.

If you check MBAMs WWW site, you can find out more about the different
kinds of scans, what an object is, etc. - just some FYE stuff for when
you get bored.